in

smartercommunity

Bringing policyIQ users together

This Blog

Syndication

Tags

policyIQ Blog

March 2010 - Posts

  • Internal Auditors, please come to the table!

    …Our round table, that is.

    Hello, Internal Audit professionals! 

    At the end of this month (April 29th) the policyIQ team will be hosting another solution-focused webinar; this time featuring Internal Audit. Our aim is to move beyond the common SOX conversation and dig into Operational Audits.

    Whether you’re dealing with Environmental Health and Safety audits in a manufacturing environment, auditing in the restaurant or entertainment industry, performing inventory audits, auditing your purchasing and receiving operations, or ensuring that HR procedures are established and followed, all internal audit groups are faced with the task of establishing sound and effective audit programs to assess the range of operations carried out in their organizations.

    In our upcoming session we plan to facilitate a fruitful discussion between all of you—Internal Audit professionals—and to address your questions, concerns and best practices with regard to Operational Audits.

    Please help us to gather some preliminary information by participating in this poll:

     

    Would you like to participate in our round table discussion?

    If you are interested in participating in the discussion or you have some questions that you would like to have the presenter pose to those who do participate, please email us or let us know who you are and we'll get in touch with you to discuss further.

    Thank you! We're looking forward to this month's solution-focused CPE session!

    Posted Mar 31 2010, 02:43 PM by stepheniebuehrle with no comments

  • Follow up to our ERM Presentation – read, watch, practice, learn!


    On Thursday last week, our team continued our policyIQ solution-focused series by highlighting our Enterprise Risk Management solution. Our intention was to provide attendees with a view of the full solution; including how to develop an ERM process based on best practices gleaned from our experienced ERM professionals, as well as how to implement the policyIQ technology to effectively manage documentation and gain efficiencies with automation of several steps of the process.

    If you would like some additional guidance or assistance with the implementation of your ERM process, please contact us and we’ll put you in touch with the best contact to meet your needs!

    Access the policyIQ ERM Webinar On-Demand
    If you missed the webinar, you are welcome to review the recording. (Sorry, no CPE credit for watching the video.) It is accessible on our training page or you may click here to launch the webinar directly.

    The Super-Cliff-Notes Version of our policyIQ ERM Session
    COSO Definition
    “A process, effected by an entity’s board of directors, management, and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risks to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.”

    Distinguish between ERM, IA and SOX
    ERM is not about a system of internal controls, financial reporting or testing…ERM is about decision making!

    High Level Process and the Role of policyIQ

    1. Perform a Risk Inventory: senior management interview
      1. Capture using policyIQ's Forms Management functionality
    2. Evaluate what policies and procedures you have in place to meet those risks
      1. Use policyIQ Reports to comb through your existing Policies and Procedures (if you have them in policyIQ)
    3. Determine what Enterprise Risks exist: interview business unit management, assess materiality
      1. Document Enterprise Risks in policyIQ Pages
      2. Use policyIQ's Forms Management functionality to help business unit management to assess materiality, then update Enterprise Risk Pages
    4. Identify and assess organization's Capabilities to manage risks: help business unit managers to assess capabilities and to record benchmarks for each.
      1. Document organization's Capabilities in policyIQ Pages; link to relative Enterprise Risks and to related Internal Controls
      2. Use policyIQ's Forms Management functionality to help business unit management to assess capabilities' benchmarks, then update Capabilty Pages
    5. Review Residual Risks; those that are not adequately managed with capabilities
      1. Use policyIQ Reprts to oversee Enterprise Risks and their relationship to Capabilties. Use filters to narrow down to high materiality Enterprise Risks or Enterprise Risks linked to "Weak" Capabilities.
    6. Develop a gap plan (to address the residual risks)
      1. Document Management's response to Residual Risks in your Enterprise Risk Pages.
      2. You might also decide to create ERM Gap Pages to better document the vulnerability, management's response and the planned remediation activity/activities
    7. Execute the gap plan
      1. Document the execution or remediation within the Enterprise Risk Pages and/or within your ERM Gap Pages.

    I do much better with visual aids!


    More detailed guidance—even some stuff we didn’t present—in policyIQ’s Help
    (Click the image to launch directly to the ERM overview page in policyIQ’s “Help” guide)


     
    Practice Makes Perfect!
    We have a generic “play place” for you to create sample content, forms, reports and to experience the process of moving content through the workflow. We just “refreshed” this site with all of the examples that were presented in our ERM session. If you would like to be granted access to the Practice site, send us an email to let us know and we’ll get you set up!

    Keep in mind that we will “refresh” this Practice site each month with the latest examples from our Solution-focused session. In effect, we copy the Training site to create a new Practice site each month. For this reason, you will not be able to save content in the practice site from month to month and users will need to shoot us an email each month if you would like to be granted access to the Practice site.


    The Questions and Answers from our Session’s Chat
    As promised, we have the questions and answers (in some cases with a little bit more detail than we had time to provide during the session) right here in our blog:

    Q: When you talk about documenting “capabilities”, are these capabilities that are currently in place, or are they processes we'd like to put in place to help manage the risk?
    A: Short answer = both! In the early stages of implementing ERM, risk management team will assess what policies and procedures and other practices are already in place that address the recently identified risks. Once the full evaluation of enterprise risks, existing capabilities and gap analysis takes place, your organization will likely make plans to improve some of the existing capabilities and may also introduce new ones!

    Q: Can the product do a "heat map" showing all risks plotted on a X and Y axis of impact and likelihood? 
    A: A Summary Report would provide a good representation of this - with the X axis being Impact and the Y axis being Likelihood.  The "heat map" would show the higher numbers at the intersections.  (policyIQ would not have the color coded / shaded areas.)

    Q: Can we get the presentation slides as a PDF?  Thanks!
    A: We have these slides in our help guide!  If you aren't yet a user in policyIQ, contact our support team for a trial site or access to the practice site.

    Please let us know how we can support you to get started!

    Posted Mar 30 2010, 06:05 AM by stepheniebuehrle with no comments

  • Remind me, what is IFRS?

    Remind me, what is IFRS?

    Wait; don't stop reading because you are thinking that only the Accounting department needs to know about IFRS.    IFRS will impact almost all areas of an organization including IT, Operations, Manufacturing and certainly the Finance Department.

    As a reminder, IFRS stands for the International Financial Reporting Standards.  They are the judgment-based financial reporting system that the US is likely moving towards.   These standards are different from the rules-based system of U.S. GAAP that is currently followed in the United States.  

    Let's start at the beginning and discuss the difference between a rule-based system and a principles-based system.  

    IFRS Chart

    Those of us that just experienced a harsh winter can remember lots of times recently when driving 55 miles per hour was out of the question.  A principles-based system allows room for the individual to make decisions based on what they know to be true and what they think will be best.   In a rules-based system you follow the rules, always, without question.  

    The current roadmap proposes that US companies will need to be IFRS compliant by 2015.   Europe is currently utilizing IFRS and Canada companies have a 2011 due date.   What is the feedback time and time again from companies that have been there?  Start early!   In the coming months we will post IFRS information and updates on this blog and we will tell you about Resources Global Professionals' relationship with IASeminars and the many IFRS specific training opportunities available to you.   Read the press release here

    IFRS globeHere are some IFRS stats for you to consider:

    • - So far, more than 12,000 companies in almost 100 countries have adopted IFRS
    • - This is 40%+ of the Fortune Global 500 companies
    • - The SEC estimates that US companies will spend 0.13% of their revenue on transitioning from U.S. GAAP to IFRS
    • - IFRS conversions are underway in Canada, India, Japan, Mexico and more

     

    For an expert opinion on what is next in IFRS, please read the Resources Global Finance and Account blog with recent posts on updates in IFRS - http://www.resourcesglobal.com/blogs/fna/

    We will also talk about the role that policyIQ may take in your IFRS project.   Feel free to contact us with any questions - support@policyIQ.com

    Posted Mar 22 2010, 10:34 AM by carolinevillella with no comments
    Filed under: , , , , ,

  • Supercharge your policyIQ experience - tips to make your browser run more smoothly

    Have you ever wondered if your policyIQ experience is as smooth as it could be? Some of our users have asked for recommendations on how to optimize their browser's performance, so we would like to share some tips with you. Here are a few items to consider, to help you ensure your Microsoft Internet Explorer is optimized for using policyIQ.

    What version of Internet Explorer are you using?

    Go to Help -> About Internet Explorer and take a look. If you're not at version 7 or higher, consider upgrading. policyIQ will certainly function with Internet Explorer 6, but performs optimally with version 7.

     

    Have you added policyIQ as a trusted site?

    This is a big one! In order to maximize your experience, you should definitely have policyIQ in your trusted site list. Go to   Tools -> Internet Options, and then click on the Security tab. Select Trusted Sites, and then click the Sites button. In the field Add this website to the zone, enter your policyIQ site URL (e.g., https://companyname.policyiq.com/). Then click the Add button and close the window. That's it!

     

    Wait - turn your Status Bar on!

    We've discovered that adding policyIQ as a trusted site will hide IE's Status Bar in policyIQ. We recommend turning the Status Bar on, as it will help give you a clearer picture of your browser's progress when it's performing an action. Go to Tools -> Internet Options, and then click on the Security tab. In the section Security level for this zone, click on the Custom level button. Find the option Allow websites to open windows without address or status bars and disable it. (Note that in IE 6, this option is titled Allow script-initiated windows without size or position constraints.)

     

    Allow policyIQ pop-ups!

    Some items in policyIQ are displayed as pop-ups, so you'll want to add policyIQ as an allowed pop-up site. You can do this by going to Tools -> Pop-up Blocker>Pop-up Blocker Settings. Note that if you are using other pop-up blockers such as Google Toolbar, you'll need to disable them or allow pop-ups from them separately.

     

    Does your browser look for updated versions of stored pages?

    Internet Explorer stores copies of web pages in order to allow quicker viewing on subsequent visits. In order to ensure you're viewing the latest version of content, you'll want to ensure IE is looking for the latest version of your pages. From Tools -> Internet Options, look at the Browsing history section and click Settings. Under the option for Check for newer versions of stored pages, make sure Automatically is checked.

     

    Our team is dedicated to ensuring your policyIQ experience is as smooth and productive as it can possibly be. If you'd like to discuss any of these recommendations or any other questions you may have, contact our Support team by email at support@policyIQ.com, or call us toll-free at 1.866.753.1231.

    Posted Mar 22 2010, 07:10 AM by scottpalermo with no comments
    Filed under: ,

  • 8 tips to successfully manage a policyIQ reimplementation project! Learn from the success of Surgical Care Affiliates

    Spring cleaning time is a great time to re-evaluate your policyIQ implementation.  You might look for ways to make it even more efficient or expand it to new areas of your business.  Changes might be small, like updating the Group structure to more accurately reflect your current organizational structure.  Some companies might even choose to make big changes, establishing a project team to review, rewrite, create and organize policies, procedures, safety documentation or complete risk management documentation across the entire business.

     

    At the beginning of last year, Surgical Care Affiliates (SCA), one of the largest providers of specialty surgical services, took on the project of completely revamping their policyIQ site.  They had been spun out the year before and had maintained the policyIQ structure of their former parent company.  However, as they grew into their own independent organization, that structure and the policies and procedures that had been documented were no longer effective for the new organization.  

     

    Enter Donna McLean.  At the time, Donna was a consultant with Resources Global Professionals with a background in policy writing and process optimization.  Donna was brought on board as a consultant to head up the project to update policies and procedures and to put a sustainable process in place for keeping documentation centralized and up to date.  Donna used the opportunity to also upgrade policyIQ to version 6 and configure the software to support their efforts.  Donna has since taken a full-time position with SCA as the Manager of Policy Optimization, Assurance and Process Improvement.

     

    We asked Ms. McLean to share with us the secrets to the success of SCA's project, where they have successfully completed phase 1 and have moved on to phase 2, which will involve more optimization and process automation in policyIQ.  Donna responded with 8 great pieces of advice on how to successfully manage a policyIQ reimplementation project.  These tips are a great mix of the soft skills of project management, and the details of a successful policyIQ configuration. 

     

     

    1. Planning.  Planning.  Planning, planning, planning.

     

    "I can't say that enough," explains Donna as she gives us her number one recommendation.  We agree!  Any project should be planned out in advance, with a written project plan available to all members of the project team.  Make sure you have clearly communicated the goal of the “re-vamp project”, set reasonable deadlines for your team members and taken into account their other responsibilities.

     

    Planning is also important for your policyIQ configuration steps.  Plan out the changes and consider what effects the changes will have on the users, other administrators or other departments who might also be using policyIQ.  Contact those stakeholders and review your changes to be sure that you've planned for all of the impacts.  And don’t hesitate to call on the policyIQ team to help you to plan out the steps and evaluate the impacts.

     

     

    2. Get buy-in at the highest levels

     

    The larger the project, the higher you should go to be sure you have buy-in.  You will need the support of your management team to help set priorities for team members and to put their weight behind the changes in the end product.  If you are implementing changes for your Accounting Policy Manual, make sure your Accounting Manager is on board.  If you are revamping your site that holds all Corporate Policies and Procedures across multiple locations, your executive committee should be on board and encouraging the process.

     

    Ask your executive or management sponsor to help create the “tone at the top” by sending out a message early in the project to all stakeholders about the importance and the ultimate goal for the changes.

     

     

    3. Write a policy on writing policies!

     

    Whether it's policies, controls, audit workpapers or your safety manual, you should start off by having a written policy (or at least a written guideline) for how that documentation should be written.  Consistent documentation will be much easier for your audience to follow - so let your writing team know what that looks like.  Remember, you want your site to be sustainable for years to come; be sure to write down that policy or guideline (and make sure it is in policyIQ) so that it is accessible for any future contributors.

     

    The team at Surgical Care Affiliates has graciously agreed to provide an example of this to other policyIQ clients who might be interested.  Leave a comment or send us an email and we'll be sure that you receive the benefit of SCA's starting point!

     

     

    4. Know your team - understand team dynamics and leverage the skills of each team member

     

    You may have one really great writer who is terrible at making sure she’s covered all of the details.  But another team member is always focused on the details, and makes a great editor.  Your team members won't all have the same skills.  In fact, you don't want them to!  But as a project manager, you will want to know your team's skills and distribute tasks to take advantage of them.

     

    You will also need to know a little bit about team dynamics.  Putting several type A personalities together to perform a single task might not be the best idea.  Split them up and let those strong personalities drive different initiatives.

     

     

    5. Start with sound Templates

     

    This is one of those practical pieces of advice related to your policyIQ configuration.  If you start with Templates that are complete, with fields that are well thought out and make sense to all participants, your writers will have an easier time posting their documentation.  Ultimately, your audience will have a much easier time digesting that information, too! 

     

    When you’re planning out your Templates (yes, it always comes back to planning), think about your audience.  What details are important to pull out?  Do you need to have a short "Policy Overview" at the top that gives a two sentence explanation of the policy, with a longer "Policy Details" field below?  Consider what your audience will want to report on.  If you are documenting Action Plans, what dates will be critical in reporting?  What status updates will be necessary?

     

    6. Don't forget to include training! You have the very best, most intuitive policyIQ site that ever existed, so you've decided that no one needs training.  It's SO easy.  Well, we agree that policyIQ is intuitive and your viewers certainly don't need to sit at their desks or in a room through hours of policyIQ training.  But your users do need to know what documentation exists in policyIQ.  Where can they go if they have questions about the content?  What happens if they forget their password?  Why did we make changes?  Why should they care about the information in policyIQ?  They might not need training on policyIQ, but you do want to make sure you launch your new site with information on its relevancy to your audience.  Consider: 
    •  An email announcement written by your project team, but sent from your executive sponsor!
    • Informational (and inspirational!) text on your log-on screen or on the Read-Only Dashboard.  (Text for both is editable from Setup --> System Setup --> Site Style.)

    Check out this example of great Read-Only Dashboard text from SCA:

    • Printed announcements posted in those public areas like near the printers or in your office kitchen.
    • Ask department managers to add an agenda item to the next departmental meeting and have a member of the project team attend to give a brief overview.
    • Snacks!  Everyone responds to snacks.  Host an informational session in a conference room and provide cookies.

     

     

    7. Coach.  Coax.  Repeat.

     

    Donna found that "a little of both is necessary" when managing a large project.  Some team members will be enthusiastic participants, while others will need to be convinced that their input is necessary, valuable - and that their timely completion is not so much a request as a requirement.  Be a mentor to some, a humble requestor to others and a task master to a few.

     

     

    8. Monitor your plan!

     

    You put all that time into your project plan - so use it!  Monitor tasks and follow-up with those responsible to be sure that items are being completed on time.  If something is behind, find out the root cause of the delay and try to help move things along.  And remember that your project plan isn't written in stone - you'll likely need to shift both deadlines and resources several times throughout the process.    

     

    These project management tips can be applied to a policyIQ project – or to any project that you find yourself spearheading.  If you are looking to re-implement policyIQ, we’d like to help!  Contact our support team or call your account manager to talk about how we can partner with you through this process.

     

    And if you find that you have a project that really needs your full attention, but you just don’t have the people internally to spare – give us a call.  We’ll put you in touch with your local Resources Global Professionals office and help you find an experienced professional to supplement your team.
    Posted Mar 17 2010, 11:47 AM by chrisburd with no comments
    Filed under: , , , , , ,

  • Our secret is out...we use Snagit!

    Snagit is an invaluable tool for the policyIQ Team!

    Made by TechSmith, Snagit is a software application that gives you the ability to take a snapshot of all or a portion of your screen. The functionality goes well beyond the snapshot that you take—you’re also able to edit that image, add highlights, arrows, speech bubbles, and many other effects!

    The policyIQ team uses Snagit to capture images so that we can more reliably communicate to each other and to you, our policyIQ users.  We use Snagit to explain how to carry out different actions, how to find functions within the application, or how to find supporting documentation in your policyIQ Help guide, for example.


    Here are just a few examples of the images we’ve recently captured and edited using Snagit!

    We recently sent this image to a client to communicate which policyIQ on-demand training sessions we would recommend for a new user:





    Take a look at the March newsletter (due out this Thursday): notice that its raining risks down on our ERM umbrella! I created the “Risk Raindrops” and this image for our newsletter using Snagit:

     

    I used this image to direct a policyIQ user to the Excel Import spreadsheet and relative policyIQ Help pages:


    We use and brag about TechSmith products so much that we should probably be on their payroll! We’re not, by the way, so you can rest assured that this testimony is completely unbiased…although, in the interest of full disclosure, one of our team members does have an “I *heart* Snagit!” button on her desk.

    If you’d like to try Snagit for yourself, check out their site. I noticed that they have a free trial opportunity!

    Posted Mar 15 2010, 09:34 AM by stepheniebuehrle with no comments

  • Last word on SOX Roll-Forward for 2010: Training Q&A and Summary of Materials

    Earlier this week, we hosted a 30 minute training session that walked through a couple of different scenarios for how to roll-forward your SOX or compliance content from one year to the next. The training session took a very practical approach - with a step by step view of how you can roll-forward from one testing period to the next.

    We wanted to follow-up on a couple of great questions that came up during our training session

    We did receive a couple of questions during the training session that we wanted to be sure to address here in more detail.

    Q: If we do not copy the entire folder but rather copy only the Test pages, can we still make a 2010 folder in the folder view?

    A: The simple answer is "yes", but we'd love to talk to you more about the purpose of your folders by year, if not for the purpose of roll-forward. Adding a folder to archive older Test pages - and removing them from the "view" for most users - is often a great idea. You can still report on those Test pages by filtering for a "Test Period" or through their link relationships to the Controls - but they are no longer cluttering up the application for the majority of your users.

    However, in most cases, you do not want to separate your current Test pages from your Controls and Risks in the Process folders. The critical question is - how easily will I be able to report on my Test results? If you already have a drop down field that indicates the year of the testing, adding another folder to your structure may complicate rather than simplify the process.

     

    Q: In the training session, you used Advanced Search to pull back lists of pages and make updates or copies. Is there an advantage to using Advanced Search rather than Reports?

    A: There are LOTS of advantages to Advanced Search. The reason we used it for training was sheer laziness efficiency. Why click over to Reports when I have a feature handy right there in the left that can bring me the same results? Advanced Searches can be saved in every module, and give you a great way to create your own custom navigation in the left hand side. For example, if you are a SOX Tester and the Test pages that you have fill out are all in a status of Checked Out to Me, you might create an Advanced Search for those pages Checked Out to Me - but add additional columns for things like Testing Status or Test Steps to make it easier for you manage your work.

    And Advanced Searches are available to Standard Users in the Home module, while Reports are only available to Advanced Users.

     

    Access all of the great information available on the subject of Roll-Forward

    When we were planning this training session, we debated a bit internally about whether or not the timing was too late. Was March the right time to talk to people about roll-forward or would most of you have already moved on with 2010 already? Over the course of the past week, we've received a great deal of feedback that seems to indicate that our timing was right on. So many of you are in the middle of this process right now - and we want to be sure that we remind you of all of the great materials that are at your fingertips!

    Your policyIQ Help guide

    Within your policyIQ Help guide, you will find a recently added chapter with loads of information related to Sarbanes-Oxley compliance in policyIQ. A sub-chapter here deals exclusively with the roll-forward process.  (See illustration for navigation.)

    Recorded Training on Roll-Forward available on-demand

    Our training session from earlier this week has been recorded, and is now available within the policyIQ Training center.

    Click here to launch the training.

    Comparison of various methods in an earlier blog post

    Both the Help pages and our recent training session provide practical information on how to complete the roll-forward steps. If you are interested in exploring the pros and cons of the various options for rolling forward your content, please take a look at our blog post from earlier this month for more information.

    Your policyIQ Team!

    Most importantly, don't forget to contact us if you have any questions about specific steps or if you'd like to talk to someone about what roll-forward method might be best for your organization.
    Posted Mar 11 2010, 12:25 PM by chrisburd with no comments
    Filed under: , , , , ,

  • Stay on top of the latest policyIQ news and tips

    Hmmmm…a blog post about accessing our blog posts? Really?

    Yeah, that does sound kinda strange, but we want to be sure that you stay on top of the tips, resources, news and success stories that we have to share with you!

    Most of us are pretty swamped these days and it can be difficult to keep up with all the great reading material and tools out there, so we’ve made it much easier for you to pan through the most recent blog posts directly within your policyIQ Dashboard. Simply click on “Add” just above your Dashboard, select the checkbox next to policyIQ Blog and then click “Save” in the toolbar.

    This will present the policyIQ Blog item within your Dashboard which displays the titles and links to the 5 most recent blog posts.

    So, the next time that we share a sneak peek into an upcoming release or provide practical steps to better organize or report on your content, you can be sure to know about it!

     

    Posted Mar 10 2010, 08:20 PM by stepheniebuehrle with no comments

  • Spring cleaning tips to get your policyIQ site in order!

    We're almost at that time of year when we start thinking of spring cleaning. Here in Pittsburgh, where the policyIQ team is headquartered, we've had record snowfall over the past month. So anything that gets us thinking about spring (even spring cleaning tasks!) is welcomed!

    For our policyIQ users, we have some recommendations for "cleaning up" your site periodically; once a year is a good start. It pays to review your current Users, your deleted Pages, and your deleted Forms.

     

    Who are your Users?

    When was the last time you took a close look at the list of users in your policyIQ site? Have you had turnover in the last year? Perhaps some people who previously performed policyIQ tasks have moved on to other responsibilities? To start, take a look at the Administrative Overview section on your Dashboard. You'll see the number of Total Users in your site, as well as a breakdown by type: Read Only, Standard or Advanced. Do those numbers seem right?

    To take a closer look, jump down to the Reports module and create a simple User Report. You'll want to add "Last Log On" as a column selection. This report will give you a list of all the users in your system, and will let you see when they last logged in. If you find a user who hasn't been in your site since 2007, chances are that's a good candidate for cleaning up!

    It's also a good idea to periodically review whether your users have the appropriate type of access to content in your policyIQ site. Consider running a report of Users by role. Review the results and determine if those folks have the appropriate access to content and functionality. For instance, if a user is no longer responsible for performing site configuration tasks, consider changing their role from Site Administrator to Manager.

    What happens if you need to reassign Page-level responsibilities from one user to another? Remember that you can quickly run a Page report, filtering on a selected user. You can then shift+click to select all of the Pages listed in the report results, and use the Edit menu options to change the Editor, Administrator, etc. on those Pages as required, all in one action!

     

    Deleted Items

    As your users delete Pages and Forms, those items move to the Deleted stage (and are physically moved to a corresponding Deleted menu item). Think of this as an archive. Those items are no longer getting in the way of your work, but they are still present in your database. If you really want to get rid of a Deleted Page or Form, you'll want to use the Permanently Delete option. Back on your Dashboard, the Active/Deleted breakdown in the Administrative Overview section lets you quickly see the number of Deleted items in your site.

    To view a comprehensive list of your deleted Pages, of course you can always look at the Deleted menu in Create And Edit. If you want to focus in on specific kinds of deleted Pages - let's say Test Pages from 2007 - well, you can get very creative with Page Reports. Just be sure to use the Stage = Deleted filter selection!

    Similar to Pages, you can review your deleted Forms from within Create And Edit, using the Forms -> Deleted menu. For more details, try using a Form Detail report with the Stage = Deleted filter selection to take a closer look.

    Sometimes you might want to get a second opinion on whether it's safe to Permanently Delete an item. As you build your report, don't forget the "Item URL" column selection! After you generate a report, you can export the results to Excel.  The exported list will include the URL, which others can use to quickly open the Page/Form and help you determine if it is still needed.

     

    Just in case...

    If you'd like to archive these items prior to permanently deleting - just in case you might ever want to revisit them - you'll want to schedule a snapshot. You can request five of these each year, free of charge! Once your snapshot has been completed, you can permanently delete these old items, knowing that you can revisit them in a restored site if the need ever arises.

    Remember, if you'd ever like any assistance with your policyIQ spring cleaning, contact your account manager, or give our Support team a call at 1.866.753.1231, or email us at support@policyIQ.com.

    Posted Mar 08 2010, 08:33 AM by scottpalermo with no comments
    Filed under: , , , ,

  • Ready to roll-forward last year’s SOX or compliance documentation? We have some recommendations!

    March seems like an odd time to be talking about fresh starts. The new year has come and gone, leaving us firmly entrenched in 2010. (By now you have probably even stopped instinctively writing "2009" when you write out a check!) But March is a key month for many of our clients who are using policyIQ to manage their Sarbanes-Oxley or SOX-like compliance documentation. If your fiscal year ended in December, you've recently finished up your 2009 testing and you are wrapping up the reporting on that last testing cycle. And now? Well now it starts all over again. Lucky you!

    Every year at this time, the prevalent question on the minds of many of our clients is "What is the most efficient way for me to roll-forward to start my new testing cycle?" That’s a GREAT question.

     

    There’s no right answer (but some answers are better than others)

    When it comes to how you should roll-forward for a new testing cycle, there is no one right answer. However, we do have some popular alternatives that we've outlined below, with the benefits and potential complications of the different options.

    1.) Unpublish Test pages and clear out data for a new version

    Overview:

    If you choose to unpublish your existing Test pages for the new testing cycle, you are choosing to create a new version of the Test page for the new testing period. Your previous period's testing results will be retained in the version history, but will not be accessible in reporting.

    Benefits:

    + Fewest number of pages in your policyIQ site (compared to other roll-forward options)

    + Testers will have easy access to last year's test results in the version history on the same page

    Watch out for:

    - Does not allow for reporting in policyIQ on past period's testing results. You can only report on the current period.

    - Attachments will be retained when the Test is unpublished, so Testers should be reminded to remove any old supporting documentation before beginning the new test cycle.

    - Test pages will have a vast version history, which cannot be purged. Not optimal with regards to database retention or size management.

    Conclusion:

    We do tend to steer clients away from this process, specifically because of the reporting limitations when it comes to prior year's testing results. While it seems to be the most efficient, keeping prior years' Test results in the version history puts a lot of constraints on your ability to create comprehensive reports. That version history will also become "heavy" with lots of versions and older attachments, which cannot be purged from policyIQ. However, if you are using this process, you can maximize your success by:

    a.) Utilizing the "Database Snapshots" to capture a point in time view of your data at the end of each testing cycle. If you need to report on a prior period, you can ask our policyIQ team to restore the snapshot in order to run those reports.

    b.) Keep copies of key reports stored as Excel or PDF files in policyIQ. Once you have run the period end reports, export the files to Excel and then save that Excel file back to policyIQ. You will always have access to the report results from the policyIQ site as a static point in time result set.

    c.) Keep your attachment sizes small when possible. This is just good sense for any site, but if database size management is a concern, consider issuing standards for attachments: Excel files should be zipped and PDF scans should be at the lowest reasonable resolution or quality. (Stay tuned for a blog post later this month on database size management!)

     

    2.) Copy Test Pages

    Overview:

    Rather than unpublishing your Test pages for the next testing period, many clients will copy those Test pages to create a brand new page for their new Test results. With the ability to create a report of all Test pages from your last testing period and the ability to "bulk" copy all of those Test pages, this process is very efficient. Even better - when copying your Test pages, you get to decide which fields will be copied over and which fields will be left blank. Copy Test Steps, but leave Test Results blank!

    When it comes to the Narratives, Risks, and Controls, you are unpublishing, updating and republishing only as necessary when changes are required. Risks tend to be pretty static, while Narratives and Controls may change just slightly from year to year. Those changes are captured, with older versions accessible in the version history of those pages.

    Benefits:

    + Ability to report on all Test Results period over period.

    + Copy only the specific details on your Test pages that are consistent from one testing period to another.

    + Retain only one copy of the Narratives, Risks and Controls pages to minimize the number and duplication of pages (compared to option 3 below)

    Watch out for:

    - As you continue to use policyIQ year over year, the number of Test pages that reside in your Folders will continue to grow, as will the number of linked Tests on your Control pages.

    Conclusion:

    This is a really great option for most clients, as it provides a fresh start in testing with each testing period. By choosing what to copy and what to leave blank, you can give your testers the testing steps, but you won't distract them by requiring that they overwrite last period's testing results. Most importantly, you have the flexibility to report on your testing results period over period. Using this process, you can maximize your success by:

    a.) Utilizing "Database Snapshots." Because your Narratives, Risks and Controls will not be copied, your auditors may still decide that they would like to see a complete "point in time" of a previous testing period, which is possible by restoring a snapshot.

    b.) Determine your retention policy for how long you will keep Test pages in policyIQ. Because the number of Test pages will grow, you may decide to keep just the past two years and the current year for reporting purposes - and export reports to retain the older results on file.

     

    3.) Copy your entire SOX Folder structure, including Narratives, Risks, Controls, Tests, etc.

    Overview:

    Rather than just copying the Test pages, some clients choose to copy their entire SOX Folder structure from year to year. They will have new copies of the Narratives, Risks, Controls AND Tests to start the new fiscal year. Those items that haven't changed - like Risks - might get published right away, while Narratives and Controls and sent out for revisions and published when any necessary changes have been made. Test pages get "cleaned up" and readied for the new testing cycle.

    The "Copy Folder" option in policyIQ makes this extremely easy - and if you copy things like Deficiencies or Remediation Plans, it's also easy to delete the unnecessary copies.

    Benefits:

    + Every year you "force" your organization to revise and republish all of the content involved in your SOX process. Controls get reviewed. Narratives get revised.

    + When it comes to reporting, you have the most flexibility, because very little is locked into version history, but rather last year's Controls are available to report on side by side with this year's Controls.

    + You have the most flexibility when it comes to database size management and retention, as well. You can choose how many years you keep information in policyIQ, and delete the older years as that content becomes irrelevant.

    Watch out for:

    - When you’re running reports or working with content, you will always need to be careful to filter your reports or searches for the appropriate fiscal year. This will be a simple Folder filter - which is possible on Reports, Advanced Search and simple Search.

    - When you make your copies for the new fiscal year, you will want to be sure that everything that needs to be reviewed is reviewed and then published.

    - Be sure to delete pages like Deficiencies and Remediation Plans in your newly copied folder. These will not be relevant year to year.

    - If you have a large number of pages in your SOX process or a deep Folder structure, you may find that the Copy Folder action takes quite some time to complete. Consider copying the information during off hours (early morning or evening) when fewer people are accessing policyIQ. If you receive a "time out" error, contact our support team for assistance.

    Conclusion:

    This option offers the most flexibility around reporting, as you can report period over period not only on Test results, but also on Controls, Risks, etc. This option also offers the most control in database size management and retention. And even if you haven't been following this course of action all along, it's easy to get started simply by creating a top level folder for "2009 and earlier," and then copying that folder to rename it "2010." Maximize your success by:

    a.) Determining your retention policy and keeping only the necessary years in policyIQ.

    b.) Communicating with your audience about your structure - particularly your external auditors - so that reports are always generated to include the appropriate filters.

     

    Want to talk to us about your specific situation?

    There is no one right answer, but there is a "best" answer for your organization. Is year over year reporting critical? Is it better for your audience to just have less distractions in the form of last year's results? If you aren't sure which answer is right for you - or if you'd like to update your current configuration to accommodate a new process like copying the entire year's data - contact us! Give your account manager a call or email support and ask to be in touch with a team member to talk through your situation.

    Or...

    Get more training and information on year to year roll-over! 

    1.) Join us for live web training!

    We’re hosting a live session on March 9th at 4 PM ET (1 PM PT). This 30 minute session will follow alternatives 2 & 3 and walk through the steps to roll-forward your data from 2009 to 2010.

    Register online right now!

    2.) Check out our online Help documentation

    If you haven't discovered it already, check out the new SOX Solution section of our online Help guide for lots of great information on managing your Sarbanes-Oxley compliance work in policyIQ. We have expanded this manual for your SOX work to include more information about how to roll-forward for a new testing cycle.

    3.) Stay tuned for more blog posts!

    Throughout this month, the topic of rolling forward for a new year will come up in a number of different blog posts. After our March 9th training session, we'll be following up here in our blog to list all of the questions that were asked during the training session and give you all the answers and ideas they generated. We are also planning to share some tips for regular maintenance activities that you should undertake to review your users, deleted pages, and hints to reduce your overall database size.

     

    If you have a process in place that you love and you want to share some ideas with others, please comment! We'd love to hear from you.
    Posted Mar 03 2010, 10:47 AM by chrisburd with 1 comment(s)
    Filed under: , , , , , , , , ,
© 2011 Resources Global Professionals