Policies

Policies are the rules and standards that an organization creates for itself. RiskVision Policy Manager tracks compliance with an organization's policies as well as other Policies and Controls.

Policies can include workflow and recurrence rules, and modifications to policies are saved as a version for later comparison.

Policies are hierarchical documents. Within the top-level Policy, there are blocks called Sections. Each Section can have Subsections, and so on. The overall outline is auto-numbered (these numbers can be hidden while viewing or printing).

The Policy feature is designed to be flexible so that online policies can closely mimic offline policy documents. Each block (section or subsection) can be managed separately. Unlike offline documents, each section in a Policy can refer to Controls and can have attached documents.

The policy tree on the left of the screen provides easy access to Organization Content, including the Document Repository, Document Outline Templates, and Policies. Within each Policy, the tree shows the layout of the sections and subsections that make up the Policy.

  • To author your own policy, see Creating a New Policy.

  • To group policies, see Creating a New Group.
  • To save policies, see Saving a Policy.
  • To delete a policy, use the Actions drop-down menu on the policy tree on the left. Select the policy to delete and choose Delete from the Actions menu.

  • To move a policy from one group to another, select the policy to move and choose Cut from the Actions menu on the policy tree. Select the destination group and choose Paste from the Actions menu.

  • To copy an existing policy, select the source policy and choose Copy from the Actions menu on the policy tree. Select the destination group and choose Paste from the Actions menu.

  • To export policies, see Exporting Policy Documents.
  • To import policies, see Importing Policy Documents from Word and Importing Policy Documents from XML.

Each policy has a change history, and internal versions are automatically created when a policy moves to a new workflow stage. Changes are automatically tracked when a policy is updated. Tracking changes can be disabled.