KPI’s are used to measure aspects of your management system. Data can be collected over time. The resulting data points can be aggregated and presented in various graph types.
Collection of data can be done through:
- Forms (manually)
- Workflows (automated)
Examples of KPI’s are:
- NPS score
- Supplier assesment score
- Number of threats
If you enter Objectives in ISOPlanner, you can link 1+ KPI’s to them to measure whether the objective is being met. You can also do this with Controls and for both you can create specific dashboard with widgets to show the KPI data. Of course, widgets with KPI data can also be added to the main dashboards.
With a Premium subscription, you can create alert rules that creates an event when a treshold is exceeded. The event can in turn trigger a workflow that can notify you via Microsoft Teams for example.
Forms are used to create a list of KPI’s and other fields (attachments and context). The form can be linked to a task or event for the user to fill out.
ISOPlanner comes with 2 KPIs. One for ‘tasks and events’ and one for ‘approval comments’. Check out the tasks and events KPI that works directly with all the data in your ISOPlanner environment!
KPI Management #Where to find it in ISOPlanner: https://portal.isoplanner.app/organization/kpis
Here you can add, edit and remove KPI’s. During editing, a preview window will show you how the KPI will look on a form.
When you click on the created KPI, you may expect that you navigate to the details of the definition like with Controls or Risks. Instead, you navigate to the data points. To edit the KPI definition, always select the row and click Edit.
When you add a KPI, you must enter a name. The Type (data type) is default set to Text. The following types are available:
- Multiline text
- Succes / Error
All types have the following properties:
- Required, which indicates that a value must be entered before the task with this KPI can be marked completed. It is not possible to enter empty KPI data points.
- Description. Not seen by the user, only for explaining what the KPI’s is intended for.
- Instruction. This is presented to the user who fills in the value through an informational icon (i).
- Expected result. This is presented to the user who fills in the value through an informational icon (i).
- Tags. Use tags to categorize your KPIs.
The 3 text types have similar properties:
- Default value
- Minimal length
- Maximum length
For Number you can also set the number of decimal place (max 8). Succes / Error resembles an item on the checklist of a task and a question or assignment can be set.
Attachments and comments #
Each KPI can be configured to upload attachments along with the value. You can configure whether attachments are required or optional and how many must/can be uploaded. When you also specifiy the default category, the user does not have to and you make sure that attachment for this KPI are always stored in the same location.
Example: Create a Choice / Error KPI with the question: “Does the supplier own a ISO 27001 certificate?”. The required attachment would be the certificate itself.
Comments work about the same as attachments. Maybe you want to require explanation in text instead of a document or screenshot.
Data Points #
When you click on the name of a KPI in the list of KPIs, you navigate to the data view of the KPI. In the example below you see an average NPS score over the last year.
You can switch:
- Chart type (Bar, Line, Area or List)
- Aggregation type (Count, Sum, Min, Max, Average)
- Grouping (Day, Week, Month, Quarter, Year)
And filter the timeline:
- Current audit year
- Custom period
- Last week
- Last month
- Last quarter
- last year
When you select Chart type List you will see all raw data points including creation time, user who created and modified it, the value and its context. The Context can contain 1+ items (dimensions in Business Intelligence terms) that relates to the data point. Items can be things like assets, risks, controls, tasks and processes. You can use the filter at the top to answers questions like:
- What is the maximum number of failed screenings in the last quarter related to process HR onboarding?
- How many threats did we receive last months and is this number on par with the last year?
You need of course some configuration and build up historical data to answers these but with some examples we hope that you can figure out what is important for your organization! We are glad to help and our partners can help you implement workflows that collect data automatically!
Form management #Where to find it in ISOPlanner: https://portal.isoplanner.app/organization/forms
Here you can add, edit and remove Forms. Forms are used by users who can fill them out through tasks. You can give a form a name and description and a system type. The following types are available:
- Approval. Give the form this type so that ISOPlanner knows this is a ‘special’ form which can be used in the Approval module.
More importantly, you can edit the fields on the form by clicking the Edit button in the column ‘Form fields’.
You can add fields of type:
- KPI. Select a KPI from the list of available KPIs or create a new one.
- Attachment. You can create a field for seperate attachments that are linked to the task where the form is used.
- Context. You can create a field for various context types like assets, processes and risks. This context will be added to all KPI data points on the form which is great for filtering later on.
Using a form #
You can use a form with:
- An annual plan task. When you edit an annual plan task (go to Annual plan and click on the name) you can choose a Form by clicking the Form button on the top.
- Any template type (task, event, approval). Edit the template and select the form by clicking the Form button on the top.
Adding a form will replace the checklist.
When a form is linked to an event template and a new event is created, it can look like this:
After gathering some data, you can show the data in widgets on your dashboards.