Audit Trails in Pronnel- Solving Your Compliance and Audit Requirements

Make Compliance and Implementation easier. ISO 9001, ISO 14001, OHSAS 18000, ISO 45001, ISO 27001, ISO 2600, ISO/TS 16949,AS9100, ISO 17025, ISO 13485, ISO 29001, ISO 22000, AQPC, JCI, ISQua, NEBOSH, HACCP, Forest Stewardship Council, BS EN 15713, SEI-CMM. Make Compliance and Implementation easier. ISO 9001, ISO 14001, OHSAS 18000, ISO 45001, ISO 27001, ISO 2600, ISO/TS 16949,AS9100, ISO 17025, ISO 13485, ISO 29001, ISO 22000, AQPC, JCI, ISQua, NEBOSH, HACCP, Forest Stewardship Council, BS EN 15713, SEI-CMM.

Author Name : Neha Shukla

Posted On : 17 AUGUST 2023

Learn how Pronnel’s Activity View and Process Flow Controls can help you minimize typical problems.
Let’s face it; however much we may dislike spending time on them, Audits and Compliance are a part of life in any organization. How else can we ensure that we are running smoothly and efficiently? How would we identify gaps and minimize risks?
Ask any employee, and the words Audit, and compliance are associated with stress and resentment. While we can’t eliminate all the problems related to causing these negative feelings, we can minimize the number of issues surrounding Audits and Compliance checks.

Four of the commonest conflicts identified during Compliance Audits and how you can solve them:

  • Mistakes & malicious actions:

    If not hostile action but covering up, mistakes happen. The costs for leaving back doors unlocked are very high. More from a Risk Mitigation POV than a way to avoid Audit problems, these need to be minimized.
    On the top of every Board, you will find an Activity View. All actions carried out on the Board are recorded and displayed in Activity. Whether it’s a deletion of a record, alteration, or an Item moving from one Bucket to another, all of these are captured with user identity and a time stamp, establishing a non-erasable Audit Trail.
    Activity view - Pronnel
    You can use this feature to also quickly check how active team members have been on a Board during a period. A virtual- Management By Wandering Around.
    Suppose you want to investigate the data for a specific task/ Item, just open Item on the Kanban Board. To the righthand side, you will find a Panel with options for Comments and Activity. Looking through them together, you can investigate the chatter around the Task and its additions/ deletions/ modifications.
    Activity view in item - Pronnel

  • Non- compliance to Process-

    However, good teams are, it’s entirely possible that teams will not follow the laid down Process. The risk of skipping vital steps increases tremendously when new team members join or during high workloads, leading to contentious arguments and conflict in audit periods.
    Pronnel allows you to define all process steps with permissions and requirements. Once you implement a process on Pronnel, you hardwire Process compliance into your team’s workday. Making it straightforward to reduce the chances of non-compliance dramatically. Check out the Process Flow in Pronnel on Board Settings.
    Process Flow in settings - Pronnel
    Once you open Process Flow Diagram, you can add Buckets, Delete Buckets, and Modify Flows. All you have to do is Click, Drag, and Drop. And you have a customized process ready.
    Click on an individual Bucket to see how to modify permissions to create, flow direction or even assign Bucket-level deadlines.
    Process flow modification - Pronnel

  • Absence of Proper Authorization:

    The bane of managers is proving that daily work was authorized. Whether it’s a sign-off for a PO, a change in vendor, a project design change, a creative going to publication, leave authorization, or an expense claim. Add on to that the requirements of approval based on Ticket size. While processes captured in the ERP are somewhat foolproof, what about remaining mundane processes? Companies waste reams of paper, taking printouts and getting them signed. Implementing an Authorization/ Approval stage on Pronnel is the easiest thing. Open the Process Workflow diagram. For example, in the workflow below, you want to permit only a specific User to move any items in the “Sent For Approval” bucket ahead.
    Process Flow Diagram - Pronnel
    We will need two things to affect this. First, ensure that the Item flow from that Bucket can happen to only the approved stage is allowed. In this case, it’s the Ready Bucket. Click on Ready and restrict Item Flow to “Sent For Approval.”
    Restrict Item Flow - Pronnel
    Next, connect the “Sent For Approval” Bucket to “Ready.” Click on the Arrow and modify permission so only the designated Approver can move the Item.
    Restrict item flow with arrow - Pronnel
    If there is a need for an Authorization Matrix, then even that can be implemented with Automation. Instead of one

  • Poorly recorded exceptions:

    However, robustly you design a Process, all teams come across situations where the Process breaks down, and exception needs are needed. The problem arises when these exceptions come out during the annual Audit. The reality is that most Auditors understand this, but they prefer seeing proper documentation and records for exceptions.
    Process exceptions can be authorized and recorded in Pronnel. Instead of rustling through multiple old emails or hard copies signed off by seniors, authorization for an exception can be done on Pronnel, with a User, and a Time Stamp by Commenting on an Item. Should a higher level of approval be needed from a more senior manager, a Finance Department user who is not a member of the Board, then these people can be added as External Collaborators, who can also comment describing the reason for and give explicit documented authorization.

FAQs:

Q. Can I implement all my internal policies and Processes through this software?

Absolutely. As long as you can draw it on the back of an envelope you can implement it on Pronnel with the following features:

  • Document Repository System: Use Drive to keep your internal policies and documents.
  • Use the Internal Boards to put notices and announce a change.
  • Create all processes as separate Boards.

Q. How do you implement ISO (International Organization for Standardization) processes on the software? Can the software replace ISO?

At heart ISO (International Organization for Standardization) focuses on developing standards to ensure the quality, safety, and efficiency of products, services, and systems and implements them through standard process deployment, measurement, and improvement. Pronnel has the same principle in mind. In fact, through Pronnel, implementing ISO frameworks in an organization becomes much easier and simpler.
Rather than storing ISO process lists, forms, and data in separate hard copies or on shared drives, keep the same can Drive, which functions as a Document Repository System that everyone can access easily.
Each active Process can be built as a Board and rolled out to the team—store Process description in Notes and Drive for easy access and reference. Use Forms linked to a board for recording Customer Complaints or Reportable Incidents and use Automation to generate periodic reports.
All actions are recorded and will have an Audit Trail, making it easier for employees to do their daily tasks and not spend time keeping records. Auditors will find it easier to Audit and analyze performance.
Use the Team Review Template to conduct the Annual Management Review Meeting and record the Minutes of the Meeting in Notes.
Introduce the amended Process as a new Board and deactivate the old Board. They stay on your system should you ever need to go back and review them.
Carry out Periodic Internal Audits through an Internal Audit Board with Forms—no more keeping forms printed in triplicate.
Pronnel does not seek to replace ISO processes but supports the implementation, making it easier for organizations to implement, track, analyze, and amend ISO processes.

Q. Who issues ISO Certification? Can you certify ISO Standards?

No, Pronnel is not an ISO Registrar or a Certification Body. Only ISO Registrar or a Certification Body (CB) can certify organizations. You must employ an authorized CB who complies with the relevant CASCO Standards to get an ISO Certification. To find an accredited certification body, contact the national accreditation body in your country or visit International Accreditation Forum CertSearch.

Iso certification bodies

Q. Which ISO Standards can you implement through this software?

To date, ISO has published over 22,000 standards and related documents. Use Pronnel to implement all of their documentation and workflows. While we may not be able to write or consult your firm for ISO implementation, we would be happy to help you bring the system to life on Pronnel. The typical ISO Standards we work on are:

  • ISO 9001- For general organizational quality management systems (QMS), including vendor management. ISO comprises QMS standards for specific industries, too.
  • ISO 14001- For Environmental Management Systems
  • OHSAS 18000 assists organizations in managing and controlling their health and safety risks
  • ISO 45001 for Occupational Health & Safety Management Systems
  • ISO 27001- For Information Security Management Systems (ISMS)
  • ISO 26000. For businesses and organizations committed to operating in a socially responsible way
  • ISO/TS 16949, in conjunction with ISO 9001:2008, defines the quality management system requirements for the design and development, production, and, when relevant, installation and service of automotive-related products
  • AS9100- For quality and safety within aviation, space, and defense.
  • ISO 17025 (Testing/ FDA) for laboratories to demonstrate that they operate competently and generate valid results. It identifies the technical competence and management system requirements that guarantee consistently accurate test results and calibrations.
  • ISO 13485 (Medical Devices), QMS for producing medical devices and equipment.
  • ISO 29001 (Oil / Gas) for all oil and gas supply chain organizations.
  • ISO 22000 (Food Safety), QMS for developing and implementing a food safety management system can help any organization in the food chain.

Q. Other than ISO, what standards can you use through this software?

Pronnel supports a Process-Centric style of working. You can build the processes you define following any of the following standards on Pronnel:

  • APQC (American Productivity and Quality Centre)
  • JCI (Joint Commission International)/ NABH (National Accreditation Board for Hospitals & Healthcare Providers)/ ISQua (International Society for Quality in Health Care) for healthcare.
  • NEBOSH National General Certificate in Occupational Health and Safety.
  • HACCP management system in which food safety
  • Forest Stewardship Council (FSC) for sustainable forestry or the Rainforest Alliance
  • BS EN 15713 framework to manage and control the destruction of any confidential material destruction
  • SEI- CMM (Software Engineering Institute- Capability Maturity Model) documentation and process implementation. Or other AGILE frameworks.