And everything she touched became more efficient. The end.

Once Upon a TimeSounds like a fairy tale, right? The best part of the story is that it is true! Every story has to start somewhere. And, like all great stories, the potential “beginning” for a policyIQ client can look different from one company to the next. The majority of policyIQ stories have started in the areas of compliance or policy management, but some have jumped right into the plot twist from the beginning with a launch in automation of certifications, account reconciliations, or contract management.

Wherever you started, it is simple to take your story in any number of directions and realize more and more efficiency by automating processes that relate to your work. It is as simple as ensuring that you are capturing necessary information in your Page or Form Templates or, in some cases, adding a new Page or Form Template and using links and reports to oversee and analyze relationships from one process to another. Here are some examples of how your story could play out:

  • Add a “Position Responsible” field to a “Procedure” Page Template.  The ability to quickly create a complete Procedure Manual for any position greatly expedites the onboarding process of new employees.
  • Add a new Page Template to keep track of all of your Systems and related critical information such as versions, ownership, contracts/terms, and the like. Create a link from each of your procedures to any of the relevant Systems pages and easily identify all procedures, positions and departments that may be impacted by system changes, upgrades, downtime or retirements.
  • Give your auditors a one-stop shop by keeping the results of your Financial, Operational, Fraud and Enterprise Risk Assessments in policyIQ. You can then capture the identified risks alongside your controls, tests, evidence, issues and remediations.
  • Quarterly review of compliance documentation (Process Narratives, Procedures, Controls) can be made more efficient using Forms. Associate questionnaires with the content, assign to responsible parties, automate reminders and monitor real-time information on who you have heard from and who you have not. You can do all of this while also noting any outliers in the report results that are emailed to you weekly (or on whatever interval you desire).

It’s a little bit like the Field of Dreams story…“if you build it, [they] will come”. Consider all of the different places that you go to search for information or to complete a process or task, then create the opportunity to make the next search more efficient by building it in policyIQ. If you’re not sure where to begin, reach out to us (support@policyIQ.com) and we’ll be happy to co-author or write the introduction to your next best-seller.

True story.

Recap Session: Efficiently Transition to the 2013 COSO Internal Control – Integrated Framework Using policyIQ

The policyIQ Team was recently joined by Senior Practice Director of RGP’s Governance Risk & Compliance (GRC) practice, Les Sussman, to discuss how the updated COSO framework will impact companies and, specifically, policyIQ clients or prospects. Mr. Sussman recaptured the highlights from a recent webinar that he co-presented with RGP’s Global Managing Director of the Finance & Accounting practice, Shauna Watson. Their session, “Effective Transition to the 2013 COSO Framework and SOX Compliance”, drew more than a thousand registrants and received great reviews for addressing considerations that have not been discussed in other COSO-related sessions.

With a diverse audience of current policyIQ users and many participants who are not currently using policyIQ, we took time to introduce some highlights of policyIQ, including these:

  • Web-based, accessible from any major browser
  • Flexible and customizable with an easy to use interface
  • A tool for management of workflow, analysis and roll-up reporting
  • Top security from the host, through the pipeline, to end users and specific content
  • Version control, pages can be mapped to multiple relevant access points (folders)
  • Mature audit trail with both version and change history
  • Features for uploading appropriate evidence and linking to relevant content
  • Reporting capability to expedite gap/redundancy analysis, oversight and roll-up reporting

In our session, we demonstrated how easily and quickly we amended our policyIQ configuration to accommodate the updated 2013 COSO Internal Control – Integrated Framework: We added a Folder structure for capturing the COSO Principles by COSO Component and a Page Template with a Short Text Field for capturing each COSO Principle in its own Page.

After populating policyIQ with the COSO Principles (using an import process), RGP recommends following both a top-down (Principle–Control or Principle–Points of Focus–Control) and a bottom-up (Control–Points of Focus–Principle or Control–Principle) approach. The combination of approaches will help to ensure that all Principles are adequately addressed (which is a requirement, if you choose to use the COSO Framework) as well as help with your control rationalization process.

Blog_image_Report_Gaps

We discussed how policyIQ reports can make quick work of mapping, gap analysis, control rationalization and reporting to the Audit Committee and External Auditors.

If you haven’t already, check out the presentation for yourself! The presentation slides are available via the Attachments/Links tab in our related policyIQ Help page here. To review the session or share it with a colleague, click this link to access a recording of the 60 minute webinar.

Do you have questions about implementing the 2013 COSO Internal Control – Integrated Framework? Have you begun the mapping process and taken advantage of policyIQ to make your analysis more effective and efficient? Reach out to us with any questions that you have and we’ll help to connect you with the most appropriate contact that can get you headed in the right direction!