When it comes to compliance alignment we need to have answers to the following two questions:
1. How do compliance pillars (programs) depend on each other?
2. How do business functions contribute to meeting pillar obligations?
For the first we use a compliance pillar Dependency Structure Matrix (DSM).
Each pillar will have a PDP (Policy Deployment Plan (for example, there will be one for safety, security, and so on.) What we want to know is how each pillar depends on any of the others to fulfill their commitments. For example, How much does security support safety?
If you ever wondered how to get more than the sum of your compliance parts, this is how you do it.
For the second question we do the same analysis across functional groups.
Again, each function will have their own PDP consisting of their promises for each of the compliance pillars. What we are evaluating is each function’s contribution to overall safety, security, and so on.
Knowing this information will help you prioritize your efforts to cover all your obligations as well as strengthen pillars and/or functions where compliance risk is the greatest.