What factors go into making a compliance solution successful?

Hello Compliance Community

My initial ansewer is Business, Business, Business!!!! You must have a automated, unified solution that addresses different compliance needs in the areas of Policy, Procedure and Technical controls that can be managed to dynamically address business evolving or DYNAMIC requirements. So you CAN NOT take the typical track that suggest tighten down everything once and forget about it. You must take in to account the dynamic nature of business and how to enable business and its associated/excepted- business is in inherently risky, risk within a LIMITED TIME frame with the automated ability to close the risk window completely once the business is completed and to provide some form of metrics that allow you from a risk exception, to compliance level, to business focus/profitability margins define the value of the excepted risk. Another way to say this is you should be utilizing the tool to define from a risk compliance perspective what is normal business operations and how it is dynamically being reshaped within policy, procedure, technical controls and risk adherence/acceptance relative to a body of governance, technical controls or legislation. Remember the objective here is to mitigate risk not eliminate it because to do so also eliminates your potential to gain all the value of a dynamic business model or your ability to vigorously generate value or profit. Remember also that all of this happens within a culture that is driven by PEOPLE- who are evolving in their own right, redefining business objectives. Clear as mud ha but I hope that makes sense and if you like I can expand.

Our objective should be to sereve and adhear to compliance within reasonable demands that enable the business, it's people or processes.

Best regards,
Mark Davis
66.davis@gmail.com
Markdavis66@hotmail.com
Posted 1 hour ago | Delete comment