Jenn (00:06.879)

Hello everyone, welcome back to another episode of Did You Know by Prodly. Today I will be your host. My name is Jennifer. I'm a customer success manager here at Prodly. And I'm here withScott, the director of customer success. He'll be my co -host today. So today's episode of Did You Know is, did you know that Prodly has a compliance center? So we're gonna get into that today. Again, our.

our introductions here, me, yourCSM, and Scott, the Director of Customer Success. So we begin.

Jenn (00:50.068)

Sorry Scott restart restart I'm freezing up Should I...

Prodly - Scott (00:54.071)

That's fine. You just go back. No, just, yeah, just go back to the other slide and we'll just cut this piece out.

Jenn (01:04.535)

So begin from.

Jenn (01:09.107)

Okay, let me do that. All right, so we start again.

Prodly - Scott (01:12.681)

Yeah, go ahead.

Jenn (01:14.655)

Hello everyone, welcome back to another episode of Did You Know? Today I'll be your host. My name is Jennifer,I'm a Customer Success Manager here at Prodly. And joining me is my co -host Scott Teeple, the Director of Customer Success here at Prodly. So today's episode of Did You Know? We're gonna be focusing on did you know that Prodly has a compliance center. So we're gonna be getting into those details today.

So, Scott, tell me about ComplianceCenter. What is it and why is it important?

Prodly - Scott (01:50.492)

Yeah, so compliance center is really an add on here that we have at Prodly that extends everything that you already know and love about Prodly when you think about configuration data. But what we found probably over the last year, year and a half is that a lot of our customers because CPQ is in Salesforce and it has financial and pricing implications.

that is becoming to get on the radar of internal and external auditors. There's a lot of financial implications here. So what we've done is because we have the abilities to move a lot of that financial data within your price quote, change quote, having the abilities to show compliance, show attestation around some of those changes is really important. What we found with a lot of our customers

is the work that goes into to be able to show compliance, to be able to show that you are doing the things that you say that you're going to do. When you think about compliance, really what it comes down to is are you doing exactly what you say that you're doing? When you set up your process, when you set up your rules, your approvals, can you show that you're actually following those processes? So that's really why a compliance center, which is really why having the abilities

to able to show really, really quickly is so important. And really, already today, have, Prodly, being the execution engine of your change management when you think about configuration data. Why not trust, Prodly, to be able to also track and monitor those changes to be able to show that you're doing exactly what you say you're doing.

Jenn (03:23.826)

you

Jenn (03:43.295)

Wonderful, thanks Scott. And imagine that using Compliance Center is just as simple as running a Prodly deployment, correct?

Prodly - Scott (03:52.254)

Well, you know what? I think it's actually even easier than running a deployment within Prodly. And again, all the things that you already know and love about Prodly, when you think about the creation of the deployment plans and the data sets, it really is just understanding which configuration data will be subject to audit, understanding which of those are important, setting up the monitoring rule, and bada -bing, bada -bing, it's done, right?

We'll show a little bit of that later in the demo to show you kind how easy it is to really set it up.

Jenn (04:28.167)

Excellent. Right. And when we think about the basics of a compliance tool, these are kind some of the points that come to mind, right? We'll need our compliance tool to be able to monitor those audit trails for you. Segregation of duties, access controls, obviously, is a huge piece of this, right? And that's kind of setting up yourself for compliance, right? These are kind of changes you need to make ahead of time to make sure that only users

that have the right access can actually make the changes that they're going to make. Change management, we talk about version control, approval testing, validation, logging, monitoring, documentation and reporting, and training and awareness. So would you like to speak to any of these points here, Scott?

Prodly - Scott (05:16.34)

Yeah, you know, I think I think the important thing for our listeners to really understand is that compliance center as a whole isn't isn't really created as all inclusive, right? Like like Prodly already has almost every single one of these today. So whether you're using compliance center, you've bought it or you you have.

Prodly - Scott (05:43.69)

kind of this need to have compliance center as an official thing doesn't mean that you have to buy proudly in a certain way to get almost all of these things, right? Logging and monitoring, documentation reporting, the segregation of duties and controls, A lot of these things are built within the platform. So when we really talk about compliance center, we're not necessarily just singling out these things and saying, you only get these if you buy compliance center.

These are the complete picture of what you get within Prodly along with these one -click reports that you really get within compliance.

Jenn (06:21.735)

Right, so you're saying that each of these pieces is something that Prodly can do separately and then compliance center is just your way of kind of tying that all together, being able to run are port to see that you're being compliant with all of these factors here.

Prodly - Scott (06:36.222)

Yeah, on top of the abilities to really do the monitoring, right? At the end of the day, it's not just about being able to see what was deployed or that a deployment happened, but actually being able to see what changed within those deployments. And that's really the magic behind Compliance Center. But it is bundled with that, with all of these great features that you already get with Prodly.

Jenn (06:58.431)

All right, awesome. And maybe you said it, Scott, but just to confirm, what kind of data are we referring to here? What kind of data are we monitoring?

Prodly - Scott (07:05.788)

Yeah, you know, the original design of compliance center was really around configuration data. Right? You think about CPQ, you think about all the complexities that kind of come into using data as code, right? As configuration data. That's really where I think auditors are focused on when you think about CPQ. But monitoring is more than that, right? When you think about transactional data, metadata, those types of things. Now, today, Prodly your only focus is on configuration data. That is the kind of the bread and butter.

But later we are going to be focusing on doing compliance center for metadata as well.

Jenn (07:40.659)

Wonderful. Thank you for that. Allright. So a couple of questions that kind of come from our customers when we do discuss compliance center. So how can compliance center prepare me for an audit?

Prodly - Scott (07:52.062)

You know, this one's near and to my heart, Jen. Several roles my past career, I've had the astute pleasures of being involved in some pretty heavy internal and external audits. Several of those were around, say, FDA compliance. You think about health care and how medical devices really impact. And when things screw up, people could die.These are some real heavy audits that kind of go on.

or internal audits around compliance and IT, controlled systems and things like that. how can it prepare me for an audit? One of the things within the experience is being able to show the evidence behind what you did, why you did it, how you did it, and in a really easy and concise way. Not having the abilities to have real quick reports or the ability for all this to kind of be pulled in behind the scenes.

is a Herculean effort. You gotta go back, right? And you're not just talking about, in our case, deployments that happened yesterday or a week ago. We're talking about maybe things that happened two years ago or a year ago, depending on the timeframe of the audit.So you're not necessarily gonna have all of the understanding of, wait, what did we do last July with this particular report or this particular deployment?But, and I think in a lot of ways,

Compliance isn't just around the deployment itself, but it's in the documentation of a work of your change, which is work management. So again, it's being able to tie together what has actually happened within your ticket, your tool, but then also what actually occurred, who did it, and when did it happen. So how does Compliance Center prepare me for an audit? It really is the documentation of all of the activities that occurred, bringing them together into a single kind of audit report to be able to then turn that over.

to my auditors so I don't have to sit in conference rooms with four or five six seven of my my peers and my directors to be able to say hey what was this change why did we do it and how do we show that we actually did what we say we're supposed to do

Jenn (10:03.744)

So it sounds like this is the kind of thing that you can kind of set it up to begin with and then is there kind of any maintenance there or you just set it up and have it kind of do the work for you.

Prodly - Scott (10:14.612)

Yeah, really at the end of the day, think you strip it down to the monitoring, right? It's you already are able todo we discuss this all the great things that are in Prodly, but then tying that together with this monitoring of those key attributes or objects and then being able to pull that together in a real easy report. So you say, is there maintenance? There's only maintenance if your controls change. There's only maintenance if your process is changing, you're bringing in more data or objects that you need to be able to show them.

Jenn (10:45.823)

Excellent. And so what kind of criteria can I report on? What kind of reports can I actually run?

Prodly - Scott (10:52.06)

Yeah, so today, right, as I described as an auditor, kind of the process that I'm familiar with is they come along and they say, hey, can you provide me of all the changes that occurred within a particular time period? Right, we call that a population report.It's all of the changes that occur.

nice to show kind of what is actually changed but that doesn't necessarily give you all the details right the auditor something going to come along and say okay out of this particular population of the life say the last two to three years can you show me evidence that you were compliant for a statistically significant sample size so if there was a hundred changes let's say I need 20

Prodly - Scott (11:37.898)

20 different change tickets. Show me that you've...

going off and then creating all of that evidence could be quite hard as we talked about. So having the ability to have a sample report that gets right down into the details that shows exactly what changed, who changed it, and then the change ticket that was associated to it to be able to give you that really easy report.

Jenn (12:03.552)

And what kind of changes exactly can we capture?

Prodly - Scott (12:08.307)

The changes that we capture are any updates inserts or deletions that happen to the objects that you are monitoringSo it really is a snapshot that's happening once an hour You shouldn't have deployments within your production happening more more times than one in an hour So that is the the the changes that we're capturing and monitoring is any of those changes to this objects that you have set up with

Jenn (12:38.42)

And so when we think about how compliance center is meant to be used, in theory, suppose, really, you should be monitoring your production org then, right? That's mainly where you're going to be scanning for your changes.

Prodly - Scott (12:50.46)

Yeah, when you think about compliance, right, in the design of what actually was put out there by by Prodly it's around what actually changes within your production or I don't know that an auditor necessarily cares about what's happening within sandboxes or your your deployment your sandboxes or your deployment environment that excuse me development environments. But that's not to say that you couldn't use the monitoring and the compliance center to set up to advance.

knowledge of what's actually occurring and changing. But that really is dipping into more of a monitoring type tool. And that is something that we are discussing as a whole. And how do we advance and how do we grow that? But that's not necessarily within the design of Compliance Center because it really comes down to really controlling and understanding what's happening financially within your systems and your price books and all your rules and everything else to say, hey, when we decided to make a particular change,

Here's the process that was flowed to actually make those changes. And here's the evidence to say that we followed that process behind to get that in.

Jenn (13:58.975)

Excellent. And then as far as enforcing your process, I mean, we're going to see it in our demo a bit later.But there are ways, of course, to enforce linking those work items to your deployments. Of course, we talked about access controls as well, which can also help enforce your process. So overall, it sounds like we do have quite a bit of tools there to help with the process itself.

Prodly - Scott (14:22.078)

Yeah, yeah, yeah. And one thing to add, and maybe I didn't make it extremely clear, but it's not just in the monitoring of the changes that actually occurred, but it's also in the monitoring of the unplanned or the out -of -cycle changes. So if something happens within, that price book or that price rule that didn't happen within Prodly, we would be able to capture that as well. So you would have your control changes and your out -of -control changes that you would be able to actually show.

and be able to then have some documentation around why did that actually occur. So again, a year, year and a half later, when you show that population report, you're gonna be showing everything that changed within your system, so you don't have to then figure out, what was that change and why did we do it and why was it out of cycle? You would have all that documentation ready and prepared.

Jenn (15:13.757)

Right, so you're saying that even changes that are being made, let's say, directly in production outside of Prodly, we can still capture those changes?

Prodly - Scott (15:21.751)

Absolutely, as long as those objects are set up within a monitoring rule, we would capture those changes.

Jenn (15:28.791)

Wonderful. Thank you, Scott.

All right, so think we're gonna hopover to a quick demo. So I will just switch my screens really quick.

Jenn (16:19.999)

Alright, so this is what our monitorUI looks like and I think today we're going to do a little bit of role playing for this demo. So Scott, you will be the auditor. I am an organization, I haveCPQ, I know I may be subject to these audits, so I've gone out of my way to already set up my monitoring rules.

for my production org as well as myQA org. To be fair, I'm Prodly gonna work in QA today, but of course we should be working in production. And then just to show as well the monitoring rules, just define what objects we're tracking changes for. So I got all my CPQ objects there and I've already set that up to run. So I'm ready to go when you come down.

Prodly - Scott (16:59.678)

Yeah, perfect Jen. Yeah, so you know, thank you again for sending over all of your processes that you have in place. So I've read through your SOPs. So now I understand what exactly I'm expecting to be able to see. So Jen, could you just run me all the changes that occurred over the last year so that way I can see exactly how many we're looking at and maybe the extent of your changes.

Jenn (17:22.779)

Absolutely. Past year, we're going to go ahead and give you a population report to capture all those changes. The population report is not going to give too much into the specifics of the changes, more generally showing that some changes have been made. So that's what I'm going to go ahead and provide you today. I'm just going to generate that report for you.

Jenn (17:50.188)

download open it up and so this iswhat I'll be presenting you

or you can see all the changes within the year timeframe. You can see some of those are identified as other changes. So those are changes made outside of Prodly. Then I can see others have been marked as deployment changes. Those are changes made with Prodly. We can see, you know, if it's an insert or update on the record, we can see the time that it was done. And if there's any linked work items there, those will also appear in your population report.

So this is what I present to youfirst, capturing all the changes.

Prodly - Scott (18:31.442)

So then I would take this report I would go off I would take a look and I'd say okay of all the changes that happened against statistically significant sample size jet Of all your changes looks like you've had several changes So let's give me some evidence that you were compliant within your work item three and four Could you show me the evidence and proof that you are compliant?

Jenn (18:54.565)

Absolutely. So now we're going to switch over to a sample report where we're going to be able to show the details of the changes. You said three and four for my tickets there, so we're just going to filter down with those. And then of course we can go and run that report as well. And of course I also see a little summary view here, so I already know what I'm expecting in my report. But don't forget this is a sample report that we're running, so we're going to be able to see down to the field level what has changed on these

records here.

Jenn (19:50.745)

So now I'll be sharing this with youwhere we can see

those deployment changes, I can see that my work items were linked to this change. was one insert on price action one update on my price rule. I can see the time that those changes were made. I can see which user made those changes. And down to the field level, I can see what's changed. For example, my insert here, everything, there were no old values because it's an insert. We inserted all those new values. And these areonly these fields where you see values. Those are the only fields that we actually made changes to.

And then for my update, I can seethe same where my conditions met field on this price roll changed from any toall. And I can see that I also made that change there. So would this be enough information for you as an auditor?

Prodly - Scott (20:42.324)

Yeah, from the the Prodly side, but obviously you would also be printing out your JIRA ticket, which has all the documentation of the who, the what, and why the request was made. This would bethe execution side of it. So between those two reports, again from JIRA andf rom Prodly, this is a really quick and easy way of showing the compliance within your.

Jenn (21:08.319)

Excellent. Thank you, Scott.

Jenn (21:15.199)

Here we go.

Jenn (21:29.587)

Right, so that concludes our demo.So what's next? If you are interested in getting started with ComplianceCenter, please reach out to your CSM, myself, or Scott over here at Prodly, and we are more than happy to get you started with some steps as well as maybe atrial license or just kind of getting into a deep dive training of how you and your team could be leveraging our Compliance Center.

Anything you'd like to add here,Scott?

Prodly - Scott (22:01.302)

think it's really exciting to be able to offer this for our customer base. if you're a prospect and this is really intriguing for you, don't hesitate to reach out to Jen and I or we can get you in touch with an account executive and start getting you a trial of Prodly as a whole. And don't forget to check out all the other episodes that we have on our website. So if you missed it, we've got metadata, we've got work management, we've got a lot of different.

that we discussed and a lot more coming into the future. So I'm really excited to continue to bring this to youwith Jen.

Jenn (22:38.271)

Awesome. Thank you everyone for joining today and we'll see you next time. Bye.

Prodly - Scott (22:49.556)

BOOM!

‍