Do you have any tips for introducing creativity and collaboration into our compliance program? We want to foster better employee participation when it comes to compliance best practices, but we're struggling to find ways to get everybody involved.
Ask the Expert!
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)
I can't promise a magic bullet that will suddenly make the compliance exciting, but there are some steps you can take to help better engage employees in your compliance efforts in areas where their participation matters. Here are a few compliance best practices from my experience:
- Set easily measurable goals and measure progress consistently. If you have a large number of systems to remediate, for example, set daily, weekly and monthly targets, and hang them on the wall. Let everyone see the progress the company is making and be sure the organization at large takes notice when the team meets or exceeds the set goals.
- Encourage transparency. Compliance programs are often shrouded in secrecy within an organization. If you want to engage your staff, you'll need to be upfront with them about your current status, the steps that you're taking to improve the compliance program and any challenges that may be encountered along the way.
- Be flexible. One of the best ways to engage employees in a compliance program is to let them guide it. Keep an eye out for employee innovations that might improve the compliance program and, when you see one, praise it loudly and adopt it quickly.
- Celebrate often! While you might throw a big party after reaching the end of a compliance initiative or hitting a crucial milestone, it's often more beneficial to celebrate the small successes. Bring in some doughnuts when a team exceeds a daily goal or take your top performers out for a pizza lunch each week. A little food goes a long way!
Notice anything about the advice I just offered you? There's nothing about a compliance IT management initiative that's different from managing any other program. Remember to treat your team well, empower them to control their work environment, give them the tools and resources they need, and success will follow.
Dig deeper on PCI Data Security Standard
Related Q&A from Mike Chapple, Enterprise Compliance
Social media compliance is not typically considered a big issue for companies, but expert Mike Chapple explains why it should be.continue reading
Metadata tagging is not just for security. Expert Mike Chapple explains how tagging tools can be used to achieve PCI DSS compliance.continue reading
Before using the HIPAA-compliant cloud services from Google, there are some things companies need to know, according to expert Mike Chapple.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.