With compliance concerns being top of mind in these changing times, compliance officers have become an inextricable part of one’s business. IT managers need to ensure that their systems consistently meet certain standards to ensure business continuity, making the relationship between compliance and IT such an important one. This blog takes a look at the interrelation between compliance officers and IT and how a healthy working relationship can result in a continuity plan that safeguards your business when disaster strikes.
The importance of a good working relationship
The compliance officer has the unenviable task of ensuring that the business is fully compliant. Apart from trying to conform to regulations, s/he has to work with all parties concerned to ensure that compliance demands are met. We all know that it’s human nature to resist change and rules and policies, but instead of digging in your heels, you’re better off taking a proactive approach.
Keep the compliance officer in the loop
Get the compliance officer involved and updated. S/he’ll be able to give valuable insights regarding compliance. It makes no sense to develop an extensive plan, only for the compliance officer to tell you it doesn’t meet requirements.
Make the compliance officer part of the business continuity plan
Every maintenance run and job should be audited. This gives you an opportunity to improve processes and performance. After each run, these audits should be submitted to the compliance officer. It’s a good idea to have him\her as an observer or plan manager. This gives them the opportunity to understand the plan and make suggestions to improve.
Work compliance into processes and policies
A simple policy like a password policy can prevent problems downstream. Work with your compliance officer to create policies and procedures and set up a calendar to review them. Keep policies and procedures current and easy to follow. Don’t flood the workforce with draconian policies because they’ll more often than not oppose them.
Keep a paper trail
A fundamental practice of any seasoned business person is to cover all bases. Always keep a record of meetings, correspondence and importantly, simulations and live events. Intelligent software out there can generate audit reports that you can retain as part of your compliance system and present to the relevant parties when needed.
Keep an active simulation schedule
Your piano teacher may have constantly nagged you to practice for good reason. Practice makes perfect. Maintain a regular and consistent simulation schedule. Not only is this good for practice and perfecting simulations, but it’s a must have for some compliance requirements.
Harness the power of ISO 22301
ISO 22301 is the worldwide standard for business continuity and is meticulously planned and designed. Using its principles is good for meeting compliance requirements and maintaining them. ISO 22301 is a continuous cycle with constant improvement built in. Your compliance officer will want to see that things are constantly improving.
Getting the green light
By working with and supporting your compliance officer, using ISO 22301 and being persistent about simulation and reporting, you’ll get your compliance officer’s green light. Further endear him/her by involving his input and suggestion. Make policies and procedures work for you. Mostly make use of that wonderful asset the compliance officer.