Compliance often becomes a labyrinth of obligations, commitments, controls, audits, processes, and many other activities and artifacts that are built up over time which makes compliance more complicated and difficult to manage, operate, and maintain.
In many ways, this not unlike the software domain that contends with legacy code, technical debt, and changing and new requirements. In compliance, obligations are the requirements, and promises are the specifications used to engineer systems and processes to deliver on objectives that will in turn achieve the outcome of compliance.
What if there was a way to streamline compliance in the same way that software engineers refactor code resulting in a simpler, more effective program?
Lean Obligation Management for Compliance
This approach focuses on simplifying the compliance burden by systematically removing unnecessary elements (i.e. compliance waste). Imagine it as de-cluttering or refactoring your management program by removing old obligations, restructuring poorly define promises, and addressing obligation debt.
To understand how this can be accomplished we need to understand the nature of obligations and promises.
Obligations: These are the requirements for each internal or external obligation. They define what your organization is expected to achieve in terms of compliance (adherence to rules, conformity to standard practices, achievement of performance targets, or the advancement of compliance outcomes: the benefits of being in compliance.
Promises: These are the commitments, the specifications, your organization identifies to fulfill all their obligations. They detail how and to what degree you'll meet the requirements (e.g., designated data security officer role, mandatory annual compliance training, improving net zero targets, realizing better safety and security).
Lean Obligation Management in Action
This approach focuses on systematically removing unnecessary elements from your program, resulting in a simpler and more effective system.
1. Remove outdated or no longer applicable obligations.
Obligations evolve and change over time. Regularly audit your management program to identify and remove obligations (internal or external) that are no longer applicable or have been superseded. This frees your organization from the weight of outdated compliance measures.
2. Remove duplicate promises.
Duplication can bloat your program and introduce inconsistencies. Identify and remove any redundant compliance promises within your program. This ensures a single, clear commitment for each obligation, simplifying program management and reducing the risk of errors.
3. Remove promises that are no longer connected to an obligation (zombies).
Sometimes, promises are made within an organization that no longer serve a purpose. These "compliance zombies” add to the overall cost without delivering any value. Lean Obligation Management encourages you to remove them along with the controls, workflows and processes that are no longer needed.
4. Consolidate promises within promise fulfillment systems based on common capabilities.
Identify commonalities in how your organizations fulfills its compliance promises. Group similar promises together and consolidate them within dedicated promise fulfillment systems. These systems can be specific tools, processes, or workflows designed to efficiently address multiple compliance requirements. This reduces redundancy and streamlines your overall compliance efforts.
5. Integrate New Obligations and Promises Strategically.
When new regulations or stakeholder expectations introduce fresh compliance requirements, don't simply add them on top of your existing program. Instead, use the knowledge gained from Step 1 to strategically integrate them. This can be achieved through three key approaches:
Leveraging Existing Fulfillment Systems: Look for opportunities to fulfill the new obligations using existing compliance systems you already have in place. These systems might be designed for similar purposes or share some overlapping functionalities. This approach reduces redundancy and streamlines the implementation of the new requirements.
Adapting Existing Systems: If the new obligations have some overlap with existing compliance areas, consider modifying your current fulfillment systems to accommodate the additional requirements. This can be a cost-effective solution if the changes needed are minor.
Developing New Fulfillment Systems: For entirely new compliance needs that don't align with existing systems, you may need to develop dedicated fulfillment systems. These systems should be designed to be efficient and effective in meeting the specific requirements of the new obligations.
If you find yourself unable to follow these steps, it's a strong signal that your compliance program has become overly complex and you may have lost control of your compliance.
Lean Obligation Management provides an approach to gain control back by promoting compliance simplicity. By actively managing the promises your organization makes to meet obligations, you gain a clear understanding of your compliance efforts and ensure they remain effective and easy to understand for everyone involved.
Benefits of Lean Obligation Management:
By actively reducing unnecessary elements and ensuring clear promises meet specific obligations, you can achieve a simpler, more effective program capable of meeting all your compliance needs. This will help create the following benefits:
Reduced Program Complexity: A leaner management program with clear promises for each obligation is easier to maintain, implement, and understand for all stakeholders.
Improved Efficiency: By focusing on essential compliance elements, your program operates more efficiently, saving time and resources.
Enhanced Agility: A streamlined program allows you to adapt to changing external and internal obligations more readily.
Proactive Management of New Obligations: Evaluating the true nature of new obligations before integrating them allows for a more strategic approach to compliance.