MAIN MODULES OF IDEAS GRC

The establishment of controls is a key aspect at internal control. The success or failure of the control system will directly depend on the suitability of those controls. This suitability may be expressed in terms of form or content. The fact that an entity has at its disposal the possibility to customize and modify at any moment according to its convenience will be crucial to reach its control objectives. With IDEAS GRC, the achievement of this objective will be completely guaranteed.

CONTROLS

The establishment of controls is a key aspect at internal control. The success or failure of the control system will directly depend on the suitability of those controls. This suitability may be expressed in terms of form or content. The fact that an entity has at its disposal the possibility to customize and modify at any moment according to its convenience will be crucial to reach its control objectives. With IDEAS GRC, the achievement of this objective will be completely guaranteed.

VISION FROM THE BASIC USERS POINT OF VIEW

It is important to remark that missions assigned to basic users should always be as simple as possible. Thus, the entity should not forget that those control tasks needed to be performed by those users should be easy and intuitive. IDEAS GRC guarantees a high simplicity regarding anything a basic user needs to do in the system, which is a key factor to reach a harmony between basic users and control objectives established by the organization.

VISION FROM THE SYSTEM ADMINISTRATORS POINT OF VIEW

From the point of view of the entity, the support of the control system will be the better when:

The more possibilities are offered to the administrators regarding profiles, reports, summaries, dashboards, customizations etc.

IDEAS GRC places at their disposal an uncountable variety of functionalities, modules, applications and elements to be customized by these administrators.

The easier the generation and analyses of the whole information contained in the system is.

Reports generation at IDEAS GRC has evolved in order to make the labor of administrators as fast and intuitive as possible.

The more traceable, compact, safe, reliable the system is:
IDEAS GRC guarantees a complete traceability of the information, assures that absolutely everything that occurs in the system is recorded and may be accessible at any moment by the entity. Also, it possesses a strict security protocol, is aligned with norms and recommendations about internal control, and guarantees an optimal functioning of the system.

An adequate integral management of the identified risks that the entity faces shall make possible the establishment of preventive mechanisms to anticipate the materialization of them and, eventually, will allow the entity to perform a decrease of its risks level, either through a probability of occurrence reduction, or through a decrease of the impact derived from its possible happening.

IDEAS GRC allows, on one side, to establish a wide variety of preventive elements via controls activation associated to the value of fluctuating elements, whose oscillation has been gathered with tolerance maximum and minimum limits; those elements are risk indicators.

Likewise, IDEAS GRC incorporates a whole module to analyze in detail gross and residual levels of risk by company, process, sub-process, department, risk typology etc. as well as the mitigation levels, both in global terms of the risk and per component variable, in each of the categories formerly mentioned

As it has previously mentioned, the more agile is the generation and analyses of reports with the information in the system, the better will be in global terms that internal control system.

With all of that, IDEAS GRC has developed its reports generation system focused on making the work of administrators as fast and intuitive as possible. Moreover, IDEAS GRC has more than thirty modalities of reports in order to reach a global, self-sufficient, intuitive, fast, powerful and effective management of the information recorded in the system. Also, it provides the possibility to incorporate to the system reports customized by the entity.

The main purpose of using this module supported by IDEAS GRC is to be able to control all those risks directly associated to the value or balance of certain accounts.

This module allows the automation of processes to activate or deactivate risks, controls etc. depending on how critical they are; on the significant or non significant materiality resulting from the automatic analysis performed by IDEAS GRC after the updating of accounts balances; or depending on the assigned materiality attributes (existence and occurrence, completeness, valuation, presentation and disclosure, and rights and obligations).

Additionally, IDEAS GRC includes a module to provide a documental repository. This will place at the disposal of any of the administrators of the system, the possibility to store manually any desired document, or automatically any generated report.

Moreover, the entity will be able to select the target audience of each document manually or automatically stored, at user, department or process etc. level.

IDEAS GRC places at entities disposal a specific module to carry out audit works and a complete revision of the whole system: revising each one of the hierarchical structures of uploaded elements, performed tasks, permissions of the users, uploaded evidences etc.

The module stands out due to its high simplicity of use, providing the audits a tool to perform their works and being useful as a support in the elaboration of audit reports.

Another incorporated utility of IDEAS GRC platform is a functionality that supports an internal mail between users of the system. Moreover, sent messages will be possibly automatically delivered to the corporative email address of the receptor.

As default, this utility incorporates an automatic store of all conversations or sent messages through IDEAS GRC, where it is also possible to attach external documents.

Amongst its multiple utilities, IDEAS GRC keeps implemented a specific module implemented in order to provide a support to carry out the different key functions that this holds, either by internal decision or those as a consequence of the application of a sectoral specific or general regulation.

This way, functions such as regulatory compliance may have a performance support, considering that on IDEAS GRC entities have the possibility to name administrators with limited functions, or users responsible for specific processes, risk typologies etc.

An important aspect for the optimization of the functioning and of the contents in the system is the attribution of competences regarding their opinion contribution by users. Involving them in feedback labors not only shall create a perception of a higher participation in the system with all its positive consequences, but also shall flow into an effective improve of the system.

IDEAS GRC may be defined as doubly self assessable. On one side, it is continuously, as all the users in the system will always have at their disposal an open communication channel with administrator, through which provide any suggestion of comment. Moreover, each time an user performs any control task, the system will request them whether or not they desire to provide any observation.

Nonetheless, IDEAS GRC counts additionally with a specific self-assessment module through which the entity will be able to request some feedback from those users with regard to any aspect associated with them, such as risks, controls, processes etc. and regarding any of the attributes of those elements. Moreover, IDEAS GRC places at entities disposal a functionality to automatically import all those suggestions of users which mean any modification of attributes of consulted elements; once they have been properly revised by an administrator.