ACL Certified Professional

What’s New in the Spring 2017 Release Part II – Projects

ACL GRC’s Projects module, formerly known as Project Manager, is one of the more heavily used ACL GRC modules by our customers. In this release, we have renamed it to better reflect the purpose of the module in relation to the entire platform. We have also added new features that help with managing your compliance program and one-click native reporting improvements that help you customize your reporting. Let’s take a more in-depth look at these new features.

Reduce your compliance management burden with Compliance Maps

We understand organizations, no matter which entity, often need to be compliant with hundreds of requirements and it can be a pain to map them out to your framework. To help lessen the burden to manage, track, and harmonize these requirements, ACL introduces Compliance Maps, a compliance management feature and content system that provides a central location for:

  • identifying applicable regulations and standards
  • harmonizing a list of requirements across all applicable regulations and standards
  • mapping controls in Frameworks to requirements
  • aggregating testing results and issues to track and report on compliance progress

Within the Projects module, you can now find readily available standards such as COBIT® 5 Framework and COSO® Internal Control Framework 2013.

Looking for more common industry standards and regulations? Check out the new standards and regulations we have added at the beginning of May as premium compliance add-ons in the Product Release section below.

One-click native reporting improvements: Impact Reports

Are you wasting time cutting and pasting together your reports? Introducing Impact Reports, a subscription-based report template service that allows you to create your custom pixel-perfect, reusable report. If you’re ready for the one-click audit report you’ve always dreamed of, submit a request to ACL today. You will work with one of our Customer Intensity Specialists to craft out your ideal report with visual styling (e.g. your organization’s branding) and other custom components. The template will be published as a template in ACL GRC, ready for you to use any time and in format, such as PowerPoint, Word or Excel.

Impact Reports

You ready to create your template? Click here to learn more and sign up.

Frequently Asked Questions

Here are some Frequently Asked Questions for Projects:

  • I am conducting a similar project next year. Can I re-use a project?
    • Yes. You can re-use projects or create a custom project template by rolling forward archived projects.
  • We refer to “issues” as “observations” in my organization. Can I customize project terminology?
    • Different professional groups use different words to describe the same concept. For example, one group may call a “test” a “procedure”, and another group may call a “finding” an “observation”. You can customize the terminology used in project types, modify the existing project types available in Projects, or create new project types.
  • How can I schedule a project?
    • You can use the Project Calendar to define the start and end date of your project, assign teammates to the project, and assign a role to each teammate.
  • Can I backup or export a project?
    • Yes. To save a project to your local computer or network outside of Projects, you can backup and export your project. You can use the Backup/Export feature to share your project results with other team members, external auditors, and regulators.

    Tip of the Month

    To ensure that your bulk upload to Projects is successful, you need to prepare your data first.

    Preparing data involves:

    • copying and pasting your source data into the appropriate Excel template(s)
    • entering data, where applicable, in the Excel template(s)
    • saving the template(s) in preparation for bulk upload

    The table below provides a variety of tips you can use to quickly and efficiently prepare your data in the Excel templates.

    Task Steps
    Treat a number or formula as text In Excel, insert an apostrophe before the number in the formula.
    Enter sequential numeric data
    1. In Excel, enter the first number of the sequence in the appropriate cell.
    2. Select the cell.
    3. Move your cursor to the bottom right corner of the cell and drag the outlined area to where the sequence should end.
    4. Click Auto Fill Options.
    5. Select Fill Series.
    Sort or filter data in a single column
    1. In Excel, do one of the following:
      • Click Home > Sort & Filter.
      • Click Data > Filter.
        The column headings have an arrow next to the heading name.
    2. Navigate to the column you want to filter and click the arrow next to the heading.
      The sort and filter window opens.
    3. Sort or filter data in the column, as needed.

    View the full list of tips here >>

    Product Release

    At the beginning of May, we have introduced new standards and regulations relating to different industry segments, such as IT Compliance, Banking & Lending, and Government, as part of premium compliance add-ons.

    Here are the new regulations we have added:

    Industry Regulation Name Description Source
    Government – Audit OMB A-133 (Subpart F Compliance Supplement, Part 3.2 – June 2016) A comprehensive US federal government guide that identifies important compliance requirements. It defines the audit requirements for an organization-wide audit or examination of an entity that expends $750,000 or more of Federal assistance. Office of Management and Budget (OMB)
    Government – IT NIST SP 800-53 Security Controls (Rev4) / FedRAMP 2016.01 NIST is a framework that focuses on the management, operational, and technical safeguards or countermeasures employed within an organizational information system to protect the confidentiality, integrity, and availability of the system and its information.

    FedRAMP is a US government program that standardizes how the Federal Information Security Management Act (FISMA) applies to cloud computing services. It provides a standardized approach to security assessment, authorization, and continuous monitoring of cloud-based services.

    FedRAMP compliance relies on the NIST framework.

    • National Institute of Standards and Technology (NIST)
    • U.S. General Services Administration (GSA) Joint Authorization Board (JAB)
    NIST SP 800-53 Program Management Controls – Revision 4 A framework that focuses on the organization-wide information security requirements that are independent of any particular information system and are essential for managing information security programs. U.S. Department of Commerce National Institute of Standards and Technology (NIST)
    Public Sector Green Book – Revision 2014 (GAO-14-704G) A framework that sets the standards for an effective internal control system for the US federal government, and provides the overall framework for designing, implementing, and operating an effective internal control system.

    Green Book is also known as Standards for Internal Control in the Federal Government.

    U.S. Government Accountability Office (GAO)
    Financial Services – Banking and Lending Bank Secrecy Act / Anti-Money Laundering (FFIEC 2014) A piece of legislation that requires US financial institutions to collaborate with the US government in cases of suspected fraud or money laundering. It requires financial institutions to maintain records of transactions and file reports of suspicious activity. Financial Crimes Enforcement Network (FinCEN)

    Sounds like something you want? Contact us today!

    Are there any other standards or regulations you want to see in ACL GRC? Let us know!

    Learn more best practices and how to make the most out of your ACL technology at ACL Connections, September 24-27 in Nashville, TN. This event features four days of training and offers 21.5 CPE credits. Access the full event details here >>

    ACP Bootcamp Webinar

    Interested to see what Compliance Maps and Impact Reports are all about? Click here to watch a recording of the May ACP Bootcamp webinar led by ACL experts, Andrew Wing and Cory McBain.

    Did you miss previous editions of the blog? Don’t worry, just visit here to check out the past editions.

    In next month’s edition, we will be looking into how to create your own ACL GRC trial environment where you can explore and practice with included sample data.

    Subscribe to receive the Bootcamp Series sent directly to your inbox!