Questions about OnPolicy

Frequently Asked Questions (FAQs) about OnPolicy Document Management System for compliance based documents like ISO 9001 documented Information.

What document formats are supported by OnPolicy™?

  • OnPolicy will support a number of document formats, such as:
    • MS-Word (“.doc”, “.docx”);
    • MS-Excel (“.xls”, “.xlsx”); and
    • Some limited-format and unformatted file types (“.rtf”, “.txt”).
  • Certain file types (e.g., Visio (“.vsd”)) are not supported; they must be embedded in a document of one of the supported types for Readers’ use. Editors are able to work with any document for which they have the application (ex., they have MS-Excel for generating and revising spreadsheets).
  • You can store documents of virtually any format in OnPolicy™. However, sharing documents in OnPolicy requires that documents be readily convertible to Adobe Reader format (“.pdf”). For details about converting documents to “.pdf” format, see below.

Why are our documents converted to “.pdf” files? What documents cannot be converted to “.pdf”?

  • In OnPolicy™, released documents are converted from their native formats to “.pdf” to lessen the likelihood that document “Readers” – personnel assigned read-only access to your OnPolicy™ instance – will modify your documents. OnPolicy is open source software and will convert any type of file that can be used by OpenOffice (including Microsoft Word, Excel, and PowerPoint) to “.pdf” format. Unformatted files (like “.txt”) and limited-formatting files (“.rtf”, for example) can also be converted. We will add document formats as Open Source allows them.
  • MS-Visio documents are one type of document that cannot be converted to Adobe Reader. However, they can be embedded in (copied into) a convertible file, such as an MS-Word document. Editors and Administrators can revise the original documents in their applications, of course.

Where are our documents stored? Where is your server located?

  • The Bizmanualz data center is collocated in a top tier SSAE-16 (formerly SAS 70 Type II) Certified data center facility. The facility has recently completed a SOC 1 attestation performed under the newly released AICPA SSAE 16 attestation standard that replaces the SAS 70 standard. This facility is also one of the largest collocation facilities in the central United States. This facility is a strategic central point on an Internet backbone, helping ensure fast response times. As user demand increases and our user base grows, we plan to roll out additional servers in other locations.

What assurances of security do we have? How do we know we’re the only ones who have access to our company’s documents? Some of our documents contain proprietary information.

  • We are using all available means to reasonably secure your data, including:
    • Dedicated servers;
    • Encryption;
    • Firewalls;
    • Anti-virus software;
    • Periodic backups; and
    • Password protection.
  • In addition to the safeguards mentioned above, every OnPolicy™ database is protected by a firewall and is inaccessible from the Internet unless you use your secure login. Only individuals who you assign active user names (usernames) and passwords can access your OnPolicy™ documents. We strongly recommend that all users change their passwords frequently, to minimize the likelihood of a breach.
  • Anti-virus and anti-spyware protection is always on and is continually updated. All communication between the server and your site are SSL (secure socket layer) encrypted. To reduce the likelihood of data loss, your documents are securely backed up on a regular basis and are readily retrievable.

Can I set different access levels for different users?

  • As an OnPolicy™ Administrator, you are responsible for creating users and assigning roles (e.g., Reader, Editor). Roles define responsibilities and the accessibility of system features. Currently, any Administrator or Editor has read and write access to every document in your system. Readers have read-only access to released documents.
  • Document-level access control in OnPolicy™ is based on department permission or can be set on an individual document.

What happens to our documents if we decide to cancel our OnPolicy™ subscription?

  • Your documents are regularly backed up and we will maintain them for a period of time after you cancel your subscription. The same is generally true when you delete documents while your subscription is active.
  • Provided you contact us before the retention period ends, your documents can be recovered; there is a service fee to recover deleted documents, as well as provide archival storage.

Can documents be deleted? Can documents be recovered?

  • You can upload, download, and delete documents from your account at any time. Your documents are backed up, so that “deleted” documents are retrievable for a period of time, as long as your account is active. (NOTE: There is a service fee to recover deleted documents, as well as provide document archives.)
  • File recovery time depends in part on the number and size of files being recovered; recovering extensive archives may take a day or more.