Do you consider your organization to be agile?

  • Has your organization recently engaged in merger or acquisition activity?
  • Was a valid and somewhat likely risk of financial statement misstatement discovered?
  • Has your organization recently become subject to Sarbanes Oxley requirements?
  • Did your auditor advise you to formalize your FCPA program?

If faced with one of these (or another) critical governance, risk, and compliance issue, are you prepared with appropriate subject matter expertise and systems to respond? Because you are here and these are examples of circumstances where RGP and our GRC Technology (policyIQ) excel, you are prepared, now!

With more than 70 wholly owned offices around the globe and professionals with 10-20 years’ experience and expertise in a range of subject matters, RGP is prepared to hit the ground running. What our clients quickly learn is different about us is that we build long-term, trusted partnerships by engaging top talent to impart knowledge and expertise—leaving our clients’ employees better equipped while meeting the business’ objectives. Rather than a binder, we leave you with a job well-done and a reliable contact for future reference.


 

 

 

Dictionary.com defines agility as “the power of moving quickly and easily; nimbleness”. GRC Analyst, Michael Rasmussen, says that agility in a GRC technology provider also means being “adaptable to a changing business environment.” Here are some of the characteristics of policyIQ that allow our clients the flexibility to quickly adapt to changing needs:

  • Easy to setup and implement (average 4-6 weeks—rather than months or years)
  • Familiar look and feel means little to no training required for users
  • Flexibility to customize configuration as needs change (in your hands)
  • Security control allows multiple entities, departments and priorities in one platform
  • Affordable to implement enterprise-wide for a variety of solutions

The greatest testimony we have to policyIQ’s flexibility is our clients! While policyIQ started in Policy Management and Risk and Compliance plus certifications fifteen years ago, our clients began applying the easy-to-employ technology for things like Account Reconciliation Management and Capital Appropriations Approvals.

Click to zoom in and check out a sample of our clients’ policyIQ applications:

Are you tasked with having to respond to changing business needs? Are you interested in seeing solid improvements and results in about a month? Of course, you are! Reach out today: Info@policyIQ.com, 866-753-1231.

Need help getting a handle on your lease data?

The consensus is that the task of data collection to implement the new accounting standards is a daunting one.

Where are you at in your leases project? Have you settled on a lease accounting system? Do you have a plan for how you will gather all of your leases and begin pulling the critical data together? How confident are you that you’ve identified all of hiding places in your organization for the lease information including shared folders, binders, SharePoint sites, filing cabinets, spreadsheets, George’s desk, and even camouflaged within other agreements?

One thing we can be confident about—if the new accounting standards have highlighted your organization’s critical need to better manage all of your contracts and agreements, you’re not alone.

Of course, I’m about to tell you that we can help!

  • policyIQ is centrally accessible and easy to populate—helping you to bring order to all of your decentralized structured and unstructured lease data.
  • Easily customize templates and standardize the approach to capturing lease data (and complement your lease accounting tool).
  • Use reports within/across leases to examine data and identify gaps.
  • Customize workflow and leverage policyIQ’s secure platform to request specific data from specific individuals and fill gaps.
  • Attach reference materials or supporting documentation, as needed.
  • Customize policyIQ for each area to store executed leases and track lease data on an ongoing basis.
  • Simplify oversight for management review at a high level.
  • Implement controls and data governance providing evidence of entire data collection process and resulting data.

And if you’re not sure that you have adequate leasing talent on staff, RGP can support you with subject matter expertise to lead and/or support your team and ensure successful implementation of the new standards. If you haven’t worked with us in the past, what you will experience is a different level of professional partnership. We will transfer knowledge and leave your team better equipped to address challenges that arise in the future.

Contact us to learn more about our talent and technology to support your data collection, contract review, compliance, audit, policy management and other initiatives. We’re looking forward to working with you!

ICYMI: Assessments and Scoping in policyIQ

Did you miss our recent training session on completing our SOX Risk Assessments and scoping exercises in policyIQ?  Not to worry – we have you covered!

How Can I Catch Up?

If you want to get into the details, we have the training session and materials available for download!

  • You can access the slides here.
  • You can also view the recording from our policyIQ training page.
    The training page is linked from your policyIQ login page – and available from within the online Help Guide.  If you don’t have access to the training page, please reach out and we’ll send you the link!

Just the Highlights, Please!

This training session aimed to ensure that participants are able to…

rascope1

We discussed common SOX risk assessments at the financial statement line item level, targeting risk factors like…

rascope3

In addition to illustrating how to create the calculation directly in policyIQ, we also acknowledged that some folks love their MS Excel process.  policyIQ can handle that, too, through the import option!

rascope4

Then we took a close look at the relationships between the content that allows for the most effective scoping options.

rascope2

And finally, we walked through the reports that provide the final step in the scoping process.

rascope5

We would love to help YOU get started on your risk assessments in policyIQ, so that we can link into your SOX work for ease of annual scoping.  Contact us today and we’ll meet with you at no cost to help you get on your way!

ASC 606, can your contract review tool do this?

Spreadsheets, email, shared network drives…

…this is where most of our critical work starts! With the deadline to comply with the Revenue Recognition Standard now in our sights, many of your corporate accounting peers have met the harsh reality that these commonly used tools are not meeting their contract review needs. Disconnected spreadsheets do not keep their reviewers in-step with each other’s developments. They are habitually shared via insecure channels and we often find, even with the best of intensions and development, breakfreelists, formulas, and formatting within a spreadsheet can be compromised resulting in an unreliable tool. Aggregation of data for analysis and consolidation of conclusions for management review are nearly impossible feats with dozens (or, certainly, thousands) of manual spreadsheets.

For those of you who are relatively new to the policyIQ community, you might not have heard that policyIQ has been a constant in the RGP toolbox, serving to solve our clients’ problems for nearly 15 years.  We don’t make commission on software sales and are not incentivized to upsell you or to sell you a new tool or module. In fact, we work hard to make it possible to serve all areas of your business within one platform—we don’t have extra modules to sell you!

The flexibility of policyIQ to be easily customized for various initiatives has made it possible for our clients to hit the ground running in applying our web-based technology to their pressing Revenue Recognition needs.

A company may utilize policyIQ for the full contract cycle or simply as a contract repository, centralizing access and simplifying assignment of contracts to reviewers for ASC 606 analysis. In addition to guiding the reviewer through the 5 Steps outlined in ASC 606 required for each detailed review of contracts that are in scope, policyIQ also provides a place to document evidence of the reviewer’s considerations and tools to leverage that information for necessary analysis. Key conclusions from each step are automatically pulled out into a summary. Reviewers add final notes to the summary and systematically route all related content for review and approval, as desired and customized for each client.

piq_benefitsforrevrecThe ability to report on results of contract reviews in aggregate gives way to analyses not possible in spreadsheets. Look across all Performance Obligations by Revenue Stream, Geography, Business Division, Over Time vs Point in Time, Sales Channel, or Reviewer, for example. Reports also aid in the management of contract reviews—in the assessment phase and with ongoing reviews. Report on issues as they are being identified, assignment of contract reviews, progress of reviews, and impact of the standard on various divisions or revenue streams. Use reports to easily identify those contracts that warrant follow-up action.

plansforleasesWe delivered many new features in 2016 and some were developed specifically to sharpen the Revenue Recognition solution. We are wrapping up another release for spring and have an impressive road map that will go into development while the spring release is undergoing formal testing. And did you hear that upgrades are included free-of-charge?

We’re here to serve and grow with you.

Can you say that about your Revenue Recognition tool? Reach out to schedule a tour of policyIQ’s capabilities for ASC 606, compliance, audit, policy management or your other pressing information management needs!

New policyIQ Solution: Detailed Contract Review for Rev Rec

Is your project for bringing your company into compliance with the Revenue Recognition Standard underway?

rr-headlines

With the January 2018 effective date fast approaching, organizations (public, private, and non-profit) are pressed to come up with a plan to review each of their agreements, and for each one that is in scope, to work through each of these five steps:

5-steps

RGP’s Revenue Recognition subject matter experts (SME) have developed an approach that effectively addresses all steps of the complex standard. And, again, RGP has gone the extra distance to develop a technology solution that will help you to tackle this effort. Beyond the repository for contracts and the secure data room for document review and project management, policyIQ now has a solution to both simplify and standardize detailed contract reviews while providing oversight, progress reporting, visibility for management review, and evidence for external auditors.

policyiq-rr-solution

If you haven’t yet defined your approach for assessing your organization’s contracts and setting a course for compliance with ASC 606 by the deadline, don’t worry. We have a complete, cost effective solution and we’re ready to help you make up some ground. Contact us for more information.

Talking about Audit Efficiency in Atlanta (TAC 2016)

RGP and the policyIQ team were honored to be invited to speak at the Atlanta chapter of the Institute of Internal Auditors (IIA)’s conference, held on Friday, September 16.

policyIQ’s Managing Director, Chris Burd, tackled the topic of “Ways that Technology Can Expedite Internal Audit’s Daily Work”.  With attendance for the session well over 200, the topic was clearly one that generated a lot of interest.

An unscientific “show of hands” poll of the audience found that only about half of the attendees currently utilize a software application that is designed for Internal Audit or Governance, Risk and Compliance programs.  For those not utilizing an application, the session generated a number of ideas and stressed the value of having a tool to expedite and streamline the process.

For those that do use an internal audit application, however, the conversation also allowed the attendees to ask and offer suggestions to others of ways to improve their current audit work.  The discussion followed the following steps in the Audit Cycle:

auditcycle

Two specific areas that were called out as areas of interest by the attendees were the work of Evidence Collection and that of Issue Tracking.

Evidence Collection

In evidence collection, we talked about ways to automate the evidence collection process, as well as some of the challenges of doing so.   While a fully automated evidence collection process is the ideal end goal, the discussion touched on making sure that you also provide the right amount of training and oversight to those individuals participating in the process, to alleviate stress of a new process and minimize the risk of invalid evidence submission.

Issue Management

The topic of issue management focused primarily on the idea that issues are most effectively managed when they can be easily linked to the audit testing, controls, processes, or risks from which they originated.  Having a central system to manage risk assessments, internal controls and procedures, audit testing and issues allows for this flow of information.

 Looking for Technology that is Simple to Use and Implement!

As a sponsor, RGP was also able to meet with attendees as they stopped by to say hello.  Folks that stopped by to talk about technology almost invariably said the same thing – they wanted to find software that was easy to use and easy to implement.  Long and costly implementations caused many to simply continue doing things in the same Microsoft Office tools that they have always used.

Do you want to learn more about how to make your internal audit team more efficient and effective?  Contact us today and we’d be happy to meet to talk about some of the specific ideas and how policyIQ can meet those needs!

The Challenge: Technical Memos; The Solution: policyIQ

takecontrolWhen we think about all of our compliance initiatives, policy requirements and technical accounting adjustments that companies have to deal with, we often focus on specific types of initiatives and content – risks, financial or operational controls, contract reviews, audit testing, etc.

Recently we were approached with a question that really took us back to the basics of “content management”.

The Challenge:  Technical Memos and more

“Technical Memos, Accounting Documents, Whitepapers, Footnotes, Position Statements…these things are not stored in a consistent manner.

“It is very difficult to locate documentation that is stored in various formats on hard drives and shared drives…and sometimes still in filing cabinets!”

Our audience – in this case a gathering of SEC professionals – had been sharing ideas to better manage the various documentation, technical memos, position statements and whitepapers that they needed to retain.  Network drives, paper formats, or email archives were just not the right solution.  They acknowledged that many of them struggled with ease of access, security of the documentation, version control and audit trails of changes.

The Solution: policyIQ

We were invited to speak to the group about policyIQ, and how the application – with its simple interface, cloud-based access and flexible structure – provided a perfect solution.   By implementing policyIQ, even with a small group of licensed users and a larger audience of free read-only access, their organizations could benefit from:

  • Centrally Accessible
  • Searchable
  • User Friendly
  • Customizable Folder Hierarchy
  • Version Control
  • Tailored Security
  • No IT Resources Required
  • Multiple Solutions in One Tool

 

Regardless of what type of information or content your organization needs to get a handle on, consider policyIQ’s flexible structure and simple interface to help organize, distribute and manage your critical business content.  Accounting, HR, Legal, IT, Operations – and even your Board of Directors!  All departments need a simple way to manage critical content.

Contact us to find out more.

Budget for 2017…have you considered using policyIQ Forms for Sign-offs, 302 Certifications or other uses?

Many companies are heading into budget season for the 2017 Fiscal Year, and for many policyIQ clients, that means considering how you’ll be using our software in the coming year.

Did you know that many clients choose to take advantage of policyIQ Form functionality?

form

While forms look similar to policyIQ pages, they are operated and used in very different ways.  Pages tend to capture items that are around for the long haul: policies, controls, risk documentation, contracts, audit data, etc.  These items can be checked in and out of user’s editorial control, and are typically publicly available on the site.

Forms, on the other hand, contain more of an “instance” type  of data, capturing point in time data.  Forms travel privately between the Administrator (the user sending them out) and the recipient only–there is no “Checking out” or “Checking in” a Form.  An administrator will typically send out many forms at once, in mass.  These forms may contain one or many fields, and the form itself can actually have a page (which in the case of using forms for policy sign-offs, the page would be an individual policy) displayed within the form.

form

Follow up with your users that are responding to forms is also a breeze, and is easily one of the best parts of using policyIQ forms.  Follow-up communication can be automated, meaning the hassle of staying after your users to submit their certifications or other documents is out of your hands!

automated_email

Users who need access only to respond to forms are called Standard Users.  Standard Users have the ability, like Read-Only Users, to browse the policyIQ site and only read published content, and also respond to Forms.  These Users are typically purchased in bulk increments, and come at a lower price point than adding Advanced Users.  Because of this, it makes policyIQ an ideal place to conduct your Policy Sign-offs, Certifications, Control Self-Assessments, or Account Reconciliations.

Contact our team to inquire about adding Standard Users to your policyIQ site for this coming year.  Save time and money by eliminating other software tools and the hassle of sending hundreds of emails–conduct all of your work in policyIQ!

Efficiency Throughout the SOX Process

In a number of blog posts, we’ve highlighted the ways that policyIQ can be used throughout the entire SOX process – from risk assessments through issue remediation.  This past Thursday, July 28th, we took an hour to walk through the entire process in a CPE webinar to highlight ways to create efficiency at each step.

Did you miss it?

Before we hit the highlights below, we want to point you to the session recording and the slides, both of which are available for download.

The Big Picture

We highlighted a number of big picture advantages of using policyIQ not just for SOX, but for all of your compliance initiatives.  We talked about…

  • Simplicity of rolling out and managing a cloud-based
  • Advantages of being able to assign security and access
  • And the efficiency of a single source of information through the entire compliance and audit environment.

A single source means that when you make a change in one place, that change feeds all of the different perspectives on the data.

Controls

Efficiency at Every Step

We also dug into the efficiency that can be gained at every step of the process.  Just some of those ideas are presented below.  We also mentioned additional training available for some steps, and have linked those training sessions.

process

  1. Risk Assessments
    • Tie risk assessments at the 10K line item level to your risks and controls for ease of scoping.
  2. Control Updates & Review
    • Allow your control owners to make updates directly in policyIQ as things change, or require regular reviews of control documentation.
  3. Walkthroughs & Testing
    • Collaborate early (and often) with external auditors to ensure that your testing is capturing all of the detail expected.
  4. Issue Tracking & Remediation
    • Assign remediation plans to owners and use automated reminders to ensure responses are provided.
  5. Conclusions & Reporting
    • Utilize flexible reporting capabilities to trace issues back to the vulnerable risks and compensating controls to make a final determination about significant deficiencies or material weaknesses.

 

We also included the supporting functions that feed the process.

 

We’re ready to help you build more efficiency into your SOX program.  Contact us today and ask to speak with our client service team to walk you through implementing some new ideas!  Not yet a policyIQ client?  Contact us and ask us for a personalized demonstration!