Further refinement and development of the Periscope App has occurred over the past month increasing its user friendliness ready for our latest software release. It was great to see the head of a government agency lodge a hazard using the App and commenting on its ease of use. The hazard was able to be viewed in real time on Periscope’s dashboard and could be reported on immediately. Periscope is also in the process of developing a link to specific screens within each form. For instance, if there is a risk review screen, rather than the email link directing the user to the relevant record, the link will take the user to the specific screen within the record e.g risk review screen or investigation screen, saving time and avoiding confusion. Periscope has released its latest software version. A couple of clients have early adopted to take advantage of some of the new App developments as well as the new Welcome Page and Home Page. Other clients will be contacted shortly and a slide pack of the latest features will be distributed. What is Trending? Some of Periscope’s recent client activities are briefly described below:
Periscope has held several discussions with existing and prospective clients in relation to compliance with Ministerial standing directions, letter of expectations and annual attestations. One client is working with Periscope to pilot the software for use in this area. It is anticipated that this will allow for improved efficiency in responding to these compliance obligations and greater transparency.
Periscope has received further enquiries from energy companies in relation risk and compliance applications. There has been a trend throughout the year from energy companies seeking these applications. A demo form reflecting the key aspects of the relevant compliance management standard will be used for the demonstration.
Periscope’s App has had extensive use this month for activities such as the use of checklists for the decommissioning of IT facilities from former Government disability support houses and incident reporting for field-based personnel.
Periscope has also spoken to potential and existing clients across Government, water and energy sectors in relation to case management, complaint management and stakeholder consultation applications.
Periscope’s safety walk application was recently used by a health clients’ Board members in doing a site walkthrough. The feedback received was quite positive with Board members keen to better understand the software functionality in relation to the data captured.
Periscope has also dealt with a complex restructure that has occurred within one client organisation. The client has now been split into two entities with work centred around the creation of two separate databases. The client has been commended by Periscope for the detailed implementation plan that was developed enabling the creation of the databases to occur relatively smoothly.
Periscope has been discussing the classification of a client’s audit actions against the COSO internal control – integrated framework. It is proposed to implement this classification later in the year.
Periscope presented on its contract management capabilities to an existing client in July. The system covers pre-qualification assessment, contract expiry tracking and contractor performance assessment.
There has been significant discussion in recent years of the need to better use organisational data. I have been undertaking an online course in business analytics, which will help inform Periscope on possible data analysis opportunities available as well as new data structures that may need to be put in place. One of the challenges with data is the notion of data bias. A useful graphic of different types of data bias and a process to manage bias, both prepared by McKinsey, are attached for information.
Case Study – Compliance Management Key Issues As raised earlier, there has been plenty of emphasis on compliance management systems across the year. Based on our experience of these systems we thought it was worthwhile capturing the typical conversations we have with clients when implementing such systems. 1. Why do you want to implement a compliance management system? – In many cases, systems are implemented to demonstrate that regulatory requirements, standards and protocols have been met. Some clients have also seen compliance as a mechanism to improve the way their business operates, so rather than an activity to react and respond to, they use compliance to make the business better in delivering on its strategy 2. Culture and understanding – The way compliance is managed should reflect the organisation’s culture and general level of competence in responding to compliance obligations. It has to be remembered that most staff are not consciously managing compliance obligations on a daily basis so when the annual/semi-annual attestation or declaration arrives, there may not be a clear understanding of requirements that are being responded to, so the focus should be on making it easier for users 3. Evidence of compliance – One of the most effective ways to ensure higher levels of understanding of what compliance looks like for accountable officers is by including a field or checklist as to what evidence is typically required to demonstrate compliance. This ensures greater confidence in the responses provided 4. Legislation vs obligation – This is the primary challenge that many organisations face. In most cases, our clients, have managed compliance at the legislation level and then drop down to the relevant sections of the legislation and import the requirements into the system for response as an obligation. Potentially a similar obligation could be repeated under multiple pieces of legislation. Some clients have chosen to manage compliance at the obligation level so one obligation can be derived from multiple legislative sources. This means the accountable officer in the organisation only has to respond to one obligation to satisfy multiple legislative sources rather than having to sign off on the same obligation multiple time because of the different legislative sources 5. Obligation vs business as usual – It is really important not to fall into the trap of detailing every potential obligation that could be required to be responded to. The system becomes large and unwieldy. You can imagine how many lines on a spreadsheet you would create trying to capture all this. The other thing is to determine whether there is value in capturing items which have become business as usual for most organisations such as providing monthly financial reports to the Department of Treasury and Finance. This is business as usual for most Government organisations, so having notifications being generated by the software provides limited value 6. Detailed or rolled up obligation – We have seen times where some clients have broken out legislative requirements down to the individual clauses and sub-clauses. This approach generates many records that need to be managed and the organisation will be held accountable for. It would appear to be better to manage the legislative requirement at the highest level and having an obligation that covers off on several Sections/clauses to minimise the work for accountable officers. Similarly to ensure the system is not overwhelming, consideration needs to be given to whether the capture of obligations from Standards, Codes of Practice and internal policies and guidelines is warranted 7. Obligation priority – One of the realities is that most organisations do not treat all obligation are equal, so it is important to set some priority. Most typically priority is reflected in a risk rating, consequence rating, priority and/or whether there is an obligation to report regularly or to report on a breach 8. Accountability shared means no accountability – There are times where organisations will deem that an obligation has a shared accountability. In many instances, we see that shared accountability means no accountability. In terms of system structure, the more effective systems reflect single accountability supported by evidence from others who have responsibility, such as delegated officers 9. Integrating compliance – The most powerful processes and systems integrate compliance with other organisational governance activities. Linking compliance activities to organisational controls reinforce why some controls exist. Compliance obligations are also quite commonly linked to risks associated with non-compliance or as a consequence of a risk being realised. There are many approaches that our clients use to manage compliance obligations. The most effective approach needs to reflect the organisation’s culture, competence and practice. Tips and Tricks Delay sending emails From time to time clients need to ensure that emails are released at a certain time of the morning such as 9 am. This is particularly applicable to staff who may be on call and don’t want to be disturbed by emails being received in the early hours of the morning. In the each form processing record, there is an option to defer the sending of emails to a nominated time to minimise the potential for sleep disruption. Extracting data from log fields New formulas have been created that allow for extraction into a record of the last date/time a log field entry was made, the user who did it and the content of that entry. This is particularly valuable where calculations can be triggered by the last date entry into a log field for purposes such as risk reviews, action reviews and case notes. As always, please Contact Us should you wish to discuss Periscope Software.