SOX 404 | policyIQ Blog

Did you make it to our recent webinar?

In case you missed the presentation by the Vice President of policyIQ, Chris Burd, here is a recap of the key points.

What types of certifications and attestations are possible in policyIQ?

In our session, Ms. Burd showed an Anti-Corruption Policy Sign-off, a Control Self-Assessment questionnaire, and a 302 Certification. She demonstrated the flexibility of policyIQ to accommodate virtually any questionnaire, certification, or attestation. It is possible to include a wide range of different types of fields such as common or custom dropdown fields, (yes/no, agree/disagree), comments, dates, fields for respondents to upload specific evidence or other file uploads.

We have talked about a feature called Rules quite a bit in the past year that allows clients to further guide and direct respondents to complete documentation properly. Depending on how users respond to certain questions (I have not observed fraud. > Disagree), the user may be required to complete an Explanation or Comments field, they may have to respond to additional fields, skip to a different section of the form, or upload a file of evidence or a contract. Rules allow administrators and designers of these questionnaires to really tailor the experience for your users and save time on the typical back-and-forth email and manual interactions.

Typically, certifications are pushed out to many users at once and on a routine schedule (monthly, quarterly, annually, etc.). Often, the questions for any one initiative (i.e. Corporate Policy Sign-off) are standard for all respondents and may be linked to related information for reference (like the associate Code of Conduct policy or a specific Control). Managing questionnaires in this way makes it simple to identify and respond to those exceptions to the rule that require follow-up.

And did you know that any of these certifications can be completed on a mobile device?

What is the process for creating and issuing the certification or attestation?

There are three steps to custom certifications in policyIQ that Chris covered in the webinar:

Create a Form Template, a.k.a. a template for your questionnaire and consider, “What questions do we want to ask?”
[Optional] Bundle multiple questionnaires together so that you can administer and monitor the response in bulk. There are many optional features here, including:
1. You might have questionnaires or certifications linked to different controls, process narratives, or policies and they may require various approval processes.
2. You can have a set of questions that are tailored for assignment to different groups of users (like 302 sub-certification questionnaires).
3. You can customize and automate the reminders for different groups and initiatives (some reminders are sent each Monday for 5 weeks and others every day until satisfied, as examples).
Issue Forms (questionnaires, certifications, surveys, etc.)
1. Make any final adjustments to the audience for the certification
2. Set and expected due date for response.

How does policyIQ help to manage the process after certifications are issued?

Routing of exceptions for further review – We feel like the sky’s the limit with cool things we can do with Rules. In version 7.10 rolling out now, policyIQ users have the option to direct the routing for approval down different paths depending on specified responses to certain questions in the certification (perhaps all those that answered “no” to a question about following the policy need to be routed to a particular approval for follow-up).

Routing of multi-level processes – Similar to the example above, questionnaires can have limits on fields that require multiple levels or a different route for approval depending on the response (over a certain dollar amount).

Reporting! We have presented options for leveraging rules and routing options to manage the flow of content. You can also leverage any number of reports to expedite your follow-up activity as it relates to your questionnaires, certifications, attestations, and so on. Create a report that pulls out any exceptions in any one questionnaire or across all questionnaires sent in the bundle. Leverage policyIQ reports to aggregated results and monitor response rates or trends across business units, locations, or suppliers. Reports allow you to aggregate risk assessments, contract reviews, or fraud questionnaires. This is another area that we get excited about. Let us know if you want to sit down and explore your processes and opportunities to get more out of your policyIQ content, certifications and questionnaires, or reporting.

Click here If you’re interested in requesting access to the full recording from the “Certifications and Attestations in policyIQ” webinar.

We love seeing you succeed.

Contact us to schedule time for a personalized tour of policyIQ. If you’re already a policyIQ client, let’s get together to review of your policyIQ implementation help you to automate and optimize your processes. We can’t wait to celebrate your gained efficiencies with you!

Over the years, we’ve received many requests from clients to be able to customize more of the automated email messages that policyIQ has available. We’ve been working to make this possible in many areas of the product, and in version 7.2, we’ve added the ability to customize an automated, recurring reminder email on form bundles – with HMTL formatting and a recurring schedule!

That’s a lot to take in, so let’s break it down.

Automated Form Bundle Reminders

Let’s say you issue annual policy sign-offs in policyIQ. (This examples works just as well with quarterly 302 certifications, monthly account reconciliations, or quarterly control self-assessments.) Once the forms are issued, your job as the administrator of the process has just started. Now you need to check on those forms regularly to see who hasn’t responded, and send out a reminder email.

Or do you?

With policyIQ version 7.2, you can set up a reminder email to go out automatically. You create the email message when you issue the form bundle, and it does the rest.

Set your Recurring Schedule

Not only can you set up the reminder email to be sent automatically, but YOU set the schedule on which it recurs. Do you want it to go out weekly? Every two weeks? Is Monday the best day to send it? Thursday? Should it go out every single day until the response is received? You decide with a simple selection of recurring schedule and day(s) of the week.

But wait – there’s more!

HTML Formatting for a More Powerful Message

One reason many organizations choose to send emails from their local email client instead of policyIQ has been because of the bland nature of the plain text email. Now you can format your message using HTML Formatting (just like you see in the Rich Text (HTML) Fields) – and help set the tone for the urgency of the message.

Change the Message or the Timing as Needed

Even better? You can change the message or the timing of the message at any time.

So Let’s Recap:

Automated emails so that you don’t have to babysit your form bundle responses
Set up on the recurring schedule that works best for your organization and your process
HTML formatted messages to make sure that the message hits home with the audience.
Flexibility to change the message or the timing as needed!

If you have form bundles being issued in policyIQ, you are going to want to check this out right away. Go to Form Management –> Form Templates –> [CATEGORY] –> Form Bundles. You’ll see these options on the “Edit Form Bundle” window when you choose to edit the properties.

If you have any questions, don’t hesitate to contact us. We look forward to learning more about how you are using the automated form bundle reminders.

M	T	W	T	F	S	S
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30

policyIQ Blog

Tag Archives: SOX 404

Compliance Certifications and Attestations in policyIQ

Save Time with Automated, Customized Form Reminder Emails