For more than 15 years, our GRC suite has been successfully implemented by our clients. Continuous improvement, full focus on professionalism and comprehensive integration – these are the pillars of our GRC suite, leaving nothing to the imagination! Meet risks and controls sustainably and increase the efficiency, effectiveness and success of your company. From small businesses to large enterprises – build an advantage over your competitors!
15 years of experience
with integrated GRC systems
– BPM, EA, GRC –
Everything under one roof
and together with you, we take the optimal path to accomplish your objectives
from "classic ICS" to workflow-supported GRC ...
... by using existing assets in our platform
... from data capturing to maintenance to analysis & reporting
... from ICS management to audit and revision
Everything under one roof – let information flow transparently between the BOC Group platforms
Embedded and integrated with your corporate asset repository.
"There is no other solution I can deeply integrate while ensuring
all content is fully reusable! The synergies are unbeatable."
BOC Group, Service and Innovation Management
Internal Control System (ICS)
Asset & Organizational Scoping
Document identified risks using risk catalogues and group them according to internal requirements. A tabular interface allows for easy, intuitive and fast capturing of data.
Take advantage of the opportunities to easily create and maintain risk hierarchies in your catalogues. Thus, redundancies and additional efforts are avoided and a basis for aggregation is created.
Link identified risks with your processes, IT assets or business units from the enterprise asset repository and profit from an integrated system on a uniform data basis.
It is you who decides which information and actions are available to the users. The flexible authorization concept is based on the assignment of roles and allows an individual definition per risk.
Evaluate your risks according to both qualitative and quantitative dimensions that are configured according to your company's needs. Derive controls and initiatives resulting from your forecasts and trends.
Assign the controls from your catalogues (for example according to ISO 27000 or COBIT) to the risks and implementing assets (including processes, IT systems or documents).
Review your controls regarding ToD (Test of Design) and ToE (Test of Effectiveness). The results show weaknesses and enable the definition of measures to adapt to the risk appetite of the company.
Carry out your controls supported by the system and benefit from the centralized and uniform documentation of the results. Related documents (e.g. control documents) can be directly saved and archived.
Use your resources effectively and prioritize actions that are directly related to risks and controls. Constant tracking allows to identify requirements for adaptation before any internal and external audits are carried out.
Facilitate the audit process! The GRC suite automatically logs any changes to risks, controls and measures to ensure traceability. The resulting audit trail ensures transparency and reduces the effort required for further checks and revisions.
The integrated workflow engine can be flexibly configured according to your needs. By mapping the assessment procedures in automated workflows, the complexity is reduced and the focus is placed on content-related aspects.
Request the effective evaluation of your risks and controls in an automated way! The GRC suite handles distribution, monitoring and documentation of tasks in a transparent and up-to-date flow of information.
In order to increase transparency and traceability, your colleagues are informed and reminded of their tasks via e-mail. The structure and content of the messages can be defined in a company-specific manner.
Customized dashboards provide role-specific information to the users. The assigned tasks are presented clearly and intuitively. This clear representation of the UI reduces training efforts and increases significantly the acceptance in the company.
Monitor and review the status of your risks, controls, and measures, as well as their integration in the enterprise asset repository, using intuitive reporting, evaluation, and collaboration capabilities.
Browse through the entire Enterprise Asset Repository using keywords. Create, combine, and save multiple queries using options and filters. Use the possibility to directly edit the results.
Benefit from the numerous graphical analysis possibilities and identify key dependencies. GANTT charts, business impact analyses, matrix or portfolio views are seamlessly integrated and support a structured evaluation of your corporate assets.
Prepare information required for audits and certifications with the click of a button! The flexible reporting system allows the individual design of reports and analysis views as well as the further processing of data in common formats.
Integrate risiks with BPM and EA
Define role-based access
Carry out controls
Personalized Dashboards: Tasks
Personalized Dashboards: Monitoring
Search & find
Analyse & Evaluate
100% intergratable in scenarios
Highly flexible authorization concepts
AD integration / single-sign-on
Versioning, Historicization, Audit trail
Professional service and support
COSO AND COSO II
More than 1,000 clients in over 50 countries worldwide – browse through selected customers of BOC Group
"ADONIS and the ADONIS Process Portal are a key success factor in the implementation of our ICS",
ICS Manager, voestalpine Group-IT GmbH
BOC Group's ADOIT recognized in the latest Gartner Report, ranking the highest in 1 of 3 use cases and within two highest across all evaluated use...
Our EA suite ADOIT is ranked the highest in one of 3 use cases and is within the 2 highest across all use cases in the latest Gartner Critical...
For the second year in a row, BOC Group is recognized in Gartner’s annual report