I had a good conversation late last week with a prospective client. He said his organization was under no outside pressure to update their internal documentation. They decided on their own to take this action; they felt it was “about time”.
(Did I say a “good” conversation? I mean I’d have been doing handsprings if I knew how. I was ecstatic! If only there were more companies like this.)
Usually, people need help updating their policies and procedures because they’re not in compliance with some industry standard or regulation, which has been discovered during an audit. They need to comply very, very quickly. In fact, it’s an emergency.
Unfortunately, they can’t comply quickly – if at all – because they’ve neglected what they should have been tending to all along. They should have periodically reviewed their policies and procedures for accuracy, completeness, and timeliness.
What usually happens when we’re in a hurry to get things done? Extremely tight deadlines…scope creep…poorly defined (and unreasonable) expectations! That’s what usually happens!
Much of what goes wrong with projects like updating policies and procedures has to do with a lack of perspective – focusing on immediate gratification of short-term needs instead of keeping long-term goals in focus and making success sustainable.
Without paying attention to long-term goals, our certificate of compliance is mere window dressing. Instead of periodically monitoring, reviewing, and continually improving our business processes, we’ll wait until a month or two before recertification is due and then shift into panic mode. (Every two or three years, it’s “déjà vu all over again”, to put it in Yogi Berra’s words.)
If compliance is motivated from within, chances are much better that you’ll sustain compliance and quality without much difficulty.
Now, to the question posed in the title – How often do you conduct a review? – it depends on a lot of things. (You knew I’d say that, didn’t you?) The complexity of your business, the complexity of your processes, the number and complexity of the standards and regulations you’re required to observe, and much more factors into the frequency and scope of your reviews.
However, a good rule of thumb for any organization is to start with an annual review of key policies and procedures. Vary the frequency and scope of your reviews as circumstances, needs, and experience dictate.
If you need help developing your own system of policies and procedures or if you simply want to review what you have, send me an email or leave your request in the “comments”, below. Don’t wait until the auditor shows up at your front door.