Compliance is not easy. Organizations across industries have global clients, partners, and business operations. The larger the organization the more complex its operations. Complicating matters, today’s organization is dynamic and constantly changing. The modern organization adjusts by the minute. New employees come, others leave, roles change. New business-partner relationships are established, others are terminated. The business enters new markets, opens new facilities, contracts with agents, or introduces new products. New laws are introduced, regulations change, the risk environment shifts (e.g., economic, geopolitical, operational), impacting how business is conducted.
The dynamic and global nature of business is particularly challenging to compliance management. What may seem insignificant in one area can have a profound impact on others. Compliance obligations and ethical risk are like the hydra in mythology—organizations combat risk, only to find more risk springing up. Executives react to changing compliance requirements and fluctuating legal and ethical exposures, yet fail to actively manage and understand the interrelationship of risk and compliance.
To maintain compliance and mitigate risk exposure, an organization must stay on top of changing regulatory requirements, as well as a changing business environment, and ensure those changes are in sync. Demands from governments, the public, business partners, and clients require your organization to implement defined compliance practices that are monitored and adapted to the demands of a changing business and regulatory environment. Compliance activities managed in silos often lead to the inevitable failure of an organization’s governance, risk management, and compliance (GRC) program. Reactive, document-centric, siloed information and processes fail to manage compliance, leaving stakeholders blind to the intricate relationships of compliance risk across the business. Management is not thinking about how compliance and risk management processes can provide greater insight.
This ad hoc approach results in poor visibility across the organization and its control environment. Yesterday’s compliance program no longer works. Boards desire a deeper understanding of how the organization is addressing compliance risk, whether its activities are effective, and how they are enhancing shareholder value. Oversight demands are changing the role of the compliance department to an active, independent program that can manage and monitor compliance risk from the top down.
The breadth and depth of compliance risk bearing down on companies today require a robust compliance program operating in the context of integrated enterprise risk management. This workshop aims to provide a blueprint for effective compliance management in a dynamic business, regulatory, and risk environment. Attendees will learn compliance management governance and processes that can be applied across the organization at either an enterprise or a department level. Learning is done through lectures, collaboration with peers, and workshop tasks.
After the workshop, you’ll take back new approaches to:
Effectively manage compliance
Understand the challenges and pitfalls of managing compliance
Achieve success capitalizing on agility while maintaining compliance
Facilitate ongoing monitoring of compliance
Define compliance management lifecycle for managing and monitoring compliance
Establish compliance management ownership and accountability
Provide compliance management process consistency
Communicate effectively with employees and stakeholders on matters of compliance
Track critical compliance workflow and tasks
Deliver effective compliance governance and assurance to the board of directors, regulators, and stakeholders
Monitor metrics to establish effectiveness or compliance management
Identify and resolve compliance issues
Benefits to attendees:
Understand a top-down as well as a bottom-up approach to compliance management
Implementcompliance management in the context of business strategy, process, and operations
Explore compliance management architecture models and how they apply to your organization
Discover various compliance assessment and monitoring techniques and how they apply to your business
Develop a compliance information architecture that aligns with business operations and processes
Effectively communicate and gather attestation on compliance across your organizations
Who should attend?
Ethics & Compliance Professionals
Risk Management Professionals
IT Security Professionals
Environmental, Health & Safety Professionals
Corporate Social Responsibility & Accountability Professionals
Individuals with compliance management, ownership, or oversight responsibilities
Part 1: Compliance Management by DesignWhy Compliance Management Matters
Compliance in Disarray: how organizations mismanage compliance
Compliance Exposure: how mismanaged compliance expose the organization to risk
Current drivers & trends pressuring organizations in compliance management
Different ways organizations approach compliance management
What Effective Compliance Management Achieves: Compliance role in governance, risk management, and compliance
Part 2: Compliance GovernanceBlueprint for Effective Compliance Management
Compliance Governance Committee: bringing together the range of compliance management roles and responsibilities in the organization
Compliance Management Charter: defining a structure to govern compliance across the organization
How to Develop a Compliance Management Strategic Plan
Part 3: Compliance Management LifecycleManaging Compliance in Context of Business and Regulatory Change
Compliance obligation identification
Ongoing compliance and business context monitoring
Compliance communications & attestations
Compliance monitoring & assessment
Compliance forms & approvals
Compliance metrics & reporting
Compliance evaluation, benchmarking & assurance
Part 4: Compliance Management ArchitectureEnabling Information & Technology Management for Compliance Management
Compliance Management Information Architecture: Blueprint for Managing Compliance Content and Related Data
Types of compliance management information and how it integrates into compliance processes
Components and requirements for a compliance information architecture
Compliance Management Technology Architecture: Blueprint for Enabling Compliance Management Processes with Technology
Kinds of compliance management technologies and what best serves the organization
Capabilities and requirements of compliance management platforms
Compliance Management Business Case: Articulating the Value of Effective Compliance Management
GRC 20/20 Workshop Instructor
GRC 20/20 ResearchMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 28+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” – being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.
Riskonnect is a global integrated risk management solution provider that enables organizations to anticipate and manage strategic and operational risks across the extended enterprise. Their approach to integrated risk serves more than 900 companies across 6 continents. Riskonnect has operations in the Americas, Europe, and Asia, employing more than 500 risk management experts.