Are you taking advantage of the ability to document content from related initiatives and link related information to make your teams more effective and more efficient?
We have helped companies to consider how policyIQ can be used to capture a wide range of content and to relate items for optimal reporting capability.
Pages, uploaded Files, and Weblinks can be linked to one another in policyIQ by way of a user friendly utility. Links can be “many to many” and there is no limit to the number of links that can be associated with an object.
For example, a Control could be linked to the Process Narrative that it is a part of, the associated Risks that it is mitigating (could be more than one), it could possibly be linked to a Gap if one has been identified at the Control-level, it will be linked to Tests for each testing period and could be linked in other areas as well.
In the past couple of years, we have helped a number of companies to fold in the 2013 COSO Framework and link Principles to Points of Focus and then Points of Focus to Controls (while the framework only requires evidence of coverage of the Principles, most external auditors have requested that companies demonstrate coverage of the Points of Focus). We also see and help companies to associate Controls that double as operating procedures with their related Policies and Processes.
Relating content using the linking ability in policyIQ creates significant opportunities to analyze and to oversee information from many reporting perspectives. Here are some examples of reports created based on the link/relationships:
- All controls within (linked to) a particular process narrative
- Risk-Control-Test Matrix; which can be narrowed to a particular account, disclosure, process, location, etc.
- Other “matrix” reports can be used to better analyze and plan work. For example: A report could be narrowed to display only :
- key controls for which a test has not yet been tested
- key controls linked to tests of a specific sample size
- key controls linked to tests performed in a specific location
- COSO Report demonstrating coverage of COSO Principles and associated Points of Focus.
- Using filtering capabilities and focusing on the linked content, one could create and supply to auditors a report as evidence that COSO Principle #8 is adequately controlled by displaying all Controls linked to the Points of Focus identified for Principle #8 and the passed Tests linked to those Controls.
This post could just as easily focus on Policies, Processes, Procedures, Work Instructions, Training Materials, Safety Materials, Systems and Applications, etc., etc. Make the information work for you! We can help you to work more effectively and to get to your desired goals and end results more efficiently—reach out if you’d like to schedule a working discussion!
Pingback: Which part of your SOX process to you want to improve? This list of resources will help. | policyIQ Blog