Internal control system (ICS):
Checking and monitoring ISMS and data protection processes responsibly
Many companies are faced with the challenge of establishing, operating and continuously improving an internal control system (ICS). This requirement is based on a large number of legal requirements, regulations, norms and standards. These are to be monitored and risks or violations recognized and prevented.
An ICS comprises all organizational measures that are suitable for ensuring compliance with laws, guidelines, standards, etc. and to protect the company's assets as well as company and time-critical business processes and assets, to avert potential risks and associated damage and to guarantee the effectiveness, profitability, appropriateness and efficiency of business operations. An ICS also includes measures for monitoring and checking compliance with statutory and internal company regulations. An internal control system therefore monitors all processes within your company effectively and reliably.
Our ICS solution in R2C_SECURITY supports you effectively and reliably in monitoring all the necessary processes within your company. It enables the definition of any controls for the regular examination and monitoring of business processes, assets, risks, measures, incidents, processing activities in an application.
- A control can be comprehensively described and assigned to employees responsible for the control.
- A confirmation frequency can be stored for regular checks. Based on the set confirmation frequency (e.g. weekly), control confirmations are generated periodically, which the responsible employee can use to confirm the regular performance of the control and document the control result.
- Control confirmation elements are automatically stored in the respective user’s personal task basket and can be centrally managed, confirmed and supplemented with proof documents from there.
- All past and active controls and control results can be monitored and tracked centrally via a graphic evaluation.
- Employees responsible for control can be notified of relevant control events and reminded of the due date of control confirmations with automatically generated e-mails