No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Compliance

After Coronavirus, What Will Compliance Look Like?

Staying Compliant While Emerging from COVID-19

by Mark Delgado
May 19, 2020
in Compliance, Featured
drawing of illuminated compliance lightbulb

COVID-19 has impacted virtually every aspect of our lives. Compliance pros may be wondering whether and how corporate compliance will ultimately be affected. Mark Delgado, Mitratech’s Managing Director of GRC, offers insights into how companies can meet compliance mandates as they emerge from COVID lockdowns.

Once the planet has passed beyond the uncertainties of this outbreak, when the business world is on surer footing, what will corporate compliance look like? Will the systems and processes behind compliance be truly and deeply transformed, or will we return to the familiar, pre-pandemic ways of pursuing compliance?

I think the answer begins with the fact the business world has changed dramatically, and it will probably never return to what was once “normal.” That normality was under threat before anyone ever heard of wet markets or pangolins; remote working in the U.S., for instance, had increased by 159 percent between 2005 and 2017, according to an analysis of census data. In that regard, the pandemic has fast-tracked a change that was already underway, though this acceleration was akin to instantaneously going from a slow walk to the speed of sound.

Processes, methodologies and previous “best practices” are no longer fit for purpose in this new scenario. One of the greatest shocks of the pandemic has been the sheer uncertainty it has generated for nearly everyone. This reminds us of a simple fact: Uncertainty and risk have always been with us, and there will be times when it’s difficult to temper them. We can only try to be ready for the inevitable unknowns by putting the right solutions in place to mitigate their pain and impact.

So, in the post-pandemic compliance environment, it’s safe to assume we’ll see more rapid adoption of new approaches and, significantly, new technologies, as companies pursue ways of ensuring “compliance continuity” during disruption. There are two key areas where that will especially manifest itself: policies and procedures management and information governance.

Policy and Procedures Management Will Be Automated

When offices were shuttered and workforces sent home to become more familiar than they had ever intended with Zoom and household disinfectants, there was an immediate need for quick changes to corporate policies and procedures. Drafting, implementing, communication and getting attestation to these is hard enough without now having the workforce turned into a largely distributed, virtual network. The uncertainty mentioned above is yet another factor to be reckoned with: It’s very, very hard to predict future developments, so policy and procedures management becomes even more difficult, but evermore essential.

Where policy management had previously been carried out using mostly hands-on systems, reliant on manually dispatched emails or, quite literally, walk-arounds, that’s clearly impossible today. Not only is this manual compliance expensive and inefficient even in the most settled times, it’s now defunct in favor of more automated solutions.

Using an automated system provides benefits for all involved.

Firstly, policy owners and compliance stakeholders can collaboratively draft and approve policies that are bespoke for employees or groups in specific roles, communicate them easily and comprehensively, employ automated follow-ups and escalations and record attestations in case of audits.

Secondly, employees get to interact with purpose-built systems with easy-to-use interfaces, ones they can trust to provide them with only the current version of the instructions they need to follow and where they will reliably receive future updates.

Finally, compliance and operational leads gain visibility, in real time, into the policy compliance of the workforce regardless of how widely it’s been scattered.

Information Governance Will Be Required – And it Will Require New Tools

Regulatory compliance will not become any less of a challenge for companies in a post-coronavirus world. That’s made clear by the fact that regulators have, a few exceptions aside, not chosen to retreat or delay implementation or enforcement of regulations around data privacy, or financial services operations, or any other codes or laws that might come to mind.

Thus, information governance becomes more urgent than ever before for organizations that now have to contend with remote white-collar workforces. In this world, data and information that’s pivotal to their operations is being accessed and manipulated and shared everywhere but inside the reassuring four walls of an office suite – or the firewalls of their corporate IT network.

There are two fundamental information governance technologies that we will see forward-thinking organizations turn to with increasing frequency, driven by lessons that are being reinforced in earnest by the current situation. Each of them will serve to support an enforced information governance framework, which will be vital to satisfying the data privacy and general confidentiality demands of regulators and customers alike at a time when so many employees work from home or other remote locations.

The first of these is a centralized digital repository for warehousing personal data and controlling and auditing access to it, as well as to other mission-critical documents or material. Enterprises already capture and generate vast swaths of data on terabyte scale, so collecting, collating, analyzing, securing and then deleting data at its mandated expiration point is beyond the viability of manual efforts.

Enterprise content and information management systems allow easy creation of comprehensive inventories of these assets. They also often also provide electronic discovery, analytics and other powerful management tools to aid compliance monitoring and enforcement.

The other cornerstone technology? A “shadow IT” management solution. Even in ordinary times, there are large numbers of spreadsheets and other data assets that are the product of end-user computing (EUC), where employees use personal systems and applications for their day-to-day work. These are outside the purview of corporate IT departments, but they are often essential to business operations. Poor data, broken formulas, links to outdated external data and many other issues typically exist in these EUC assets, resulting in dramatically increased risk and disastrous consequences for the organization.

As workers take to remote locations, it’s apparent how EUC-related risk can increase markedly. By using a tool capable of discovering, monitoring and automatically conducting risk assessments of these assets without disrupting employees’ work, even when they’re remote, the enterprise can largely mitigate these risks.

These two technologies should not be seen as disparate solutions, but as components in a truly end-to-end strategy for modernizing information risk management.

There is an even larger goal we can pursue, however: evolving the way we approach compliance continuity planning and execution so we’re not caught on the back foot again by disruptions like the one we are living through today.

The Path Toward Compliance Continuity

This thrust toward more robust and agile compliance continuity (part of an overall movement we call business continuity transformation) is much like digital transformation, which has helped organizations evolve at breakneck pace over the last several years. This transformation of compliance will extend from “the boardroom to the break room,” affecting the ability of everyone in the enterprise to quickly pivot to sustain business as usual in the face of disruptions – or, let’s not forget, opportunities.

There’s no road back to the status quo that existed for companies before the advent of COVID-19, so we should instead be intent on the road ahead. By implementing these and other related new technologies in support of a more robust model of compliance continuity, that road can be considerably smoother and more secure.


Tags: Business Continuity PlanningCOVID-19Data Governance
Previous Post

Workplace Reopening Checklist for Compliance: Managing Return-to-Work Issues

Next Post

New Products from ProcessUnity to Enhance TPRM Programs

Mark Delgado

Mark Delgado

Mark Delgado is the Managing Director, GRC, at Mitratech. He works with the leaders of the sales, services and support organizations globally to provide senior leadership to Mitratech customers and prospects across all products and all geographies outside of the U.S.

Related Posts

doj building sign with flags

‘Reasonable Steps’: What the DOJ Expects From Your Bulk Data Transfer Compliance Program

by Alexandra P. Moylan, Alisa L. Chestler and Michael J. Halaiko
May 5, 2025

Sample provisions offer blueprint for compliant data brokerage with foreign entities

data security program concept cameras

Your Sensitive Data Is Now a National Security Matter: The DOJ’s New Data Security Program

by Randall Cook, Vince Mekles and Rachel Woloszynski
April 29, 2025

90-day implementation window closing on regulations affecting companies with genomic, biometric, health and other personal information

Electronic Evidence Collection for eDiscovery and Compliance

Electronic Evidence Collection for eDiscovery and Compliance

by Corporate Compliance Insights
March 30, 2025

Are you prepared to manage modern data sources in your compliance program? Whitepaper Electronic Evidence Collection for eDiscovery and Compliance...

examining data on laptop screen

Privacy Rights Surge Forces Rethink of Data Management

by Gal Ringel
March 14, 2025

As global privacy regulations multiply, organizations face mounting pressure to efficiently respond to data subject requests amid complex data environments

Next Post
concept of digital brain

New Products from ProcessUnity to Enhance TPRM Programs

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights