Updated: Jan 14, 2019
In a previous blog, I outlined 5 threats to compliance. In this blog, I will look at how to address them.
At first glance, it may seem appropriate to conduct more audits to identify compliance gaps and then make the necessary changes. This is in fact the most common approach across many industries. While the audit-fix cycle can achieve results, it is a brute force approach to improvement.
The output from audits tend to create action items and sometimes quite a few. Death by a thousand action items is how many managers feel about this approach. This problem is similar to what happens when instead of fixing potholes the road should be expanded to handle more traffic. In the current business climate of "doing more with less" not only is no one looking for this, the prospects of doing anything other than fixing potholes seems remote. So many go back to fixing potholes only to repeat the process after the next audit.
However, this audit-fix cycle while insufficient to address compliance gaps, also leaves companies vulnerable and not able to make required transformations from prescriptive-based compliance evidenced by audits to performance-based compliance evidenced by achieving outcomes. The latter is required more and more from standards and regulatory bodies.
5 Compliance Multipliers
To achieve this transformation it is necessary to take existing effort and do more with it. This means that you need some sort of force multiplier to provide, instead of a mechanical advantage, a compliance advantage.
The following approach anticipates the impacts arising from the sea-change in compliance along with consideration of the current business climate specifically: the reduction in workforce, loss of compliance knowledge, and years focused on prescriptive compliance.
Each multipler takes compliance effort and increases its affect similar to what a lever does when creating a mechanical advantage:
1. Managed Obligations
Identify and clarify compliance obligations
Identify what is Critical to Compliance (CTC)
Identify how progress will be measured
Align with strategy, mission, and goals
2. Increased Capabilities
Make room for compliance improvement to occur
Eliminate Non-Value Added (NVA) activities
Free up resources to work on improvements
Exploit existing technologies
3. Embedded Compliance
Embed Critical to Compliance (CTC) Actions
Embed evidentiary actions and documentation
Introduce normative standards and best practices
4. Leveraged Rules
Break old rules and eliminate work-arounds based on old habits
Leverage new rules to maximize compliance outcomes
5. Continuous Improvement
Monitor measures of compliance, performance, and effectiveness
Establish incremental and continuous improvement process
Companies will benefit from using these compliance multipliers to amplify their existing effort so that they can better meet and sustain compliance.