Regulatory compliance is challenging and expensive, and getting harder every year.
Phrontex makes it easier.
The knowledge map defines the core elements of your governance system. Effective governance relies on each of these being under control. In traditional documentation, these elements tend to get bundled together in composite documents.
It makes life much easier to manage these elements separately: each is a short, simple statement with explicit accountability and a precise objective.
Articulate what you want ‘well-governed’ to mean for your organization. This might be a short list of statements like
The purpose of the governance management system is to for the directors and officers to be confident that you can prove that the statements are true.
A compliance requirement is any formal statement that affects how the organization operates and how its personnel behave.
Your set of requirements will typically include:
Policies exist to give effect to your compliance requirements. A policy may:
To get the policies under control:
Create activity charts or similar to define the processes your organization uses to achieve its performance objectives. The set of activities will form a hierarchy, from ‘run the organization’ (or the part of the organization you are governing) down to front-line operations.
In each case:
Defining the activities is not a mammoth undertaking. This is not end-user documentation or work instructions, telling people how to do things. These are management statements of processes and sub-processes. The concern is only with the identification and control of these processes within the structure of the organization’s activities as a whole.
And regardless of the scale of effort required, it’s essential. You can’t prove that your activities are well governed if they’re not well defined.
The simplicity and clarity of your activity statements is an indicator of the quality of your organizational design. The individual tasks you carry out might be extremely complex; but how those tasks fit together should not be.
The content provided to your employees is of two types:
Required knowledge might include the code of conduct, emergency and safety procedures, and customer service standards; and some ISO standards stipulate a level of awareness for some or all employees.
Most organizations have a training and induction process to address this. For governance purposes, you need to be confident that: