Yellowtail Conclusion is part of the Conclusion ecosystem

Yellowtail Yellowtail
  • Sectors
    1. Collega's Yellowtail Conclusion in overleg
      Pensions & Capital

      Smart digital retirement solutions are more important than ever. Pension participants are gaining more control over their retirement choices and thus their “piggy bank” for later. Find out how we can help.

    2. Collega Yellowtail Conclusion in gesprek
      Mortgages & Loans

      Discover our innovative digital and data-driven solutions for the mortgage and credit market.

    3. Collega's Yellowtail Conclusion in gesprek
      (Semi) Government

      Solutions for vital organizations and government agencies.

  • Solutions
    1. Collega's Yellowtail Conclusion in gesprek tijdens borrelavond
      Hypact Advisor

      Hypact Advisor is an advanced all-in-one solution for mortgage advice and brokerage. Learn more or schedule a demo right away.

    2. De pensioenwebsite en het deelnemersportaal van PMA
      PensionSuite

      Yellowtail Conclusion’s Hypact Product Suite offers a comprehensive set of solutions for the entire mortgage chain. Discover our modular total solution. PensionSuite makes participant communication understandable and accessible.

    3. Collega Yellowtail Conclusion
      Hypact Productsuite

      Yellowtail Conclusion’s Hypact Product Suite offers a comprehensive suite of solutions for the entire mortgage supply chain.

    4. KCD page foto
      Key Control Dashboard

      Discover our modular total solution. PensionSuite makes participant communication understandable and accessible.

  • Services
    1. DUX
      User Experience Design

      Our UX and UI designers help financials give consumers more control over financial customer journeys.

    2. Collega Yellowtail Conclusion in gesprek
      Digital Professionals

      Our passionate digital professionals have extensive experience in the financial sector. With a proven track-record at banks, insurers, mortgage lenders and pension funds.

    3. Collega Yellowtail Conclusion
      AI

      We combine human ingenuity and AI technology to provide innovative solutions that make your organization more efficient and future-proof.

  • About us
    1. Collega's Yellowtail Conclusion in overleg
      Our story

      For 20 years we have been designing, building and managing game-changing, digital and data-driven software solutions for the financial industry.

    2. Collega's Yellowtail Conclusion in overleg
      Our team

      Yellowtailers are consultants, developers and designers with extensive experience and expertise within the financial sector.

    3. Collega's Yellowtail Conclusion in gesprek met elkaar
      Corporate Sustainability

      Yellowtail Conclusion hecht enorm veel waarde aan duurzaamheid. Om onze ambities op dit gebied te bereiken, hebben we het Yellow Impact Program opgezet.

  • Cases
Contact us
News Contact
News Contact
Contact us

Ownership and decentralization of quality management

For years, the field of (financial) accountability, internal control, internal audit and compliance has remained relatively stable. But management and senior management cannot ignore the ever-changing world with major social challenges, endless technological possibilities and a critical citizen. Available techniques such as data analysis, GRC software and continuous monitoring are taking off. In addition, information security and privacy legislation have a significant influence. How do you translate this smartly into the management and accountability function of the organization?
Eigenaarschap en het decentraal beleggen van kwaliteitsmanagement

In part 3 of this series, we will discuss the theme of decentralizing quality management and accountability for information security and privacy. The large amount of new legislation and regulations with which ministries and government organizations must comply means that these organizations are often busy resolving issues, collecting accountability information and dealing with the consequences of incidents on an ad hoc basis. This places demands on responsible officials, such as a Chief Information Security Officer in relation to information security or a Data Protection Officer in relation to privacy. That is why more and more organizations are looking at how they can decentralize quality management and accountability for standards in a more decentralized way within the organization. Because these topics are only sustainable if the rest of the organization helps out and feels jointly responsible.

Involvement

Involving the line organization in quality management and accountability for, for example, information security standards is not only done for efficiency reasons. Greater involvement must also ensure that findings are actively addressed. In other words; optimally arranging the processes and ensuring that errors and incidents that are found actually contribute to process improvement.

7 tips for decentralized quality management and accountability for information security and privacy

Quality management provides added value by operating in collaboration and interaction with the organizations involved, supervisors, policy management, line organization and society. Each from their own responsibility.

This means that more and more organizations are choosing to decentralize quality management and accountability for information security and privacy. But how do you approach this?

  1. From hierarchical thinking to networking
    Involve the first line explicitly in the preparation, testing and periodic evaluation of results. Not just shifting and delegating, but actively involving people and clearly informing them about the benefits and necessity. Being aware of this is important.
  2. Create support
    Everyone has to do their part. The topic is not popular everywhere, so it is important to create support among the line and management.
  3. From digital sending to digital interactive
    A supporting information provision (GRC or ISMS software) to be able to manage integrally is essential. It is important that this information provision supports the governance of the organization. In a decentralized setup, many different parties and officials contribute to the organization being in control. Having central insight, being able to adjust, being able to decentralize activities and being able to monitor progress is essential.
  4. Think in chains
    You can’t do everything at once. Therefore, always take one topic that needs to be centrally assigned and do it well. For example, first focus on demonstrably gaining control over information security, by implementing the Baseline Information Security Government (BIO) or ISO 27001. Then determine who coordinates centrally and who in the line organization will own certain standards and activities. Work with mapping. Also think carefully about how the independent review function is secured in the organization.
  5. Focus on data-driven and continuous monitoring
    There is more and more data available in applications and systems that show whether an organization is in control. Use this data! It can significantly reduce the control pressure on the organization.
  6. Work on a risk-aware culture
    Making mistakes is allowed. As an organization, do not only focus on what is wrong with incidents and findings, but also report on the actions and improvements. Being in control of the organization must be seen as a development and a source of value.
  7. Work on demonstrable and good file formation
    Support the organization with a good COS610 workflow and ensure a visible audit trail, review function and qualitative and proportional file formation.

The number of subjects for which accountability must be rendered is so large that the decentralization of quality management and accountability for information security and privacy is a must. A successful approach requires attention to ownership, interaction and commitment within the entire organization.

More information?

In this series, Edwin Lodder discusses the latest developments in this area at ministries and government, which are faced with the task of modernizing their accountability function. Based on a tour of the fields, Edwin lists the six most important developments within this new dynamic. We are happy to help you take the first steps towards a modern accountability function. Let us know!

Hypact Advisor

Want to know more about our services?

Contact us and delve deeper into the possibilities. Discover how our services and solutions can contribute to your organization.

Contact us

Stay updated

Al het nieuws
De kickstart van de Key Control Dashboard Community
De kickstart van de Key Control Dashboard Community
Lees meer
Goede pensioencommunicatie hoeft niet duur en ingewikkeld te zijn
Goede pensioencommunicatie hoeft niet duur en ingewikkeld te zijn
Lees meer
Integraliteit en het In Control statement als instrument
Integrality and the In Control statement as an instrument
Lees meer
Al het nieuws
Voorgesteld Zoekresultaten
Waar kunnen we je mee helpen
Neem contact op
Need help?
Yellowtail