Workforce compliance isn’t what most people (present company excluded, of course) would call a “fun” topic. But on a recent episode of the Masters of Disaster podcast, Our trusty CEO, Rob Warmack shows how it can get pretty darn close. The key, says Rob, is understanding employees’ attention spans and time constraints:
“If we can be considerate of everyone’s time, the reception of the material is so much easier. Getting pulled in for an hour-long PowerPoint presentation is nobody’s way of learning these days. If there is consideration by the compliance team on making this as palatable and as easy as possible, I think there’s a respect that comes from that.”
And the secret to faster, easier, more palatable learning? That’s right: automation.
Listen to the podcast:
Over the course of their 20-minute conversation, Rob and Masters of Disaster host Leona Lewis discuss the ins and outs of workforce compliance automation, exploring how a systematized approach to compliance mitigates risk, satisfies regulatory requirements, reduces the chances of error and increases the rate at which employees retain important policy information.
It’s an enlightening, candid and—dare I say it, fun—talk about a subject that frequently gets ignored or glossed over. If you have 20 minutes, I encourage you to give it a listen, and perhaps share it with your organization’s executive leadership. But if you’re short on time, here are a few salient excerpts from Rob’s interview:
On what regulators are looking for in a compliance program:
“There are two parts of that conversation. One is what is supposed to happen. You have to have documentation to say, ‘these in fact are my procedures,’ and then prove to [regulators] that it happens regularly. They do the spot check. If they find things, they know they have to back up the bus and a bunch of people come out: ‘Now we’re really going to take a deep look.’ If we can say, ‘here is our program, here is our system and here is the technology or the automation that makes sure that when someone comes into that role they get this experience they get assigned these things, we have this procedure in place that is automated that if it’s not completed in two days then there is a follow up,’ there’s really a collective exhale that comes from the room. You’ve got it covered. You’ve got a control and you’ve got a process. You’ve got the levels of controls to make sure that if what you intended didn’t happen then you’ve got a consequential follow up. Nothing’s better than automation in that sense to make the control rock solid.”
On how automated workforce compliance better engages millennial employees:
“[Compliance automation is] particularly valuable with a younger workforce—with a more millennial-oriented workforce. Let’s say that we’ve got a program that requires a policy to be reviewed and there is subsequent training that would need to take place and then we’ll do a test afterwards. If you look at clock time to complete all those things, let’s say that it takes 60 minutes. Very few people have an attention span of 60 minutes these days.
“The old way was you lock them down and say, ‘okay, we’re going to do this.’ Well, you can’t do that anymore. With technology, you’re able to take all of those activities and break them into let’s say six different pieces. We can schedule that over a period of time. That is 5 or 10 minutes per activity. I can assign it through technology. It comes into an inbox. You complete that one part, and then maybe the next day we do the next bit and the next bit. From a user experience perspective, it just makes it more digestible. Also, from a learning perspective, teaching in those smaller bits gives you reinforcement on the overlap on each one of those things. When activity A comes and then a day later activity B starts, you can repeat a little bit of the high notes of A and then go a little further.”
On the size of organizations suited for compliance automation:
“The threshold I’ve seen is if you get more than 50 or 60 people in an organization, automation starts to pay off pretty fast. That’s the point in time when you’re thinking, “Well, maybe we need to assign some more staff to this.” Automation applies. Even in a small organization, it starts making sense, because it’s the peace of mind to the executive team that these things have happened. When you get 50 plus individuals in an organization, you start thinking: ‘Did everything get done?’ That’s the stuff in the middle of the night. ‘I think it got done. I’m going to check on that in the morning.’”
This is only a brief sample, of course. In the full episode, Rob and Leona talk about the lifecycle of a workforce compliance program, the difference between learning and compliance, and how Rob’s perspective on IT security changed after he became the CEO of Compli.