The Network GRC Blog
Policies: Get It Together!
November 13 2012
John Peltier, Product Manager, The Network
The Network recently participated in a collaborative effort with the Open Compliance and Ethics Group to create the “Policy Management Illustrated” series, a set of illustrations that communicates industry best practice around the topic of policy management. As part of that series, we recently participated in a Webinar related to Illustration #4, Policy and Communication. This topic was discussed as part of the webinar. My previous posts discussed the need for better communication and how to drive engagement. This time we’ll look at how to make your policy initiatives better through integration.
Too many organizations manage their corporate policies and training in separate, diverse and isolated ways, divided by departments or functions and with no points of commonality. Integrating policy and training initiatives using a centralized technology can reap huge rewards in terms of motivation, retention and “right” behavior later on.
Integrating communications, training and policy management systems breaks down those silos, so you can see the connections points versus the disparities. You can track and analyze compliance data as it relates to your policies and workforce training, such as your attestation or certification rate.
An integrated approach also incorporates how you manage disclosures, exceptions and even violations, when you integrate your policy and training systems into your incidents database to correlate issues.
Another factor is collaboration. A centralized solution helps to create a sense of common ownership and teamwork as well as the more efficient use of resources to manage how your policies are created, distributed, consumed and applied, by bringing those functions into closer alignment.
But here again, most organizations aren’t there yet. According to feedback we received during our recent OCEG webinar, seven in ten respondents resort to documents, fileshares, email or online content systems like SharePoint to store and communicate policies. These organizations are missing out on the many advantages of integration available in today’s policy and procedures software offerings..
We’ll continue our discussion of policy management and policy management software with a series of blogs regarding the proper enforcement of policies and how technology can best be brought to bear.
POPULAR COMPLIANCE TOPICS
THE NETWORK BLOGROLL
- GRC 20/20
- FCPA Blog
- FCPA Professor Blog
- FCPA Compliance and Ethics Blog
- HR Bartender
- Meet the Boss
- The GRC Group Blog
- Forrester GRC Security & Risk Blog
- Marks on Governance
- The Business Ethics Blog
- UKAB Blog
- Privacy & Security Matters
- Hunton & Williams Privacy and Information Security Law Blog
- Corruption, Crime & Compliance Blog (M. Volkov)
- Ruderfinn Ethics Blog
- Corporate Compliance Insights
- WSJ Corruption Currents