Most businesses have many different Controls for their processes. They can be external and part of frameworks such as ISAE or simply tied to regulations like GDPR which applies to many different parts of your business handling personal data. They can also be internal, created for specific high-risk activities across your business.

In this guide we will show you how to manage all your Controls in Strivr, no matter what type of Control or what team they belong to.

If you have any inquiries, want to share your ideas, or need some help along the way – do not hesitate to reach out to us (using the built-in chat in the application or shoot us an e-mail at [email protected]).

Happy reading! 😊

Part 1 – How to setup and Tag specific Controls

Building classifications

We will use ISAE-controls as an example in the guide, but feel free to apply the same method to any Controls (AML/CFT, GDPR, etc.) that your organization has the need to track and produce evidence for. We will use the Tag functionality in this guide to link subprocesses together. The reason we use Tags for this is that it allows us to group together subprocesses no matter what team or process they belong to.

Note that a subprocess in Strivr can have as many Tags as you want. For instance, a subprocess might both be a Control object for ISAE and also part of your GDPR-processes.

Creating Tags

In this example, we start with creating a Tag called ISAE or ISAE Controls. Create a Tag by going to Processes –> Tags in the menu on the left side of the Dashboard.

Tagging your processes

When the Tag is created, we can start to Tag the subprocesses that belong to the Controls you want to track in Strivr, in our example we Tag all the subprocesses that are ISAE-controls.

Subprocesses can have one or several Tags and you add them in the subprocess edit page (click on Configure and then Change). At the bottom of that page, you find the setting Tags. Simply add the Tag to your subprocess in this field and it will be applied to the current and future instances of the subprocess.

Part 2 - Continuous monitoring and usage 

Day-to-day Operations

For the users performing the processes, they use Strivr just as they normally do. In the Dashboard, the processes show up when it is due, and the users mark them as In Progress or Done.

If needed, a comment can be added to the specific subprocess. In the comment box, a user can for example add a link to the result or evidence of the Control. All changes to a subprocess are logged and can always be used to back-track what happened on a specific process at a specific point in time.

Usually, these users would filter their Dashboard to show their team tasks or on their personally assigned tasks.

Oversight

If you are responsible for the Controls, perhaps as a Manager or Compliance officer, you can also follow the progress of the Controls in real-time. By filtering the Dashboard to show the specific subprocesses marked with the tag you can quickly see the status and progress of the Controls.

Depending on the volume and periodicity of your Controls, you can choose how you want to view the Dashboard. If you have many daily Controls, the best way is to use the view Today, which only shows today's tasks. If you have Controls more on a weekly or monthly basis, we suggest using either the Weekly view which shows you all Controls for a specific week, or the 4-weeks view which will show you all Controls for the coming 4 weeks.

Notifications

For all your critical subprocesses you can also add warnings. You can notify your users that subprocesses are not yet done via in-app alert where the process is marked in red color on the dashboard, by e-mail, or text message.

Scheduled Reports

The monitoring that can be done in the Dashboard can to some extent be automated by using the e-mail reports, allowing you to quickly find missed Controls and handle them immediately.

You can choose to receive them every morning and/or every week. The report will show you a list of subprocesses that was not done, in the settings you can also select to receive only subprocesses from a specific tag.

You set up the report in the User settings User –> My user –> Change. Chose which frequency you would like to receive the reports: Daily, Weekly, or both, and then add the tag ISAE Controls.

You can also filter the reports on a specific team or category, giving your users the flexibility to create these reports for a specific client, team, and Control.

Part 3 – Analyze and follow-up your Controls

Overview and Specific reports

Under our menu Processes –> Export you will find two standard reports built to help you with your history in Strivr.

The first report we call Main Process Performance which gives you an overview of how your Main Process has performed. Simply add the Tag to your export and you will get a report specifying all processes that contain an ISAE Controls tag.

Here you can see how specific processes have performed. For example, if the percentage of Done of ISAE Controls for the process Monthly client reporting is very low, then you need to investigate that process.

To do that, you can use the Subprocess Performance report. This report allows you to break down and analyze specific subprocesses. You can for example filter this report on both the ISAE Controls tag and the Process we mentioned above.

This report gives you a detailed breakdown of all subprocesses, dates, and comments for all subprocesses you filter for.

Full export and building your own KPIs

To further develop your monitoring, you can export all subprocess data from Strivr with our Audit Trail export. This data is available in .csv-format and can be uploaded to data visualization tools or in spreadsheet software for further analysis.

Examples of usage of the data from our clients:

  • No. of subprocesses performed during a specific timeframe 

  • No. of subprocesses not performed or started but not completed 

  • No. of subprocesses with comments (an indication of deviation) 

  • No. of subprocesses performed on time 

Part 4 – Strivr & Audit

External Audits

Since Strivr stores all changes, it can be used in Audits. This means that a status update and a comment in Strivr could be used as a sign-off for all your subprocesses. Many of our clients remove the need for physical signatures after introducing Strivr. This also means that when your auditor asks for a list of what has been done the last year you can use the Audit trail export to give them a full list of the processes that were done, show when and by whom.

Showcasing your Operational Resilience to your Internal Auditors

Since Strivr can host your work descriptions, tell you what to do, who is responsible and produce the evidence that it was done, it becomes a hub for all your Operations. This increases your Operational Resilience, which means that you have solid foundation to withstand external factors like Covid-19, power or internet outage at the office, or similar events because no matter what, Strivr is available and ready to help all your staff come together and make sure the critical processes get done.

Did this answer your question?