Voquals is a consultancy company founded in 1995 by Greet Volders & Eddy Volckaerts.

From the start, we decided to remain a small company that has all the flexibility to respond to the requirements of our clients. This gives the opportunity to our Managing Consultant and founder, Greet Volders, to concentrate on the execution of our assignments.

Voquals cooperates with external partners, who have the same philosophy and motivation as the founders of Voquals.
These partners provide a large experience in one or more domains, which are in the core business of Voquals. This allows us to offer a complete and suitable solution for our client’s improvement programs.

We provide all required experience and skills to deliver a customised program for our clients, largely focused on the organisation of the client.

 

Mission and Strategy

Voquals is a consultancy company with a specialisation on IT-Governance and the use of COBIT. We strive to integrate more efficiency and effectiveness in the processes, with the purpose that the management gets control on the realised improvements.

In addition Voquals offers advice in quality management to organisations and more specifically to Information Technology departments.
We apply these quality principles in all our assignments.

We approach every project with a method and strategy that is aimed at obtaining results. In order to achieve this, we first assess the client’s current situation and identify their strategy and objectives. We then develop a solution that continues and enhances the client’s existing systems and procedures.

This pragmatic approach is at the heart of every project we carry out.

Given that most of the difficulties occur during the implementation of solutions, besides developing management systems and methodologies, Voquals also provides assistance during the implementation phase when the help of an external consultant is advisable.

Our Services

Because of the size of Voquals, it is very important to create a network of satisfied clients and to maiontain excellent relations.

Therefore our objective in each of our projects is to :

  • Deliver a high quality degree
  • Build a no-nonsense relation with the client
  • Propose solutions adjusted to the specific business of the cient

Here you find some of our services.

One of our last developments is the "Multi Compliance Framework" that provides support to become complaint to your required regulations and standards.

Multi Compliance Service Offering

Voquals’ Multi Compliance Service Offering supported by MAVIM

In the past 20 years, Voquals has helped various organisations to become compliant to internal and external regulations, and in their preparation for different certification-audits.

This has given us the expertise, knowledge and experience to use and combine different kinds of ISO-standards, Security Control Frameworks (e.g. CPMI), Corporate Control Frameworks (e.g. COBIT and COSO).

The relation between most of these frameworks is visualised in the schema below.

In 2017, we started developing our Multi Compliance Framework to help organisations meet the requirements for all kind of audits in an effective and efficient manner and, through this process, help organisations be compliant with regulation, standards and control frameworks relevant to their sector.

This results in providing the means to answer commonly experienced issues, such as:

  • Respond to all external compliance requirements, without too many overheads
  • Optimize preparations for internal & external audits
  • Understand the relations and overlap between all control frameworks you have to comply with.

Beside compliance issues, our Multi Compliance Framework contains a rich content of IT-related processes, based on ITIL and COBIT, and can be expanded to all your business and supporting processes.

We provide you with the content, structure and relationships as defined in COBIT5, enriched with some practical examples, templates, and more.

You can find a presentation about this solution by clicking on this link.

More information and details about content and use.

Potential Savings using our Multi Compliance Framework

For the development of your IT-related processes

  • For all 37 processes, a complete description is available, which can be used to describe your IT-related processes, simply by adapting default descriptions to your organization’ needs.
  • No need to start with a blank sheet and you don’t have to be an expert in COBIT5, ITIL to define your own business processes compliant to these best practices!
    • A potential saving of a few Man-days per process.
    • For 20 processes this yields to a saving of 60 Man-days.

Support the changes in your organization

  • When the function of a person changes, or a person leaves the organization, you only need to adapt the link from the person to the function, or change the name of the person.
  • The result is that in all related processes, process-steps and activities, there is a continued tracking of the correct person/function.
  • Each change in your organization is managed through 1 action, yielding to a saving of 1 Man-day per change, providing the assurance that all links to functions, roles and persons are always up-to-date !

Compliant with COBIT

For those organisations that are still on COBIT 4.1 or previous, we will help you to upgrade this into COBIT 5.

And soon, we will integrate COBIT2019!

Use of other frameworks

For those organisations developing improvement programs using COSO, ITIL and ISO27000, we will show you how to integrate COBIT5 and map with these popular frameworks complimentary to COBIT5.

Quick Start approach

Since a lot of guidance and content is available, this is a “quick-start” approach we offer to organizations:

  • A quick-start containing all 37 COBIT5 processes embedded within the solution, linked to the roles and responsibilities of the RACI tables, including sets of metadata of all possible metrics, connected to all possible Business Intelligence and Business Architecture, and based on the IT-related goals and the process specific goals.
  • Mapping the other frameworks mentioned above to COBIT5.
  • Aligning IT to Business Architecture

An added bonus, when using our Multi Compliance Solution, will assist in uncovering misalignment of IT to Business Needs and, in time, to create gains through adequately aligning IT projects and budgets to the Business needs.

Purpose of this Multi Compliance Framework

  • Reduce time needed to prepare for internal & external audits
  • Reduce manual activities to prepare reporting by automating reporting through BI
  • Facilitate evidence collection for control testing
  • Increase customer & stakeholder confidence by continuous Compliance checks, monitoring and reporting
  • Easily build relations according to the Business Needs between:
    • People
    • Business & IT Processes
    • Compliance Requirements

Deliverables included in this Multi Compliance Framework

  • A complete set of IT-related processes (37 in all)
    • Based on the content of COBIT5, ITIL and Voquals’ experience
    • Presentable on your website
    • With cross-references to
      • Various ISO-standards (see next slide)
      • ITIL
      • COBIT4.1 - for a smooth transition to COBIT5
    • Additional integrated content
      • Process Capability Assessment
      • IT related goals and metrics
      • Specific templates and examples of deliverables for certain processes
  • Add-on’s are available for
    • ISO-reporting
      • With mapping included to meet all IT-related processes aligning to:
          ISO9001:2015 (Quality) ISO27001:2013 (Security) ISO20000:2012 (ITIL)
      • Reports are pre-defined including links to your company processes
      • Can be easily tailored to other standards and control frameworks by yourself
    • GDPR compliant processes & documents
      • Necessary GDPR procedures
      • Awareness raising through built-in information, practical examples and templates
      • Required GDPR reports, e.g.
        • Data Register
        • Record of requests from Data Subjects

Facilitating your internal & external audits

  • A link is foreseen to several Standards, Control Frameworks, and other “best practices”, such as :
    • ISO9001 - ISO27001 - ISO2000
    • The DNB Control Objectives - GDPR requirements - ….
  • Since the complete content of these standards and frameworks are available within the framework, these links can also be made to all other business processes.
  • In the portal (publication site) overviews are available for each of the standards, with links to related processes and documents.
  • This can be made available, through specific “View Pages” relevant to internal & external auditors, without any additional work, in the preparation of each audit.
    • Saving, for each audit, the time currently spent, when not using this Framework, to prepare responding to auditors’ requests!

You can find a presentation about this solution by clicking on this link.

IT Governance & COBIT

During IT Governance projects, we make use of COBIT & COBIT QuickStart.
Both models are "Best Practices" that are worldwide & by several governmental organisations recognised as THE standard to use for IT Governance.

Consultancy in an IT Governance project is meant to help IT Management or TOP Management in :

  • Defining priorities
  • Explaining the principles of IT Governance and the model used (COBIT)
  • Executing a first assessment (using COBIT QuickStart)
  • Assisting in the implementation of an Action or Improvement plan

In our Multi Compliance Framework all 37 COBIT5 processes are described in a practical way and can be used as a basis to develop your own IT-related processes.

This means a potential saving of a few man-days per process.

Preparation of certification audits

Voquals can help your organisation in the preparation of a certification audit. These certifications can be conform to several ISO-standards (ISO9001, ISO27001, ISO20000, ISO15504, or others), a SOX audit (Sarbanes Oxley), EFQM, or other internal or external official audits.

Since we are not accredited to perform the certification audits, we are the perfect independent partner to prepare your company or department for these audits.

And with our extensive knowledge of these standards and models, and our profound experience in using these for improving the internal working of organizations, we can help you to be perfectly prepared for a successful audit.

It's with this knowledge and experience that were able to develop the compliance part in our Multi Compliance Framework.

Execute IT Audits

For IT audits, we make use of Generally Recognised models, such as COBIT (ISACA) and CMMi (S.E.I.).

The IT Audit will focus on specific processes or projects, as requested by the Management of our Client.

Based on that request, we develop a customised questionnaire and adopt our techniques to the culture & possibilities within the Client’s company.

The outcome is an audit report with findings, and most important, suggestions for a specific Action Plan that can be used by IT Management to work out their improvement plan for the next period.

General Quality Management

Quality Management delivers services to develop, together with the customer, a Quality System conform to a quality model (ISO 9001, TickIT, EFQM, .... or a model that is used by the customer).

The purpose is to setup processes & procedures to get more control on the processes and to improve the content & application of these processes & procedures.

During these assignments, Voquals takes the following responsibilities :

  • Advising the quality manager
  • Assisting with the development and implementation of the quality system
  • Develop the required processes, procedures and work-instructions, in collaboration with the customer
  • Executing Quality Audits on projects, processes and the services of the customer

Interface between IT and the Business

In practical terms, it’s not easy to obtain a good alignment between IT and the business.

The consultants of Voquals function often as the connection, taking up the role of business consultant, business analyst or business architect. But also as facilitator in meetings IT organizes with the business representatives, related to program development or organizing the support, we create a good working climate between the departments.

We are often using COBIT principles in these types of assignments, next to our experience with several lines of business.

Training

Our Managing Consultant, Greet Volders, provides on a regular basis training & information sessions related to our domains of expertise.

For more than 15 years, Greet has been giving trainings and presentations about Quality Systems, the development and assessment of IT and Business processes, and the use of standards and frameworks.

In 2004, Greet became an accredited trainer for the COBIT foundation training and the IT Governance Implementation training, using COBIT and in 2014 for the COBIT5 training.

She is a regular speaker at ISACA events, such as seminars and trainings for ISACA Belgium, and presentations at EuroCACS in 2011, 2012, 2013 and 2015 about the following topics:

  • COBIT 5 Pam (Process Assessment Model).
  • COBIT 5 Implementation Explained

SLA and Contract Management

Voquals can provide support in defining Service Level Agreements (SLAs), which normally starts with the development of a Service Catalogue.

The assistance in Contract Management is mainly oriented to the correct formulation of the tasks & responsibilities expected from the Suppliers, and defined in SLAs.

This approach can also be used for the development of proposals for the Business Units, who need to provide IT-services to their (internal) customers.

Some References :

For an editorial company,we assisted the IT director in developing an overall contract for each supplier, with a separate Service Level Agreements (SLAs) for each specific service delivered. This was needed to clarify the services of the IT suppliers & to improve the quality to be delivered.

Voquals had in this assignment the responsibility to establish the necessary contacts with the different suppliers as well as to co-ordinate the elaboration of the contracts & SLAs.

For the IT-department of a large & international Industry Group, Voquals assisted the EMEA Business Support Management Team with:

  • the creation of a service catalogue, which needed to be aligned over all EMEA service centers
  • the development of an SLA-template
  • the negotiation of the SLAs with the different Business Units, in different European countries

ITIL implementation

Voquals provides support to companies and IT-departments with the introduction and development of operational processes, based on the ITIL-framework..

The purpose is to obtain better control en more efficient management on the IT activities.

In the first phase we develop the company framework. This framework supports the realisation of their IT-strategy, within budget and time. Since the flexibility of the plan and the priorities, defined by the management are important, Voquals provides specific assistance in these decisions. We help to select the people who will be involved in these projects, and we define their tasks and responsibilities.

Then we start a formal project,to define and implement the selected processes. Existing methods will be re-used as much as possible and adjusted where needed.

By starting with some clearly defined Quick-Wins, we prove the added value and make the improvements visible. In this way, we evolve to a higher maturity level. Where possible, we also implement measures to reduce the costs.

The complete IT Service Process model is part of our Multi Compliance Framework.

Business Process Modelling (BPM)

The purpose of Business Process Modeling is to define and optimise the most critical processes.

The objectives of these projects are to:

  • Improve effectiveness i.e. quality performed
  • Improve efficiency i.e. reduce costs

Typically we foresee the following activities:

  • Establishing a process inventory
  • Defining Standards & Conventions
  • Developing a selection of pilot processes
  • Implementing the processes, based on a solid “change management approach”.

Frameworks and regulations

A lot of frameworks and methodologies are available, which makes it difficult for an organisation to choose the most adequate one to support that organisation.

With its experience in a lot of frameworks, Voquals is very equiped to advice organisations in this choice.

In addition to this, our Multi Compliance Framework is very suitable to map your processes with these frameworks and Standards.

This results in easy-to-produce reports for internal and external auditors.

With this support you can save a lot of valuable time in the preparation of these certification audits.

COBIT

“COBIT is a Business Framework, developed by ISACA, for the Governance and Management of Enterprise IT.“

For more than 15 years, Voquals is working with COBIT and the consultants of Voquals are participating in several committees or task forces, working on the development of COBIT and helping ISACA International with several projects (e.g. Quickstart and PAM Process Assessment Model).
We can provide practical assistance in the application of COBIT, in executing assessments or audits, and also in the implementation and optimization of IT-related processes.

Greet Volders was member of the task force that developed the COBIT PAM (Process Assessment Model).
This PAM provides the basis for an assessment of an enterprise’s IT processes against COBIT 4.1 or COBIT 5 and enables process capability assessments to support improvement.
The assessment is evidence-based to ensure a reliable, consistent and repeatable assessment process in the area of governance and management of IT.

Since November 2018 we are working with COBIT2019. Greet Volders has collaborated, as expert reviewer, in the realisation of this last COBIT-version.

COBIT Quickstart

“COBIT Quickstart is a baseline for small to medium enterprises where IT is not mission-critical for survival. And it can also serve as a starting point for enterprises in their move towards an appropriate level of control and governance of IT.”

Voquals is using this version of COBIT to perform a quick assessment, in collaboration with IT management or IT auditors, to identify the weakest processes and develop an optimal and realistic improvement plan.

SOX (Sarbanes - Oxley)

"This USA-act aims at protecting investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws, and for other purposes. In April 2004, the IT Governance Institute issued IT Control Objectives for Sarbanes-Oxley to help companies assess and enhance their internal control systems."

Voquals delivers support in SOX-projects by developing the necessary procedures with the corresponding control objectives and activities.

Moreover, Voquals gained a wide experience in the execution of Walkthroughs & Testings. These are 2 of the essential steps, which lead to a SOX compliance certificate and are necessary to maintain this.

A successful implementation of the SOX guidelines requires more than observing the statutory regulations. Equally important is the education of the personnel by organising information sessions and/or trainings.
Our strength is to match the education to the needs of the personnel. This means that the necessary information reaches the correct target group in an efficient & effective way.

GDPR

GPDR - General Data Protection Regulation.

The new General Data Protection Regulation (GDPR) entered into force in May 2018.

Voquals can support your organisation in the preparation to become compliant with this new regulation, on the level of procedures, applicable laws and the necessary IT support.

In our Multi Compliance Framework we provide the required processes and registers to comply with this GDPR regulation.

On top of this, we added a control checklist to verify whether your organisation is complying with this GDPR regulation.

CMMI

“CMMi is a process improvement approach that provides organizations with the essential elements of effective processes that will improve performance. CMMi-based process improvement includes identifying your organization’s process strengths and weaknesses and making process changes to turn weaknesses into strengths.”

Voquals is working with CMMi to execute assessment and propose improvement plans to companies. In these assignments, we often combine the use of different frameworks :

  • CMMi to perform the assessment
  • COBIT to implement IT-related processes
  • ITIL to develop specific IT procedures
  • Etc...

More information can be found on the website of the CMMI Institute

ISO standards: ISO9001, ISO27001, ISO2000, etc.

Voquals has a profound theoretical knowledge, as well as a large practical experience with the application of several ISO standards:

ISO9001 = standard for quality management

ISO27001 = standard for IT security, which includes

  • Security techniques
  • Information security
  • Management systems
  • Requirements

ISO20000 = standard for IT service management
This standard is based on the concepts of ITIL (IT Infrastructure Library)

ISO12207 = standard for Software life cycle processes
This standard is based on TickIT, an "IT-translation" of ISO9001

EFQM

The EFQM Excellence Model is the most popular quality tool in Europe, used by more than 30.000 organisations to improve performance. It supports you to self-assess and reflect. 84% of the EFQM-members say that the EFQM Model helps to improve their organisation.

The EFQM model can be applied regardless of the type of industry, size, structure or maturity of an organisation.

It is a practical tool designed to measure the effectiveness of the organisations' approach, to obtain a clear overview of the strengths and weaknesses and to understand the gaps.

Our consultants integrate this valuable information into an achievable action plan which brings the organisation a step closer to excellence. EFQM grants each year the "Quality Award" and several "Quality Prices" to organisations which were evaluated by EFQM assessors as EXCELLENT.

Voquals has developed a lot of expertise, related to the EFQM-model:

  • being an assessor and lead-assessor for the EFQM Quality Award
  • being a consultant in the execution of a self-assessment for several clients
  • being a consultant for the implementation of the EFQM-model, which can be built further on an existing quality system conforming ISO9001

The principles of EFQM are closely linked to the mission and values of Voquals.

EFQM Model

EFQM Model for Excellence


 

News

COBIT5 training + exam
In March 2019, Greet Volders will give COBIT5 foundation training, with possibility to participate at the certification exam.

During this training, Greet will also explain the details and changes of the new COBIT 2019 update.

Dates are :
- Tuesday 26 March : Training
- Wednesday 27 March : Training
- Friday 29 March : summary + exam
Location : Brussels
For subscription and more specific details, please contact Greet Volders :
gvolders@voquals.be
+32 475 63 45 06

 

EuroCACS in Edinburgh

During the EuroCACS in May 2018, Greet presented the Multi Compliance Framework of Voquals.

This is a further developed and extended version of the previous Service Offering, which we presented at the CSX Conference.

See here for more information.

 

CSX Conference in London

During the CSX Conference in London, from October 28 to November 1, 2017, Greet will present our new Service Offering "COBIT5 for IT Management, COBIT5 for GDPR and COBIT5 for Information Security".

See here for more information.

 

Greet Volders, Voquals N.V., has earned the CIPM Certification

In December 2016, Greet has earned the ANSI-accredited designation of Certified Information Privacy Manager (CIPM) through the International Association of Privacy Professionals (IAPP).  In addition to her Master in Computer Audit, Certificate for Governance of Enterprise IT (CGEIT) and being COBIT Certified Assessor, Greet has now expanded her knowledge with the new Data Privacy regulation.

Privacy professionals are the arbiters of trust in today’s data-driven global economy.  They help organizations manage rapidly evolving privacy threats and mitigate the potential loss and misuse of information assets.  The IAPP is the first organization to publicly establish standards in professional education and testing for privacy and data protection.  IAPP privacy certification is internationally recognized as a reputable, independent program that professionals seek and employers demand. 

The CIPM demonstrates an understanding of privacy program governance and the skills necessary to establish, maintain and manage a privacy program across all stages of its operational life cycle. It is the first and only certification in privacy program management, developed in response to overwhelming demand to collect and collate common practices for managing privacy operations. Greet Volders joins the ranks of more than 10,000 professionals worldwide who currently hold one or more IAPP certifications. 

About the IAPP

The International Association of Privacy Professionals (IAPP) is the largest and most comprehensive global information privacy community and resource. Founded in 2000, the IAPP is a not-for-profit organization that helps define, support and improve the privacy profession globally. More information about the IAPP is available at  www.iapp.org.

 

COBIT Training

In 2014, Greet Volders has been accredited to give the formal COBIT5 Foundation and COBIT5 Assessor training,with the possibility to take the certifcation exam, at the end of each training.

And we can also provide your organisation with customised training, focusing on your specific needs.

 

COBIT implementation
Voquals is working on a Governance implementation project that could be considered as “state of the art”.
Why are we saying this ?

… because …

  • we received our assignment directly from the general director of the organization, who defines the ICT strategy
  • the business management is actively involved in defining the priorities for ICT
  • we did the goals cascade exercise with the C.E.O. and the other directors of the company

If you want some more information about this project, you can contact Greet Volders at Gvolders@voquals.be or +32 475 634506.

 

Voquals N.V.