Develop 20/20 insight on your 2020 business goals
Welcome to 2020 and the dawn of a new decade. This year resolve to sharpen your vision of what you need in order to accomplish your goals. It’s not black-eyed peas and cornbread on New Year’s Day that will bring you good luck. We’re here to serve up guidance and tips to help you visualize and execute on your major business goals in 2020.
Here are our four building blocks for accomplishing anything big and consequential this year.
Focus on the fundamentals
Governance, risk management, and compliance have become more complex and confusing. Experts point to the digital shift at organizations and the growing reliance on third parties, many of them located in other countries.
Digital operations open the door to data risks like data breaches, phishing incidents, and ransomware, and privacy can be problematic to solve. According to Bob Maley, Chief Security Officer at NormShield, the data privacy landscape is complicated by the growth in outsourcing and data responsibility with third party, fourth party, even sixth party.
The answer to the complex, confusing current state of risk management is to focus on the fundamentals. Put time and effort into conducting an audit of all policies, issuing assessments, testing controls, and reviewing communications. Take care of the fundamentals for compliance and risk management before tackling more complex stuff. Doing so can lead to efficiency gains that free up your program to work on more complex, strategic initiatives this year.
Learn the executive’s language
Compliance and risk management professionals often struggle to communicate with executives, the very people you need to win over. The issue is a misalignment between your needs and what leadership needs. You’re concerned about one thing while the executive is worried about another thing. It’s a misaligned discussion.
Sam Abadir with Lockpath, a NAVEX Global Company, shares his proven strategies for aligning to value and reframing your request. Doing so will improve the way you communicate with executives and boost the odds of your project or budget being green-lighted.
Sometimes the key to overcoming a language barrier is to focus on semantics. One company’s Chief Information Security Officer (CISO) sought executive approval of his change management program for information security. Rather than a high-tech label befitting his department, he named the program “Enterprise Trust Initiative,” which fits the company’s mission statement. By naming his program with the company in mind, executives were more receptive.
In 2020, learn to speak fluently with executives in oral and written communications. Your program depends on it.
Collaborate and unify for greater success
To get where you’re going this year, you’ll need to collaborate with other departments and learn to bring people together with a shared vision.
Some organizations are creating ambassador programs that connect associates in one department with professionals in other departments. For example, a risk manager that knows key performance indicators can benefit from the IT manager responsible for the data feeds. Collaboration creates understanding between departments and better ways of doing things.
While technology enables collaboration with anyone, it’s human nature to humbly go about your business in your world. To rally support for your big plans, you need to let people know what you’re doing and why. When people believe it’s a change for the better, they support it. Your message acts as a unifier.
One telecommunications company built its security program in 18 months. One reason for the fast track to success was brown bag lunches where program leaders talked up the business benefits of the new program to all departments and employees. In 2020, you may have to step outside your comfort zone to collaborate and talk it up. It’s well worth it for the end results—a better reception and a more meaningful program.
Be a force for good
Whether it’s the cost of transparency or a backlash against wrongdoing, we sense a 2020 trend toward goodness. We see integrity and ethics as a way for individuals and organizations to stand out and get ahead.
An enlightened view sees the good intention behind regulations and the value of principled compliance. An interesting example of this is the UK’s Senior Managers and Certification Regime (SMCR) regulation. It mandates that firms must certify their senior managers as competent, and these managers and their associates are now personally liable for ensuring “reasonable steps” are followed and align with a statement of responsibility.
Try being a force for good in 2020. It means having ethics, operating with integrity, and putting principles before profits. It will resonate with employees and customers.
That’s our 20/10 insight for 2020. Envision what’s possible and make plans. Leverage the guidance and tips in this post to aid your progress toward your goals. Don’t delay. Get out there and make it happen.
UK banks must now comply with the Senior Managers and Certification Regime, known as SMCR. Learn SMCR’s major requirements, top challenges, and best practices for compliance.
In this post, we share the importance of BYOD policies, alert you to compliance challenges, as well as the risks posed by personal devices tethered to IT infrastructure.
First in our monthly blog series, Risk Management: Back to Basics, where we feature a core pillar of risk management and share practical tips you can implement right away. Today’s topic: policy management.