KRC® supports the digital engineering process of the requirements by guiding the organization through the identification, analysis, and evaluation phases of sensitive activities. It is a highly regulatory-training platform that is regularly updated in line with regulatory developments.
SENSITIVE ACTIVITIES
- Context Model 231: it allows the definition of the 231 perimeter in terms of association between crimes, processes, and sensitive activities and integration with the risk and control model present in the ERM module.
- Identification of sensitive activities at risk of crime: it allows the detection and updating of the files of sensitive company activities for crime risk by recording the specificities relevant for 231 purposes. It also allows the assessment of the inherent risk in terms of probability of occurrence and impact on the business.
- Evaluation of the general principles of control 231 – safeguards: it allows the assessment of the adequacy of standard control measures for 231 to cover the risk of crime. It also allows the tracking of improvements deemed necessary, feeding into an action plan.
- Evaluation of residual risk: it allows you to complete the residual risk assessment process in compliance with the most recent Confindustria guidelines regarding compliance with Legislative Decree 231/01.
- Action plan management: it allows the generation and management of the action plan resulting from crime risk analysis activities.
- Communication and reporting: automatically generates reporting related to risk assessments.
PROTOCOL SYSTEM
- Identification and updating of protocols: allows the association of one or more sensitive activities to one or more protocols, effectively enabling the special part of Model 231 for crimes or for trials.
- MOGC 231 general part: it allows the definition of the customizable component of the general part of the model such as the description of the company, the composition of the Supervisory Body, the sanctioning system and the Whistleblowing procedure.
- Building and updating prtocols: it allows the generation of specific Protocols starting from what has already been mapped in sensitive activities.
- Validation of protocols: manages the approval process of the protocols by the Supervisory Body or by a person with suitable powers in order to enable them to be approved by the Board of Directors.
- MOGC 231 general and special parts: repository of Model 231 and its attachments (Code of Ethics, Organizational Charts, Anti-Corruption Plan, etc.).
ODV MANAGEMENT
- OdV Meeting: it allows the management of the Supervisory Body meetings through planning, generation of the agenda, guests and notifications and subsequent resolutions with related general and specific actions that will feed the action plans.
- Information flows: it allows the management of information flows defined during the assessment phase of sensitive activities or decided by the Supervisory Body.
- Action plan management: summary tables of the defined action plans, their progress and, if applicable, the need to activate a comprehensive updating campaign.
Read the article La normativa UNI 11961:2024 Integrazione della Compliance Aziendale
THE ADVANTAGES OF DIGITIALIZING MODEL 231
Existing synergies between Model 231 and ESG factors are managed, highlighting the strategic advantages of an integrated approach to risk management.
Integration with the risk and control model in the ERM Module is implemented.