Compliance Best Practices - CCPA and GDPR

Order Compliance Management Kit  Download Selected Pages

10 Corporate Compliance Best Practices

Compliance is a major issue that organizations of all sizes need to address. In the information technology field they range from inadvertent information disclosure to mechanized attacks on the core business infrastructure. To address these compliance issues world class organizations implement a set of best practices for their compliance programs. Janco has identified ten such best practices and they are:

1. Board of Directors assumes compliance responsibility. The board makes it clear within the corporation and to shareholders that it is the body with ultimate authority of compliance success and failure.
2. Management communicates its importance - Management states clear compliance goals that exceed legal minimums for the entire organization and designs a compliance program that can withstand a challenge by proactive class action attorneys
3. Management communicates its commitment to compliance - Management provides active support with resources, staff, and messaging.
4. Management puts in place consequences for those who do not comply - Senior management conveys (through words and conduct) that employees who do not adhere to appropriate compliance standards will be held liable for their failure and will lead to meaningful sanctions, including loss of compensation, demotion, suspension or termination.
5. Management looks beyond compliance - They establish compliance as a competitive advantage. Utilize it a long term strategic and operational tool to improve the position of the company with its customers and in its market. Successful companies take the new standard and run with it. Those company that take that approach ensure their customers receive clear disclosures and options about what information is being gathered and shared. With their own house in order, they might decide to inform others (regulators, journalists and perhaps customers) when competitors fall short.
6. Makes the compliance message clear and simple - Companies that understand “compliance” means ensuring they are meeting (if not exceeding) all of their legal, regulatory and ethical obligations. They also are clear about who is in charge of each category of compliance.
7. Communicates the compliance program and objectives to everyone - Set standards that state the compliance rule, the basis for the rule and provide examples of conduct that break the rules.
8. Provides detail policies, procedures, and  backup with training - Include Information as to where information regarding the compliance requirements can be obtained and how violations may be reported. A compliance program is only as good as its implementation. If employees don't know what is expected of them or don't know where to turn for help, there is compliance violation.
9. Integrates compliance with business operations - Companies with successful compliance programs focus on integrating those programs into the business processes and incentive structures of the company. One example is development activities. Rather than reaching the end of a development process and having a quick “compliance review,” successful companies embed compliance design within the process, so potential issues are identified and resolved early, with limited expense.
10. Are prepared for a breach in compliance with processes in place to address the violations - Understand that meeting compliance requirements is only the start. In many industries (the financial services, healthcare, and food & beverage industries), there are groups of extremely active plaintiff's lawyers filing class action after class action, even for relatively minor technical violations. Have processes in place to mitigate violations and have staff available who know what the risks are and what to do.

Compliance Management Toolkit Versions

Janco offers a full range of tools to help enterprises of all sizes to address these issues. The Compliance Management kit provides the infrastructure tools

In addition to the Compliance Management White Paper we provided the The Compliance Management tool kit in three (3) versions: Silver, Gold, and Platinum.

Order Compliance Management Kit  Download Selected Pages

See also

• Top 10 Reasons Compliance of Business Continuity Fails Testing is key to business continuity compliance with ISO 22301 Compliance and business continuity management are closely inter-related - ISO 22301 is just one of.
  
  
• 5 Corporate Compliance Errors Executives Are Making 5 Corporate Compliance Errors many executives are making Compliance is never easy and even the best make mistakes on occasion. But we can learn from. . .