in

smartercommunity

Bringing policyIQ users together

This Blog

Syndication

Tags

policyIQ Blog

January 2011 - Posts

  • They really have their bases covered at [your company name]!

    It’s that time of year again, folks.

    The time has come around again to step up your game and put in the stops so that nothing gets by! No, I'm not talking about pre-season MLB training (the season's starting early this year, y'know). It’s time to take another look at your risk-based initiatives—organization-wide—and to see where you can trim the fat, target the most important risks and achieve better and more complete control.

    While few have taken on formal Enterprise Risk Management, it’s been our experience that many organizations have undertaken risk management across the organization under smaller, more focused initiatives. Do you perform risk assessments (or evaluations of “what can go wrong”), inventories of existing procedures to meet those challenges, testing and validation, and gap identification in Environmental Health and Safety, anti-money laundering programs, Sarbanes Oxley, payment card industry compliance, anti-bribery initiatives, financial and operational audits and the like? Of course you do!

    Consolidate in policyIQ

    We have come to know most of you because you are using policyIQ to manage your documentation, employee compliance and oversight over such initiatives. This month, the policyIQ team is going to focus our blog posts and training session on topics of this type. Consolidation of such compliance initiatives in policyIQ will bring your organization ever-closer to the consistency, time and cost savings sought after by everyone who has ever considered, if only for a moment, embarking on enterprise-wide risk management and achievement of a solid internal control environment.

    Stay tuned and engaged!

    Tell us what to do. What do you want us to work on? Typically, we develop new technological solutions in policyIQ because you asked us to. Send us an email, comment on this post, contact us by carrier pigeon—we don’t care how you communicate with us—we appreciate your suggestions in any form.   

    Posted Jan 28 2011, 03:08 PM by stepheniebuehrle with 1 comment(s)

  • What training session can we create for YOU?

    Hello policyIQ friends!

    Sincere thanks to you for attending and giving us great feedback on our monthly training sessions over the past year. We presented sessions aimed at helping you to make better use of policyIQ such as "policyIQ Overview", our session demonstrating how to roll content forward into a new period and "policyIQ Reports" and we brought you sessions that provide the technology solution for your critical initiatives such as Enterprise Risk Management, Contract Management, Operational Audit, Account Reconciliations and Policies and Procedures Management.

    We’re all building up steam for our 2011 initiatives now. What’s pressing for your team this year? What programs are you tackling? Nearly always, your work involves the generation, organization and dissemination of information and you would be better served by automating as much as possible. policyIQ could almost certainly provide technological support for your upcoming projects.


    Review our list of policyIQ Solutions in your Help guide. Would you like to learn more about any of these sessions? Are you using policyIQ for a purpose that we have not yet captured on our list and you’d like to know how to ensure that you’ve adopted best practices for your application?

    If you haven’t moved forward with a policyIQ initiative in the past because you didn’t want to take on the development of custom training for your team, this is your chance! Tell us what we can develop for you and we’ll get working on it for one of our monthly sessions—AND we’ll be sure that the session is eligible for CPE credit!

    What do you have to lose? Put us to work for you! Enter a comment below or contact us directly at support@policyIQ.com.

     

    Posted Jan 27 2011, 08:32 AM by stepheniebuehrle with no comments
    Filed under: , ,

  • Wrapping Up on Rolling Forward - Training wrap-up and Q&A

    After a holiday hiatus, the policyIQ team was back with our monthly training session last Thursday.  With the new year firmly upon us, we chose to take a look at all of the activities that may make up your Roll-Forward plan in policyIQ from year to the next.

    We focused on three main areas:

    1.) Resetting Compliance Testing Data

    2.) Pushing out Sign-Offs, Questionnaires or Certifications via Forms

    3.) Regular Maintenance of your policyIQ site

     

    Resetting Compliance Testing Data

    When it comes to the compliance programs, resetting your testing data at the beginning of the year should be simple - and with policyIQ, it is.  We take a three step approach:

    1.) Copy - Make a copy of the Folders and Pages.

    2.) Clean Out - Delete any pages that shouldn't exist yet, such as Deficiencies or Issues.

    3.) Clean Up - Remove last year's responses and reset it back to default or blank values, particularly in your Test or Assessment pages.

    As we went through this section, our attendees had a number of great questions - and we want to be sure to address those here in writing, in case anyone might have had to drop off the call before we were able to answer them live.

    Q: Do you have any suggestions for archiving prior year documentation so that it isn't accidentally modified?

    A: Great question!  Our recommended roll-forward process is to copy the entire Folder of last year's content and start fresh for the new year.  But how can you prevent users from accidentally going backwards?  Our recommendation here is to remove all users from the "Administrators" security property on last year's pages.  If a user cannot Administer the item, he/she will not be able to make any changes. 

    To do this, simply run a report or Advanced Search of all of the content in last year's folder, select all items, and go to Edit > Change Administrators.  From here, you will have an option to Remove All Administrators.

    (Quick note: You probably have a few Site Administrator level users in your site who can administer all content.  These users cannot be completely prevented from making changes to content, due to their security role.  Another good reason to limit the use of this role as much as possible!)

     

    Q: Any suggestions/precautions that should be taken in instances where you would like to start the 2011 update before the 2010 process is finalized?

    A: If changes are still happening in your Test pages or in the documentation around Deficiencies or Issues, it shouldn't make a difference if you copy over the folder before this is completed.  After all, you'll be deleting the Deficiencies and resetting the Test pages anyway for the new year.

    If there are still changes happening in the Control Descriptions or Risk documentation from last year's program, however,  you may choose to wait until this is complete before you copy forward for a new year.  Otherwise, you may end up having to update documentation in two places.

     

    Q: It seems like copying entire folders would greatly increase the size of your file.  Can you archive content then reinstate it to PIQ later?

    A: While it may seem counterintuitive, copying a Folder year over year will actually give you overall greater control over the size of your database and the amount of content you choose to keep in your production site.  Your content changes as you move forward - not just your Testing, which is distinct with every new year - but Controls, Risks, Objectives and Narratives.  If you continue to update a single policyIQ page, policyIQ stores prior versions in the "Version History".  The Version History is great - because you always know exactly what the page looked like at prior points in time and it is never removed, but over time that history can become lengthy and "heavy" within the database. 

    By copying a Page, you are not only able to know exactly what it looked like at a point in time, but you can also now report on that information year over year, unlike information in your version history.  AND you can decide how many years to keep. 

     

    Pushing out Sign-Offs, Questionnaires or Certifications via Forms

    Again we talked about three easy steps for pushing out sign-offs or questionnaires on a regular basis.  (This might be monthly, quarterly or annually.)

    1.) Copy - Make a copy of your Form List

    2.) Adjust - Reassign or edit forms within the list as necessary

    3.) Run - Push out the form list with an updated name and due date

    If you aren't yet familiar with Forms and Form Lists, check out our training session on this topic within our Training Center

     

    Regular Maintenance of your policyIQ Site

    The final topic on the agenda was the regular maintenance of your policyIQ site.  We addressed four specific areas of maintenance.

    1.) Request a snapshot.

    2.) Remove older data that is not needed in policyIQ any longer.

    3.) Run a Report of Expired Pages and evaluate course of action.

    4.) Run a Report of all Users & last log-in date.

    We weren't able to cover the last two topics on this list - so look out for blog posts coming later this week to cover these important topics!

     

    Want to catch up?

    If you missed the training session and you'd like to catch up, you can listen to the recorded version of the training session available here.  Don't hesitate to reach out to our policyIQ support team if you have any questions about the materials - or if you need some assistance with your roll-forward activities!

    Posted Jan 24 2011, 11:44 AM by chrisburd with no comments
    Filed under: , , , , , ,

  • policyIQ Archiving Options

    One of our support team's goals for 2011 is to ensure that all clients are aware of the archiving options that we provide, and to make sure that your data retention needs are being met.  Depending upon your usage of policyIQ, you may have different guidelines for how much content needs to be stored in the site, or retained from prior years.  A good activity to undertake each year is to remove any legacy content within your site that no longer needs to be accessed with any regularity, and might be utilizing storage space that you could free up for new content.  Before undertaking any clean-up activities, and permanently deleting any content in your site, you might want to review the options below.

     

    Database Snapshots

    One option that we hope all clients take advantage of regardless of usage is database Snapshots.  A Snapshot is a backup of your database that we retain for as long as you remain a client.  A Snapshot is typically captured at a milestone date, such as a quarter or period end, or perhaps at the end of a testing cycle.  

    Snapshots capture a point in time within your database, and since they're never purged, we're able to restore them to a second site so that you can view that data if necessary.  You also may have an audit control or requirement that requires a local backup of your data on hand. We can provide Snapshots to you via a password protected download folder, allowing you to store the data locally.  You're free to capture up to five Snapshots per year via the Setup>System Setup>Database Management>Snapshots area of policyIQ. 

     

     

     

     

     

     

     

     

     

     

    HTML Extracts

    Since a Snapshot is essentially a SQL backup file, it's not something that you could inherently load on your desktop, but rather needs to be restored to a policyIQ site in order to be accessed.  If your retention strategy requires immediate access to the data you plan to archive, then perhaps an HTML Extract is right for you.  

    An HTML Extract creates HTML documents from your Pages, Files, and Web Links, and is delivered to you on a DVD.  These HTML files would be organized by your current Folder structure when unzipped to your machine, and would likely open into your default browser.  An HTML Page file includes all field data, and also any uploaded file attachments which are clickable and launch directly off of the HTML version of your content.  Only the current version of your content would be extracted into HTML files, so your Version History data is not included.  

    However, if you captured prior Snapshots of your data, we're able to restore and Extract this material for you as well.  This is yet another reason why Snapshots can be helpful to your long-term data retention plans.  HTML Extracts do require a flat professional services fee, but the benefit of having a clickable version of your archived data is priceless!

     

    Support Can Help!

    Whether you have deleted a large volume of content in your site and would like our support team to compress your database, or would like to learn more about the processes above, please contact our support team (support@policyIQ.com) with your archiving questions.

    Posted Jan 20 2011, 08:38 AM by brianwhalen with 1 comment(s)

  • Five great policyIQ features that you probably aren’t using

    As we start off a new year, it's a great time to evaluate the tools that we are using to perform our daily tasks, and how we might make those tools and tasks more efficient.  To help you with this effort, we're bringing you a list of five great features in policyIQ that can add efficiencies to your work that you may not even be aware of.  We're adding new features with every release, and we know that you just don't have time to stay on top of every new option.  Here are just a few of those that we think you might want to take another look at!

    1.       Publish Reasons

    When you publish a page in policyIQ, you are required to provide a "reason".  The expectation is that you offer a quick explanation of changes (if you are republishing a new version) or simply note that the content is new.  Because those reasons are often simple and frequently repeated, we introduced a dropdown list of common reasons.  But did you know that your organization can customize that list?  If you primarily use policyIQ for compliance, add "Reasons" that relate to your Testing or Review processes.  If you use policyIQ for Contract Management, add relevant explanations for new versus renewed contracts.

    Ask a Site Administrator to go to Setup --> System Setup --> List Choice Types to make updates.

    2.       Custom Alerts

    If you follow the policyIQ blog regularly, you might be tired of hearing about the value of Custom Alerts.  Have you implemented any yet?  Custom Alerts allow you to automatically notify individuals (or groups of individuals) as content in policyIQ is updated.  They can be used for

    a.) Alerting a Contract Owner as an expiration date approaches. (Or alerting a customer as an expiration date approaches on their contract! You aren't limited to alerting employees or internal email addresses.)

    b.) Notifying a process owner if a Test fails for one of their Controls in your compliance testing.

    c.) Notifying a Risk Manager if a High Severity Deficiency is documented.

    The possibilities are virtually endless.

    3.       Advanced Search

    In October, we focused our monthly training session on using Reports, but we focused our time in the Reports module.  Did you know that you can create and save simple reports in every module?  Even your Standard Users can use the Advanced Search feature in the Home module to build lists of items that they frequently access.  Check out some specific ideas from a blog post from April of last year.

    4.       Automatic Password Reset

    If you still need a policyIQ Site Administrator to reset passwords manually - this is a feature you need to activate pronto!  policyIQ has the option for passwords to be reset automatically if a user has forgotten their password.  From the log-in screen, a user can enter his/her user name, and a new, temporary password will be sent out to the email address in policyIQ for that user. 

    Site Administrators can activate this feature by going to Setup --> System Setup --> Password Policy and simply checking the box for "Enable Password Reset".  Never reset a password manually again!

    5.       WhistleBlower

    The policyIQ WhistleBlower module is an optional issue management tool that your organization can choose to activate at any time.  Most companies already have a WhistleBlower hotline in place, but you can supplement your existing process by activating the feature in policyIQ - and giving all employees an electronic way of submitting concerns anonymously!  WhistleBlower is available to Read Only users, as well as named users, so you can roll it out enterprise wide at NO COST.

    You don't really need another WhistleBlower tool?  Have you considered renaming WhistleBlower to something like "Feedback" or "Suggestion Box" - and allowing employees to simply submit their ideas and recommendations?  There are lots of great ways you can use an anonymous submission tool throughout the company - and with no cost associated, it's worth exploring.  The feature can be activated in Setup --> System Setup --> WhistleBlower Settings.

    So there you have it - five great features that you probably aren't using.  Need some help implementing one of these great ideas?  Contact our support team and we'll be happy to help you get started!

    Posted Jan 13 2011, 08:45 AM by chrisburd with 1 comment(s)
    Filed under: , , ,

  • Resolve to learn new things in the coming year! policyIQ and Resources Global Professionals want to help.

    I have a 3-year old niece who loves to learn new things.  (She seems particularly fond of inadvertently learning new four letter words from her Aunt Chris, which puts me in the doghouse with my sister on a fairly regular basis.)  Anyone who has ever been around a kid knows that they are all about adding a new word, skill or game to their rapidly growing list of accomplishments.

    My New Year's resolution?  Recapture my inner 3-year old!  I want to learn something new every day.  (Today, for example, I learned that the sun is roughly 4.5 billion years old.)  If anyone has made a similar resolution, I want to share five specific ways that policyIQ and Resources Global Professionals can help you to learn new things in the coming year. 

    1.       Resources Global Professionals (RGP) Monthly Webcasts - online CPE events

    policyIQ is a product of Resources Global Professionals - a leading, global professional services firm.  With experts across the world, RGP offers webcasts that provide insights, case examples, and subject matter expertise from those who have been on the front line working with business leaders - as part of their teams - to solve problems, transfer knowledge and drive change from the inside out.  Topics scheduled for the coming year include:

    a. The Foreign Corrupt Practices Act: Review of the Top Three Cases and Lessons Learned

    b. Top Ten Accounting Issues to Watch in 2011

    c. Key Priorities for Supply Chain Leaders - 2011 Survey Results

    Go to the Resources Global Professionals Event Center to register for any session.  CPE credit is issued for active attendance at each webinar.  A new session is presented every month - and we'll keep you updated on those coming events in our monthly newsletter.   (If you aren't on the distribution list for our newsletter, just send us a quick email and we'll add you to the list.)

    2. RGP's 2010 Monthly Webcasts - recorded and available at your convenience

    If you can't make any of the live sessions, RGP will always make those sessions available to be viewed. In fact, the full library of 2010's webcasts are available online. Topics included:

    a. Financial Reporting Convergence: Business Implications and Practical Software Solutions

    b. The Practical CIO Series - Effective Teaming and IT Governance

    c. Key Priorities for Governance Risk and Compliance

    These sessions can be accessed by going to the RGP Event Center, and clicking on View Event Recordings.

    3. policyIQ Solutions - online training sessions for CPE credit

    You already know all about this, right? Every month, the policyIQ team presents a new "solution" or relevant topic to teach you new things about the application. Even clients who are already using policyIQ extremely effectively in their organizations have learned new things when attending these topic-driven sessions.

    Go to our policyIQ Event Center to register for any upcoming session, including "Roll-Forward for a new year!" which will be presented next Thursday.  We'll keep you updated on these CPE events every month in our newsletter as well.

    4. policyIQ Training - recorded and available at your convenience

    Can't attend a live session?  Not really interested in this month's featured topic? There's still an entire library of training available to you online at any time at policyIQ's Training Center. Not only can you access the recordings of the 60 minute "Solution" sessions, but there are short videos to help you on specific tasks or actions. Need to import content? Set up a new Form Template? These short videos will help. Check out the training page for the entire list of items.

    5.  policyIQ Blog

    You're here.  Reading this.  In the blog.  Which means that you know about the blog.  Maybe I'm "preaching to the choir" so to speak.  But how often do think about coming here to look for new items?  Consider adding the "policyIQ Blog" as an item on your policyIQ Dashboard.  Every time you log into policyIQ, you can scan the new article headlines for topics of interest.  We'll bring you product tips, industry news and case studies from organizations much like yours. 

    So there you have it.  Five ways that we're going to help you learn something new this year - and maybe fulfill one of your New Year's resolutions.  My inner 3-year old is already breaking out her crayons and pulling out her tiny little desk chair.

    Posted Jan 11 2011, 05:40 PM by chrisburd with no comments
    Filed under: , , , , ,

  • COSO launches survey of Internal Controls Framework

    While most often we use this blog to share information regarding policyIQ, sometimes we like to share relevant industry related information with you as well. Today I'd like to share with you an opportunity for you to share your opinion to help organizations worldwide better assess, design and manage internal control.

    If you are a part of the audit or Sarbanes-Oxley compliance efforts at your organization, you are familiar with COSO (Committee of Sponsoring Organizations of the Treadway Commission) and the COSO Internal Control - Integrated FrameworkCOSO's objective is to guide executive management and governance entities toward the establishment of more effective, efficient, and ethical business operations on a global basis. It sponsors and disseminates frameworks and guidance based on in-depth research, analysis, and best practices. As your business environment changes, COSO has recognized that their framework and tools also need to be re-examined.  COSO recently launched an online survey for you to share your opinions on which areas of the COSO Internal Control - Integrated Framework and Evaluation Tools may require updating.

    The online survey will remain open until January 31, 2011; afterwards they will address key changes that need to be made to the document, which was originally published in 1992.

    Posted Jan 10 2011, 02:07 PM by jenkohlman with no comments
    Filed under: , , , , ,

  • New Year, New Resolutions

    Another year has passed and a new year has begun, a time when we reflect on the past and decide what changes we want to make for our future. We make a commitment to a personal goal, or a New Year's resolution.  Common resolutions are things like lose weight, quit smoking, save money, get organized, or learn something new.

    I'll admit up until a few years ago, I was not one of those people that made New Year's resolutions.  I always thought they were silly because most people failed at achieving those goals.  I'm really not sure what made me change my mind, but in 2007 I set my first New Year's resolution and stuck to it. My resolution was to quit smoking and I'm happy to report that I haven't touched a cigarette in 4 years! I've made resolutions every year since then and can say that I have achieved them all.

    The keys to setting your resolution, just like setting any goal, are to a) be realistic and b) have a plan on how to achieve them.

    Similar to individuals, companies set resolutions or goals at the beginning of their fiscal year. Your organization probably has goals such as achieving a specific revenue number, launching a new product, or providing excellent customer service. In 2011, the policyIQ has a number of goals for our team, our business and our customers, and we're happy to share some of those "New Year's Resolutions". 

    • We resolve to bring you new solutions in policyIQ - expanding the ways that you can use policyIQ to gain efficiencies throughout your business.
    • We resolve to continue to add new features to the policyIQ application that allow you to work more efficiently and that improve your user experience.
    • We resolve to provide unmatched customer support to every customer, partnering with you to build quality solutions with policyIQ.
    • And we resolve to continue helping you solve problems and meet business needs with technology.

    Wondering what my personal resolution is this year? I will admit that I am a bit of a picky eater and stubborn at times, so this year I have decided to be more open to trying new things.  It's only January 6th and I've already tried something new - shrimp! That's right, shrimp. I'm the girl who doesn't eat any seafood and I ate a piece of shrimp!

    What's your resolution? Share it with us in the comments.

    Posted Jan 06 2011, 03:07 PM by jenkohlman with no comments
© 2011 Resources Global Professionals