Regular GRC software for risk management and / or compliance usually lacks an overview of processes, procedures and work instructions. The Fidugiusnet® Enterprise Control Framework (ECF) modules offers a complete overview. This module combines all aspects of the COSO Internal Control Framework and makes it accessible.
The internal environment and the mission statement determine how an organization addresses risks and control, including risk management philosophy, integrity and ethical values. All of these aspects are incorporated in the tailor-made software Fidugiusnet® so that all employees are aware of the standards of the organisation.
Companies are exposed to a variety of risks. From rising commodity prices to delays in research and development. Each organisation mitigates these risks depending on its specific risk appetite. The objective of risk management is to pinpoint risks and to mitigate these by ensuring adequate (internal control) measures.
The most important element in risk management is to ensure all employees are informed and aware of existing policies and procedures. Within Fidugiusnet® all identified risks are included and connected to mitigating actions. These actions are connected to the internal controls included in the process. Monitoring internal controls is also included in the application. Risks are made visible based on probability and potential impact.
A process consists of multiple activities. There should be a description for each of these activities to ensure consistency, uniformity and continuity. Part of the activities are internal controls. Many internal controls are translated into policies, procedures and guidelines. In order to document these, Fidugiusnet® uses standard formats. The level of detail of these descriptions will be determined based on your requirements. In addition also work instructions and manuals can be included in the application. This way the employees are informed about the latest descriptions at all times and can perform efficiently and effectively. The Enterprise Control Framework will also generate management information about the internal controls.
Fidugiusnet® includes the possibility to monitor compliance on a periodic basis. Control execution is recorded in Fidugiusnet® (either automatically or manually). Based on the assessment, management information is generated to evaluate controls by performer, by operating company, by process and/or in total.
The overview of (secondary) processes:
Details of a process:
Monitoring of controls: