Chapter 8. Step Six: Implementing a Compliance Risk Mitigation Plan—Monitoring, Reassessing, and Modifying

Chapter Goals:

  • Understand why continual compliance risk monitoring is needed.

  • Determine how to develop a customized system to continuously monitor the compliance risk assessment initiative.

  • Determine your compliance risk reassessment time schedule.

  • Decide how to document monitoring the compliance risk assessment program.

At this point in your compliance risk assessment program, you have completed the following:

  • Identified the compliance risk universe;

  • Determined the compliance risk factors, such as likelihood of occurrence and impact of occurrence;

  • Conducted the compliance risk assessment survey;

  • Scored the survey results and generated a risk universe matrix; and

  • Developed and had approved by the CEO or other upper management your initial compliance risk mitigation plan.

What is next? With all that work completed, one might be tempted to sit back and congratulate oneself on a job well done. Well, the job might have been performed “well,” but it certainly is not “done.”

For your compliance risk assessment program to be of ongoing use to the overall compliance program, best practice requires ongoing monitoring of all compliance risks. And clearly, compliance work is never really finished. Laws change, employees change, and the focus of upper management changes. It is certain that there will always be change; you just cannot predict how the change will affect a compliance initiative. Just know that it will.

The key is having a continuous improvement system in place that provides enough flexibility to adapt to a changing environment. But the key also requires having enough rigidity in the system to ensure that the compliance initiative will not falter when the new hotshot manager arrives in your division and wants to shake things up.

If you are the compliance officer, your job is to develop and maintain this continuous improvement system. How do you begin accomplishing this task?

This document is only available to subscribers. Please log in or purchase access.