Internal control system (ICS)
HITGuard's ICS provides support above all in the area of risk treatment and risk monitoring: It ensures that risk treatment measures are processed and documented in a workflow-supported and systematic manner. It also ensures that the implementation of the measures is regularly monitored. Controls are used to ensure the sustainability of risk treatment in the long term. These features are also of the utmost importance in compliance management as well as in the follow-up to audits that have been carried out.
- Workflow-based action and control processing
- Documentation of all steps from implementation to audit behavior
- Regular survey of current progress on measures
- Detailed, traceable logs of checks carried out
- Key figures and meaningful reporting, including a risk-control-matrix
Controls
Create controls to ensure that, for example, guidelines are adhered to or checks are made for potential weaknesses. A control is a recurring task that the implementers can be reminded to perform at regular intervals. Inspections can be accepted or rejected by one or more inspectors. Furthermore, the quality of the implementation of controls can be evaluated and the maturity level of the associated processes assessed.
- Specify the frequency of inspections and any deadlines for implementers and auditors.
- Schedule automatic email reminders along the workflow and define escalation paths.
- Enrich your evaluations by linking standards and norms with control.
control Create
- Define the controls to be carried out in a clear interface, including any attachments.
- Highlight key controls with defined thresholds and dedicated escalation paths in their priority.
- Assign one or more reviewers to the controls and specify how inspections should be performed.
control carry out
- In accordance with the principle of minimum information, share only the information with the implementers who need it.
- Receive not only the implementation description from the implementers, but also additional evidence as proof of implementation.
- As the implementer, forward your completed control workflow-supported to the inspector(s).
control check
- As the reviewer, accept the implementation of control or return it to the implementers for revision.
- Document your work steps with comments when accepting, rejecting or returning a control.
- Maintain an overview with the historicized test and change logs for each control.
Measures
Create measures to correct deviations identified in analyses, for example, or to eliminate reported weaknesses. A measure is a one-off task that those responsible can be repeatedly reminded to complete before the deadline is reached. The progress of the implementation of measures is proactively reported by those responsible or requested by experts. The feedback is accepted or rejected by the experts.
- Record the event that led to the need for measure being recognized and thus increase its traceability.
- Define whether it is a matter of correcting or improving a recognized circumstance.
- Enrich your evaluations by linking standards and norms with measure.
Create a measure
- Create measures for immediate implementation or in advance for planned, later implementation.
- Define the measures to be implemented in a clear interface, including those responsible for them.
- Define the planned time horizon for the implementation of measure using the start date, end date and plan date.
Report progress
- Report progress in action implementation on demand or proactively at the touch of a button.
- Add evidence as an attachment to the percentage progress and detailed status updates.
- Delegate progress messages to clerks who can answer the queries for you.
Acceptance of measures
- Manage links to any audit questions that need to be reassessed as a result of the implementation of measure .
- Automatically send reminders to stakeholders for pending progress messages.
- See the entire implementation history at a glance directly at measure.
Comprehensive documentation and reporting
HITGuard provides all documentation and a wide range of reports for the various management systems you may operate. The KPIs and reports on measures and controls enrich not only your ICS but also your compliance management, your risk and audit management, as well as the Data protection in your company. Key figures can be compared across several analysis periods in dashboards. This makes it easy to identify development trends in management systems. The history and progress of the management system, for example in relation to risk management, are managed transparently and comprehensibly and can therefore be used for risk monitoring, among other things.
- Comply with your reporting obligations with documentation that can withstand the requirements of certification or audit.
- Export graphs from configurable dashboards or print reports with content that you can customize to suit your needs.
- Filter and analyze hazardous situations and associated controls in your own risk-control-matrix.
Request a non-binding demo now
Find out what the GRC software HITGuard can do for you
Learn more about other modules of HITGuard!
Where, among other things, HITGuard is already proving its worth
Construction industry
approx. 20,000 employees
Auditor
approx. 700 employees
Health service
approx. 18,000 employees
IT Security Solutions
approx. 100 employees
IT Security Solutions
approx. 100 employees
Software House
approx. 400 employees
Event Management
approx. 500 employees
Hospital Operators
approx. 1,600 employees
approx. 6,000 employees
IT Service Providers
approx. 40 employees
Is your industry not listed? Do you need more information? We would be happy to put together individual reference examples for you – please contact us.