Factors
influencing implementation of empowerment policies
According
to Schlarman (2013) while technologies, process and ultimately people are the
soldiers on the front lines, policy is the strategic direction that guides an
organization toward objectives and goals. The importance of policy is supported
by a quick review of current regulatory issues facing companies.
Whiles
regulations, whether governmental or industry driven are typically on the
“grey” side when prescribing control requirements, the need for defined policy
within an organization is always included. However, policy is not just a check
the box activity for regulator compliance. Policy defines the organization’s response and
posture for handling specific business or management processes. Also, Ako (2005) stated that policy
must be sanctioned by executive management and reflect organizational view on
acceptable business practices.
This includes the management of risks and
execution of business processes. Policy must clearly define the structure,
approach and philosophy to address a specific business aspect.
Again,
Burton (2008) added that, the first iteration of policies and Standards should
communicate management’s philosophy regarding the value of corporate
information, the requirements to comply with policies and the consequence of
noncompliance Basing these policies on well known frame work is a generally
accepted good “first t step ’ policies and standards should be developed with a
firm grasp of overall business
objectives and an understanding of applicable laws and regulations.
Also, as a
corresponding compliance "activity a process for testing the effectiveness
of controls need to be established and performed on periodic basis (e.g.
quarterly) and the results need to be
documented and communicated to management. This stage will provide the feedback
necessary to improve the policy infrastructure based upon compliance levels and
the ability to adopt practices and
integrate controls into processes.
In
line with the above views, Igwe (Z2003) stated the importance of effective
policy, procedures and standards in
his words as follows
More
often than not policies are created but not property implemented resulting is employees non- compliance which eventually affect the
business as whole. In terms of risk management,
maintaining effective polices within
an organization can protect against
liability. Many organization rise old
methods, such as costly intranets, to post policies which
get lost and are never really
understood, deeming them ineffective. Policies are necessary for the protection of the organization as well
as the employees.
Policies and procedures: provides a set of company rules and regulations as well as consequences for non- compliance. When not enforced, policies offer little defense against legal action. A well developed policy communicated by clear procedures and followed by strict enforcement can prevent conflict as well as create compliance with legal statutes.
Furthermore, Obi (2004) stated that, for there to be effective policy procedure and standard, there are two basic mantras for policy and compliance management- policy and compliance must progress proportionally together, policy and compliance must be holistic and include people, process and technology. These are important concepts to keep in mind during the development ‘process.
Compliance activities should be automated and/ or facilitated as much as possible. Compliance activities and policy development must be appropriately aligned. Policy without a corresponding compliance measurement and monitoring strategy will be looked at as unrealistic, ignored dogma.
Compliance activities without a supporting policy infrastructure will result in high failure rates given that requirements have not been properly defined and communicated.
No comments:
Post a Comment