No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Measure or Die! – Using Metrics To Measure Compliance Performance

KPIs for Compliance

by Jim Nortz
February 4, 2018
in Compliance
Measure or Die! – Using Metrics To Measure Compliance Performance

Editor’s note: This article was contributed to Corporate Compliance Insights by Jim Nortz. It was originally published on December 6th, 2008. It has been updated for clarity. 

A few years ago I had the pleasure of participating with Scott Mitchell, Chairman and CEO of the Open Compliance and Ethics Group, and Charles Ruthford, a compliance and ethics officer at Boeing Corporation, in conducting a training session at an Ethics and Compliance Officers Association Conference.The session was entitled: “Counting on Metrics: Developing meaningful E&C program data to satisfy a ‘Show me’ CEO.”

Each of us provided what we characterized as “rapid fire” 10- to 15-minute presentations providing our thoughts on how to best measure a company’s compliance and ethics performance. These presentations were followed by about 45 minutes of open Q&A and discussion about the topic.

Although our fellow conferees had many other sessions that they could attend, by the time we started every seat was taken and there were people standing along the walls and a couple of ranks deep in the back of the room, with some listening from the open doorway.

Although I’d like to think otherwise, the reason such a crowd gathered was not because of our collective star power; it was because there is a widespread recognition by compliance and ethics officers that measuring compliance and ethics performance at our firms is vital to our success as a profession.

 

“Measuring compliance and ethics performance at our firms is vital to our success as a profession.”

I attempted to reflect this sentiment in the last slide in my presentation. This slide contained the simple statement: “Measure or Die.” I noted at the time that this blunt pronouncement may seem a bit hyperbolic, but that it’s not far from the mark. The whole idea of attempting to manage compliance and ethics risks by supplementing existing corporate structures already created for this purpose with a small group of compliance/ethics professionals is still relatively new. If we are unable to demonstrate to our respective organizations that our efforts are materially reducing costs or compliance/ethics risks, then it’s just a matter of time before compliance offices are shut down or consolidated into more traditional corporate functions like the Law Department, Accounting Department or Human Resources.

Of course, no function in a company is immune from budget cuts and this is doubly true of those that are not directly related to income generation. However, I think it is fair to say that those ethics and compliance offices that have successfully found a way to demonstrate their worth are likely to weather the current economic storm better than those who are merely reporting ethics line call volumes and training completion rates to their management teams.

In the event you don’t already have a robust and meaningful set of compliance and ethics key performance indicators (“KPI’s”) at your company, here are a couple of things you might consider doing to remedy the situation:

Recognize that there are at least three kinds of compliance and ethics KPI’s:

  1. Activities metrics that answer the question: “What are we doing to improve our compliance and ethics performance?”
  2. Process metrics that answer the question: “How mature or reliable are our compliance and ethics management systems?”
  3. Outcome metrics that answer the question: “Are our activities and systems yielding improved outcomes?”

Don’t confuse process and activities metrics with outcome metrics.

Just because you’ve got all of the elements of the US Organizational Sentencing Guidelines’ seven elements of and effective compliance and ethics program and have done thousands of hours of compliance training does not mean you’ve succeeded in improving your firm’s compliance and ethics performance. You need an independent set of Outcome metrics to show whether all your efforts are yielding results.

Only select and use the metrics your organization needs to make sound decisions and/or drive behavior.

You can measure yourself to death. Have a conversation with your management team to see what data they would find useful in allocating limited resources to better manage compliance and ethics risks. Since most managers will give you a blank stare when you ask them what compliance and ethics metrics they’d like to see, be prepared to provide them with a menu of options and help them understand how they could be put to use.

Use simple dashboards.

Your management team is already suffering from KPI overload. Find an easy way to present your metrics to them that is easy to understand at a glance.

Correlate process and activities metrics with related outcome metrics.

It is important to gather data in a manner to determine whether there is a cause and effect relationship between your compliance and ethics program and key outcomes. Without such a correlation, you will continue to cast around in the darkness, never knowing whether you are making progress toward your intended destination.

Use metrics not just to measure behavior, but to drive it.

Once you have developed a reliable gauge that your management team has confidence in, encourage your management team to use it to set performance targets in a manner that would hold directors, officers and employees accountable for achieving them.

Calibrate expectations.

If you are a compliance/ethics officer in a company with well run functions (legal, HR, regulatory, etc…) your firm’s compliance and ethics performance is probably already pretty good. To go from 98% to 99% compliance may require as much focus, discipline and energy as achieving the first 98%. In addition, changing culture in organizations is very difficult and almost always takes years to achieve, even in the best of circumstances, and significant, sustained effort to maintain. Make sure your management understands these realities and takes them into account in evaluating the compliance and ethics KPI’s and in setting goals.

By taking some of these ideas into account and developing meaningful compliance and ethics KPI’s, my hope is our profession will not only survive but thrive in the long-run, and live up to its potential of helping corporations navigate in increasingly complex and hazardous regulatory environments.

Discussion Questions:

  1. What metrics do you use in your organization to measure the success of your compliance initiatives?
  2. What metrics do you wish your organization had in place for such measurement?

 


Tags: Monitoring
Previous Post

The Most Critical Enterprise Risks for 2018

Next Post

Retiring Enterprise Applications: 4 Key Considerations

Jim Nortz

Jim Nortz

Jim NortzJim Nortz is Founder & President of Axiom Compliance & Ethics Solutions LLC, a firm dedicated to driving ethical excellence by helping organizations implement effective compliance and ethics programs. Jim is a nationally recognized expert and thought leader in the field of business ethics and compliance with over a decade of experience serving multinational petrochemical, staffing, business process outsourcing, pharmaceutical and medical device corporations. Jim spent the first 17 years of his career as a criminal and civil litigator and Senior Corporate Counsel before becoming Crompton Corporation’s first Vice President, Business Ethics and Compliance in 2003. Since then, Jim has served as a compliance officer at Crompton and for five other multinational corporations, the most recent of which was as Chief Compliance Officer at Carestream Health. Jim has extensive experience in implementing world-class compliance and ethics programs sufficiently robust to withstand U.S. Department of Justice scrutiny. Jim is a frequent guest lecturer at the University of Rochester’s Simon School of Business, RIT’s Saunders School of Business, St. John Fisher College, Nazareth College and other law schools, universities and organizations around the country. Jim writes the monthly business ethics columns for the Association of Corporate Counsel Docket magazine and the Rochester Business Journal. Jim is a National Association of Corporate Directors Fellow, a member of the International Association of Independent Corporate Monitors and serves on the Board of Directors of the Rochester Chapter of Conscious Capitalism as the Board’s Secretary and Chair of the Governance and Nomination Committee. Previously, Jim served on the Board of Directors for the Ethics and Compliance Officers Association and the Board of the Rochester Area Business Ethics Foundation.

Related Posts

Demonstrators protest outside amazon investment firm

Employee Surveillance Can Turn Your Office Dystopian If You Don’t Reciprocate Transparency and Security

by Rob Shavell
December 7, 2021

Demonstrators protest outside amazon investment firm Remote employee monitoring is ubiquitous — and likely here to stay. However, using monitoring...

high-voltage power lines with sunset in the background

IPKeys Power Partners Announces New Grid Cybersecurity Breakthrough

by Corporate Compliance Insights
September 8, 2021

Addresses multibillion-dollar cybersecurity convergence challenges of Critical Infrastructure Protection (CIP) & compliance facing utilities & grid operators Tinton Falls, NJ...

sparkles grey background with a winners cup

Eventus Systems Wins Trade Surveillance Product of the Year in 2021 Risk Technology Awards

by Corporate Compliance Insights
July 27, 2021

AUSTIN, Texas and LONDON (July 27, 2021) – Eventus Systems, Inc., a leading global provider of multi-asset class trade surveillance and...

woman looking at horizon from mountain top

What’s on the Horizon for Anti-Corruption Enforcement?

by Stephanie Yonekura and Ann Kim
February 25, 2021

Hogan Lovells’ Stephanie Yonekura and Ann Kim examine the impact of mammoth relief spending, widespread remote work and other key...

Next Post
technology graphics

Retiring Enterprise Applications: 4 Key Considerations

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights