Guidance for Streamlining Audits by Granting Access to External Auditors

Each year we notice more and more policyIQ clients are engaging their external auditors to perform their audits electronically using policyIQ. Earlier this year, we shared how data from policyIQ could be extracted to share it with external auditors. Many organizations find it helpful to give auditors direct access to policyIQ so that they can use the functionality of policyIQ to locate documentation.

Tips for Granting External Auditors Access to policyIQ

If it’s been some time since you implemented or expanded your use of policyIQ, you might have forgotten how to set things up so that new users have appropriate access to content. Here are the critical steps for granting viewing rights to appropriate content to your external auditors:

1. Add Group for External Auditors – policyIQ sites included a group for External Auditors by default, so you might start by locating the group in your structure. If it has been deleted, it is simple to drill down to the position in your Groups and Users structure where you would like to add the group and choose Add > New Group from the table toolbar. Going forward, rather than adding any individual auditors to view Pages, you will only have to manage the users added to this group—this will simplify maintenance.

2. Add Group as Viewers on Pages – Remember that Pages are the root of security in your policyIQ site. The easiest way to grant your new External Auditors group viewing rights to your Pages is to create a report that will pull back all relevant Pages and use the reporting toolbar options to make the change in bulk.

Bulk Report Change

3. Verify Folder Security is Properly Set – Many companies have chosen to allow policyIQ Folders to be visible to all users. If the security of your policyIQ Folders has been restricted to viewing by only specific groups, then you will want to ensure that the External Auditors Group that you added is also among the Viewers of your Folders.

Folder Security

Remember that Page security trumps Folder security. Removing Viewers from a Folder will only make the appearance of the Folder in the left navigation disappear from the Viewers—Search and Report results will still return all Pages upon which any users have been granted rights as Viewers.

4. Ensure Pages are Published – Note that Viewers on Pages are only able to see those Pages once the Pages are Published. Your team can comfortably continue performing their work and updating content knowing that it is only visible to those with appropriate security access rights (Administrators and Editors of the Page and anyone with Global Permissions to view Pages in the site—such as your Site Administrators). When you’re ready to share with your external auditors and any other Viewers of the Pages, be sure to Publish the Pages.

A Bonus Tip Regarding User Profiles

If you are unsure of which type of Access to grant your External Auditors, here’s a reminder of some characteristics of each profile that might be helpful to you:

Read Only Users – These accounts can be shared and are always free. Read-only users do not have access to Advanced Search or Reports. They must use the Folder Structure or Search capability to locate content.

Standard Users – There is a small fee for Standard Users (contact us to look at your agreement). These users will have access to Advanced Search—the option in the left navigation that is a slimmed down version of Reports. It allows users to create a list of Pages narrowed down by any number of Filters.

Advanced Users – There is a fee for Advanced Users (contact us to look at your agreement). Advanced Users have access to both Advanced Search and the Reports module. This is the type of account that can utilize Reports such as a Risk-Control-Test Matrix (a Detail Link Report) to view and analyze content.

If you have any questions about granting access to your External Auditors, contact us at support@policyIQ.com and we’ll get you started right away!

 

This entry was posted in Business Lessons, Industry News, Solutions, Training and tagged , , , by Stephenie Buehrle. Bookmark the permalink.

About Stephenie Buehrle

Stephenie is the “solutions” expert on the policyIQ team. With RGP since 2004, she designs and develops solutions that capitalize on the best practices of the hundreds of companies that she has touched, while tailoring each configuration to meet the unique needs of each client. Before joining RGP and the policyIQ team, Stephenie enjoyed working as an independent consultant in the non-profit sector. Stephenie also previously performed analyst services for a major brewer ranging from roles in biological and chemical services to analytical roles in business process improvement and innovation. Stephenie quips that she still doesn’t know what she wants to be when she grows up, but hopes to spend her days helping others (companies, individuals, and communities) to realize their full potential.

One thought on “Guidance for Streamlining Audits by Granting Access to External Auditors

  1. Pingback: Which part of your SOX process to you want to improve? This list of resources will help. | policyIQ Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s