Policies Provide Foundation through Changing Regulatory Environment

Regulatory environments are constantly changing, influenced by economic, political and environmental factors beyond your company’s control.  It might seem like a daily battle to deal with the push and pull of complying with changing regulations.  So how do you stay focused, prepared and sane in the world of regulatory compliance?

One critical step is to ensure that you have well documented, well communicated and well understood corporate policies.  

Policies provide the foundation, governing the way in which your employees will work and how they will meet new regulatory requirements.  When the foundation is strong, with clear policies that are followed and enforced consistently, additional external expectations and requirements are much easier to incorporate.  

Here are just a few best practices to consider:

  1. Ensure that policies are written clearly.  Avoid company jargon or acronyms that may be unclear to new employees or external regulators.

  2. Make policies easily accessible to all employees.  If you are already using policyIQ, ensure that a policyIQ link is posted or communicated regularly.

  3. Clarify whether any exceptions might be approved to the policy, and communicate the process for approval for exceptions.  If it is not clear, employees may be more likely to decide it will be easier to ask for forgiveness than permission.

  4. Document how policy violations will be addressed or how policies will be enforced.

  5. Revisit, review and revised policies regularly.  Do not allow policies to become outdated or appear to be outdated.  Even if no changes are made, regularly note that content has been reviewed, so that employees

  6. Map policies to your regulatory requirements or other compliance programs.  As regulations change, you can more easily identify any changes that must be made in your policies to address those changes.  

What other best practices would you highlight for a clear corporate policy platform?  Add yours in the comments and share ideas! Learn more about how to utilize policyIQ’s various read-only options by checking out a recent blog post by policyIQ Product Manager, Travis Whalen.

Spotlight on Higher Education

We hope that everyone is enjoying summer break and looking forward to a productive and fruitful 2016-17 school year! For the same amount of time that this year’s college seniors have been in school, policyIQ has been in the business of supporting organizations with more effective and efficient Policy Management. To that end, we recognize that these supports are critical:

Unique Needs of Higher Ed

We are grateful for the partnerships that we have with institutions of higher education to support their unique needs in policy management. Similar to the healthcare organizations that we serve, educational organizations have internal/administrative policies and procedures, as well as policy documentation that is directed to the audience that they serve. In the case of schools, we are talking about their students and faculty.

Organizations with both internal and external audiences often oversee various methods or systems for disseminating information. Part of the challenge that they are continually working to meet is keeping track of all of their documentation, recalling what system it is managed from and where it is in the process of upkeep and compliance. While policyIQ can certainly be the home base for all documentation in organizations that have decentralized audiences, it could also be the hub for mapping documentation to its various outlets. By using the database behind policyIQ to track precisely where documentation is to be found, to whom it must be made available, and which processes are related to it, organizations can ensure that the latest iterations are properly communicated to all pertinent audiences.

Remember, policyIQ is also a great place to capture compliance documentation!

Is your staff properly trained and certified on key procedures? Do you have a means for monitoring and verifying, in real time, who has signed-off on corporate policies? Does your organization have a central point of reference for standards and regulatory requirements? Can you map your organization’s policies and procedures to said requirements and provide evidence of coverage?


This can be your resounding answer to all of these questions with policyIQ.

Today, “Governance, Risk and Compliance” is relevant for organizations of all shapes and sizes—public and not-for-profit. Powerful and affordable, policyIQ can help your organization to be more effective and efficient, too! Contact us at support@policyIQ.com to begin or expand your implementation today.

It’s true! policyIQ is a misfit among typical software providers.

Have you been burned by a software provider?

Sheesh—who hasn’t?!

You worked for months (years for some), listening to promises from several different people who kept handing you off and never addressing your concerns. You found yourself with more time and money invested than you care to admit and you have grown to look at all software providers with skepticism (if not disgust).

Does this sound familiar?

I hear you. Your frustration was echoed by countless people that I spoke with at a national conference in March. Because a number of people felt compelled to share their horror stories about other providers with me, I got comfortable jumping quickly to the things that make us different than the typical software company:

  • All-in-one_BubblesRGP is NOT a software company! Integrity is at the core of our firm. We want to create great relationships and serve you so impressively that, when you need a consultant, you already know the quality that you can expect from us.
  • We don’t have a huge policyIQ booth at conferences and our software does not have the huge price-tag required to pay for that presence (policyIQ starts at <$5k/year).
  • We don’t sell multiple modules or products and aim to upsell you. policyIQ really does accommodate multiple business areas and needs in one affordable tool.
  • Our goal is to solve for your information, content, process, and workflow challenges across the Governance, Risk and Compliance (GRC) space, not to land a sale.
  • Your sales person does not make commission or hand you off to an implementation team that’s unaware of promises made during the sales process—we walk alongside you the whole way and help to tailor the implementation to your organization’s needs.
  • Our product does what we tell you it does (and we answer truthfully if you ask us about something we don’t do or plan to develop).
  • We have a support team that truly cares to give you excellent and timely service.

We think of our clients as part of our community with whom we will have a long partnership. We listen to your needs, plans, wishes and heartaches and work continuously to problem solve with you.

We’re proud to be a misfit among typical software providers.

pIQ_Misfit_smWe’re ready to prove it and to earn your trust.

We encourage you to take a peek at this introduction to policyIQ, and then reach out to us!  We’d be glad to schedule a personalized tour of policyIQ. Also, we invite you to kick the tires! Sign up for a 30-day trial, completely risk-free.

We look forward to working with you!

New Year, New RGP Training Sessions!

As the business world jumps into 2015, RGP has put together new training sessions to help everyone kick-off the new year!  Filled with experts from various practice areas, these sessions are sure to be insightful for a variety of business needs.

Improving Organizational Performance with Supply Chain Policies and Procedures: January 21

RGP’s supply chain  experts Kevin Deely and Margaret Robinson will lead a look at how companies are revisiting their supply chain policies and procedures. They will review how industries such as the Oil & Gas industry have moved to shore up their supply chain and procurement organizations to ensure consistent application of best practices.

Financial Reporting Update and The Year Ahead – The Outlook for 2015: January 29

Join RGP’s Shauna Watson for insight on financial reporting, accounting review and analysis-including the latest FASB pronouncements, and SEC and PCAOB standard settings. This session will provide you with what you need to know to comply with these changes and help you to stay a step ahead.

Data Governance & Revenue Recognition: February 12

Global MD of Finance & Accounting Rebecca Sneval will be on hand with RGP’s Shauna Watson to discuss the new Revenue Recognition standards and their impact on data governance.  How are companies expected to meet this new challenge?  This session will provide the answers, and help you and your company meet these requirements.


Each of these RGP Training Sessions have 1 CPE credit available for your participation. So don’t wait any longer…sign up today!



Bank utilizes policyIQ to push out procedures, forms, step-by-step work instructions and more to their branch employees

coincountingWhen I was a kid, I wanted to work in banking.  Of course, at age six I thought that meant getting to count change and give out money all day.  (I loved to count change.  I was a human Coinstar™.)  It seemed so romantic and powerful to sit at a bank teller’s station and control the cash flow of my community.

Of course, the reality of banking is that of one of the most highly regulated industries in the world – even before the introduction of the Dodd-Frank Wall Street Reform and Consumer Protection Act (arguably the largest single piece of legislation to impact banking, with complex requirements impacting every aspect of the financial services industry).  It’s also one of the most dynamic environments, with mergers, acquisitions and expansions happening every day.

Banks and financial institutions around the world use policyIQ in a variety of ways.

A significant percentage of our policyIQ clients are in the banking or financial services industry.  Most of our clients are using policyIQ in ways that you might expect:

  • FDICIA Compliance
  • Anti-Money Laundering Compliance
  • Corporate Policies and Procedures

But at least one policyIQ client has gone a step further.

policyIQ is where it’s at.

In the case of one regional banking client, their management team was looking for a tool to make it easier for them to provide the entire range of procedures and documentation that the employees at their retail banking branches required.  After researching a number of tools, they decided to utilize policyIQ’s 24/7, cloud-based infrastructure to push out procedures, forms, step-by-step work instructions and more to their branch employees.  Every bank employee has easy access to a full range of instructions – accessible at their fingertips, via a well laid out navigation or via the simple search.

Need to know how to open a new account for a customer?  Look it up in policyIQ.  Aren’t sure how to cancel a check?  It’s in policyIQ.  Searching for the form that has to be submitted when changing the name on an account?  policyIQ is where it’s at.

Some of the advantages of utilizing policyIQ for these detailed instructions are:

  • Simplicity of roll-out across all branches, even if disparate IT systems or access rights apply.
  • Ease of on-boarding new branches when mergers or acquisitions occur.
  • Ability to create different profiles for each branch, to provide access to the documentation that applies to them.
  • Ability to notify employees when critical changes to procedures or policies occur.
  • Links between related documents, so that relevant follow-up steps are provided immediately.

Of course, these advantages don’t just apply to the banking industry.  Being able to easily push out detailed content to your employees across various locations is not a unique issue in banking.  If you need a way to easily provide access to detailed procedures, forms, and instructions to employees across multiple locations, contact us to discuss how policyIQ can meet this need.

policyIQ is Far Less Expensive Than the Cost of Ineffective Policy Management

policybookJust a few months ago, we talked about the fact that Policy Management is an in-demand implementation area for policyIQ.  Again.  (This is, of course, where policyIQ got its start 10 years ago.)  It’s not surprising.  Regulation continues to increase in many industries, and companies with a solid foundation of governance through clearly written, easily available and effectively communicated policies are ahead of the curve in compliance.  Even the new Conflict Minerals reporting requirements within the Dodd-Frank Act reference a need for strong policies and procedures within the procurement and sourcing teams.

Just a few weeks ago, Michael Rasmussen, well-known GRC pundit with GRC 20/20 (as well as a fellow and frequent presenter for OCEG), had this to say about poorly managed policies in his blog post “Effective Policy Enforcement Requires Technology”:

Document-centric approaches to policies—that lack technology to manage communication and enforcement—are a recipe for disaster. While it appears easy and cheap to just use documents and send them out via e-mail, or post them in a file-share or Website, the reality is that the cost to the organization is significant in the exposure of ineffective policy management.

We are not an unbiased source, and so of course we agree whole-heartedly with Mr. Rasmussen and his belief that there is a need for technology to effectively manage your corporate policies.  If you aren’t yet using policyIQ to manage policies and procedures, we would encourage you to take a look at the checklist in Mr. Rasmussen’s blog post and determine how well your current solution stacks up.  If you haven’t been able to check off all of the boxes yet, contact us and we’ll show you how policyIQ can meet your needs!

Back to our roots: Policy Management is back in demand

policyIQ has been getting back to its roots lately, with a high demand for help managing policies and procedures. And more often than not, Compliance and Audit Directors are the ones seeking help to pull together the governing documentation – going beyond just internal controls and focusing on the full picture Governance, Risk and Compliance (GRC). Policies are being recognized as the backbone of all of the varied compliance efforts – whether it is SOX, Anti-Bribery, Non-Discrimination, Anti-Harassment in the Workplace, or Privacy Laws. Companies don’t just want more easily accessible documentation – they want more effective documentation. They want policies that have an impact on the behavior and culture of the entire organization.

How can your documentation “make an impact”?

Just last month, Art Weeast, Director of Process Management at Jones International, co-presented with our team on Process Intelligence in policyIQ. He has utilized policyIQ to make internal documentation, particularly Procedures, more relevant, valuable and collaborative from the front line to the board room. Mr. Weeast’s process focused on making documentation complete, making it easy to create, and mapping front line procedures to the big picture processes. At Jones International, both executives and staff understand the whole picture – and how each contributes to their overall success.

With effective process and procedure documentation, your employees can better understand how their daily work impacts the success of the company, but is everyone acting under the same core values that dictate their behavior or responses in any given situation? Do they understand the corporate culture?

Policies set the tone for corporate culture

Corporate culture can be difficult to define. Your mission statement might summarize it, but how does a new employee know the behaviors that will truly live up to it? Does the company value entrepreneurship and innovation? What is the risk appetite? Do you have a formal reporting structure, or a more open, collaborative environment? Are client relationships formal or do you create familial atmosphere with your client community? How transparent are you with stakeholders? Do you share everything, or keep information close to the vest?

In a perfect world, the answer is that your policies will reflect and describe these behaviors and values, while the procedures provide the more specific steps and instructions for accomplishing tasks.

Govern your Governance

With all of this in mind, you can see how critical your policies, procedures and process documentation can be to the overall success of your organization. It defines who you are and how you behave as a company. Managing this critical information should be done with as much, if not more, care than any other compliance content – and yet it is more likely that policies and procedures are inconsistently documented on inaccessible and poorly administered shared drives or intranet sites. Your policy management tool should offer you:

  • Enforced consistency in documentation templates
  • Automated audit trail and version history
  • Security to determine who can read, who can edit and who must approve an item
  • Collaborative workflow and approval processes
  • Flexible organization and indexing
  • Update alerts to keep employees informed of changes
  • Sign-offs for critical content
  • Oversight reporting to see who is reading or who made changes

Get what you need in policyIQ

This is the policyIQ blog, so we’d be remiss if we didn’t suggest that you manage your policies and procedures in our product. For the past 10 years, policyIQ has been working with organizations to manage their most critical documentation, and we’ve continued to create features and share best practices that make your policy management programs more powerful.

We often hear organizations tell us that they prefer to keep their policies where they have always been – perhaps an intranet site, a shared directory or a Sharepoint site – because employees are already familiar with how to get them there. Did you know that policyIQ pages can be linked into any of those locations without requiring a user to login or even realize that they are in policyIQ? (And of course, read-only access is always free!)

Contact us and let us help you to manage your policies more effectively and help you to build documentation that positively impacts your company, your employees and your bottom line!