5 Simple Steps to GRC Technology Implementation

Whether for IT Security Compliance, Enterprise-wide Policy Management, Contract and Lease Administration, your organization’s GRC or Audit program, policyIQ can be up and running in 5 simple steps. Read on for more information and contact us to automate your initiative in Q1!

Step 1: Configuration
A policyIQ expert will assist you and/or your RGP Consultant to customize the design of the user interface in policyIQ for input of data, navigation, reporting, content and user security based on your input and feedback. Of course, we do not progress to step 2 until you, the client, approve of the configuration.

Step 2: Prepare data
RGP Consultant requests data from your team or organization, then scrubs provided data to help ensure completeness and accuracy. You give approval regarding the condition of the data before progressing to step 3.

5 Simple Steps to Go-Time!

Step 3: Populate
RGP Consultant populates approved data (import or authoring, depending on your needs) and subsequently validates the completeness of what is in the system to the approved data. The RGP Consultant will provide you with a walkthrough of your site and data for feedback and your approval.

Step 4: Refine (Reports, Dashboard, Planning for roll-out/training)
RGP Consultant demonstrates the policyIQ user interface using the populated data. You provide a live example of a transaction, and with your RGP Consultant’s side-by-side help, you drive the live example from input to reporting. Any additional configuration items identified during this process will be considered for further customization. You give the green light when you’re ready to go-live.

Step 5: Go live and train
Often there are a handful of “power users” who are expected to regularly participate in the process that is being automated using policyIQ. The RGP Consultant sits side-by-side with your power users, individually or as a group, to train on use of the software. Your power users will be directed to policyIQ’s written and recorded materials that you can leverage for your personalized procedural guide. Your RGP Consultant and the policyIQ support team are available onsite or remotely for any questions.

Our methodology your yours?
What initiatives or processes are you looking to digitize and manage more efficiently in 2019? Hit the ground running with RGP’s subject matter experts implementing our proven methodology in our technology or we can support your team to implement your methodology. What kind of support do you need? Contact us, information@policyIQ.com, and we’ll help you to get the ball rolling!

From our Supreme Tech Nerd (aka Senior Director of Technology) to Yours

Introducing Matthew Krummert, Senior Director of Technology at RGP, policyIQ. Matt was asked to share his thoughts on some of the common concerns of IT professionals related to cloud applications—and to tell us what some of those concerns are. Matt noted that there are a lot of applications that don’t always fit the customer’s needs, implementation of new products often takes months or years, it seems there are always hurdles to getting your information back from them, you’re never totally comfortable that your content is secure, you have a long wait for support departments to address your concerns, and you’re not sure if anyone on the other end is listening. Following are Matt’s thoughts on how policyIQ stacks up against these concerns.

Especially utilized for small to medium sized businesses, the cloud is transforming the way software works through its reduction of IT risks and ongoing support costs.  Through utilizing these benefits, and those from Web2.0, policyIQ continues to transform the way that businesses handle their content and GRC needs.

Cloud delivery is less risky: Easy to turn on…and to turn off.

Purchasing software can be a complex process as you are never entirely sure what you are getting. Because policyIQ works on demand, organizations are able to mitigate that by testing the software out prior to purchase in a 30-day free trial site. Because policyIQ uses web2.0 features, you can customize the site to fit your needs to ensure that each installation is an optimal package for you and your organization. This means that companies are also able to have a site up and running in a couple of hours and configured for everyday use in a matter of days or weeks rather than typical months-long implementations. If you are not completely satisfied, policyIQ allows you to disconnect at any time and receive a direct delivery of your content to your designated contact.

Is the content really secure? Yes!

Seamless security is also a concern for most departments. Upon creating a site, policyIQ offers three options for authentication: single sign on, custom authentication using SHA1, and LDAP (or Active Directory) security. Once you are in the site, you are able to set security down to the granular item level (a Page, File, or Weblink) or folder in a user or group based fashion which allows multiple departments of an organization to use the site concurrently and securely without knowing that the others exist.

Power at your fingertips and Support to back you up!

Mistakes are always a possibility:

“I deleted something that I need after all.”
“I made changes to the wrong content.”

For these instances, policyIQ utilizes a simple recycling bin, and also offers snapshots which you can schedule at will. Through utilizing either of these processes, policyIQ empowers an individual to fix most potential problems that come up directly within the application. You can also ask any of our existing clients or refer to our recent survey results to rest assured that our Support department is top notch! They address any questions that you have quickly and thoroughly…and you will get to see your ideas for future development come to fruition! We’re actually listening.

Speaking of listening, we’d love to hear from you! If you haven’t already seen a demonstration of policyIQ, go to our website to sign up for a personalized demo or to watch our 5 minute video introduction.

Talk to you soon!

Leaving Your policyIQ Legacy

You’ve put a lot of time and effort into the implementation of policyIQ, so how can you ensure that your work will pay off and prove to be valuable for the organization in the long run?

Configure with the future in mind.

If you’re working on your policyIQ configuration or thinking of re-working your policyIQ configuration, it’s worth it to take the extra planning time and configure as if your policyIQ site will likely expand in the future—this will ensure that your current effort yields long lasting benefits and will save time when your organization decides to expand in the future.

Here are some tips for making policyIQ’s configuration sustainable for the long term:

      • Keep the recommended Setup structure intact and simply make those structures that you are not currently using “invisible” to end users.
      • Make your intentions plain to see! Have you noticed that you can add “Static Text” fields to your Templates? If you think that your end users might misinterpret the intended use of certain fields or a template or not know what to do with the Page once they’ve finished developing it, you can use Static Text fields to provide instruction directly on the Pages. You can even choose to make these Static Text fields NOT Viewable in Home—so that they’re helpful to the content creators, but not visible in the Published versions in Home
      • Keep it simple: take care to not have “too many cooks in the kitchen”—in other words, don’t grant several different users administrative rights to the site’s Setup. Do not overcomplicate maintenance by having custom Viewers rights on each of your Folders. You can also keep it simple, or minimize the necessary maintenance effort in the future if you add Group names to the local rights of your Pages or Forms instead of individuals’ names.
      • Avoid painting yourself into a corner: Use the standard or default Roles for your users. If you find that you have a need for a custom Role, create a new one and enable the desired permissions rather than making a change in the permissions to one of the previously standard Roles—this will make it easier for other administrators and policyIQ support to understand and maintain the site going forward.

If you think that your configuration has already crept so that you’re not sure what would be ideal for the future, give us a call! We’d be happy to review your configuration with you.

Speaking of open to interpretation

old_or_youngWhat do you see? Do you see the profile of an old woman looking down or the profile of a young woman looking back over her right shoulder? Maybe you see something altogether different!

Most people, when given a picture, word or scenario to consider, will develop their own interpretation that is not exactly the same as the next person’s. For this reason, we recommend capturing your configuration decisions in writing. We even provide the framework for you to do so in the policyIQ Reference Guide.

Regardless of whether or not you choose to use our framework, we encourage you to:

    • Document your intended purpose for policyIQ
    • Document the types of content that you’re capturing,
    • Document your definition for each of the fields and
    • Write out the procedures for your end users.
      • Who initiates new Pages?
      • How should they link Pages?
      • What Folders do they put them in?
      • What steps do they take to ensure the proper review takes place?

Keeping such a “policyIQ Diary” will be very helpful to your organization in the future. And be sure to make all of this valuable information easy to find—you can put it into a “policyIQ Training Manual” or a similar Folder within your policyIQ site!

This will ensure that all of the effort that your documentation team put into the configuration decisions will be easily transferable to new users and to your replacements once you win the lottery and move to that tropical paradise of your dreams!