Our vision on quality and performance
Improve Quality and Performance with the PDCA Cycle
Use the plan-do-check-act cycle, in short PDCA cycle, for soft controls and improve the quality and performance of your organization step by step.
Full Trial
Only 30 minutes
Without obligation
Complete the Deming Cycle.
Plan and Do Still Work, what now?
Plan
Make a plan and ensure the problem is clear. In this step you also check whether the current situation is clearly defined.
Do
In this step your organization executes the plans. During the execution you register the relevant data so that hypotheses are challenged.
Check
Improve processes and make adjustments based on the data analysis and errors made. The measures taken ultimately ensure that the originally planned result is achieved.
Act
Are the expected results actually being realized? Evaluate the collected data and make sure there is room to learn from your mistakes so that your organization continuously develops and improves itself.
Create an Integrated View of all Key Controls
By completing the PDCA cycle, you can prevent the same mistakes from being made. It is precisely in the last two steps, check & act, that a safe environment must be created. Creating an integrated picture of all key controls for all departments or processes is helpful here. This will show you what works and which areas really require attention. All these things are very important for the organization’s long-term success.
Three Lines Model
1st line
2nd line
3rd line
The Three Lines of Defense model from The Global Institute of Internal Auditors was updated in July 2020.
The functions are not only intended to protect the value of the organization, but also to increase it. As a result, we no longer talk about ‘lines of defense’ or ‘lines of defence’.
The goals of the organization are central to all functions. The functions are not silos, but coordinate and work together; each from his own role. The design of the model must be geared to the risks and specific situation of the organization.
The 3LM establishes a stronger link with the objectives of the organization.
1st line
This group is ultimately responsible for the choices made and the risks taken in daily practice .
You want to optimally support the people who are responsible for the most important activities and processes in an organization. GRC information is relevant, but often only if you have to. How do you make it easier for them? How is risk management going to live for them? Do they know within which frameworks they have to operate? And how do you effectively conduct a Privacy Impact Assessment without immediately bombarding all teams with a questionnaire of more than 100 questions?
Key words are: Accountability and reporting.
< p>
2nd line
This group develops the systems for a good process of risk management and control , always supporting the ‘business’.
The risk manager, controller, auditor, compliance or security officer (CISO) wants a clear register of risks, controls, compliance sets and, for example, related incidents. NARIS GRC helps the GRC Professional with insight, completeness. Whether you work on the basis of a Risk Control Framework or only do control testing, want to do internal and external audits, or want to comply with a standard. With our knowledge and the flexibility of NARIS GRC you can steer with guts.
Keywords are: Delegation, direction, resources, supervision
3rd line
This group provides assurance to top leadership (assurance) on the quality of direction and control in certain areas within the organization.
Supervisors, Boards of Directors/Supervision/Commissioners, external auditors or accountants, as an internal auditor you want to report in an effective and relevant way. NARIS GRC can help you with those reports; whether it concerns assurance of audits or controls, risks at chain partners or objectives of the organization itself. From detail to dashboard, internally or externally; look back to steer forward. Fueled by useful GRC information so that the right assurance can be given.
Keywords are: Alignment, communication, coordination, cooperation
Complete the Deming Cycle
In the planning phase you determine a strategy and drive towards performance. Make performance measurable with KPI or CSF. With the strategy card of Naris Next you create a steering instrument for the PLAN-DO-CHECK-ACT steps towards quality improvement. From strategy to monitoring recommendations.
Check Key Controls
By working risk-based, the focus remains on what really matters. With Naris Next, you can quickly present an integral picture of how controls work in all processes and departments. This picture provides input for making adjustments, if necessary.
Learning by Combining Recommendations / Near Misses and Errors
Besides proactively detecting deviations with internal audits, incidents are a valuable source of information. After all, these process deviations are real-time information for quality improvement. With the Naris Next incidents app, incidents become visible so you can link them directly to processes and departments.
Inspiration around PDCA cycle.
GRC – Is it a Necessity?
Topics for Discussion As a Governance, Risk and Compliance (GRC) expert, there are a number of discussion topics that are
Don’t Become a Lone Wolf!
One of the most interesting statements I recently heard from the CEO of a large company was about the usefulness
NARIS launches groundbreaking integral GRC software
Today, NARIS GRC announces the launch of their fully updated – and expanded – Governance, Risk & Compliance (GRC) software.
Let's talk
Do you have questions about our solutions for your organization? Please feel free to contact us
Fill out the form or
call Kim:
Contact us without obligation
Would you like to know what we can do for your organization? Fill in the form below.
The Netherlands
Plantageweg 1C
3833 AZ Leusden
Colosseum 19
7521 PV Enschede
Germany
Hohenzollernring 57
50672 Köln
About NARIS
Partners
GRC tooling
Support
