Any quick look around the marketplace reveals that companies big and small are constantly acquired, bought, sold and merged on a constant basis. Many of these public companies then have to figure how how their SOX compliance will be affected, and this can put a ton of stress on the audit teams that bear the responsibility of “making compliance happen”.
Fortunately for companies using policyIQ that have purchased or merged with others, the SOX issue goes from, “Can we make this transition in policyIQ, as well?” to “WOW. That was pretty easy!”
A recent long time policyIQ client acquired a company, and each had their own set of risks and controls. Ultimately, their goal was to combine these two separate entities into one SOX environment, and easily distinguish between SOX work from Company A and Company B.
Our team and product made this easy. To begin, we simply added a single-select field on their controls and risks called “Entity”, with options for Company A or B. By doing so, we created an easily reportable way of sorting content from one company to another. This was conducted by an Import to Update (via an Excel document), meaning that much of the work was easily done in a simple spreadsheet offline. Simple!
All new documentation from Company B was then mass imported into policyIQ a few days later.
Some companies might like this arranged differently, and that makes total sense. We had discussed using additional folders to distinguish the risks and controls from company to company. Advantages? One less field per page, and a more organized folder structure-less content per folder. Disadvantages? There are more folders, and some folks like a really simple structure. A difference in results or reporting? None!
Do you feel like you should partner with a policyIQ expert to work on your SOX work this year? Do you have a couple of ideas you’d like to run by us? Send us an email! Support@policyIQ.com