Washington DC – OnDemand for Government Briefing Recap

Posted by Kristin Bernor

Last Thursday, May 17, Questionmark hosted a briefing in Washington, DC that powerfully presented the journey to delivering the Questionmark OnDemand for Government assessment management system to our government customers. We would like to thank industry experts that made this possible including speakers from the Department of State, FedRAMP, Microsoft and Schellman. In just 3 1/2 hours, they were able to present the comprehensive process of what goes into delivering the Questionmark OnDemand for Government system to market. This new government community cloud-based service dedicated to the needs of U.S. governmental and defense agencies is currently wrapping up the onsite portion of the audit. The auditors will be finalizing their testing and review culminating in an assessment report. The complete security package is expected to be available in July. Questionmark OnDemand for Government is designed to be compliant with FedRAMP and hosted in a FedRAMP certified U.S. data center.

Highlights from the briefing included presentations from:

  • Eric Shepherd, CEO of Questionmark, hosted the event.
  • Ted Stille, Department of State, discussed the agency’s motivations and experience as project sponsor for Questionmark OnDemand for Government.
  • Stacy Poll and David Hunt, Public Sector Business Development Manager and Information Security Officer of Questionmark respectively, presented a system overview including demonstration screens, migration paths and detailed next steps to plan for implementation.
  • Christina McGhee, Schellman audit team, spoke about the 3PAO role in the FedRAMP authorization process.
  • Zaree Singer and Laurie Southerton, FedRAMP PMO Support, explained the FedRAMP ATO approval process.
  • Ganesh Shenbagaraman, Microsoft, discussed Microsoft Azure’s government cloud service.

This unique opportunity to learn about the OnDemand for Government assessment management system, meet with peers and other customers, and hear from FedRAMP and our 3PAO themselves proved invaluable to attendees who rated the briefing a near 5 out of 5.

Please reach out to Stacy Poll at stacy.poll@questionmark.com for more information.

Special Briefing: Cloud-based Assessment Management for Government and Defense Agencies

Posted by Kristin Bernor

In just two weeks, the special briefing about Questionmark OnDemand for Government, a new cloud-based service dedicated to the needs of U.S. governmental and defense agencies, takes place. You don’t want to miss it!

Join us on Thursday, May 17th in Washington, DC, to learn about how this new service enables agencies to securely author, deliver and analyze assessments, and hear from dynamic speakers including:

  • Jono Poltrack, contributor to the Sharable Content Object Reference Model (SCORM) while at Advanced Distributed Learning (ADL)
  • Ted Stille, Department of State, will discuss the agency’s motivations and experience as project sponsor for Questionmark OnDemand for Government
  • Christina McGhee, Schellman audit team, will discuss the 3PAO role in the FedRAMP authorization process
  • Zaree Singer, FedRAMP PMO Support, will explain the FedRAMP ATO approval process
  • Ganesh Shenbagaraman, Microsoft, will discuss Microsoft Azure’s government cloud service

Space is limited, so register today! Here’s how:

Questionmark has finalized its FedRAMP System Security Plan and this plan, which documents our security systems and processes, is now being reviewed by an accredited FedRAMP Third Party Assessment Organization (3PAO); this means that we are officially in audit. Once this document has been audited it becomes part of the FedRAMP library for Security Officers to review and provide individual agencies with an “Authorization to Operate” (ATO). Note: Briefing attendees will be eligible to receive a pre-release copy of the FedRAMP System Security Plan.

Questionmark is widely deployed by U.S. governmental and defense agencies to author, deliver and report on high-stakes advancement exams, post-course tests for distance learning, job task analysis, medical training and education, competency testing, course evaluations and more. For government agencies currently using the on-premise installed Questionmark Perception, OnDemand for Government provides a cost-effective option to upgrade to a secure, best-in-class cloud-based assessment management system.

We look forward to seeing you in Washington for a morning of learning and networking!

Seven Ways Assessments Fortify Compliance

Posted by John Kleeman
Picture of a tablet being used to take an assessment with currency symbols adjacentWhy do most of the world’s banks, pharmaceutical companies, utilities and other large companies use online assessments to test the competence of their employees?

It’s primarily because compliance fines round the world are high and assessments reduce the risk of regulatory compliance failures. Assessments also give protection to the organization in the event of an individual mis-step by proving that the organization had checked the individual’s knowledge of the rules prior to the mistake.

Here are seven reasons companies use assessments from my experience:

1. Regulators encourage assessments 

Some regulators require companies to test their workforce regularly. For example the US FDIC says in its compliance manual:

“Once personnel have been trained on a particular subject, a compliance officer should periodically assess employees on their knowledge and comprehension of the subject matter”

And the European Securities and Market Authority says in its guidelines for assessment of knowledge and competence:

“ongoing assessment will contain updated material and will test staff on their knowledge of, for example, regulatory changes, new products and services available on the market”

Other regulators focus more on companies ensuring that their workforce is competent, rather than specifying how companies ensure it, but most welcome clear evidence that personnel have been trained and have shown understanding of the training.

People sitting at desks with computers taking tests2. Assessments demonstrate commitment to your workforce and to regulators

Many compliance errors happen because managers pay lip service to following the rules but indicate in their behavior they don’t mean it. If you assess all employees and managers regularly, and require additional training or sanctions for failing tests, it sends a clear message to your workforce that knowledge and observance of the rules is genuinely required.

Some regulators also take commitment to compliance by the organization into account when setting the level of fines, and may reduce fines if there is serious evidence of compliance activities, which assessments can be a useful part of. For example the German Federal Court recently ruled that fines should be less if there is evidence of effective compliance management.

3. Assessments find problems early

Online assessments are one of the few ways in which a compliance team can touch all employees in an organization. You can see results by team, department, location or individual and identify who understands what and focus in on weak areas to look at improving. There is no better way to reach all employees.

4. Assessments document understanding after training

Many regulators require training to be documented. Giving someone an assessment after training doesn’t just confirm he or she attended the course but confirms they understood the training.

5. Assessments increase retention of knowledge and reduce forgetting

Can you remember everything you learned? Of course, none of us can!

There is good evidence that quizzes and tests increase retention and reduce forgetting. This is partly because people study for tests and so remind themselves of the knowledge they learned, which helps retain it. And it is partly because retrieving information in a quiz or test makes it easier to retrieve the same information in future, and so more likely to be able to apply in practice when needed.

6. By allowing testing out, assessments reduce the time and cost of compliance trainingTake test. If pass, skip training. Otherwise do training.

Many organizations permit employees to “test out” of compliance training. People can take a test and if they demonstrate good enough knowledge, they don’t need to attend the training. This concentrates training resources and employee time on areas that are needed, and avoids demoralizing employees with boring compliance training repeating what they already know.

7. Assessments reduce human error which reduces the likelihood of a compliance mis-step

Many compliance failures arise from human error. Root cause analysis of human error suggests that a good proportion of errors are caused by people not understanding training, training being missing or people not following procedures. Assessments can pick up and prevent mistakes caused by people not understanding what they should do or how to follow procedures, and so reduce the risk of error.

 

If you are interested in learning more about the reasons online assessments mitigate compliance risk, Questionmark are giving a webinar “Seven Ways Assessments Fortify Compliance” on April 11th. To register for this or our other free webinars, go to www.questionmark.com/questionmark_webinars.

2018 Questionmark Conference Recap – 2019 Announced

Posted by Kristin Bernor

Wow, just wow! The 2018 Questionmark User’s Conference inspired all that are new to Questionmark and those that have been long time customers. Being able to share experiences and use case scenarios was exhilarating. The three day learning experience was a deep dive into learning, fun, and networking – the enthusiasm was truly contagious. From the opening general session where new features and functions were released to the trolley ride over to the railroad museum where guests were greeted with amazing local food and music, this year’s conference was without a doubt the preeminent complete user’s group experience!

Amazing customer presenters were on hand to deliver testimonials to their peers on best practices and lessons learned to truly maximize the power of their assessments. We greatly appreciated case studies presented by our valuable customers from Progressive Insurance, American Institute of Certified Public Accountants, Southwest Gas, Intuitive Surgical, Rio Salado College and Caterpillar.

A lively panel discussion focused on transformation and growth and how assessments are integral to all organizations in order to succeed in those areas. Panel participants included Andrew Dominguez of Southwest Gas, Tricia Allen of Polycom, Bernt Nilsen of Norsk Test and Dave “Lefty” Lefkowith of Louisiana Department of Education. Their invaluable insights into creating high performing teams through assessments was an “aha moment” for many and we are truly grateful for their participation.

Engaging sessions that delved into best practices of using assessment to identify knowledge gaps, improve performance and make informed and defensible decisions were widespread. Questionmark Founder and Executive Director, John Kleeman, presented a session based on a recent white paper, “Assessing for Situational Judgment”. Another well attended session detailed extending your assessment management capabilities with Questionmark apps and left attendees excited to get back to the office and implement.

Evenings provided many opportunities for networking, fine dining and fun. Small group “dine-arounds” — a long-time, popular tradition at our annual conference — gave us all a great chance to take in the sights as we strolled through beautiful, historic Savannah. Delegates and staff attending our Thursday evening reception, hosted at the Georgia State Railroad Museum, enjoyed delicious food, great music and networking.

The conference closed with the unveiling of next year’s Questionmark Conference dates and location. Drum roll please…

Save the date for Questionmark Conference 2019 us in San Diego at the Hard Rock Hotel, February 26 – March 1, 2019 for even more learning, networking and fun!

Watch the conference recap below!!

GDPR: 6 months to go

Posted by Jamie Armstrong

Anyone working with personal data, particularly in the European Union, will know that we are now just six months from “GDPR day” (as I have taken to calling it). On 25-May-2018, the EU General Data Protection Regulation (“GDPR”) will become applicable, ushering in a new privacy/data protection era with greater emphasis than ever on the rights of individuals when their personal data is used or stored by businesses and other organizations. In this blog post, I provide some general reminders about what the GDPR is and give some insight into Questionmark’s compliance preparations.

The GDPR replaces the current EU Data Protection Directive, which has been around for more than 20 years. To keep pace with technology advances and achieve greater uniformity on data protection, the EU began work on the GDPR over 5 years ago and finalized the text in April 2016. There then followed a period for regulators and other industry bodies to provide guidance on what the GDPR actually requires, to help organizations in their compliance efforts. Like all businesses that process EU personal data, whether based within the U.S., the EU or elsewhere, Questionmark has been busy in the months since the GDPR was finalized to ensure that our practices and policies align with GDPR expectations.

For example, we have recently made available revised versions of our EU OnDemand service and US OnDemand service terms and conditions with new GDPR clauses, so that our customers can be assured that their agreements with us meet data controller-data processor contract requirements. We have updated our privacy policy to make clearer what personal data we gather and how this is used when people visit and interact with our website. There is also a helpful Knowledge Base article on our website that describes the personal data Questionmark stores.

GDPR

One of the most talked-about provisions of the GDPR is Article 35, which deals with data protection impact assessments, or “DPIAs.” Basically, there is a requirement that organizations acting as data controllers of personal data (meaning that they determine the purpose and means of the processing of that data) complete a prior assessment of the impacts of processing that data if the processing is likely to result in a high risk to the rights and freedoms of data subjects. Organizations will need to make a judgment call regarding whether a high risk exists to require that a DPIA be completed. There are scenarios in which a DPIA will definitely be required, such as when data controllers process special categories of personal data like racial origin and health information, and in other cases some organizations may decide it’s safer to complete a DPIA even if not absolutely necessary to comply with the GDPR.

The GDPR expects that data processors will help data controllers with DPIAs. Questionmark has therefore prepared an example draft DPIA template that may be used for completing an assessment of data processing within Questionmark OnDemand. The draft DPIA template is available for download now.

In the months before GDPR day we will see more guidance from the Article 29 Working Party and national data protection authorities to assist organizations with compliance. Questionmark is committed to helping our customers being compliant with the GDPR and we’ll post more next year on this subject. We hope this update is useful in the meantime

Important disclaimer: This blog is provided for general information and interest purposes only, is non-exhaustive and does not constitute legal advice. As such, the contents of this blog should not be relied on for any particular purpose and you should seek the advice of their own legal counsel in considering GDPR requirements.

Questionmark Conference 2018 – Registration is Open!

Posted by Brian McNamara

We are excited to announce that registration for Questionmark Conference 2018 is now open!

Questionmark customers will gather March 6th – 9th in Savannah, Georgia, for three days of learning, networking and professional development opportunities.   Whether you are a new user or a pro, Questionmark Conference is the ideal place to get vital information, insight and learning about the latest assessment technologies.

Join us at the Westin Savannah Harbor to enjoy southern hospitality with your peers and the Questionmark team to:

  • Learn about new Questionmark features and functions
  • Attend engaging hands-on product training sessions
  • Network with fellow Questionmark users
  • Get valuable tips, insights and best-practice guidance
  • Plan for the future with a sneak peek at the product road map

Registration is now open at special early-bird rates. Visit the conference website today for details!

Questionmark Conference 2018: Assess for Success | March 6-9 in Savannah