ISOLTX is a system that was developed by Crest Advisory Africa in partnership with one of the leading Universities in South Africa to assist with the implementation of a Management System or a combination of Management Systems.
ISOLTX measures the health and maturity of the Management System(s) and drives combined assurance to Top Management regarding their return on investment (ROI).
ISOLTX-GRC-A™ is unique in this space, as it takes the methodologies of various disciplined, ISO, SOX, King IV, Audit (IPPF and ISO 19011) and integrates it into one comprehensive system.
This is providing a standardised approach to what is needed from each system and measuring the health of each of these systems separately and collectively.
The system makes provision for Application Programming Interface (API), to integrate the various governance software into one system and to provide the best available analytics and reporting on this software.
This is the first and only system globally that:
- Provides Combined Assurance
- Serves as a Repository for Evidence
- Measures the Level of Risk (LoR)
- Measures the Level of Assurance (LoA)
- Enables Auditing
The ISOLTX™ Modules
ISOLTX™ Mobile Module
- ISOLTX™-Mobile™ (IM) is a uniquely developed system to register, log and record incidences, unique to your organisation, with minimal utilisation of text or script.
- IM is based on a predetermined risk framework of an entity and the incidents are presented in icons, to guide any user through the easy logging of incidences.
- The powerful analytics behind the IM is analysing the big data and present in various reportable forms.
- This easy to use Mobile Dashboard is for the use of any registered user and can be applied anywhere in the world.
- Behind each Icon (City, Police, etc.) there are scenarios typical to the industry, which forms the standard for reporting, monitoring, measurement, analysis and evaluation
- This system is currently operational and deployed within the freight industry from Dar es Salam to various Ports in Africa.
- The results below are an actual extraction of data out of the system.
ISOLTX™ Remote Auditing Module
The Risk of No Audits
Crest Advisory Africa (Pty) Ltd is a certified Auditing entity, Auditing for the International Standards Organisation (ISO) as well as conducting various internal and external audits for our clients.
COVID-19 has brought a challenge to the Auditing environment, with regards to the On-Site Auditing we are engaged to conduct. This has led to:
- The de-certification of companies, losing the International certification until they can be audited
- The risk for Boards and companies, to conduct their annual or scheduled audits
- The risk of not auditing their supplier base
- The risk of not auditing their customers
From In-House-Best-Practice to a Global Competitor
With the Crest Advisory Africa global footprint, we have solved this challenge by building our unique ISOLTX™ GRC-A software over the past 3 years. This software was evaluated by the certification body we are reporting to and approved as software that can be used for Remote Audit purposes. Crest Advisory Africa has been implementing the ISOLTX™ GRC-A Software as our In-house Auditing Software, to provide us with the Unique Value Proposition (UVP) to our customers, to save on travelling costs, accommodation costs and through these benefits, we could price our competitors out of the market. Through the use of ISOLTX™ GRC-A, we implemented a Lean Six Sigma process approach to optimise the Remote Auditing revenue stream.
Why ISOLTX™ Remote Auditing?
With a view minor security changes implemented by our developers, we have changed this advanced Remote Auditing Software from an In-House, Unique Value Proposition (UVP) for our clients, to a Remote Auditing Software for:
- Auditing Companies
- Independent Auditors
- Chartered Accountants,
- Standards Organisation’s
ISOLTX™ Survey Module
According to ISO 9001 Quality Management an organisation must monitor their customers’ perceptions of the degree to which their needs and expectations have been fulfilled. This can be achieved through Surveys, conveniently packaged with ISOLTX™ GRC-A. The ISOLTX™ Survey Module has been developed with reusability in mind, allowing you to develop surveys of any type in-house.
ISOLTX™ BowtieXP™ Module
The Bowtie Method is a risk assessment technique that can be used to analyse and demonstrate casual relationships in high-risk scenarios. The method takes its name from the diagram that it creates that looks like a man’s tie.
BowTieXP™ is the most used risk assessment software globally that is based on the Bowtie Method, ISO 31010, and it enables you to easily create bowtie risk diagrams.
BowTieXP™ can visualize complex risks understandably while allowing for detailed risk-based improvement plans.
What to expect from ISOLTX™ BowTie™
- The effectiveness of each barrier (control) can be measured, providing an Internal Control Environment (ICE)
- The criticality of each barrier (control) can be measured
- Each consequence can be rated against the organisation’s approved risk matrix
- Reports can be exported from BowTie in either Word or Excel Format
- Provide Root Cause Analysis (RCA) and Incident Timeline
ISOLTX™ Checklists Module
Checklists are one of the most efficient ways to conduct Operational Risk Assessments (ORA). ISO 31010 provides a great detailed explanation of the Power of Checklists. The Checklist methodology developed by ISOLTX™ is one-of-a-kind, looking at the effectiveness of the Internal Control Environment (ICE) and measuring it against the Level of Assurance (LoA) and the Level of Risk (LoR). This is a unique methodology in GRC-A software offered only through ISOLTX™. The system allows for in-house checklist development, placing the costs, controls and measurements in your hands, with no extra configuration costs.
- person(s) with responsibility for compliance (3.17) management
Compliance Management System (CMS)
- set of interrelated or interacting elements of an organization (3.1) to establish policies (3.8) and objectives (3.9) and processes (3.10) to achieve those objectives
- Note 1: A management system can address a single discipline or several disciplines.
- Note 2: The system elements include the organization’s structure, roles and responsibilities, planning, operation, etc.
- Note 3: The scope of a management system may include the whole of the organization, specific and identified functions of the organization, specific and identified sections of the organization, or one or more functions across a group of organizations.
What is compliance?
- The compliance function (as per ISO 37301)is established as a result of the organisation’s efforts in ensuring that the applicable laws, rules, regulations or norms are no violated by employees or others associated with the organisation
- It is considered as a type of internalised law enforcement that, when operated effectively, can replace the majority of the enforcement activities by external parties (auditors, regulators, etc.)
- Compliance function, jointly with governance and risk management, is an essential internal control activity for large corporations and complex organisations.
Challenges of being compliant
- Compliance is the process of adhering to a set of regulations or guidelines set by government agencies, regulators, associations, international standards, or the internal policies set by the organisation itself.
- Compliance is not a one-time project, so adhering to compliance obligations often poses a challenge for organisations because of the following issues:
- The constant introduction of new/updated regulations
- Ambiguously written regulations that require interpretation
- Overlapping of multiple laws, regulations and or jurisdictions
Compliance Management System (CMS): ISO 37301
Service Level Agreement (SLA): Compliance & Performance
- SLA’s has specific compliance and performance KPA and KPI’s
- These KPA and KPI is extremely important for the effective and efficient management of the performance of the SLA against the objectives of the company
- ISOLTX makes provision for a variety of measurements about the SLA management
- Every non-conformance, incident or finding, can be logged on the I²MAS module of ISOLTX and this can generate reports regarding the SLA performance
ISOLTX™ I²MAS Module
What to expect from ISOLTX™-I²MAS™
- I²MAS™ is the Risk-Based Incident and Investigation (I²) system, linked to the ISOLTX™ GRC-A System.
- I²MAS™ is not the normal depository for the recording of Incidents and Investigations but is a Risk-Based System based on the strength of the Internal Control Environment (ICE) of every organisation.
- The I²MAS™ is built on the P²ST² Methodology. Very few software companies know of this methodology and can implement the aggregated strength of the ICE, linked industry-leading practices.
Log an incident
The Incident Log environment generates actionable data to start measuring the type of risks, the risk category and the risk related information.
This can be plotted on Google Maps to have an International View of the risk/incident occurrence.
Description of the incident
The description is critical in the reporting of incidents. Each incident is logged against a management system, to assess the status, health and functionality of the Management System (Risk, BCM, Medical, QMS, etc.)
The corrections, financial aspects etc, forms part of this recordable environment.
Control Self Assessment (CSA)
The incident process logging demands the continuous evaluation of the controls. Thus a P²ST² Control Self Assessment must be conducted and measured against the ICE Criteria.
The result is a holistic overview with specific results in terms of ICE% and LOR%.
The incident is plotted on the entities Risk Matrix through our dynamic dashboards.
Evidence management is critical for any incident, as this could lead to liabilities costing the company millions. The I²MAS™ Evidence depository can work with any evidence, whether in writing, MP3 format, Voice Notes, JPEG, Videos, etc.
The depository is has a date and time stamp capability to ensure the evidence audit trail.
Exceptional Graphical Displays
Any type and shape of graphical designs can be provided, based on the client’s needs. ISOLTX™ GRC-A is built on Microsoft, thus PowerBI is part of the package to ensure your graphs are current.
Become a Value Added Reseller (VAR)
“A VAR or a ‘value-added reseller’ is a business that resells products after adding value to them”.
Value-added reselling is a business model that adds value to a product or service before selling it.
This model is common in the IT and consumer electronics sector.
There are many benefits of becoming a ISOLTX VAR (value added reseller).
By becoming a VAR you benefit from offering ISOLTX as a new product from a reputable global supplier to new and existing customers, without the expense of research and development.
VARs also benefit from sales and marketing support from the ISOLTX Team. This can include sales and marketing literature, advertising, leads and data.
VARs receive training and support from the suppliers. In this circumstance, a VAR will need to be certified before being able to sell a product or service benefiting the You with added credibility in the market place.
ISOLTX has an uniform pricing standard for all Value Added Resellers which gives you exclusive access to the following Revenue streams:
- ISOLTX Platform
- Modular Add-ons
- Annual License Fee (ALF)
- ISOLTX License Fees
- Annual Maintenance Fee (AMF)
- Annual Maintenance And Support (AMS)
- Solution Implementation (CAPEX)
- ISOLTX Compliance Solution
- Training Administrator
- Training User
- Solution Training