Swiss GRC

Internal Control System (ICS) Solution

Minimize risks and optimize processes with an effective ICS

The GRC Toolbox helps to implement, monitor and continuously improve the Internal Control System (ICS). The solution automates the required ICS processes and ensures that internal controls can be executed effectively and efficiently.

Play Video
Software Advice Front Runners 2023
Capterra Shortlist 2023
GetApp Category Leaders 2023
Software Advice Front Runners 2023
Capterra Shortlist 2023
GetApp Category Leaders 2023

Leading companies use our ICS solution

GRC Toolbox Insights


Get first insights into the features of our ICS solution here.

Process documentation (BPMN)

The integrated BPMN module makes it possible to visually model business processes, including the risks and controls that occur within. Business process modeling helps to understand the processes and potential process risks and make any necessary modifications or improvements.

Risk Control Matrix (RCM)

The risk-control matrix is a tool used within the ICS to identify and assess risks in processes. For each risk, it defines controls to help minimize or avoid the risk. It is a valuable tool for implementing and maintaining an appropriate internal control system.

Control Execution

In order to operationally anchor the defined controls, the GRC Toolbox supports the automated distribution of the controls to the responsible persons and the notification of upcoming control executions. This enables the existence of controls to be proven and their effectiveness to be ensured.

Control Assessments

Control assessment in GRC Toolbox is a process of evaluating the design and  operating effectiveness of an organization’s internal controls. A regular control assessment is an important component in the ICS and helps ensure that the organization’s ICS is effective and risks are appropriately identified and mitigated.

Control Testing and Findings

GRC Toolbox’s control testing refers to the process of testing the effectiveness of an organization’s internal controls. Control testing ensures that the company’s internal controls are effective and identifies weaknesses or deficiencies in controls before they can lead to major problems.

ICS Reporting

ICS reporting is important for the company’s management to ensure that the ICS is effective and appropriate. The ICS report typically includes a description of the business processes that were reviewed and a summary of the controls that were identified during the review. In addition, the report includes recommendations for improving internal controls if weaknesses or deficiencies were identified.

ICS Reporting

Advantages and added value for your organization

ICS with the GRC Toolbox

Identification of risks in processes

The ICS solution supports the identification and assessment of risks that could impact business processes. Visualized in the form of a risk control matrix.

Definition of controls and control monitoring

The ICS solution assists in monitoring implemented internal controls to ensure they are operating effectively and efficiently.

Reports to show control results

The ICS solution generates reports on the effectiveness of internal controls. These reports serve as a base for improvements of the ICS.

Identify deficiencies and initiate improvements

The ICS solution helps to capture and describe findings and initiate improvement actions.

Adherence to compliance requirements

The ICS solution helps to capture and comply with numerous rules and regulations and to prove compliance.


The ICS solution helps manage documents relevant to the ICS, such as process documentation, policies and more.

With the GRC Toolbox, we have an efficient and practical instrument that literally pays off for us and, more importantly, for our taxpayers. We appreciate the high level of expertise and flexibility of Swiss GRC AG and its team of consultants. The efficient approach and successful ICS implementation has validated our decision to have the right partner and the correct tool with Swiss GRC AG.

Heinrich Furrer
Head of Services, Directorate of Finance, Canton of Uri

Heinrich Furrer

Discover all our solutions around GRC

Create the foundation for a successful GRC strategy. With the GRC Toolbox, you can gradually extend your digital governance, risk and compliance processes to all other GRC areas.

Information Security (ISMS)

Risk Management

Contract Management

Third-Party Risk Management (TPRM)


Learn more about our ICS software

Convince yourself and test all functions of the GRC Toolbox, the user-friendly software for your GRC management.

Mirko Hegi

Mirko Hegi, GRC Expert, PostFinance AG

Right from the start, the cooperation was at eye level and we understood each other, not only on a professional but also on a human level.

Fill out and submit the form, and we will contact you shortly.