opexo features

Everything a growing business needs from its management & compliance system now, and for the future

Practical policies & controls management

Developing policies & controls documentation then managing it is one of the biggest challenges for small growing businesses. Many think they can save time by purchasing documentation ‘toolkits’ but then find they don’t fit the business need and are far from complete. Documents also become complicated and expensive to manage in practice so get forgotten in a shared folder. Failure of an audit (and loss of business) becomes more likely.

opexo makes compliance much easier with practical workspaces for developing, reviewing, approving and controlling documentation. It does the heavy lifting on versions, reminders, audit trails, timestamps and keeps everything all in one place. It also offers a major head start by including tips, templates, practical policies, controls and documentation you can quickly adopt, adapt or add to for meeting your business needs.

Simple and effective risk management

It’s easy to create a spreadsheet for risks, but treating and demonstrating effective control of them over time is much harder, especially across multiple standards. But this job needs to be done for audit and business success.

opexo has a simple effective approach for adding and managing risks, including the ability to link up your risk treatment within the broader management system. Set reminders and do reviews in seconds, then see change over time to show your treatment is paying off.

Engaging people and improving awareness

Pinging emails around and using instant messaging to alert people has merit for some work. However it, also means these communications can be difficult to coordinate, evidence and show effective engagement over time. New hires and movers can miss important communications or have to sift through thousands of old emails to catch up. 

opexo helps by using its collaboration, linking and governance features, and email notifications too. You can notify staff and trusted associates, suppliers or partners on and off the platform, knowing opexo is also keeping your knowledge and engagement history safely in one place to reuse and audit later. You can share and exchange information, link to key policies they need to know, broadcast updates, pose discussions, and crucially task for confirming compliance when required.

 Performance evaluation and making better decisions

You’ll need to do performance evaluation and demonstrate the ‘so what’ from your decision making. Inability to evidence internal audits, management reviews and monitoring of business objectives is a popular area of external audit non-conformance. It’s also a common reason why organisations fail to grow.

opexo offers prebuilt workspaces for demonstrating delivery of internal audits and management reviews, showing leadership involved in implementation through the whole life of the management system. It includes automated statistics and reporting on progress from work on the platform, including simple yet practical KPIs when needed.

Improvement and learning

A fundamental for ISO management systems is the quest for continuous improvement. It’s also a hallmark of a successful business.

However finding the time to understand the decisions behind those improvements, describe the what, why and how is sometimes an admin job too far for small businesses. Yet it’s another important area that an external auditor and interested parties will want to see documented, beyond the improvements working in practice.

Shining a light on performance and showing improvements over their lifecycle is easy with opexo, whether those actions have come from reviews, audits, customer concerns, nonconformities or corrective actions. It’s all linked up to your broader management system with the automated reporting built in, meaning your regular management reviews get even quicker and easier!

Planning, tracking and operation

ISO expects organisations to have systems for planning, tracking and operation. You probably already have specialist systems for your core operations. In addition to the prebuilt opexo for your overall management system work, the underlying features can also be used for other related planning, tracking and operational work.  You can build your own repeatable frameworks, track environments, groups etc in seconds.  For example:

  • Want a new product ideas roadmap tracker? Easy!
  • Need a way to show you are on top of subject access requests to meet GDPR compliance? No problem!
  • Looking to move office or run a new event and lack practical project management tools to help you deliver on the plan? Got it!
  • Need a private safe space to store documents and collaborate with others outside of internal systems? It’s there!
  • Following more ISO standards, evidencing regulations compliance, or other certifications e.g. Cyber Essentials? No problem!

These and many more jobs are all doable in opexo now by you at no additional cost to your core subscription. You can ‘sweat the opexo asset’ for related work you want to get done*. You might even save more money and close down other applications that are no longer needed when you have the opexo habit.

*Assumes reasonable use and additional user licence subscriptions if needed.  We also offer low cost bolt-on additional frameworks, tools, and track workspaces if you dont want to build your own.

Specific solutions configured for ISO 27001

(and helping address GDPR & Data Protection Act 2018 information security specifics)

  • With so much to do, ISO 27001:2013/17 can be scary if you start from zero and are new to information security.
  • In addition to the almost complete management requirements, our Annex A controls management area includes tips, templates and guidance as well as pre-configured policies and controls up to 73% complete you can quickly adopt, adapt and add to easily.
  • The automated Statement of Applicability report makes that painful job go away and saves a huge amount of time.
  • We’ve prebuilt a security incident tracking tool and controls to meet Annex A 16
  • There is an information asset inventory tool to help you meet Annex A 8.1.1.
  • Practical HR lifecycle frameworks show security over the HR lifecycle in line with Annex A 7.
  • A preconfigured repeatable framework for including information security in project management and privacy by design.
  • There’s a Business Continuity Planning and Disaster Recovery plan to build on.
  • It has a practical policy approach to supplier management (enhanced with an optional extra Accounts suite).

Do you also need to manage your supply chain?

Supplier management is crucial for business success today. It’s also very important for ISO 9001, 45001 and 27001.

Managing relationships including contracts, contacts and other activity is not easy with basic documents, sheets and folders, meaning information is all over the place and hard to find when you need it most (not least for satisfying an auditor or powerful customer). With GDPR heightening the consequences of poor supplier or customer management, it’s an area well worth getting more control over.

Specialist supply chain software is also really expensive, so our relationship Accounts suite is available at a small extra cost. It plugs straight into the broader management system functionality of opexo.

You can also add in customers, suppliers and partners to work with you securely in one place, making it easy for everyone, just for the marginal cost of any extra user licence/s.

WordPress Lightbox Plugin