Standardizing Policy Design and Approval – Why it Matters
The Policy Management Illustrated Webinar Series This installment of the Policy Management Illustrated Webinar Series addresses how to establish a systematic and consistent approach to the creation and approval of policies.
PLEASE NOTE. Certificates of Completion for CPE credit are not available for viewing of archived webinars. For GRCP holders, viewing of archived webinars will be automatically tracked and recorded in your Certification Dashboard on your Profile on the OCEG site and will count toward GRCP CPE requirements only.
In most organizations today, it is possible to find “policies” floating around or even being enforced that have never gone through proper channels for issuance and approval. Some of these so-called policies have been written by people without the proper authority or without full understanding of the impact that the policy will have on operations and risk management. Others are in conflict with each other or may be based on out of date information. Failure to have a consistent style and template for policies makes it even harder to know whether a policy is in fact approved and in force.
Policies that are designed to contain information on linkage to relevant obligations, controls and objectives can be monitored and kept up to date through a policy management system that connects to other business applications and triggers notifications when changes arise. Keeping a record of versions as policies are modified similarly enables an audit trail that can aid in investigations and defense.
Having a uniform approach to the style, content, and issuance of policies is a key step in gaining control and enabling effective ongoing management. In this webinar, we present ways to establish such a systematic and consistent approach to the creation and approval of policies and review how technology can support these efforts.
· Outline a consistent process for policy development and approval
· Identify policy information that helps enable future management and defense
· Determine how to use policy management technology during the policy development phase
· Michael Rasmussen, GRC Research Analyst and Pundit, GRC 20/20 and OCEG Fellow
· Evgeny Likhoded, CEO, Clausematch
Featured in: Policy Management