The Service of Compliance
Adapting to Chameleon Needs
A couple of days ago, winter spread out across a good portion of the United States, blanketing snow everywhere. Here in Kansas City, it was close to 60 degrees just a couple of days earlier, and a couple of days from now it is supposed to be close to 60 again. Forecasts aside, it seems we never know what, exactly, the days are going to bring—everything changes and we can’t control it. It is very chameleon-like, our weather; it changes constantly. But from living here and adapting over time to the fickleness of the blustery winds, I’ve learned how to comply with the unexpected.
Like the chameleon, I’ve learned all the different rules and standards to follow in our city when specific weather hits. Even though I never have control over the results, I’m ready for anything. And that’s where my work within our services team comes into play—we prepare for everything imaginable for our clients, and setting up compliance solutions is one area where knowing the rules and advanced level preparedness are both essential when it comes to weathering the storm.
A Quick Review
Compliance programs help organizations to develop and manage effective internal controls with the goal of demonstrating compliance with various local, state and federal regulations (per their business). Depending on the number or complexity of regulatory requirements put on an organization, managing an effective compliance program can be a daunting endeavor.
Regulations aside, another source of complexity stems from how many different areas of an organization a comprehensive compliance program can touch. A few examples include Risk Management, Audit, BCDR, Policies & Procedures, etc. When looking at all of these components, it is easy to become overwhelmed and to ask the question, “where do we start?”. As part of Onspring’s Services team, I have the pleasure of working with clients to answer just that.
Getting a Handle on Compliance
The majority of customers I have worked with start with the singular goal of transforming their compliance processes from static spreadsheets into a more dynamic workflow-driven compliance program. Even though each client’s processes are unique, our approach in helping them achieve their goals are service driven and consist of:
- Providing expert guidance and maintaining a working knowledge of specific domain areas.
- Listening and responding in a respectful manner.
- Assisting in project planning.
- Implementing their solution design.
- Testing the solution against their requirements.
- Training and/or use case specific documentation.
- Providing recommendations on how to best Administer the tool after implementation.
Throughout the course of the engagement, clients are consistently surprised with how easy it is to transition and adapt things from a spreadsheet-based approach to a more dynamic, platform-based compliance program. Small things on our end—throwing together reports, changing field names, changing layouts, doing quick triggers and outcomes, those types of things—we make sure that whatever the need is, we cover it and make sure it is as simplified as possible.
A Real Compliance Advantage
One of the things we see and hear repeatedly is the stress our clients feel from the ever-changing compliance landscape. When looking to upgrade or move to a different compliance solution, here are a few things to consider.
Make sure your tool is industry and framework “impartial.”
- Check that it be molded into your use case to fit your needs.
- It accommodates your frameworks and/or control environment.
- Is it or can it be internally developed, or aligned with a framework, authority doc/standards/laws & regulations?
- Does it have the ability to change over time?
Set organizational compliance goals.
- Do more than check a box to demonstrate compliance.
- Look to derive actionable items and be proactive.
- Know what industry standards could dictate.
- Understand where your compliance needs are headed and try to stay ahead of where things are going/trending.
- Don’t be caught saying, “we should have seen this coming.”
Adaptability with low overhead (with some exceptions).
- Know how your system is designed.
- Does it lend itself well to adapting to future changes?
- Build it in a way that fits your needs.
- Does it allow you to simplify the compliance assessment process and continue to evolve as your needs change?
- Does it create a more efficient, automated process?
Finally, reflect on what you’ve done this year—the good and bad, the great, and even the stuff that could have been better. I think it’s important to look at what and how you can improve in the future. Compliance, regardless of what regulations or processes you’re adhering to or following, is not easy. Using a solution that gives you the insights into how your compliance/control environment performed this year, where you may be able to improve, and what additional components or plans you might need to make is a giant plus. And knowing that when help is needed, there is a service team readily available, a team that can wear many different colors and hats to handle problems—much like our little buddy the chameleon—is a major benefit.