Loading Events

« All Events

  • This event has passed.

Policy Management by Design, Houston

May 30 @ 8:00 am - 5:00 pm CDT

Blueprint for an Effective, Efficient & Agile Policy Management Program

REGISTER

Blueprint for an Effective, Efficient & Agile Policy Management Program

 

Overview

In order to achieve effectiveness, efficiency, and agility in policy management, organizations need to define a structured governance framework and process. Designing a mature policy management program and processes that align with the organization requires an understanding of what the organization is about, how it operates and how it should be monitored and controlled. Policy management by design requires a structured approach in context of how the organization operates. This is done through defining the right process, information and technology architecture for policy management.

Policies must be in place so the organization can:

  • Reliably achieve objectives
  • Manage and control uncertainty
  • Safeguard the workplace
  • Protect the organization from unnecessary risk
  • Ensure consistent operations
  • Uphold ethical values
  • Address compliance obligations
  • Defend the organization should it land in turbulent legal and regulatory waters

However, effectively managing policies is easier said than done. Ad hoc or passive approaches mean that policies are outdated, scattered across the organization, and not consistent– resulting in confusion for recipients and a nightmare to manage. Organizations often lack a complete inventory of policies as so many departments have gone in different policy directions. Further, there is significant concern of rogue policies as anyone can create a document and call it a policy which may put a legal duty of care upon the organization.

The continual growth of regulatory requirements, complex business operations, and global expansion demand a well thought-out and implemented approach to policy management. It is no longer enough to simply make policies available. Organizations need to guarantee receipt, affirmation, and understanding of policies across the organization. To consistently manage and communicate policies, organizations are turning toward defined processes and technologies to govern policies and implement an effective policy management lifecycle.

This workshop aims to provide a blueprint for attendees on effective policy management in a dynamic business, regulatory, and risk environment. Attendees will learn policy management governance and process that can be applied across the organization at either an enterprise or a department level. Learning is done through lectures, collaboration with peers, and workshop tasks.

Objectives

Attendees will take back to their organization approaches to address:

  • Define a process lifecycle for managing policies
  • Establish policy ownership and accountability
  • Provide policy consistency in style and language
  • Communicate policies across extended business relationships
  • Track policy attestation
  • Deliver effective training
  • Monitor metrics to establish effectiveness
  • Identify issues with policies
  • Map policies to objectives, risks, controls, issues, and other GRC areas

Agenda

Part 1: Policy by Design

Why Policies Matter

  • Policies in Disarray: how organizations mismanage policies
  • Policy Exposure: how mismanaged policies expose the organization to risk
  • What Effective Policy Management Achieves: policy management’s role in governance, risk management, and compliance
  • Case Study in Effective Policy Management: a look at Morgan Stanley
  • Interactive Group Discussions

Part 2: Policy Governance

Blueprint for Effective Policy Management

  • Policy Committee & Collaboration: bringing together the range of policy roles and responsibilities in the organization
  • Policy Management Charter: defining a structure to govern policies
  • Meta Policy: the policy on writing policies
  • Style Guide: ensuring policies are written consistently to the organization’s voice
  • Interactive Group Exercise

Part 3: Policy Management Lifecycle

Managing Policies from Creation to Dissolution

  • When to Write a Policy: Framework to Determine Need for a Policy
  • Policy Development and Approval: Policy Authoring, Review, Editing, and Approval
  • Policy Communication: Policy Awareness, Communication, Training and Attestation
  • Policy Monitoring: Managing Exemptions, Exceptions, and Conformance to Policies
  • Policy Metrics & Maintenance: Measuring Policy Effectiveness and Keeping Policies Current
  • Interactive Group Exercise

Part 4: Policy Management Architecture

Enabling Information & Technology Management of Policies

  • Policy Management Information Architecture: Blueprint for Managing Policy Content and Related Data
  • Policy Management Technology Architecture: Blueprint for Enabling Policy Processes with Technology
  • Policy Management Business Case: Articulating the Value of Effective Policy Management
  • Interactive Group Discussion

Benefits to Attendees

  • Understand a top-down as well as a bottom-up approach to internal control management
  • Implement internal control management in the context of business strategy, process, and operations
  • Explore internal control management architecture models and how they apply to your organization
  • Discover various internal control assessment and monitoring techniques and how they apply to your business
  • Develop an internal control information architecture that aligns with business operations and processes
  • Effectively communicate and gather attestation on internal controls across your organizations

Who Should Attend?

  • Chief Compliance Officers
  • Chief Risk Officers
  • Senior Managers in Compliance/Ethics
  • Legal
  • Policy Managers/Administrators
  • Individuals with policy management, approval or oversight responsibilities

Instructor

rasmussenMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.

 

Workshop Sponsor

Screen Shot 2016-04-08 at 4.46.14 PMWorkiva (NYSE:WK) created Wdesk, a cloud-based productivity platform used by thousands of enterprises to collect, link, report and analyze business data with control and accountability. The platform’s proprietary word processing, spreadsheet and presentation applications are integrated and built upon a data management engine, offering synchronized data, controlled collaboration, granular permissions and a full audit trail. Wdesk helps mitigate enterprise risk, improve productivity and give users confidence to make decisions with real-time data. Workiva employs more than 1,200 people with offices in 16 cities. The company is headquartered in Ames, Iowa. For more information, visit workiva.com.

No comments yet.

Leave a Reply

LinkedIn
Twitter
RSS
Follow by Email
Google+