YICE structure explained

YICE isn’t just another GRC-tool but has been built up from the ground on the basis of 35 years of business experience. YICE distinguishes itself in terms of functionality, security, flexibility and price.

Users can monitor and manage their own items via a role-based dashboard, the YICE inbox and daily or weekly emails with points of interest, send to their business e-mail address. And of course, every user can choose for a Dutch or English language setting. On an asset, risk and control level, monitoring frequencies can be set. In addition, on a control level an assessment frequency can be set. Owners and reviewers are made aware of needed review activities 2 weeks in advance or in case actions are over due.

YICE offers active & intelligent monitoring and gives substance to the principle of agile auditing. After all, a professional GRC-tool “knows” your current risk levels, the importance of company resources, effectiveness of controls, open non-conformities and (improvement) actions in progress. All important information when planning audits.

At the first use, YICE is empty and ready to be tailored to your organizations specific needs. Because most organizations do not start with a greenfield and will probably have used another register, like Excel, YICE offers an import functionality in all modules. You can download templates and then upload your .csv files so that the manual work is minimized. If desired, we are happy to support you in this process.

YICE is composed of the modules below, which are interconnected. In addition, YICE has several support modules to manage configuration, authorization and user settings, log files, FAQ, etc.

YICE hierarchy

  • Level

    In YICE you can define separate levels for riskmanagement and compliance. In small organisations there might be one level, but you can easily distinguish between multiple levels, e.g. in case of a holding with several subsidiaries.

  • Asset

    Assets are anything with value for your organisation. You can think of people, business processes, information, an office building, critical applications and IT-hardware. In YICE you can define an unlimited number of assets.


  • Risk

    Assets are subject to risks. In YICE you identify, analyse and evaluate every risk (and opportunity) related to your assets.

  • Control

    Risks are managed by controls. In YICE, controls are grouped by control framework and category. You can define all the necessary controls to manage your risks. Per control, you can define an evaluation frequency (2nd line), assessment frequency (3rd line), control maturity, effectiveness and much more details. Per control, you can add an unlimited number of evaluations and assessments.


  • Action

    In YICE you can assign actions to yourself or to another YICE user. An action can stand on its own, can be directly related to a specific control or might be needed to realise an objective

Benefit from 35 years of experience

YICE is build from practice and the daily challenges of specialists in several industries