Complying with regulations and protecting your company from legal liability is not easy. To avoid costly fines and penalties you must demonstrate compliance to auditors and examiners—and that requires that you have the right controls in place and also ensure that people are accountable.
Just a few of the compliance challenges companies face include Bank examinations and governance such as the Bank Security Act (BSA), the Sarbanes-Oxley Act, the Health Insurance Portability and Accountability Act (HIPAA) as well as ISO 9001:2000, and ISO 14000. U.S. businesses spend an estimated $420-$670 billiona year on regulatory compliance including audit preparation, fines, lawsuits, sanctions, loss of accreditation and federal funding. As much as one third of bank IT costs are spent on compliance; HIPAA compliance in healthcare IT racked up similar staggering costs.
The Streamlined Business program has enabled our customers to drastically reduce compliance costs and minimize operational risk.
A community bank received numerous negative citations from auditors for gaps and deficiencies in their controls. The Compliance Director was faced with correcting these problems. Their existing documentation was difficult to follow and full of inconsistencies and redundancies. Policies were often intermixed with procedures. Auditors wanted the bank to correct these deficiencies prior to a follow up review.
Using Operations Mapping, our consultants showed them proven techniques for correcting these problems as well as how to re-engineer what they had. Using Zavanta software, they were able to create a user-friendly "system" that linked each regulation to high-level processes, procedures, policies, and people. Not only was this system easier to follow, it was much easier to maintain. Because Zavanta provided more structure and built-in intelligence than their previous ad hoc approach, they were able to avoid past mistakes. During the followup review, their auditors “loved” the results and praised the new approach. The bank went on to expand their implementation of Zavanta and Operations Mapping into Operations, HR, and Training areas as well.
One of our clients, a Midwest E-commerce provider, is a recognized expert in IT security standards including CISP, HIPPA, and Sarbanes-Oxley. They were looking for ways to streamline compliance for their own operation as well as for their customers. A major part of their business was developing compliance policies and procedures for their clients, so they wanted to make sure they were delivering this service in the most efficient way possible. They credit the Zavanta software system as instrumental in helping them to cut compliance costs by delivering high-quality policies and procedures for themselves and their clients.
In the words of their Director of Compliance services:
"Zavanta’s structured knowledge capture interface helped us “think through” all our processes carefully so they don’t just look good—they are good. Our policies and procedures pass all the tests of reasonableness and truly reflect 'best practices'. We recommend Zavanta to our clients and anyone needing to manage high-quality policies and procedures for compliance or internal operations.
. . . Our last audit was the easiest I’ve ever been through. The auditors commented our P&Ps were “best implementation of Policy and Procedure documentation they had seen anywhere.” They praised the thoroughness, clarity and conciseness of our P&Ps. We received an excellent review with no negative comments. The high-quality of our P&Ps went a long way to build the Audit team’s confidence. They could easily see our commitment to compliance, the quality of our controls, and review our day to day compliance activity. This made everything in the audit faster, smoother and easier for everyone."
One of our manufacturing customers literally saved themselves from two separate multi-million dollar lawsuits by applying Operations Mapping techniques and COMPROSE software to create a comprehensive and easy-to-understand "Safety System."
Their operation involved high-liability equipment, and they had strict OSHA compliance standards to meet. Because the company could demonstrate that they not only had strict safety procedures in place, but also that everyone understood and followed those procedures, they were twice exonerated from liability lawsuits—literally saving the company millions of dollars in fines and legal fees.
Manufacturer Achieves ISO 9000:2001 In Less than Half the Expected Time
Applying Operations mapping techniques and Zavanta software enabled one data storage device manufacturer to rapidly achieve ISO 9001:2000 certification in record time.
According to their Quality Assurance Director: "We achieved certification in 6 months of launching our ISO initiative—this is less than one-half the time required by most organizations. . . . The result has been a highly streamlined process for getting consistently structured procedures written, reviewed and released to the employees—all in a highly controlled, easy to maintain fashion."
