top of page


Knowledge To Help Elevate Your Compliance

Managing Risks caused by Cost Reductions

Cost reduction programs while sometimes necessary all too often end up removing value and expose companies to unnecessary risk. Deferring maintenance, not doing critical improvements, pushing more work on employees, switching to cheaper suppliers, and even moving to the cloud may eliminate some costs in the short term, but may also impact future benefits and affect a company's ability to meet its compliance obligations.

As change can be a significant source of risk it is important that companies put in place an effective change process that covers possible impacts to critical programs, systems, and processes. An effective change process acts as a layer of defense against exposure to risks caused by changes to compliance systems. Embedding a risk assessment into this process also ensures that risks are properly identified, evaluated, and implemented along with the change itself.

The following diagram depicts a simplified change process to manage changes to critical programs, systems, and processes:

Simplified MOC Process

1. Scoping

  • define the proposed change

  • identify affected programs, systems and processes

  • identify alternatives

  • estimate savings and costs

2. Impact / Risk Assessment

  • identify impacts on identified programs, systems, and processes

  • identify impacts affecting critical to compliance objectives (CTCs)

  • identify threats and opportunities, evaluate risks, and determine prevention/mitigation and enable/exploit controls

  • create implementation and risk response plans

3. Approvals

  • obtain necessary approvals, based on accountability and level of risk, to proceed with implementation

4. Implementation

  • implement change and risk response plans

5. Verification

  • verify that changes were made according to plan and standard procedures

Implementing a change process requires that critical systems are identified first, followed by critical to compliance (CTC) objectives so that impacts can be identified and monitored.

CTCs are key results, activities, documented evidence, reports and so on, identified as critical to meeting agreed to compliance obligations. Identifying these is part of proactively managing overall compliance (shown in the following compliance map) to maintain a continuous state of compliance. Effects impacting CTCs can be anticipated and addressed to ensure that there are never any gaps in meeting compliance obligations.

Compliance Obligation Map
Compliance Obligation Map

Cost reduction programs benefit from an effective change process to ensure that potential savings are not offset by costs associated with increased exposure to risk. In addition, an effective change process can also provide the following benefits:

  • a stage and gate approach to properly sequence the work

  • a cross-functional team derived based on the identified scope and impacts

  • the tools and practices needed to implement changes safely

  • visibility of the level of risk associated with all changes being introduced

  • visibility as to the level of work and bottlenecks across all changes

All of these benefits help to ensure that risks are addressed, compliance is maintained, and that the promised savings are actually achieved.

36 views0 comments

Related Posts

See All


Elevate Compliance Huddle

Mondays @ Noon on Zoom (weekly)

Elevate Compliance Huddle / Free Online Session

The Book

Learn more about our upcoming book coming soon.

bottom of page