The One New Year’s Resolution Your GRC Program Must Follow


It’s that season of the year, isn’t it? As we wrap up 2013 and make that final push for our sales goals and corporate objectives, we need to both look back at where we were and look ahead to what we want to do better. Resolutions, it would seem, are made to be broken. So let’s not make GRC and ethics and compliance resolutions for 2014. Instead, let’s resolve to do better and by all means to follow through. And let’s start with the GRC fundamentals: corporate policies and employee training.

We need to get away from bravado about being more ethical and instead put our money where our collective mouths are and actually act more ethically. Doing that means communicating to employees what they need to know to do their jobs with integrity, in a way that allows them to apply their expertise for the most ethical good. Doing the ethical thing is usually the right thing, and the right thing almost always passes the compliance test.

Nothing makes more long-term difference in the workplace that setting the right tone and helping your employees know what’s expected of them. So many good organizations, large and small, private and public, fail to make their policies part of the everyday routine of doing business. Because they rely on static document repositories and obsolescent content, employees treat the policies they live and work by as reactive, open-only-in-case-of-emergency dictum. The training they received, if at all, has long since passed from their memory, or else they remember only the sarcastic and over-the-top clip of stereotypical workers they can’t relate to in situations that don’t make sense for their culture or work environment.

Policy and training is where the ethics and compliance wheel starts turning. You can preach all day long about your anti-bribery program, employee practices or your strict adherence to regulatory compliance, but if your employees don’t get it, you will, But you’ll get it in the form of claims and penalties and liability.

Here are your first two challenges for the new year: One, pull out your employee handbook and code of conduct – do it right now – and give it a quick review. Two, make a note of the first employee training event you have scheduled in 2014, and see if that fits with what you need to do to make GRC better for your employees and your entire organization.

So resolve today to map out your employee training calendar for the year. Review your employee handbook, your code of conduct, and your complete set of corporate policies, to know where you’re at and what you need to do better. If that sounds like a daunting task because of how you manage those important GRC practices, resolve to fix that situation within the next 3 to 6 months. But don’t expect to find “follow through” as a line item in your GRC best practices manual. That’s something you must do, not just pay lip service.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© The Network, Inc. | Attorney Advertising

Written by:


The Network, Inc. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.