Linking With Partners To Make Compliance Work
Data security may be the biggest risk facing business today. I view it metaphorically as the back door that may allow an intruder into the house, gaining access to our most valuable possessions. The IT team can supply a strong door, deadbolt locks and an alarm. But even then, a thief can break in. Compliance creates a critical link with the business by providing the response to deal with the intruder.
A robust compliance infrastructure will have written policies in place that are easily accessible and understood by employees. It will communicate key points and train employees so they understand how the policies impact their roles. It will advise the business as it creates new products and processes so that risks are identified and addressed. Finally, it will provide management with assurance by monitoring ongoing compliance risk and providing leadership with a view of the compliance health of the organization. If the intruder never gets in, the preventative service provided by compliance to the organization will still be valued.
“A robust compliance infrastructure will have written policies in place that are easily accessible and understood by employees”
However, if the unthinkable happens, the organization can rely on the compliance infrastructure to react to the incident promptly and thoroughly and to prove to their customers, regulators, trading partners and the public that all reasonable steps were taken to avoid the intrusion from occurring.