Standardizing Policy Design and Approval – Why it Matters

PLEASE NOTE. Certificates of Completion for CPE credit are not available for viewing of archived webinars. For GRCP™ holders, viewing of archived webinars will be automatically tracked and recorded in your Certification Dashboard on your Profile on the OCEG™ site and will count toward GRCP™ CPE requirements only.

In most organizations today, it is possible to find “policies” floating around or even being enforced that have never gone through proper channels for issuance and approval. Some of these so-called policies have been written by people without the proper authority or without full understanding of the impact that the policy will have on operations and risk management. Others are in conflict with each other or may be based on out of date information. Failure to have a consistent style and template for policies makes it even harder to know whether a policy is in fact approved and in force.

Policies that are designed to contain information on linkage to relevant obligations, controls and objectives can be monitored and kept up to date through a policy management system that connects to other business applications and triggers notifications when changes arise. Keeping a record of versions as policies are modified similarly enables an audit trail that can aid in investigations and defense.

Having a uniform approach to the style, content, and issuance of policies is a key step in gaining control and enabling effective ongoing management. In this webinar, we present ways to establish such a systematic and consistent approach to the creation and approval of policies and review how technology can support these efforts.

Learning Objectives:

· Outline a consistent process for policy development and approval

· Identify policy information that helps enable future management and defense

· Determine how to use policy management technology during the policy development phase

Speakers:

· Michael Rasmussen, GRC Research Analyst and Pundit, GRC 20/20 and OCEG™ Fellow

· Evgeny Likhoded, CEO, Clausematch

The Policy Management Illustrated Series

OCEG™ and GRC20/20 are pleased to present the Policy Management Illustrated Webinar Series as a complete resource for maturing your policy management processes and systems of policy control.

The series takes a deep dive into each stage of the policy management lifecycle and offers guidance on where to begin and resources to help you make the case for better policy management with installments addressing:

• An Overview of the Policy Lifecycle

• Development and Approval

• Communication and Training

• Implementation and Enforcement

• Engaging Employees

• Tracking Change That Impacts Policies

• Evaluating Effectiveness

• Where Policy Management Fits

• Building the Business Case for Better Policy Management

• Explaining Why Policies Matter

• Preparing for Policy Management Change

Related Resources