How to Manage Policies and Attestation – Best Practices
Every organisation, regardless of its size, industry or maturity is exposed to conduct risks such as fraud, corruption, conflicts of interest and employee misconduct. The first step in proactively managing conduct risks is to manage policies and attestation of policies.
Corethix has been specifically designed to help any size organisation proactively manage policies and policy attestation.
Effective policies and procedures in place
Organisations need to use policies and procedures to set out their expectations of standards and behaviour. These policies provide clear direction for employees, contractors and suppliers to operate under and the organisation needs to enforce those standards of behaviour where required. The policies and procedures need to be clearly communicated to all relevant stakeholders within the organisation to ensure that employees, contractors and suppliers understand their roles and responsibilities in adhering to the policies.
The Corethix policy module provides a central cloud based repository for managing Policies, Procedures, Guidelines, and any other documents. There is no limit to the number Policies or documents which can be easily uploaded and assigned to specific employee groups or locations.
Keep policies up to date
Conduct risk compliance policies need to be routinely reviewed and updated to ensure that they match the strategic direction of the organisation and current legislative requirements.
Corethix monitors when policies require updating and alerts the policy owner in advance. Expired policies can be archived for historical records and future investigations.
Ensure policies are easily accessible
All policies and procedures need to be easily accessed by employees, contractors and suppliers otherwise, they may not be aware of what is, or is not, acceptable behaviour in the workplace. That means storing policies on an internal intranet can be a problem as it does not allow contractors and suppliers to have access, plus employees will have difficulty with mobile accessibility to view policies whilst away from the organisation. The best solution is to use a cloud based software platform to provide access for all employees, contractors and suppliers and to also allow access by mobile devices when not at the office.
Corethix is a cloud based software platform that allows easy access for all employees, contractors and suppliers anywhere and on any device.
Enforce policy attestation
Policy attestation refers to the process of verifying and ensuring employees, contractors and suppliers have read and understood the policies within an organisation.
It helps ensure that policies are understood, implemented, and adhered to, thereby promoting a culture of compliance and conduct risk mitigation.
The best way to monitor policy attestation, is to record all user interactions with the policies and procedures and to keep a record of each employee, contractor and suppliers acknowledgement of having read and understood the policies and procedures (policy attestation).
Corethix notifies employees when new policies are launched and whether a policy requires attestation. Employees log in to their Corethix homepage and after downloading, attest that that they have read and understood the policy.
Monitor employee engagement and attestation
It is important to be able to easily monitor and analyse employee engagement and attestation of policies so that, if required, follow up actions can be implemented.
This requires employee interaction and attestation details to be recorded and presented in a format that highlights where employee interactions with policies is lagging. Follow up actions can then be implemented with those employees when attestation has not occurred.
Corethix has a detailed policy dashboard that provides a real-time display of key data of employee engagement to allow proactive management and follow up of policy attestation. The dashboard highlights problem areas such as low attestation rates and polices requiring updating as well as a library of historical data. Detailed search and filter options on the dashboard data table provide an enhanced drilldown capability to easily investigate issues.
Test knowledge
In addition to monitoring policy attestation, testing of user’s knowledge of policies is an additional method to confirm that policies have been read and understood. This can be achieved by sending out surveys to each employee containing questions relating to their relevant policies, and then analysing the results to identify if there are any knowledge gaps. The results of the surveys need to be recorded to document the policy understanding for all employees, contractors and suppliers for future review and detailed analysis.
Corethix includes a Surveys module which can be configured to test employees knowledge of the policies. Results of the surveys are detailed on the Corethix dashboard and can be used to gauge each employees policy understanding.
Use video resources to enhance understanding
Linking policies to video resources is an additional best practice method to enhance understanding of policies. The resources can be either in-house or sourced from external video platforms. This can be particularly effective to highlight the key points of a policy to employees.
Corethix includes a Video library module where the URL links to videos from external platforms can be uploaded and linked to specific policies. A video symbol is then displayed against that policy so that employees can both read the policy as well as watch a related video.
Continuous monitoring
The success of any program to manage policies and attestation requires a regular review of all the key elements to proactively ensure compliance with policies and procedures and to identify in advance any potential problem areas.
Details of policies that need to be updated and checked for compliance, employees’ attestation of policies, the results of employee policy surveys, should all be recorded and able to be easily analysed.
This is best achieved by having a real-time dashboard with analytics to provide a real-time display of all the key data to allow proactive management, up to-date reporting and an audit trail of historical data. This provides a very effective way to help organisations take the first step in managing conduct risk by proactively managing policies and attestation.
Corethix has been specifically designed to help any size organisation proactively manage policies and policy attestation.