Overview

YICE structure explained

YICE isn’t just another GRC-tool but has been built up from the ground on the basis of 35 years of experience in the challenging IT world. YICE has incorporated active & intelligent monitoring and gives substance to the principle of agile auditing. After all, a professional GRC-tool “knows” your current risk levels, the importance of company resources, effectiveness of controls, open non-conformities and (improvement) actions in progress. All important management information when planning audits!

YICE is composed of the modules below, which are interconnected. In addition, YICE has several support modules to manage configuration, authorization and user settings, log files, FAQ, etc.

At the first use, YICE is empty and ready to be tailored to your organizations specific needs. Because most organizations do not start with a greenfield and will probably have used another register, like Excel, YICE offers an import functionality in all modules. You can download templates and then upload your .csv files so that the manual work is minimized.

Users can monitor and manage their own items via a role-based dashboard, the YICE inbox and daily or weekly emails with points of interest, send to their business e-mail address. And of course, every user can choose for a Dutch or English language setting. On an asset, risk and control level, monitoring frequencies can be set. Owners are made aware of needed review activities 2 weeks in advance. Action and objective owners are made aware if their items are over due.

YICE hierarchy

  • Level

    In YICE you can define separate levels for riskmanagement and compliance. In small organisations there might be one level, but you can easily distinguish between multiple levels, e.g. in case of a holding with several subsidiaries.

  • Asset

    Assets are anything with value for your organisation. You can think of people, business processes, information, an office building, critical applications and IT-hardware. In YICE you can define an unlimited number of assets.

    Asset

  • Risk

    Assets are subject to risks. In YICE you identify, analyse and evaluate every risk (and opportunity) related to your assets.

  • Control

    Risks are managed by controls. In YICE, controls are grouped by control framework and category. You can define all the necessary controls to manage your risks. Per control, you can define a monitoring frequency (2nd line), evaluation frequency (3rd line), control maturity, effectiveness and much more details.

    Control

  • Action

    In YICE you can assign actions to yourself or to another YICE user. An action can stand on its own, can be directly related to a specific control or might be needed to realise an objective

Benefit from 35 years of experience

YICE is build from practice and the daily challenges of specialists in several industries