Now that the initial noise and media hysteria about compliance, governance and the potential of jail sentences for directors if their companies fail to comply has been digested - albeit hurriedly - by everyone from the janitorial staff to the board of directors, organisations are in the process of implementing the legal requirements and recommended best practices to avoid any nasty litigation surprises.
Unfortunately, while companies have accepted the fact that compliance is a necessity, many are falling into the trap of separating their governance responsibilities between various divisions. In other words, compliance tasks are being managed from the bottom up instead of from the top down - a sure-fire recipe for a mess.
IT managers and their CIOs, for example, have to ensure their technology departments meet the criteria for IT governance, spending a considerable amount on programmes based on principles and tools such as those found in Cobit (Control Objectives for Information and related Technology) or ITIL (the IT Infrastructure Library, the most widely accepted approach to IT service management in the world). Their focus is, quite naturally, on ensuring the organisation`s IT is delivering the optimal service at the lowest cost, while also meeting governance demands.
Financial managers, on the other hand, are in a similar situation with respect to their functional areas. Perhaps more than any other segment of the business world, corporate finances are under the closest scrutiny as a result of the various scandals over the past few years. The financial director is therefore focused on keeping his own house in order at the expense of everything else.
To overcome these divides, or silos to use a process term, some organisations appoint a compliance manager (or even a director of compliance in certain companies). This individual is tasked with ensuring all facets of the company`s compliance drive conform to governance regulations and legislation.
Corporate records management
The financial director is focused on keeping his own house in order at the expense of everything else.
Paul Mullon, divisional director of marketing, Metrofile
One aspect of corporate governance every area of business needs to deal with is that of document and records management. Keeping accurate records of whatever transpires in the business, from communications to contracts and even compliance policies, is a cornerstone of good governance. Each of the managers above needs to understand and implement compliance processes when it comes to the storage of records in their areas of responsibility.
To ensure the company as a whole meets its governance obligations, the compliance manager`s role must be to drag everyone out of their silos of expertise and assist them in working together. In other words, each manager needs to meet their own governance requirements while understanding the different needs of the other managers. The ultimate goal is to ensure everyone works towards producing a single, effective solution in accordance with corporate strategy (and the legalities). Managing and guiding the company towards this single solution is the real, and sometimes very difficult job of the compliance manager.
Meeting strategic needs
There are various ways in which document management can be handled, from employing and training staff to handle everything in-house, to completely outsourcing the job to third-parties with records management as their core competency - or any combination of in- and outsourced solutions between the two extremes.
To accommodate the corporate strategy of having documents immediately available in electronic format, for example, but not having the challenge of managing the physical assets, many companies are opting for the offsite storage of documents. Through this process, governance and strategic requirements are met since the digitised information is available immediately, while the paper is stored and managed by professionals.
No matter what option is chosen, complying with governance regulations and recommendations such as King II (in SA) is the one non-negotiable in business today. Making sure the processes chosen for each division form part of the overall corporate compliance strategy instead of creating individual silos of compliance makes the difference between an organisation that meets its governance criteria and one that hopes it does.
* Paul Mullon is divisional director of marketing at Metrofile.
Share