Information Governance – “That’s a wrap” on our latest training session

As always, a huge thank you to all of our policyIQ community members who joined our training session on Information Governance last week.

When it comes down to it, every feature of policyIQ is built with the intention to help you to govern your content.  So the topic of Information Governance in policyIQ was a daunting one.  We hope that we were able to provide you with a broad overview of what makes up an information governance plan, and paired that with specific features in policyIQ that help you to implement or enforce that plan.

Six Elements of Information Governance

We build our training session around six key elements of an information governance plan:

1. Identify what information is important
2. Determine who should have access to the information
3. Decide how information will be secured or safeguarded from unauthorized access
4. Map out a plan for where information will be stored
5. Settle on a guide for how long information should be retained
6. Establish a plan for how related policies, standards and regulations will be enforced

Features in policyIQ that support those elements

We took each element and broke it down into features in policyIQ that support those elements.  Here are the highlights:

Six Elements of Information Governance policyIQ Features to Enforce Information Governance
1.     Identify what information is important  Customizable Templates accommodate a wide range of information
2.     Determine who should have access to the information  Page-level security to define and enforce who has read vs. write access
3.     Decide how information will be secured or safeguarded SAS 70 Type II Certified Data center, SSL secured sites, and user-level security to safeguard information  
4.     Map out a plan for where information will be stored  Customize organization structure(s) (with guidance toward best practices)
5.     Settle on a guide for how long information should be retained  Use Snapshots and Permanent Deletion of content to execute your retention plan
6.     Establish a plan for how related policies, standards and regulations will be enforced  Use Reports to oversee user permissions, assignment to groups, page-level security, status and progress on various processes 

What our attendees were “chatting” about!

During the session, there was an active conversation also happening over in our chat window.  Thanks so much for those of you who participated.  We wanted to highlight some of those key points that our attendees made – or questions that they asked.

—————

Tom D asked: “Can you use [your] Active Directory security groups [to apply security in policyIQ]?”

policyIQ: Yes!  You can integrate your Active Directory (or your network user directory) with policyIQ logins using LDAP integration.  If you are interested in more information, reach out to our support team at support@policyIQ.com for more information.

—————

Karen K asked: “Someone can only add Editors to a page if they are an Administrator, correct?”

policyIQ: Yes, that is correct.  Only page Administrators (or users who are permitted to administer all pages) can add additional Editors to that page.

Karen K: “We really wish that Approvers could add Editors on the page.  We have a situation whereby our IA department is set up as Approvers of certain templates, but they cannot make changes to Editors (which we would like them to do).  And we don’t want to give them Admin access to the pages.”

policyIQ: Let’s follow up and make sure that we have this request for an adjustment to policyIQ functionality documented to be considered for future development!

—————

During the session, we spoke of archiving older content.  policyIQ Database Snapshots are a “must do” in our opinion, but if you want an even easier way to view the older documentation – while still getting it out of your production site – we suggested contacting our support team to arrange for an HTML Extract that can be burned to CD or downloaded to your network.  This resonated with at least one of our attendees.

Diana K commented, “We’re planning to use the CD feature ‘just in case’.”

Good plan, Diana!

—————

As we were talking about auditing the process, Karen K commented, “We’ve found that auditing our Groups is very important (especially as we grow our use of policyIQ to other departments).”

policyIQ: Yes!  It is surprising how many sites have old users still in their sites (after people have left the company).

Karen K: “…actually it’s more of the situation where we’ve created more groups and have forgotten to go back and add necessary users to the group structures.”

policyIQ: Ah. Yes–that’s important and helpful for long term maintenance.

—————

infogovtrainingDiana K was enthusiastic about the possibility of building guidance into the policyIQ application with static text on her Templates.  “I’m so excited about the static text help on templates.  We can answer questions before the users call us!”

We LOVE that enthusiasm!

—————

Toward the end of our training session, we discussed using reports in policyIQ for oversight into the process.

Diana K asked, “Are the criteria for these reports available?  They will help us when we do a complete review of access this year.”

policyIQ: Yes!  The reports that we discussed – and more – are detailed in the policyIQ online Help pages.  You can access the specific page directly by clicking here.

Tom D asked for further guidance, “Are there canned maintenance reports that can be run on a monthly/quarterly/yearly basis?”

policyIQ: There are some Standard Reports available under Reports à Standard Reports related to maintenance tasks – such as a report of all Expired and Expiring Pages.  However, we are also happy to work with you to create some custom reports that can help your organization better manage regular maintenance tasks.  (And we’ll follow up with Tom to do just that!)

—————

Follow-up with these links to more information:

 

 

 

  • Get support to implement policyIQ features: And as always, if you need some help getting started or making an update to policyIQ, reach out to our support team and we’ll be happy to provide assistance.
This entry was posted in Solutions, Training by Chris Burd. Bookmark the permalink.

About Chris Burd

Chris is the Managing Director of the policyIQ group at RGP. She gets geeky about compliance and technology, and gets to spend every day working at the crossroads of the two. With policyIQ since 2005, Chris has worked with hundreds of policyIQ clients to implement technology and enhance their internal compliance environment. In the past few years, she's focused on enhancing policyIQ's offering as a Conflict Minerals and Anti-Corruption tool. In past lives, Chris worked as a system implementation consultant, a e-commerce specialist, a customer service call center manager, and - for one short but memorable summer during high school - a machine operator on midnight shift in a plastics factory. In her free time, she spoils her nieces, volunteers at her local food bank, and spends more time than she should taking photos of her cats. She would like to be a rock star when she grows up.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s