Compliance is often thought of as a burden – little more than a tick-box exercise to ensure your organisation meets regulatory and legislative standards. However, that’s looking at it the wrong way. What it actually provides is a statement of your organisational values and is an investment in future growth. It’s a vital part of ensuring that your organisation moves in the desired direction and can enable you to create added value for your business.
Opening up new markets
Done properly, compliance will reassure your customers that your systems and values are visible, secure and viable, supporting sales and driving revenue. Increasing or enhancing compliance can give you competitive advantage over your rivals and open up new and potentially lucrative markets, further increasing revenue. It will also reduce costly mistakes and made lack of performance visible to senior management.
There are internal benefits too, such as ensuring everyone in your organisation understands their roles and responsibilities and cement accountability. Operating externally audited best practice policies and processes will generate internal confidence, improving morale and increasing staff retention.
Making it work
To make compliance work for your organisation, start with your corporate objectives and strategic plans, and define appropriate governance policies to support them. These might include company values and behaviours, which frame how your staff operate, and the operational functions through which you carry out day to day operations. In other words, use compliance to help set out the roadmap for how you do business.
You should then implement systems to comply with mandatory regulations and legislation. There’s no need to reinvent the wheel, as existing standards provide a basic framework, which you can then streamline and tailor to your own corporate policies. To comply with best practise, you should align your management systems with industry standards (e.g. ISO).
One approach we’ve successfully implemented at Fordway is to consolidate our security, quality, environmental and service management systems (ISO27000, ISO9001, ISO14001, and ISO20000). This means that now, in certain areas, we have single policies to manage instead of multiple policies across different systems.
With the policies and procedures in place, you apply governance to review your organisation’s compliance. It’s not a one-off activity but requires continual service improvement. Remember that compliance is part of business as usual, not a one-off activity each time new legislation comes along.
An investment, not a burden
I hope that’s convinced you that compliance is well worth investing in. With the correct policies and controls in place, aligned to your organisational goals, it will add value to your business. And if you build it into the way you work, addressing changes in legislation such as GDPR then become much less onerous and offer an opportunity, not a burden.
If you’d like to read more about this topic, see Neville’s recent article