Just a few months ago, we talked about the fact that Policy Management is an in-demand implementation area for policyIQ. Again. (This is, of course, where policyIQ got its start 10 years ago.) It’s not surprising. Regulation continues to increase in many industries, and companies with a solid foundation of governance through clearly written, easily available and effectively communicated policies are ahead of the curve in compliance. Even the new Conflict Minerals reporting requirements within the Dodd-Frank Act reference a need for strong policies and procedures within the procurement and sourcing teams.
Just a few weeks ago, Michael Rasmussen, well-known GRC pundit with GRC 20/20 (as well as a fellow and frequent presenter for OCEG), had this to say about poorly managed policies in his blog post “Effective Policy Enforcement Requires Technology”:
Document-centric approaches to policies—that lack technology to manage communication and enforcement—are a recipe for disaster. While it appears easy and cheap to just use documents and send them out via e-mail, or post them in a file-share or Website, the reality is that the cost to the organization is significant in the exposure of ineffective policy management.
We are not an unbiased source, and so of course we agree whole-heartedly with Mr. Rasmussen and his belief that there is a need for technology to effectively manage your corporate policies. If you aren’t yet using policyIQ to manage policies and procedures, we would encourage you to take a look at the checklist in Mr. Rasmussen’s blog post and determine how well your current solution stacks up. If you haven’t been able to check off all of the boxes yet, contact us and we’ll show you how policyIQ can meet your needs!