Voquals is a consultancy company founded in 1995 by Greet Volders & Eddy Volckaerts.

From the start, we decided to remain a small company that has all the flexibility to respond to the requirements of our clients. This gives the opportunity to our Managing Consultant and founder, Greet Volders, to concentrate on the execution of our assignments.

Voquals cooperates with external partners, who have the same philosophy and motivation as the founders of Voquals.
These partners provide a large experience in one or more domains, which are in the core business of Voquals. This allows us to offer a complete and suitable solution for our client’s improvement programs.

We provide all required experience and skills to deliver a customised program for our clients, largely focused on the organisation of the client.

 

Mission and Strategy

Voquals is a consultancy company with a specialisation on IT-Governance and the use of COBIT. We strive to integrate more efficiency and effectiveness in the processes, with the purpose that the management gets control on the realised improvements.

In addition Voquals offers advice in quality management to organisations and more specifically to Information Technology departments.
We apply these quality principles in all our assignments.

We approach every project with a method and strategy that is aimed at obtaining results. In order to achieve this, we first assess the client’s current situation and identify their strategy and objectives. We then develop a solution that continues and enhances the client’s existing systems and procedures.

This pragmatic approach is at the heart of every project we carry out.

Given that most of the difficulties occur during the implementation of solutions, besides developing management systems and methodologies, Voquals also provides assistance during the implementation phase when the help of an external consultant is advisable.

Our Services

Because of the size of Voquals, it is very important to create a network of satisfied clients and to maiontain excellent relations.

Therefore our objective in each of our projects is to :

  • Deliver a high quality degree
  • Build a no-nonsense relation with the client
  • Propose solutions adjusted to the specific business of the cient

Here you find some of our services.

One of our last developments is the "Multi Compliance Framework" that provides support to become complaint to your required regulations and standards.

Multi Compliance Service Offering

Voquals’ Multi Compliance Service Offering supported by MAVIM

In the past 20 years, Voquals has helped various organisations to become compliant to internal and external regulations, and in their preparation for different certification-audits.

This has given us the expertise, knowledge and experience to use and combine different kinds of ISO-standards, Security Control Frameworks (e.g. CPMI), Corporate Control Frameworks (e.g. COBIT and COSO).

The relation between most of these frameworks is visualised in the schema below.

In 2017, we started developing our Multi Compliance Framework to help organisations meet the requirements for all kind of audits in an effective and efficient manner and, through this process, help organisations be compliant with regulation, standards and control frameworks relevant to their sector.

This results in providing the means to answer commonly experienced issues, such as:

  • Respond to all external compliance requirements, without too many overheads
  • Optimize preparations for internal & external audits
  • Understand the relations and overlap between all control frameworks you have to comply with.

Beside compliance issues, our Multi Compliance Framework contains a rich content of IT-related processes, based on ITIL and COBIT, and can be expanded to all your business and supporting processes.

We provide you with the content, structure and relationships as defined in COBIT, enriched with some practical examples, templates, and more.

You can view an introduction to this solution at Multi Compliance Framework I Introduction
A full demo is available at Multi Compliance Framework I DEMO

More information and details about content and use.

Potential Savings using our Multi Compliance Framework

For the development of your IT-related processes

  • The MCF covers the 3 latest versions of COBIT® (COBIT® 4.1, COBIT® 5 and COBIT® 2019) and the last version of ITIL.
  • For all 40 processes, a complete description is available, which can be used to describe your IT-related processes, simply by adapting default descriptions to your organization’ needs
  • No need to start with a blank sheet and you don’t have to be an expert in COBIT or ITIL to define your own business processes compliant to these best practices!
    • A potential saving of a few Man-days per process.
    • For 20 processes this yields to a saving of 60 Man-days.

Support the changes in your organization

  • When the function of a person changes, or a person leaves the organization, you only need to adapt the link from the person to the function, or change the name of the person.
  • The result is that in all related processes, process-steps and activities, there is a continued tracking of the correct person/function.
  • Each change in your organization is managed through 1 action, yielding to a saving of 1 Man-day per change, providing the assurance that all links to functions, roles and persons are always up-to-date !

Compliant with COBIT

For those organisations that are still on COBIT® 4.1 or COBIT® 5, we will help you to upgrade this into COBIT® 2019.


Use of other frameworks

For those organisations developing improvement programs using COSO, ISO27000, or other standards or controle frameworks, we will show you how to integrate COBIT® 2019 and map with these popular frameworks complimentary to COBIT® 2019.

Quick Start approach

Since a lot of guidance and content is available, this is a “quick-start” approach we offer to organizations:

  • A quick-start containing all 40 COBIT® 2019 processes embedded within the solution, linked to the roles and responsibilities of the RACI tables, including sets of metadata of all possible metrics, connected to all possible Business Intelligence and Business Architecture, and based on the IT-related goals and the process specific goals.
  • Mapping the other frameworks mentioned above to COBIT® 2019.
  • Aligning IT to Business Architecture

Purpose of this Multi Compliance Framework

  • Reduce time needed to prepare for internal & external audits
  • Reduce manual activities to prepare reporting by automating reporting through BI
  • Facilitate evidence collection for control testing
  • Increase customer & stakeholder confidence by continuous Compliance checks, monitoring and reporting
  • Easily build relations according to the Business Needs between:
    • People
    • Business & IT Processes
    • Compliance Requirements

Deliverables included in this Multi Compliance Framework

  • A complete set of IT-related processes
    • Based on the content of COBIT, ITIL and Voquals’ experience
    • Presentable on your website
    • With cross-references to
      • Various ISO-standards (ISO 9001, ISO 149001, ISO27001-ISO27002)
      • ITIL
      • COBIT® 4.1 and COBIT® 5 for a smooth transition to COBIT® 2019
    • Additional integrated content
      • Process Capability Assessment
      • IT related goals and metrics
      • Specific templates and examples of deliverables for certain processes
  • Add-on’s are available for
    • ISO-reporting
      • With mapping included to meet all IT-related processes aligning to:
          ISO9001:2015 (Quality) ISO27001:2013 (Security)
          ISO20000:2012 (ITIL)
      • Reports are pre-defined including links to your company processes
      • Can be easily tailored to other standards and control frameworks by yourself
    • GDPR compliant processes & documents
      • Necessary GDPR procedures
      • Awareness raising through built-in information, practical examples and templates
      • Required GDPR reports, e.g.
        • Data Register
        • Record of requests from Data Subjects

Facilitating your internal & external audits

  • A link is foreseen to several Standards, Control Frameworks, and other “best practices”, such as :
    • ISO 9001 – ISO 14001 – ISO 27001 – ISO 20000
    • Information Security Control Objectives - GDPR requirements - ….
  • Since the complete content of these standards and frameworks are available within the framework, these links can also be made to all other business processes.
  • In the portal (publication site) overviews are available for each of the standards, with links to related processes and documents.
  • This can be made available, through specific “View Pages” relevant to internal & external auditors, without any additional work, in the preparation of each audit.
    • Saving, for each audit, the time currently spent, when not using this Framework, to prepare responding to auditors’ requests!

You can find a demo about this solution by clicking on this link.

An added bonus, when using our Multi Compliance Solution, will assist in uncovering misalignment of IT to Business Needs and, in time, to create gains through adequately aligning IT projects and budgets to the Business needs.

IT Governance & COBIT

During IT Governance projects, we make use of COBIT & COBIT QuickStart.
Both models are "Best Practices" that are worldwide & by several governmental organisations recognised as THE standard to use for IT Governance.

Consultancy in an IT Governance project is meant to help IT Management or TOP Management in :

  • Defining priorities
  • Explaining the principles of IT Governance and the model used (COBIT)
  • Executing a first assessment (using COBIT QuickStart)
  • Assisting in the implementation of an Action or Improvement plan

In our Multi Compliance Framework all 40 COBIT 2019 processes are described in a practical way and can be used as a basis to develop your own IT-related processes.

This means a potential saving of a few man-days per process.

Preparation of certification audits

Voquals can help your organisation in the preparation of a certification audit. These certifications can be conform to several ISO-standards (ISO9001, ISO27001, ISO20000, ISO15504, or others), a SOX audit (Sarbanes Oxley), EFQM, or other internal or external official audits.

Since we are not accredited to perform the certification audits, we are the perfect independent partner to prepare your company or department for these audits.

And with our extensive knowledge of these standards and models, and our profound experience in using these for improving the internal working of organizations, we can help you to be perfectly prepared for a successful audit.

It's with this knowledge and experience that were able to develop the compliance part in our Multi Compliance Framework.

Execute IT Audits

For IT audits, we make use of Generally Recognised models, such as COBIT (ISACA) and CMMi (S.E.I.).

The IT Audit will focus on specific processes or projects, as requested by the Management of our Client.

Based on that request, we develop a customised questionnaire and adopt our techniques to the culture & possibilities within the Client’s company.

The outcome is an audit report with findings, and most important, suggestions for a specific Action Plan that can be used by IT Management to work out their improvement plan for the next period.

General Quality Management

Quality Management delivers services to develop, together with the customer, a Quality System conform to a quality model (ISO 9001, TickIT, EFQM, .... or a model that is used by the customer).

The purpose is to setup processes & procedures to get more control on the processes and to improve the content & application of these processes & procedures.

During these assignments, Voquals takes the following responsibilities :

  • Advising the quality manager
  • Assisting with the development and implementation of the quality system
  • Develop the required processes, procedures and work-instructions, in collaboration with the customer
  • Executing Quality Audits on projects, processes and the services of the customer

Interface between IT and the Business

In practical terms, it’s not easy to obtain a good alignment between IT and the business.

The consultants of Voquals function often as the connection, taking up the role of business consultant, business analyst or business architect. But also as facilitator in meetings IT organizes with the business representatives, related to program development or organizing the support, we create a good working climate between the departments.

We are often using COBIT principles in these types of assignments, next to our experience with several lines of business.

Training

Our Managing Consultant, Greet Volders, provides on a regular basis training & information sessions related to our domains of expertise.

For more than 15 years, Greet has been giving trainings and presentations about Quality Systems, the development and assessment of IT and Business processes, and the use of standards and frameworks.

In 2004, Greet became an accredited trainer for the COBIT foundation training and the IT Governance Implementation training, using COBIT and in 2014 for the COBIT5 training.

She is a regular speaker at ISACA events, such as seminars and trainings for ISACA Belgium, and presentations at EuroCACS in 2011, 2012, 2013 and 2015 about the following topics:

  • COBIT 5 Pam (Process Assessment Model).
  • COBIT 5 Implementation Explained

SLA and Contract Management

Voquals can provide support in defining Service Level Agreements (SLAs), which normally starts with the development of a Service Catalogue.

The assistance in Contract Management is mainly oriented to the correct formulation of the tasks & responsibilities expected from the Suppliers, and defined in SLAs.

This approach can also be used for the development of proposals for the Business Units, who need to provide IT-services to their (internal) customers.

Some References :

For an editorial company,we assisted the IT director in developing an overall contract for each supplier, with a separate Service Level Agreements (SLAs) for each specific service delivered. This was needed to clarify the services of the IT suppliers & to improve the quality to be delivered.

Voquals had in this assignment the responsibility to establish the necessary contacts with the different suppliers as well as to co-ordinate the elaboration of the contracts & SLAs.

For the IT-department of a large & international Industry Group, Voquals assisted the EMEA Business Support Management Team with:

  • the creation of a service catalogue, which needed to be aligned over all EMEA service centers
  • the development of an SLA-template
  • the negotiation of the SLAs with the different Business Units, in different European countries

ITIL implementation

Voquals provides support to companies and IT-departments with the introduction and development of operational processes, based on the ITIL-framework..

The purpose is to obtain better control en more efficient management on the IT activities.

In the first phase we develop the company framework. This framework supports the realisation of their IT-strategy, within budget and time. Since the flexibility of the plan and the priorities, defined by the management are important, Voquals provides specific assistance in these decisions. We help to select the people who will be involved in these projects, and we define their tasks and responsibilities.

Then we start a formal project,to define and implement the selected processes. Existing methods will be re-used as much as possible and adjusted where needed.

By starting with some clearly defined Quick-Wins, we prove the added value and make the improvements visible. In this way, we evolve to a higher maturity level. Where possible, we also implement measures to reduce the costs.

The complete IT Service Process model is part of our Multi Compliance Framework.

Business Process Modelling (BPM)

The purpose of Business Process Modeling is to define and optimise the most critical processes.

The objectives of these projects are to:

  • Improve effectiveness i.e. quality performed
  • Improve efficiency i.e. reduce costs

Typically we foresee the following activities:

  • Establishing a process inventory
  • Defining Standards & Conventions
  • Developing a selection of pilot processes
  • Implementing the processes, based on a solid “change management approach”.

Frameworks and regulations

A lot of frameworks and methodologies are available, which makes it difficult for an organisation to choose the most adequate one to support that organisation.

With its experience in a lot of frameworks, Voquals is very equiped to advice organisations in this choice.

In addition to this, our Multi Compliance Framework is very suitable to map your processes with these frameworks and Standards.

This results in easy-to-produce reports for internal and external auditors.

With this support you can save a lot of valuable time in the preparation of these certification audits.

COBIT

“COBIT is a Business Framework, developed by ISACA, for the Governance and Management of Enterprise IT.“

For more than 15 years, Voquals is working with COBIT and the consultants of Voquals are participating in several committees or task forces, working on the development of COBIT and helping ISACA International with several projects (e.g. Quickstart and PAM Process Assessment Model).
We can provide practical assistance in the application of COBIT, in executing assessments or audits, and also in the implementation and optimization of IT-related processes.

Greet Volders was member of the task force that developed the COBIT PAM (Process Assessment Model).
This PAM provides the basis for an assessment of an enterprise’s IT processes against COBIT 4.1 or COBIT 5 and enables process capability assessments to support improvement.
The assessment is evidence-based to ensure a reliable, consistent and repeatable assessment process in the area of governance and management of IT.

Since November 2018 we are working with COBIT2019. Greet Volders has collaborated, as expert reviewer, in the realisation of this last COBIT-version.

COBIT Quickstart

“COBIT Quickstart is a baseline for small to medium enterprises where IT is not mission-critical for survival. And it can also serve as a starting point for enterprises in their move towards an appropriate level of control and governance of IT.”

Voquals is using this version of COBIT to perform a quick assessment, in collaboration with IT management or IT auditors, to identify the weakest processes and develop an optimal and realistic improvement plan.

SOX (Sarbanes - Oxley)

"This USA-act aims at protecting investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws, and for other purposes. In April 2004, the IT Governance Institute issued IT Control Objectives for Sarbanes-Oxley to help companies assess and enhance their internal control systems."

Voquals delivers support in SOX-projects by developing the necessary procedures with the corresponding control objectives and activities.

Moreover, Voquals gained a wide experience in the execution of Walkthroughs & Testings. These are 2 of the essential steps, which lead to a SOX compliance certificate and are necessary to maintain this.

A successful implementation of the SOX guidelines requires more than observing the statutory regulations. Equally important is the education of the personnel by organising information sessions and/or trainings.
Our strength is to match the education to the needs of the personnel. This means that the necessary information reaches the correct target group in an efficient & effective way.

GDPR

GPDR - General Data Protection Regulation.

The new General Data Protection Regulation (GDPR) entered into force in May 2018.

Voquals can support your organisation in the preparation to become compliant with this new regulation, on the level of procedures, applicable laws and the necessary IT support.

In our Multi Compliance Framework we provide the required processes and registers to comply with this GDPR regulation.

On top of this, we added a control checklist to verify whether your organisation is complying with this GDPR regulation.

CMMI

“CMMi is a process improvement approach that provides organizations with the essential elements of effective processes that will improve performance. CMMi-based process improvement includes identifying your organization’s process strengths and weaknesses and making process changes to turn weaknesses into strengths.”

Voquals is working with CMMi to execute assessment and propose improvement plans to companies. In these assignments, we often combine the use of different frameworks :

  • CMMi to perform the assessment
  • COBIT to implement IT-related processes
  • ITIL to develop specific IT procedures
  • Etc...

More information can be found on the website of the CMMI Institute

ISO standards: ISO9001, ISO27001, ISO2000, etc.

Voquals has a profound theoretical knowledge, as well as a large practical experience with the application of several ISO standards:

ISO9001 = standard for quality management

ISO27001 = standard for IT security, which includes

  • Security techniques
  • Information security
  • Management systems
  • Requirements

ISO20000 = standard for IT service management
This standard is based on the concepts of ITIL (IT Infrastructure Library)

ISO12207 = standard for Software life cycle processes
This standard is based on TickIT, an "IT-translation" of ISO9001

EFQM

The EFQM Excellence Model is the most popular quality tool in Europe, used by more than 30.000 organisations to improve performance. It supports you to self-assess and reflect. 84% of the EFQM-members say that the EFQM Model helps to improve their organisation.

The EFQM model can be applied regardless of the type of industry, size, structure or maturity of an organisation.

It is a practical tool designed to measure the effectiveness of the organisations' approach, to obtain a clear overview of the strengths and weaknesses and to understand the gaps.

Our consultants integrate this valuable information into an achievable action plan which brings the organisation a step closer to excellence. EFQM grants each year the "Quality Award" and several "Quality Prices" to organisations which were evaluated by EFQM assessors as EXCELLENT.

Voquals has developed a lot of expertise, related to the EFQM-model:

  • being an assessor and lead-assessor for the EFQM Quality Award
  • being a consultant in the execution of a self-assessment for several clients
  • being a consultant for the implementation of the EFQM-model, which can be built further on an existing quality system conforming ISO9001

The principles of EFQM are closely linked to the mission and values of Voquals.

EFQM Model

EFQM Model for Excellence


 

News

Webinar op 13 april 2021 : Gestructureerd  beheer  van  compliance & IT-processen

Na het succes van vorig webinar, herhalen we dit webinar (met een aantal updates).

U kan zich inschrijven via bovenstaande link.

Dit wordt georganiseerd in samenwerking met Mavim tijdens hun ONLINE CONGRES OVER DIGITALE TRANSFORMATIE

Voquals organises this webinar in collaboration with Mavim. Apologies for the text in Dutch, since this is a webinar is in Dutch, and as such, focusing on the Dutch market.


ISACA Development of COBIT Focus Area for SME’s (Small and Medium Enterprises)

Due to the large and wide experience of our Managing Consultant, Greet Volders, ISACA asked her help for the development of the COBIT Focus Area for SME”s. Greet is now writing this specific guide, which will be published in Q3, 2021.

As soon as it will be published, you will find a link to the publication on our website.

For more information, contact gvolders@voquals.be


NIS Audit

NIS (Network and Information Systems) is Belgium’s first complete cyber security legislation. Voquals completed in February 2021 successfully the first required NIS Audit for Infrabel, in collaboration with TriFinance and TRIX Auditing.

More information on this law can be found on the website of ENISA


Webinar op 17 november 2020 :  Webinar Gestructureerd  beheer  van  compliance & IT-processen

Dat wordt georganiseerd in samenwerking met Mavim tijdens hun ONLINE CONGRES OVER DIGITALE TRANSFORMATIE

Voquals organises this webinar in collaboration with Mavim.
Apologies for the text in Dutch, since this was a webinar focusing on the Dutch market.


COBIT 2019 Foundation Training, with possibilities for the certification exam.

Date :

  • 7 – 9 October 2020

Webinars “How to downsize your cost of compliance”

Voquals organised these webinars about “Cost of Compliance” in collaboration with Mavim.
Apologies for the text in Dutch, since this was a webinar focusing on the Dutch market.

Hieronder vindt u de opnames van deze webinars “How to downsize your cost of compliance”
Klik op de “recording” om de opnames van de volledige webinars te bekijken.
Wil je liever een specifiek onderdeel van de webinars bekijken?
Dat kan ook! Zie onderstaande video's.

27 mei 2020 | Webinar How to downsize your cost of compliance | Part 1

Recording: Webinar How to downsize your cost of compliance (geheel)
Video: Inleiding & ontwikkelingen Compliance Management
Video: Introductie Multi Compliance Framework
Video: Demo Multi Compliance Framework (Voquals)
Video: Interview met Robert Schraders | Kuijpers Installaties

11 juni 2020 | Webinar How to downsize your cost of compliance | Part 2
Recording: Webinar How to downsize your cost of compliance (geheel)
Video: Inleiding & ontwikkelingen Compliance Management
Video: Demo Management Control Framework (Cruxer)
Video: Interview met Alfo Melisse | DELA Uitvaartverzekeringen

Wilt u hierover meer informatie of een gepersonaliseerde demo, contacteer Greet Volders via
Gvolders@voquals.be of +32 475 634 506


COBIT2019 training - 12/10/2020 to 14/10/2020 in Luxembourg.

Greet will give this training, incl. exam preparation, in collaboration with the ISACA Chapter of Luxembourg.

Due to the current situation with the COVID19, we had unfortunately no other choice than postponing our COBIT2019 training to October 2020.

You can find all information on their website here.


Compliance Presentation for VCK – January 2020

In collaboration with VCK (Vlaams Centrum voor Kwaliteitszorg – Flemish Center for Quality Management), Greet presented our approach for managing compliance to the members of VCK.

You can find the summary (in Dutch) here


COBIT5 training + exam
In March 2019, Greet Volders gave a COBIT5 foundation training, with possibility to participate at the certification exam.

During this training, Greet also explained the details and changes of the new COBIT 2019 update.

Dates are :
- Tuesday 26 March : Training
- Wednesday 27 March : Training
- Friday 29 March : summary + exam
Location : Brussels
For subscription and more specific details, please contact Greet Volders :
gvolders@voquals.be
+32 475 63 45 06


EuroCACS in Edinburgh

During the EuroCACS in May 2018, Greet presented the Multi Compliance Framework of Voquals.

This is a further developed and extended version of the previous Service Offering, which we presented at the CSX Conference.


CSX Conference in London

During the CSX Conference in London, from October 28 to November 1, 2017, Greet presented our Service Offering "COBIT5 for IT Management, COBIT5 for GDPR and COBIT5 for Information Security".
In the meantime, this has evolved to our Multi Compliance Framework.


Greet Volders, Voquals N.V., has earned the CIPM Certification

In December 2016, Greet has earned the ANSI-accredited designation of Certified Information Privacy Manager (CIPM) through the International Association of Privacy Professionals (IAPP).  In addition to her Master in Computer Audit, Certificate for Governance of Enterprise IT (CGEIT) and being COBIT Certified Assessor, Greet has now expanded her knowledge with the new Data Privacy regulation.

Privacy professionals are the arbiters of trust in today’s data-driven global economy.  They help organizations manage rapidly evolving privacy threats and mitigate the potential loss and misuse of information assets.  The IAPP is the first organization to publicly establish standards in professional education and testing for privacy and data protection.  IAPP privacy certification is internationally recognized as a reputable, independent program that professionals seek and employers demand. 

The CIPM demonstrates an understanding of privacy program governance and the skills necessary to establish, maintain and manage a privacy program across all stages of its operational life cycle. It is the first and only certification in privacy program management, developed in response to overwhelming demand to collect and collate common practices for managing privacy operations. Greet Volders joins the ranks of more than 10,000 professionals worldwide who currently hold one or more IAPP certifications. 

About the IAPP

The International Association of Privacy Professionals (IAPP) is the largest and most comprehensive global information privacy community and resource. Founded in 2000, the IAPP is a not-for-profit organization that helps define, support and improve the privacy profession globally. More information about the IAPP is available at  www.iapp.org.

 

COBIT Training

In 2014, Greet Volders has been accredited to give the formal COBIT5 Foundation and COBIT5 Assessor training,with the possibility to take the certifcation exam, at the end of each training.

And we can also provide your organisation with customised training, focusing on your specific needs.

 

COBIT implementation
Voquals is working on a Governance implementation project that could be considered as “state of the art”.
Why are we saying this ?

… because …

  • we received our assignment directly from the general director of the organization, who defines the ICT strategy
  • the business management is actively involved in defining the priorities for ICT
  • we did the goals cascade exercise with the C.E.O. and the other directors of the company

If you want some more information about this project, you can contact Greet Volders at Gvolders@voquals.be or +32 475 634506.

 

Voquals N.V.