Tips for Creating a Successful Compliance Communication Program
Even if you have the greatest product in the world, it won’t sell if no one knows about it. You’ve got to invest in the proper promotional channels to get the word out. The same principle applies to an organization’s compliance program.
You’ve worked hard to create a comprehensive compliance plan for your company—now you’ve got to get the word out. This consists of repeatedly communicating the plan to employees and providing frequent training.
But where do you start?
Here are a few tips for communicating your compliance plan to your employees.
Know your audience and how they communicate.
How do your employees receive company information? Do your employees primarily use the company’s intranet? Do they use email or another form of communication? For example, if your company has monitors in its lobby or hallways, you could display slides on them. Or, if your employees primarily use the intranet, you could create a landing page that changes on a monthly or weekly basis. It could feature messages for the week or month and provide links to ethics documents, codes of conduct, and more.
Align your internal communications.
Know which departments send internal communications and when. Does your HR department or marketing/PR department send a monthly internal newsletter? If so, ask them to include some compliance information.
Assess your resources and select appropriate content.
Without enough staff or the right content, your communication strategy will suffer. Every company’s tone and culture is different, so when creating content, make sure that content reflects your tone and culture.
Get feedback from your employees, not only on the compliance program itself but also the communications surrounding it. Allowing employees to participate anonymously via survey can help shape your program and future communications. Surveying employees can also provide valuable information on where and how they prefer to receive information about the program.
An excellent compliance program is useless if employees aren’t aware of it or don’t know what they need to do to participate effectively. Following the tips above will help you effectively communicate your organization’s compliance program internally.
About JASON RHOADES
Jason Rhoades is a Principal at Schellman, where he oversees multiple compliance and security services including SOC, PCI-DSS, ISO, FISMA and HIPAA services. Jason also helps assist large and complex customers, who have multiple compliance needs, strategically aligning their compliance portfolio to maximize cost savings and efficiencies. Jason works with many leading organizations spanning industries such as fintech, financial services, cloud computing, healthcare, cybersecurity and many others.