How to assign yourself or others as Document Owners

How to assign yourself or others as Document Owners

To be a Document Owner means the user will be able to assign the document to a user or groups to read in Xoralia. The metadata field that drives these permissions can be found in SharePoint. First, navigate to your SharePoint site and document library associated with Xoralia. You should see three columns which drive the access and data displayed in Xoralia, Document Contact, Document Owner and Document Version. Edit these columns using grid view.



The Document Owner column is a People Picker field. Select as many Document Owners as you need within your Active Directory to manage the document within Xoralia. Giving people the Document Owner permission means they will be able to set expiry dates, assign documents, set read by dates and access document read history in Xoralia.



Exit grid view once done, then wait a few minutes for Xoralia to sync and pull through the new permission level.

AD groups and how we use them in Xoralia

AD groups and how we use them in Xoralia

It would be an unmanageable task to assign documents to your wider organisation by individual. To resolve that problem, Xoralia uses Active Directory (AD) and O365 Groups to help target a document for attestation.

When assigning a document, the document will allow the document owner to select as many Groups or individuals as they want within the Assign to audience field. This field is smarter than it looks, when using an AD group it is also dynamic and will adapt to changes made within the Active Directory automatically.

For example, if you assign a document to an AD group of people to read and they have 30 days to read the document, as and when new people are added to the group Xoralia will assign the document to them too. When using the relative read by date field, this also gives the new user the amount of time specified to read the document as to when they were added. It may be the case everyone needs to read the document by a fixed date, lets say 31/03/2023 – but we think that would be less likely than a relative date as to when the document was requested to be read by each user.

Subsequently, if a user is removed from the Active Directory group the opposite happens – the assignment for the user to attest to the document is cancelled. However, users and their read records will always remain. If an individual leaves the organisation, their read audit log is not lost and will still be available within the document read reports ‘log’ tab.

User reports for everyone will also always be available in the reports tab for Xoralia system admi users.

Compliance monitoring: how policy and procedure software can help

Compliance monitoring: how policy and procedure software can help




Ensuring regulatory and legal compliance is a critical activity for every business, but is particularly important for regulated industries such as financial services, healthcare, utilities and more. Businesses must ensure they comply with regulations in multiple different areas such as health & safety, data privacy, and even marketing; not complying can result in everything from reputational damage to extensive financial penalties.

To help ensure and maintain compliance, many organisations put compliance monitoring in place to check on an ongoing basis that commitments are being met. This can involve different processes and using various applications, including the use of policy and procedure software to ensure employees are keeping up to date with new compliance-related policies. In this post we’re going to explore compliance monitoring in more detail, why its important, the plans that need to be put into place, and how policy and procedure software can help.

What is compliance monitoring?

Compliance monitoring can be considered as the different processes and relative activities carried out by organisations to gather, review and report data that will help indicate whether employees, teams and systems are complying with regulatory and legal commitments. Some regulators will expect or insist that compliance monitoring is put in place.

Compliance tracking and monitoring reduces the risk of non-compliance by:

  • indicating if there are areas of risk and where interventions need to be made
  • showing where there have been specific example of non-compliance and where corrective action needs to be made
  • ensuring employees are compliant as they know there are monitoring systems in place
  • measuring and tracking employee attestation relating to changes in polices and processes that relate to compliance
  • providing data and reports that can be shown to regulators and other third parties.

Why is compliance monitoring important?

Regulators across different industries and areas expect companies to be actively doing what they can to ensure regulatory compliance; active and ongoing compliance monitoring is an important part of this. Falling foul of regulators can have serious consequences, resulting in:

  • Potential financial penalties
  • Reputational damage as non-compliance goes public
  • Potential legal action
  • Even suspension of core activities by the regulator.

Moreover, most compliance measures are in place to prevent bad things happening such as accidents or corporate fraud, so tracking and monitoring to ensure that rules and regulations are being understood and followed also reduces risks across key business areas.

Which team should monitor compliance?

Monitoring compliance is rarely just the responsibility of one team. While there may be some functions whose main activity relates to compliance such as the legal team, a professional services team, a health & safety team, or a specific regulatory department, actually monitoring tends to involve multiple support functions. For example:

  • HR teams may need to ensure compliance monitoring is built into people-related processes
  • Learning teams may need to facilitate training that covers areas of compliance, and which needs to be tracked
  • IT teams may be responsible for software used for compliance monitoring or manage systems which need to be monitored
  • Communications teams may control channels and tools which are involved in compliance monitoring, for example the corporate intranet.

To a certain extent, compliance monitoring also involves every manager, who needs to ensure that compliance commitments are being met within their team.

What processes and activities are involved in monitoring compliance?

Typically, compliance monitoring can involve various different activities, including:

  • Performing automated tests on different systems to indicate potential compliance-related risks
  • Carrying out manual audits of systems and processes by central compliance units or third-party regulators or expert organisations
  • Training new and existing staff on areas of compliance and any relative updates, and then reporting on this to show the training has taken place
  • Asking staff to confirm that they are following compliance-related processes and understand changes to compliance when they arise, and then reporting on these confirmations.

Policy management software like Xoralia can help organisations meet their regulatory responsibilities and achieve compliance (particularly in these latter two areas).

Do we need a strategy and plan for monitoring compliance?

Having a formal strategy and plan for monitoring compliance is important. This should be documented and can be shown internally to stakeholders, teams and employees, but also to a regulator, external third-party or even a client. A documented compliance strategy and plan will show that your organisation:

  • is doing what it can to monitor compliance
  • takes regulatory compliance seriously.

What should be in a compliance monitoring plan?

The plan should provide the overall strategy and approach, as well as the key processes, such as:

  • Automated testing across different systems
  • Central manual review processes
  • Training for new and existing employees
  • Employee attestation processes relating to compliance
  • Communicating changes
  • Reporting and controls used
  • Who is responsible for all of the above
  • Frequency of any processes.

How can policy and procedure software help with monitoring company-wide compliance?

Policy and procedure software like Xoralia can help organisations effectively monitor and track compliance throughout an organisation. Compliance with regulatory commitments is usually down to the individual actions of employees; therefore, training and related employee attestation processes are key. Employees confirming that they have read and understood a policy or procedure plays an important role in monitoring for compliance.

Policy and procedure software can be a backbone of compliance by providing a central, carefully controlled library of compliance-related policies and process documents that employees can access. It also supports employee attestation by:

  • Asking employees to acknowledge they have read and understood a policy or procedure, including new hires
  • Requesting employees read and acknowledge a new or updated policy or procedure
  • Reporting on progress to ensure that all employees have read a policy or procedure
  • Automating much of this to make it easier to communicate changes in policies and avoid employees being missed in the attestation process.

How does software like Xoralia help organisations achieve regulatory compliance?

Superior policy and procedure software like Xoralia adds particular value to your core compliance monitoring in a number of ways, which not only improves your monitoring, but also gives extra confidence to external regulators that your monitoring processes are robust, thorough and efficient.

Specific strengths of Xoralia include:

  • Integrating with Office 365 and Active Directory groups to allow you to automate attestation processes for new starters
  • Helping establish recurring annual attestation processes
  • Adding an additional layer of compliance monitoring by testing employees to see if they have understood or digested a policy
  • Providing targeted reporting and related output that can help monitor compliance progress across different teams, but also be ready for third-party regulators to view, as well as integrate into different Power BI dashboards
  • Providing additional auditing of changes to policy and procedure document libraries.

Using policy and procedure software

Compliance tracking and monitoring is important, particularly in regulated industries. Policy and procedure software provides critical monitoring around employee attestation and should be a part of any compliance monitoring strategy and plan.

If you’d like to discuss compliance monitoring get in touch or even arrange a free Xoralia demo.

Book a live demo

Find out more about Xoralia policy management software

During the demo, we'll walk you through Xoralia’s various features and functionality, providing plenty of time for you to ask our experts questions along the way.

Book a demo

We use cookies to give you the best experience on our site. By continuing to use our website, you are agreeing to our use of cookies. To find more about the cookies, please see our Privacy Policy

Contact Support

If you have a question about Xoralia software, please fill out the form below and a member of our support team will be in contact with you shortly.