Compliance Unfiltered is TCT’s new podcast, dedicated to making compliance suck less. It’s a fresh, raw, uncut alternative for anyone who needs honest, reliable, compliance expertise with a sprinkling of personality.
Show Notes: Navigating Compliance in a Post-COVID Universe
Quick Take
On this week’s installment of Compliance Unfiltered, we tackle the tough issue of how COVID-19 has impacted compliance practices in the workplace. And as things start to cycle back to relative normality in the business arena, what can you expect from the compliance landscape?
From office transitions to travel, to work-from-home challenges, everyone is feeling the strain of change.
- How can you navigate these waters effectively, from a compliance perspective?
- How can you ensure your organization isn’t compromised from a security perspective?
- What lessons have businesses already learned from the COVID pandemic that you can use to stay ahead of the game?
Find out all this and more, on this episode of Compliance Unfiltered with Adam Goslin.
Read Transcript
Intro
So let’s face it, managing compliance sucks. It’s complicated, it’s so hard to keep organized, and it requires a ton of expertise in order to survive the entire process. Welcome to Compliance Unfiltered, a podcast dedicated to making compliance suck less.
Intro
Now, here’s your host, Todd Coshow, with Adam Goslin.
Todd Coshow
Well, welcome into another edition of Compliance Unfiltered. I’m Todd Coshow alongside the well -relaxed and freshly vacationed compliance guru himself, Adam Goslin. Adam, how are you today?
Adam Goslin
uh, doing good. I’m just trying to recover from my vacation. So yeah, it’s great.
Todd Coshow
Yeah, I have kids. I know what that’s like. Well, listen, Adam, as we jump into it today, this is a conversation that just truly needs to be had. And that’s what compliance is like in a post COVID universe.
Todd Coshow
Now, we know that for a lot of folks, COVID is still very much a front and center topic on their minds. But with the social distancing measures in place and already the availability of a vaccine, we’re seeing a lot of businesses transition back into business as usual.
Todd Coshow
And so that means that there’s obviously going to be some changes involved. And Adam, speaking of things, which have, you know, need to suck less, it’s been quite a year.
Adam Goslin
Yeah, this is a, this is a true statement. So, you know, I mean, you know, COVID, COVID introduced a lot of, you know, a lot of challenges for, you know, for organizations, um, a lot of company turmoil as they started to, you know, started to deal with it, move over to, you know, move over to the notion of, uh, of, of kind of remote, uh, remote working, you know, for a lot of organizations that we’re doing,
Adam Goslin
you know, kind of heavy travel as part of how they did what they did. And we went from, you know, whatever traveling, you know, traveling every week, you know, airplanes and going on site to clients, et cetera, to like zero.
Adam Goslin
And so, you know, there’s, uh, people that had to go from working in an office all the time to, Hey, guess what tomorrow we’re going to, you know, we’re going to be, uh, you know, you’re going to be heading home.
Adam Goslin
Um, you know, in many cases, you know, a lot of these companies, you know, were they before the, the, the, the, uh, the appearance of COVID, a lot of companies would have a limited number of people that could kind of remote in.
Adam Goslin
So they weren’t even staged for supporting those, you know, those, uh, those folks being able to be able to work remote. I had, I had one organization that I was talking to where they had, uh, they had several hundred people, but, uh, you know, pre COVID, I don’t know, they had maybe a handful, five to eight, 10, you know, people that could actually work, you know, work remotely.
Adam Goslin
And now they’ve got people that normally would never work remotely that they’ve got to go figure out. So, I mean, COVID posed a ton of challenges for, you know, for, for organizations.
Todd Coshow
Yeah, most definitely. It seems like several companies transitioning back into the office and traveling again like we’re seeing conferences start to pop back up, especially in our space. That definitely means some transitionary approaches.
Todd Coshow
What are you seeing?
Adam Goslin
Well, you know, as far as, as far as the, you know, kind of the, the, the folks which are doing, you know, kind of move back to the office and it really a lot of it just depends. It depends on the company.
Adam Goslin
It depends on what state they’re in. It depends on where they’re at. It depends on the circumstances, but, you know, I’m seeing a broad range of, you know, different, you know, different types of, of notions for, you know, what companies are doing now.
Adam Goslin
I’m sure that’s going to continue to transition and probably transition based on circumstances. But, you know, we’ve got, you know, kind of a mixed bag. So some companies are like, well, yeah, we’re, we’re back, we’re back and we’re working in the office and, and blah, you know, some of them are, you know, kind of taking a set of their staff to kind of work out kinks and whatnot, and just do it on a partial basis.
Adam Goslin
I’ve seen other organizations, they basically have taken an approach of kind of scheduling their personnel out. You know, we’re going to be, you know, kind of these departments in on these days, maybe they’re kind of treating desk spaces as, you know, kind of shared, you know, shared spaces so that they can spread everybody out.
Adam Goslin
You know, and then only having whatever, you know, a third of the office comes in, you know, third of the office comes in Monday, another third on Wednesday, another third on Friday with cleanings in between.
Todd Coshow
Sure. Sure.
Adam Goslin
So, you know, it’s, it’s been kind of all over the board, you know, and whatnot, you know, travel, um, you know, certainly there was a long period of time. I took my, I took my first flight.
Adam Goslin
Geez, since like March of 2020 I took my first flight a little bit early, earlier this year. You know, but travel still, you know, still, still relatively light I think across the board that some organizations have done it more heavily but you know part of the problem with the travel to is that because there’s been such limited travel and folks are having problems with being able to just get staff right to go in and work and whatnot.
Adam Goslin
The, the schedule and availability of flights and whatnot even with the airlines is spotty would be a good, good way to put it. And, you know, and, and so you know travels heading in the right direction but there’s still, you know, good, good ways to go, you know conferences, you know, I, you know, in 2020 obviously everything, everything I can’t, it was either canceled or, you know, was, you know,
Adam Goslin
was made into, you know, on the fly into virtual events, what I’m seeing so far this year is that even and even still a lot of the, a lot of the conferences and some of them are coming back in person, but a lot of the conferences are still sticking with full remote conferences so I again I think that’s going to be a transition that that we’ll see, you know, happening over time and certainly one of the problems that you know that that every organization is facing is because of the negative impact to,
Adam Goslin
you know, to companies to businesses to the economy, you know, over the last year and a half, is that, you know, costs are skyrocketing, you know, the, any of the companies that the, any of the companies that were heavily contingent on a pre COVID norm for kind of running their business, you know, if they’ve survived the, you know, kind of the process, you know, then they’re trying to, you know, they’re trying to put all the,
Adam Goslin
you know, all the pieces together again and that means increase costs in many cases that they can cover, you know, the losses they’ve been basically fronting for, you know, for the last, you know, last like 18 months.
Adam Goslin
So it’s, yeah, it’s a, it’s a real mess out there right now, as far as, you know, as far as kind of what I’m what I’m seeing at least as of right now.
Todd Coshow
No, I definitely understand that. Now, from a compliance perspective though, what type of communication issues did the COVID pose for companies?
Adam Goslin
Well, I mean, one of the one of the biggest things was that for many companies, they needed to figure out just the basics. Right. How do we communicate again? Right. Everybody had a cell phone and an email and whatnot.
Adam Goslin
But but that that was a huge, you know, kind of a huge challenge for organizations to be able to figure out is how the heck do we communicate as we go through this this process? A lot of organizations had problems with information sharing.
Adam Goslin
How do we get information from me to meet this person or from this person and whatnot? So, you know, some of the some of the companies that benefited substantially from,from what happened with it is a lot of the kind of the whatever the Zooms or meetings or whatever, you know, you kept seeing and a lot of new offerings kind of popping up just to be able to kind of keep up with demand.
Adam Goslin
You know, those companies were loving it. But, you know, it posed a lot of challenges. I mean, if you think about it, right. I mean, it’s going to go back to that notion of, you know, the company had limited people that could even remote in to be able to do their work.
Adam Goslin
You know, there were also limited numbers of people that actually had a go to meeting or a Zoom or or whatever. So, you know, we had you know, we had those challenges to get through. You know, in the you know, in in the past, if you think about it from a kind of a pre covid world, you know, there was a lot of a lot of the process from a compliance perspective dependency on more of a manual process.
Adam Goslin
Right. Whether it was an Excel spreadsheet, whether it was a network location that I would go put things on, maybe even, you know, some many locations where I would go and drop files to be able to get them from person to person.
Adam Goslin
That type of thing. Sure.
Todd Coshow
It’s the way that it’s always been done.
Adam Goslin
Yeah, yep, yep, exactly. And in many cases, some of the shortcomings for communication just came about as a result of the fact that the company was centric to having a process or an internal kind of credo that would be better facilitated through face -to -face interactions.
Adam Goslin
We’re scheduled a meeting in this room so that we can communicate and whatnot. Now we need to figure out not only how do we all get into the same place at the same time so we can hear each other, but see what we’re working on, look at the same stuff and whatnot.
Adam Goslin
So those all post some pretty substantial communication challenges, as well as the fact that many, many, many, many of these companies, they were not used to having a distributed workforce. It just wasn’t the way they ran their business.
Adam Goslin
And so trying to go from whatever February of 2020 to April of 2020, it was a huge challenge as companies were just trying to find their way through that process.
Todd Coshow
Now, what type of recommendations, Adam, can you make for better handling remote employees?
Adam Goslin
Well, at this point in the game, most of the organizations have kind of been forced to figure their way through like screen sharing conference, calling video conferencing, et cetera. But, you know, it’s been a challenge for, you know, for a lot of companies to be able to find their way.
Adam Goslin
And what I’m seeing is I’m seeing varying degrees of maturity. It’s one thing to say, I have Zoom, right? Or I have GoToMeeting at this point in the game. And it’s another to have adopted your internal process procedure and dotted all your I’s and crossed your T’s on how is this all gonna work in a full remote, you know, full remote arena.
Adam Goslin
So for, you know, for a lot of those organizations, it’s been pretty challenging. They’ve got a lot of it worked out, but there’s still things that are kind of popping up and causing issue and things along those lines.
Adam Goslin
You know, for TCT, you know, proper total price tracking, you know, we’ve always been a full remote organization. So that was kind of a blessing, if you will, that, you know, when this COVID thing happened for us day by day and, you know, whatnot, it was already part of what we did was being a full remote style of organization.
Adam Goslin
So the instantiation of COVID really didn’t have, you know, that big of an impact, you know, big impact on TCT. But, you know, really the use of adopting your, you know, kind of internal process, internal procedures, communication, et cetera, to a full remote style, you know, of operation, that is one that just kind of continuing to work through that, make that better, make constant improvements,
Adam Goslin
et cetera. But when you’re able to, from a compliance perspective, when you’re able to use kind of a, I’ll call it a shared information platform, such as the TCT portal for compliance management, that provides the users substantial, you know, capabilities for being able to kind of streamline, streamline their process.
Adam Goslin
You know, the fact of the matter is, is that when we built the TCT portal, the entire premise for the system was that it was one place for all of the compliance information. And so that made, you know, that makes it a lot easier for those remote employees, especially trying to handle compliance communication, basically to dramatically streamline their process, because they’ve only got one place to go look.
Adam Goslin
I don’t need to look at a spreadsheet and check my emails and, you know, go, you know, look at this, you know, file server and this, you know, kind of file sharing system and, you know, there’s one place that you get to go.
Adam Goslin
So that’s one of the big benefits, and especially for handling the, you know, kind of the remote employees from a compliance perspective, some type of a system where you’ve got everything in one spot is huge.
Todd Coshow
Now, what are some of the other benefits? I mean, that makes total sense to me. Obviously, having worked with the system and understanding organizations and their experience with utilizing the system like the TCT portal, I can certainly understand it.
Todd Coshow
But for the listener, Adam, what are some of the other benefits of using a system like the TCT portal for compliance management?
Adam Goslin
Well, I mean, if you think about it, you know, it really comes down to what are what are the what are the common needs that an organization has and really looking at it, looking at their looking at like the business continuity of your compliance program is really the, you know, kind of the view to want to have.
Adam Goslin
So if you think about it, you know, we’ve got, we’ve got varying, varying folks in that kind of compliance continuum. We’ve got folks going through compliance. So the ones that are kind of subject to, you know, to whatever compliance or standard they need to meet.
Adam Goslin
The other end of the spectrum we’ve got, you know, assessors auditors that are going in and, you know, doing the, you know, the sanity checking and the reviews validation and whatnot. And all the people that are in between, which I call the kind of the service providers, if you will, and those service providers could be, you know, secure compliant hosting companies.
Adam Goslin
This could be, you know, security and compliance consulting organizations, you know, point solutions for compliance organizations so it across that kind of, you know, compendium, you know, each of them have their own different, you know, their own different needs, if you will, but at the end of the day, you know, you got to be able to kind of keep your keep your business running and keep the communication going.
Adam Goslin
So, you know, some of the things that companies need to, you know, need to kind of contemplate as they’re looking at that. Hey, how do we keep our compliance moving some of the considerations that they really need to kind of put into play is is look at, you know, what happens if I like the what if game right it’s, it’s almost kind of like a part of the risk assessment, right.
Adam Goslin
You know what happens if we have personnel that are shifting positions internally so yeah Mary’s going to move from, you know, the head of this department, you know, over to the head of this completely different department, you know, so, you know, what do we do, you know, how do we, how do we maintain that continuity.
Adam Goslin
You know, especially now with, you know, so much change that’s happened, you know, in terms of kind of the personnel landscape, you know, a lot of companies having to do, you know, layoffs bring you trying to bring people back and getting new personnel, etc.
Adam Goslin
But, you know, there’s always going to be new people coming into the organization. And so you got to look at how do I get these people up to speed, you know, with our compliance program where it’s at what we do what we did last time, you know, that type of thing.
Adam Goslin
So, you know, we’ve got, you know, we’ve got also the notion of unexpected turnover. You know, and a lot of people think about you know you know whatever you know Bob goes and puts his you know puts his two weeks notice and etc and you know, oh my gosh we had two weeks to go figure all this out.
Adam Goslin
But in one case, I had I had a client where they basically their entire compliance program was centric to this one, one guy that was the kind of the CIO for the organization, and he was kind of the one that kind of held it all together.
Adam Goslin
Well, unexpectedly, the guy dies, you know, and, and what happened, and I’m not kidding you, I jumped into the fray to try to help these people, you know, through the process, but the internal personnel, they didn’t have a clue, they didn’t have any idea.
Adam Goslin
What was this person doing for this what solutions did they have, you know, where were, you know, where were things like, you know, authentication to different systems that he put in place, etc. It was a, it was a really, really big mess but yeah, you know, even people moving positions, you’ve got to be able to account for what happens if all of a sudden, this particular person that’s critical is not that you know yeah
Todd Coshow
And in the current state of things, that’s a very relevant topic.
Adam Goslin
Yeah, and, you know, and so really, you know, for organizations and business continuity around compliance management, you know, the reality is that you need to be looking at having the capabilities, especially in light of, you know, kind of some of the lessons that, you know, that this COVID thing taught us is that is supporting a mix of people working from home, working in the office, you know, and keeping in mind,
Adam Goslin
it may vary, right? I mean, you know, we went from, you know, however people were doing it, you know, in February of 2020 to by April, May, everybody forced to work, you know, working remotely and now seeing a mixed bag.
Adam Goslin
I mean, companies need to be in a position where they can support both of those models. It’s really where their head space needs to be, but having the capability to handle, you know, people moving around, new people coming in, unexpected departures, et cetera, you know, all of that, you know, I go back to that prior comment that I made of, you know, hey, when we made TCT, it was one place for everything.
Adam Goslin
Well, in all of those cases, now if I’ve got new people coming in or I need to train up an internal resource, or I’ve got people leaving, you know, now I’ve got one place I can go look, I got one place to go see, you know, whatever, you know, whatever, it’s Bob that, you know, suddenly left the company, right?
Adam Goslin
You know, I can now go into the system, I can see what was the last thing Bob did? When did he do it? What did he supply last year? You know, all that fun stuff, that provides an unimaginable amount of level of business continuity in the compliance program because you’ve got a rock solid repository of exactly what worked and what you used.
Todd Coshow
Absolutely. Well, you know, expand upon that a little bit. What other lessons can businesses glean from COVID?
Adam Goslin
Okay. Well, the, you know, really planning is essential. I mean, I think, I think the one lesson, you know, and you, and you heard it from the folks in the security and compliance space, you know, banging the drum for years, right?
Adam Goslin
You need to think about your risks. You need to plan for risks and, you know, and we can talk to we’re blue in the face, but it’s not until an organization goes through some type of a massive issue that they really, you know, they really kind of see the light, right?
Adam Goslin
I think COVID, I think COVID taught a lot of companies some pretty tough lessons about their lack of planning. So, you know, planning is essential. You got to be able to go look ahead, forecast issues that could occur.
Adam Goslin
What happens if, you know, what would I do if, what happens when so and so is not here? What happens if this vendor goes poof? You know, all of those types of issues were things that were happening over the last 18 months, you know?
Adam Goslin
Companies going under and blah, blah, blah. It’s like, man, I think COVID happened to be, happened to be an instance of an issue that taught a lot of people a lot of hard lessons, but, you know, really I’d encourage folks to use COVID as, you know, kind of the impetus for, you know, looking at it more generically, to take the risk assessments somewhat more seriously.
Adam Goslin
You know what I mean?
Todd Coshow
Yeah, this was the instance, but it isn’t necessarily going to be an isolated incident and that’s a great that’s a great point to make.
Adam Goslin
Yeah. And the reality is that you should always be looking down the road, looking how to make, how to do things and streamline your, streamline your business, protect your business, forecast, you know, problems you’re going to run into those types of things, because that’s, that’s the exercise.
Adam Goslin
Now there’s some, there’s some folks that are on the business side, you know, that, that used to look at that exercise, you know, this is a waste of time. What are the odds we’re going to have a pandemic, right?
Adam Goslin
You know, I mean, surprise, you know, but the way that I look at it is this with, you know, there’s varying degrees, right? You don’t, you don’t have to go ad nauseam overboard, but in the same sense, putting thought into realistic things that can happen to your business just means you’re better prepared for handling it.
Adam Goslin
Certainly streamlining for businesses, that’s something you should be doing period, right? And when you’re streamlining your company, it means you’re using less overhead. You need less personnel to do the same job you did yesterday.
Adam Goslin
You’re obviously more efficient. You have, you know, you’re, you’re mitigating, you know, mitigating any redundancy issues that you need. You know, you’ve got improved capability for handling, you know, various business continuity and disaster recovery issues, you know, that can arise.
Adam Goslin
And all of those, all of those kind of proactive elements, those are a really big deal. And I really think that a lot of companies ended up learning a real tough lesson through this COVID experience.
Todd Coshow
Well, that’s all the time we have for this episode of Compliance Unfiltered. I’m Todd Coshow.
Adam Goslin
And I’m Adam Goslin. Hope we helped to get you fired up to make your compliance suck less.
Follow Compliance Unfiltered on Twitter and Instagram at @compliancesucks
