Making your policies POP: A policy operationalization process

By Calvin London, PhD; Reyna-Chris Comeros; and An Nguyen, BS

Calvin London (calvin@thecomplianceconcierge.com) is the Founder and Principal Consultant of The Compliance Concierge in Melbourne, Australia. Reyna-Chris Comeros (rcomeros@celgene.com) is the Compliance Manager, Celgene Pty Ltd., and An Nguyen (annguyen@celgene.com) is the Associate Manager Affiliates Quality, ANZ & CEA, Celgene Pty Ltd. in Melbourne, Australia.

According to Wikipedia, operationalizationis a term in research design, especially in psychology, social sciences, life sciences, and physics. It is a process of defining the measurement of a phenomenon that is not directly measurable, though its existence is inferred by other phenomena.[1] The definition then goes on to give several examples from different disciplines of how the term is used, none of which are particularly helpful.

Understanding operationalization

Nonetheless, operationalization is a term that has gained prominence in the compliance world. It is mainly a result of the term’s use in the Evaluation of Corporate Compliance Programs in 2017 by the Department of Justice (DOJ).[2] DOJ emphasized the importance of an “implemented, reviewed, and revised, as appropriate, in an effective manner” compliance program versus simply having a “paper program” in place. Following this guidance (which was developed from guidance provided in the previous year by the Foreign Corrupt Practices Act[3] (FCPA)) should be automatic, given the potential legal consequences.

Employees within our own organization may well have had good intentions when implementing operationalization but struggled with what it exactly meant, let alone how to pronounce it. I am sure many compliance professionals also share this sentiment, and definitions like the one on Wikipedia don’t help. So, what is operationalization?

Ricardo Pellafone put it quite nicely: “You ‘operationalize compliance’ by integrating it into business process—so it becomes part of how people do their job duties.”[4] He went on to say it was not enough to simply have a policy, but that it had to be applied to the operational tasks and duties that would support the compliance initiatives (operationalize it).

Problems with operationalization

A large number of internal review/audit observations and DOJ/FCPA prosecutions reflect that companies have difficulty effectively demonstrating that the intent of policies has been transitioned into procedures or that they are understood by employees within the company. This is the reality for many companies: Although they may have good intentions, there is a disconnect somewhere between the policy and the actual procedures and processes.

Policy operationalization also becomes more complicated when the policies are issued by global headquarters for implementation to a subsidiary or affiliate office. Often, they assume that since the policy has been given, it must have been implemented. It is not until an internal audit that they realize the policy has not been effectively transitioned into meaningful procedures or practices, exposing the company to regulatory compliance risks.

This document is only available to members. Please log in or become a member.
Become a Member Login
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field

First name field cannot be blank!
Last name field cannot be blank!
We will send you an email that will give you access to this entire article.
Email field cannot be blank!
Enter a valid email!
Company field cannot be blank!
Enter a valid company!
Title field cannot be blank!

We're committed to your privacy. The Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA) uses the information you provide us to contact you about our relevant content, products, and services. For more information, check out our Privacy Policy.


About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook Twitter LinkedIn
Copyright © 2024 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings