It’s that season of the year, isn’t it? As we wrap up 2013 and make that final push for our sales goals and corporate objectives, we need to both look back at where we were and look ahead to what we want to do better. Resolutions, it would seem, are made to be broken. So let’s not make GRC and ethics and compliance resolutions for 2014. Instead, let’s resolve to do better and by all means to follow through. And let’s start with the GRC fundamentals: corporate policies and employee training.
We need to get away from bravado about being more ethical and instead put our money where our collective mouths are and actually act more ethically. Doing that means communicating to employees what they need to know to do their jobs with integrity, in a way that allows them to apply their expertise for the most ethical good. Doing the ethical thing is usually the right thing, and the right thing almost always passes the compliance test.
Nothing makes more long-term difference in the workplace that setting the right tone and helping your employees know what’s expected of them. So many good organizations, large and small, private and public, fail to make their policies part of the everyday routine of doing business. Because they rely on static document repositories and obsolescent content, employees treat the policies they live and work by as reactive, open-only-in-case-of-emergency dictum. The training they received, if at all, has long since passed from their memory, or else they remember only the sarcastic and over-the-top clip of stereotypical workers they can’t relate to in situations that don’t make sense for their culture or work environment.
Policy and training is where the ethics and compliance wheel starts turning. You can preach all day long about your anti-bribery program, employee practices or your strict adherence to regulatory compliance, but if your employees don’t get it, you will, But you’ll get it in the form of claims and penalties and liability.
Here are your first two challenges for the new year: One, pull out your employee handbook and code of conduct – do it right now – and give it a quick review. Two, make a note of the first employee training event you have scheduled in 2014, and see if that fits with what you need to do to make GRC better for your employees and your entire organization.
So resolve today to map out your employee training calendar for the year. Review your employee handbook, your code of conduct, and your complete set of corporate policies, to know where you’re at and what you need to do better. If that sounds like a daunting task because of how you manage those important GRC practices, resolve to fix that situation within the next 3 to 6 months. But don’t expect to find “follow through” as a line item in your GRC best practices manual. That’s something you must do, not just pay lip service.