Here’s the trick for crushing your stretch goals…

Declare this “time for a fresh start” and get organized!

Is everyone stirring and antsy at the thought of kids running out of school, hooting and hollering, and throwing papers in the air? Well, I’m a momma and my kiddos have been off kilter and frazzled with anticipation of summer break for at least two weeks! One of our practices that we carry out a couple of times each year—and every year at this time—is to clean out backpacks, cubbies, bookshelves, and the desks at school and at home. We organize items into the “this will be useful in the coming year” pile, “keep forever in the scrapbook” pile, “how in the world did this get in here?” laundry pile, and into the “recycle/retire to final resting place” pile. They are super anxious to run off to their friends’ houses, ride bikes, or dive into their latest Minecraft creation, but mom forces them to hit the skids until they have completed this chore.

Having a clean slate and getting organized for a fresh start in the next life chapter is one of our strategies for setting ourselves up for success. They might grumble and sulk for a short time, but they’ll thank me for these habits one day. That’s my hope, anyway.

Being disciplined about hitting the pause button and making time to lay the groundwork for future success is not just a chore for school children and moms. You’ll hear the same guidance from the policyIQ team as you embark on your goal to better manage your Governance, Risk, and Compliance initiatives.

Take time to organize content and users.

One of the most obvious benefits of policyIQ is that you can be up and running—actually using the tool in your organization—on the same day that you submit your order form. Our recommendation, though, is that you tap the breaks a bit and set up your site in a way that more likely ensures your long term success.  The fundamental questions to consider for any policyIQ implementation are:

  1. What are we planning to capture or manage in policyIQ?
  2. Who needs to have access [and what type of access do they need]?
  3. How can we organize information in a manner that is intuitive to our users?

Thinking of the overarching goal of the initiative or documentation and considering how the pieces of documentation may be broken down and related to adjoining processes will give your team the flexibility to home in on specific details for analysis while also overseeing completeness and performance at a high level. If you’re drawing your plan on a whiteboard and feel the need to branch off into several related items, that might be an indication that you could design more than one template to capture the different types of documentation.

Similarly, taking the time to create an organization chart, so to speak, that logically accommodates all of the hats that are worn by your policyIQ users will go a long way to simplifying access to policyIQ content going forward. Creating groups for Control Owners, Asia-Pac Approvers, 302 Respondents, and the Board of Directors, for example, makes it easy to ensure accuracy while minimizing maintenance as employees move into new roles within the company or new employees are brought on board.

This org chart does not have to match a traditional org chart with departments and position titles. That hierarchy might be a part of the structure. A tip that makes life much easier, when it comes to maintenance in the future, is to consider the other hats worn by your employees. Is the Business Unit Manager also a Process Owner or a Control Owner? Does she respond to 302 Sub-certification Questions? Does she lead any committees or projects? If those initiatives are managed in policyIQ (and they can be), then it will help to have the roles of all the players represented in your Groups structure. With a well-planned group structure, only the users require adjustment when there is turnover, not all of the documentation and responsibilities of the people coming and going.

Do you feel like you don’t have time…to save time??

That’s the perfect time to contact us! There is a standard policyIQ configuration for many GRC solutions and the experienced implementers on the policyIQ team have helped hundreds of companies to set up policyIQ for various solutions. We can help you to get started—or re-started—quickly. If you’re strapped for resources while the organization is trying to squeeze in a change in process or shifting from manual processes in Word, Excel, and email to a centrally accessible cloud solution with workflow management tools and you just don’t have time to really focus on the effort to save time, then let us put you in touch with a subject matter expert who can help you with the design of your Risk Management or Compliance or Audit process, or our professional consultants can lead your project team, or they can take on the lion’s share of the work to transition documentation. We can help you to assess your needs and close the gaps.

Happy Summer Break!

We hope that you enjoy some fun time with family and friends this summer. Let us know where we can support you to work more efficiently and more effectively to help free up some time.

Tips for Annual Maintenance of policyIQ Users

It is that time of year when many companies are working on final testing and will soon be considering what kinds of improvements they’d like to make in 2015. We encourage you to reach out to the policyIQ Team while things are fresh in your mind. We can give you guidance on making adjustments to your Templates, adding fields, shifting your Groups structure around a bit—whatever tasks will better align policyIQ with your changing and current processes.

Along these lines, we know that many of our clients think about cleaning up policyIQ this time of year and have questions about how to best audit their users in policyIQ. We have some guidance that really applies to all policyIQ users—guidance that you might write into your annual maintenance tasks!

Std User Report

  1. First, we suggest you run a report that is already available to you in policyIQ’s Standard Reports: “User List with Roles, Groups and Last Log On”. The report will return just about everything you need to determine whether you need to keep these users in policyIQ or not.
  2. Sort by “Last Log On” – Look through the dates when users last logged into policyIQ. Perhaps you can delete users who have never logged in or who haven’t logged in for a long time.
  3. Sort by “Role” – Adjust roles so that users have only the highest role that they need (this may help to avoid having too many cooks in the kitchen making changes to your site’s configuration or to your policyIQ content). We recommend just a couple of Site Administrators and only a couple of Project Managers. Examine the Roles assigned to your users. Are some of them better suited in the Manager Role?
  4. Sort by “Last Name” – Do you recognize names of people who have left the company? Be sure to assign their work to their replacement(s) and remove them from policyIQ.
  5. Sort by “Group” – Perhaps some employees have changed jobs within the company and they should be moved to different groups in policyIQ. Or maybe they should not have the same level of access.

If you need additional support to actually click through these (or other) policyIQ adjustments, you may refer to your online policyIQ Help guide (click the “?” in the top right corner) or reach out to us at Configuration guidance is always free—we want to help you start 2015 off with your best foot forward!

Putting Critical Information at Your Fingertips

What questions do you find yourself asking and researching again and again? If you can’t find the answer in policyIQ, the solution might partly be in adjusting the configuration of policyIQ to include the critical information that you need to address your pressing questions. You might need to add a field, a dropdown choice or a folder.

Another powerful tool that you can use is policyIQ reporting. You can create a report to check on the status of testing, the progress of approving the project or the next wave of upcoming contract renewals. If you need any help creating a report to pull together your information in a meaningful way, reach out to us! We are happy to help you understand your reporting options, to pick the appropriate filters and to display the results in a way that is useful to you.

Featured Feature: Favorite Reports

Beyond creating the reports that get to the critical and helpful information, we hope that you also take advantage of “Favorite Reports” to give yourself quick access to this information within the Dashboard of policyIQ.


While in the Reports menu, you can highlight any report that you have created and choose Add > Report to Favorites from the toolbar above the table. And just as you get used to having convenient access to this important information, we’re going to make it even better! Look for the ability to schedule reports and have the results emailed to you in the next release of policyIQ (version 7.4 is in testing now and will be released in the coming weeks).

Reach out to us if you have any questions about using policyIQ to help you stay on top of your deliverables.

Insurance Companies use policyIQ to pull together various compliance programs. So can you.

policyIQ customers can be found in practically every industry – and every industry is unique.  One common thread that runs through all policyIQ customers, however, is the desire to better manage organizational content to build more efficient and more effective compliance programs.

When you think about an industry that requires strong compliance programs, the insurance industry is likely top of mind for many.  Few industries are more regulated. For U.S. insurance companies, there are both federal and state-level regulations that must be met, with each state often implementing slightly different requirements. Just some of the requirements at a national level include:

1.)   Sarbanes-Oxley – for all publicly traded companies, including any publicly traded insurance organization.

2.)   Model Audit Rule – the National Association of Insurance Commissioners’ regulations that are very similar to those in the Sarbanes-Oxley Act, but apply to both public and private insurance companies.

3.)   US Patriot Act’s Anti-Money Laundering requirement – required for any insurance company that deals in certain types of transactions, such as long-term life insurance.

For insurance companies, policyIQ offers a compliance management solution that can pull those efforts together and make the process more efficient.

Managing multiple compliance efforts in one policyIQ site isn’t rocket science.

Here are just a few of the policyIQ features that provide efficient compliance management for the insurance industry or for ANY organization struggling with multiple compliance efforts:

  • Create Folder hierarchies for each area of compliance

Each regulatory body may want to look at your information in a slightly different way.  Use policyIQ Folders to create an organizational structure for each area of compliance that corresponds to the way their auditors will most likely want to review it.  Would that be by physical location?  By major business area?  By type of insurance policy? 

Remember that policyIQ content (Pages and Files) can be indexed into multiple Folders.  If procedures or controls apply to more than one compliance program – don’t document and test them twice.  Simply index the control and test results into each folder where appropriate.  This will save time (and money!) – while reducing the possibility of conflicting documentation.

  • Use a Multi-Select List field to check off the compliance programs to which the documentation applies

When you are looking at any given document or Page in your compliance program, you may need to know which of the other compliance programs this item relates to.  You might consider having a multi-select list field that allows the individual creating and editing the information to check off other compliance programs the item applies to.  When testing – or creating test plans – the team will know immediately what testing standards they should consider based on which regulatory bodies will be doing the audit.

  • Link items together – even across compliance programs

Linking Pages in policyIQ is a critical function that allows you to report on – for example – which Controls you have in place that mitigate a specific Risk, or which Policies govern a specific Regulation.  Link your Controls to Risks – even if they are documented for different compliance programs.  Your reporting function can always bring those linked documents back together for you to gain a complete picture of your organization.

  • Use policyIQ to manage your Strategic Planning and Enterprise Risk Management program

Compliance programs might seem like they are an effort in documentation, but the underlying advantage is to be more aware of what happens in the organization on a daily basis – and to make better decisions.  Expand that effort to your Strategic Planning and Enterprise Risk Management programs, as well.  With all of the information in one central place, you can provide a clear picture across all areas of risk and compliance.

  • Don’t forget to document Corporate Policies and Procedures

Of course, compliance starts with the basics – solid corporate policies and documented procedures.  Do your employees clearly understand their expected behavior?  Is your Code of Conduct and Ethics Policy clearly stated and available to all?  Use policyIQ to document those aspects of your Corporate Governance program – and use free read-only access to make it available to all of your employees worldwide! 

 The insurance industry may be unique in that it is highly regulated, with decentralized regulatory bodies.  But it’s not alone.  All organizations, regardless of their industry, are likely to be subject to a variety of compliance regulations.  Pull it all together for efficiency and build a highly effective program in policyIQ!

If you have any questions about how to implement such a program in your organization – or if you’d like to know more about how Resources can help your organization pull together multiple compliance programs – contact us at