Corporate compliance is a hot topic these days. From the General Data Protection Regulation (GDPR)’s the big introduction in the EU last year to the daily headlines about data breaches, we’re constantly reminded of the impact and costs of noncompliance. For example, in 2017, Nissan Co. lost its ISO 9001 certificates on quality management for domestic production, resulting in the recall of over 1.2 million vehicles and costing the company $220 million.
While we didn’t see much action on the GDPR front in 2018, things will start to change in 2019 as ongoing investigations are settled. aggregate IQ, a Canadian political consultancy and technology company, is currently challenging a fine that could top $23 million. With all of these headlines, what we don’t see enough of in the news is how organizations can better manage compliance requirements to avoid fines altogether.
The Problem With Compliance
Achieving compliance, especially in heavily-regulated industries, has historically been very expensive and complicated. However, the cost of noncompliance is growing every day. It’s nearly three times cheaper for a company to comply with regulations than to ignore them. In monetary terms, that amounts to more than $9 million in savings for a company with 5,000-25,000 employees. To avoid the risk of noncompliance, IT departments have traditionally imposed monolithic systems on their organizations with the expectation that these systems will provide the enterprise-grade security and features that they need to meet all of their compliance requirements.
How To Achieve Compliance
So, what’s the answer? How do organizations reconcile the control, security, and compliance needs of IT with those of end users who want easy to use, collaborative, agile software systems? I work in cloud technology, so I’ve seen its ability to offer companies happier users and simplified compliance processes. To choose the right cloud content services platform, make sure to find one that is integrated with the collaboration tools where end users spend most of their time. This allows for seamless compliance, providing a safety net that protects the company without getting in users’ way. A good analogy to illustrate this is the autonomous car. A key benefit of self-driving cars is that they automatically comply with speed limits. So, “compliance” (respecting the speed limit) becomes “seamless” (happening in the background with no work from the user) while the driver enjoys what they like (driving a nice car).
While the analogy sounds nice, how does it work in practice? At its core, compliance is about documentation and controlling documents’ lifecycles. The authoring phase is the first stage of a document’s lifecycle. It’s also the part where collaboration is crucial. Creating documents that contain valuable content requires people to work together and exchange ideas, and collaboration-centric systems allow this to happen. Next, the right cloud content services platform takes control of security and compliance by owning document validation, publication, retention and other control processes.
Moreover, many different kinds of people exist within a company. The documents that they need to access, create and collaborate, and the tools they use on a daily basis, vary widely. This is why the analyst community is seeing a shift in the industry. Companies no longer expect a single, monolithic system, but rather multiple systems (or content services) integrated through a best-of-breed approach.
The bottom line is that there is no need to have so many headaches when it comes to corporate compliance. A cloud-based approach fits nicely in the most heavily regulated industries where document processes can quite literally make or break a business. In 2018, financial services, life sciences and health care companies that had never before considered the cloud due to compliance constraints started to change their tune. With the cloud, SOX, FDA, ISO and many other compliance requirements can be turned on autopilot.
All credits to source bellow by: