Company assets (‘your crown jewels’) have value for your organization. You can think of people, business processes, information, an office building, critical applications and IT hardware. In YICE you can register an unlimited number of company assets where you can indicate their importance.
Company assets may be subject to risks. In YICE you identify, analyze and evaluate every risk associated with your assets. You can provide all risks with a gross and net weighting, risk categories, treatment method, acceptance status, owner, etc.
Risks are managed by implementing controls. In YICE, the controls are grouped per control framework. You can assign attributes to each control, for example ‘integrity’ or ‘preventive’. For each risk, you simply choose all the necessary controls to treat the risk. For each control you can set an evaluation frequency (2nd line), assessment frequency (3rd line), maturity, effectiveness and many more details. You can add an unlimited number of evaluations and assessments per control, complete with evidence.
In YICE you can assign actions to yourself or to another YICE user. An action may stand alone, may be directly related to a risk, a specific control, or may be necessary to achieve an objective.