110 likes | 259 Views
KNOWLEDGE RISK COMPLIANCE. MAKE YOUR BUSINESS SAFE BY CONSCIOUSNESS AND READINESS. Designed and engineered by. S olution KRC.
E N D
KNOWLEDGE RISK COMPLIANCE MAKE YOUR BUSINESS SAFE BY CONSCIOUSNESS AND READINESS Designed and engineered by
Solution KRC • KEISDATA offers the innovative software platform KRC™, multi-language and multi-culture, which revolutionizes the way of managing and assessing business risks, taking advantage of the skills of the various representatives of the company, facilitating group work and helping to share knowledge until at the decisional stages. • KRC™ is an integrated management system in which the processes of the thematic areas of the sustainability path, the ERM applied to all types of Risk, the Organizational Model and other specific sector standards have been engineered. • KRC™ enables risk management by means of guided IT procedures and in line with regulations. Each procedure follows a flow dictated by the legislation and at each stage the responsibility can be attributed to the various referents based on the role and qualifications they hold. The data resulting from each procedure are processed and used to generate appropriate graphs to monitor the situation and make decisions immediately. • KRC™ works on the basis of a process approach, graphically represented, and guides business users, in relation to responsibility, role, title and task, to data entry/consultation functions, reports and dashboards. • KRC™ contains areas for the management of reports of damaging events, near-events, detectable for all the thematic areas; areas for legal requirements, for the audit, and connection to company records.
Solution KRC • KRC™ integrates a document system able to index all the documents of the organization. It manages an interactive workflow mapping the approval cycle. It is able to produce constantly updated documentation and to alert the approach of deadlines giving evidence of what has been done or is being done. It is also able to independently generate documentation such as procedures, instructions and guidelines. The notification system encourages the use of an integrated communication on activities and deadlines. • KRC™ can be integrated with any software and is transversal, so as to allow the exploitation of the potential of information in application areas different from the one in which it originated. • The platform reflects the principles of the GRC framework • Governance, Risk and Compliance.
MethodologyKRC The methodology of KRC™ is based on Knowledge, Risk and Compliance Management principles. Knowledge Management The process of Knowledge Management capitalizes the company's and people's knowledge, involves them, makes them aware of the impact of their experience in risk analysis. KRC™ develops the Knowledge Management approach to support Risk Management; it involves multidisciplinary skills and areas of activity, such as the definition of methodologies, criteria, and the engineering of collection tools. KRC™allows the structuring and sharing of knowledge in line with the existing cultural heritage and consistent with new strategic and operational needs. Risk Management The Risk Management process is applied according to the ISO 31000:2009 standard, which allows the best management of the various types of Risk, through a univocal control system and integrated into a collaborative model. In KRC™ the Risk Management methodology is applied to all processes through: direct observations, measurements and monitoring (Technical-Normative Risk), indications of managers/managers (Perceived Risk), reports of workers through the Corporate Observatory (Risk Detected).
MethodologyKRC • The methodology of KRC™ is based on Knowledge, Risk and • Compliance Management principles. Compliance Management • The Compliance Management process consists in the identification, analysis and timely assessment of the effects of the regulatory intervention on the activities of the organization. The analysis of the regulatory impact, applied in KRC™, is a support to the decisions of the top management and of the delegated roles. The aim is to define an appropriate strategy for the management of regulatory compliance through: organizational analysis of processes, roles, responsibilities, delegations and responsibilities; as well as definition of planning and management tools for costs and benefits of investments, development of plans and programs for alignment of new obligations with respect to those in force in the organization.
The ProjectKRC • The KRC™ project provides a modular architecture to allow companies to approach the issues of Certification and Compliance Rules in a more easy and structured way and with a gradual approach according to the sustainability path chosen by them. • In KRC™ the configuration and implementation of organization, processes, assets, layouts, etc., evolve with the development of compliance management and specific risks in the various systems that, over time, gradually flow into a single integrated system. • The implementation model is determined by the following key factors: • reduce implementation times according to customer needs, respecting requirements and performance; • make usable and validate progressive outputs at the same time as the analysis of the requirements, always having clear vision of the whole; • involve the Client referents with a participatory and constructive approach, minimizing the impact on operations; • to spread the knowledge and use of the new KRC™ system already during the implementation phase by providing an adequate training phase at full capacity.
The ProjectKRC • The iterative implementation model with progressive releases is as follows: • KNOW: to acquire the know-how of the company; • DO: for the release of the functionalities; • CHECK: for the testing and fine-tuning; • DEPLOY: for the release in function. KEISDATA provides different structures, in compliance with the provisions of ITIL and COBIT best practices. The platform is designed for project management and allows company contacts to monitor progress.
TechnologyKRC KRC ™ is a web-based application, built in Microsoft ASP.Net and the native database is SQL Server. The architectural options are as follows: • "On Premise": Application and database are installed at the customer's server • "Cloud Computing": Application and database are hosted on the Cloud Computing platform Microsoft Azure IAAS. The architecture in connectors, the base of KRC™, guarantees and provides access to external data sources and interfacing with different applications either directly (web services, database access SQL Server or Oracle) and is mediated by file Export (XLS, XLSX, CSV, TXT fixed width, XML) read in real time. The connector configuration follows the approach to XML templates that characterizes KRC™ therefore not likely to be required customization or extension application.
TechnologyKRC • KRC ™ is a web-based application, built in Microsoft ASP.Net and the native database is SQL Server. • The platform KRC™ is able to: • exports the processed content of tables and views SQL Server for the benefit of other applications; • creates text documents enriched metadata in DOCX – OpenXML – converted on the server side in PDF format; • allows exports impromptu in XML and XLSX format. • The installation requires no prerequisites KRC™ outside of those of the .Net Framework and SQL Server, all components and libraries that are self contained and do not use external references. The browser used by fixed stations are Internet Explorer and Google Chrome 11. The platform KRC™ is accessible via mobile devices.
Certifications • Certiquality has certified the compliance of the KRC™ software for the implementation and maintenance of the standards of the following Company Management Systems: • KRC™is based on the quality requirements contained in ISO/IEC 25010:2011 and on the principles and methodologies envisaged by Risk Management techniques (ISO 31000:2009), Business Continuity Management (ISO 22301:2012) and Knowledge Management. • KRC™complies with the requirements for carrying out the Net Audit. • KRC™complies with the requirements of the Confindustria 2014 Guidelines for the construction of management and control models, pursuant to Legislative Decree 231/2001 and smi. • KRC™ allows logical adaptation to the HLS (High Level Structure) Model. • KRC™ manages the self-assessment tool provided for in UNI EN ISO 9004:2009 "Managing an organization for lasting success - The approach to Quality Management“. • In KRC™, Risk Management processes have been engineered according to ISO 31000:2009 for the following thematic areas: • Quality Management - UNI ISO 10015:2001 • Quality – UNI ISO 9001:2015 • Health and Safety – BS OHSAS 18001:2007 and ISO 45001:2018 • Environment – UNI ISO 14001:2015 • Energy – ISO 50001:2011 • Information Security – ISO/IEC 27001:2013 • Business Continuity – ISO 22301:2012 • Social Accountability – SA 8000:2008 • Privacy – ISO 29134:2017 and ISO 29151:2017
KEISDATA S.r.l. Via Carlo Pisacane, 46 20025 Legnano (MI) c/o Tecnocity Alto Milanese Tel. 0331.485106 Fax 0331.077535 www.keisdata.com www.krc-solution.com