Just had some great feedback on my article OpGRC: Naming a dangerous many headed beast that reminded me of a slide I used to use in conference presentations around 9 years ago.
The feedback on the article was that organisations are
“split broadly into two camps, the firms that try to comply but find it difficult to balance the resource cost and productivity impacts and those that flag wave but really don’t care.”
Based on anecdotal evidence from talking to multiple prospects and clients and prospects we came across the following four types:
Are we supposed to be tracking supplier compliance?
- Isn’t that the responsibility of our suppliers?
- What should we track anyway
The Risk Takers
We know we should track compliance but we don’t. Someone actually told me “no-one has died yet”
- It’s too expensive
- It’s too time-consuming
- We are not sure what we need to track
- We keep our fingers crossed and hope nothing goes wrong
The Grudgingly Compliant
We track supplier compliance but
- It’s very expensive
- It’s time-consuming
We are COINing it. We use a Community of Interest
- It’s inexpensive
- It takes very little of our time
- I get exception reports so I can focus on non-compliances
- I have a framework for my whole of buiness
Where do you see your organisation?
Contact us if you would like to find out how to become Sorted.