In our 2021 Compliance Benchmark Report, we asked more than 200 cybersecurity, IT, quality assurance, internal audit, finance, and other professionals about their compliance programs. We learned a lot about how they run their programs and the impact of the COVID-19 pandemic on their compliance plans.
But the biggest thing we learned? The pandemic may have changed the world, but compliance kept moving forward. Here are the three trends we uncovered between compliance programs and the pandemic.
1. Compliance Didn’t Stop
The COVID-19 pandemic challenged practically every facet of an organization. From a drastic shift to remote employees, to budget cuts, to halted work, organizations tried to regain their balance as they navigated a tough — and unexpected — situation.
But the market pressure for third-party compliance validation didn’t stop. In theory, this makes sense: Rules and regulations didn’t go away as the pandemic spread throughout the world. Despite internal challenges organizations encountered they continued to invest in compliance programs to ensure they remained compliant with key regulations.
In fact, in our Compliance Benchmark Report, 85% of respondents reported that their organizations kept compliance programs on track, and 60% of respondents stated COVID-19 had no impact on their organization’s compliance program.
2. An Increase in Remote Audits
As the pandemic forced organizations to create remote work environments, compliance programs had to adjust. Certain elements of compliance programs, specifically audits and assessments, typically require in-person reviews of evidence and on-site visits from auditors. This just wasn’t an option for compliance teams in 2020.
To ensure the necessary processes remained intact to complete audits and assessments, organizations and assessors found ways to embrace the shift to remote work. In fact, 71% of survey respondents reported they conducted remote audits or were planning to conduct remote audits. This shift was moderately smooth, most likely due to the fact that most of the people directly involved in contributing to audits and assessments are on IT and cybersecurity teams, and are already comfortable with basic tools for automation, organization, and collaboration. Remote audits and assessments could be conducted more easily, while minimizing the expenditures of undertaking multiple audits and lowering the operational expense of lost productivity, by using compliance and audit management software, similar to A-LIGN’s A-SCEND platform.
This shift in the audit process opened the door for organizations to create more efficient remote auditing processes that introduced significant cost and time-saving elements. In addition, organizations began to see the significant impact and efficiencies that technology can bring to their compliance programs and process.
3. Compliance Budgets Stayed the Same
The pandemic challenged organizations and individuals alike when it came to financial situations. In fact, many organizations were forced to furlough or lay off employees during the early days of the pandemic to accommodate budget cuts across departments.
But compliance budgets largely stayed the same. 65% of our survey respondents reported that the pandemic had no impact on their department budgets.
Worth noting is that even though compliance programs remained strong throughout the pandemic, there was minimal growth. Even with increased cybersecurity concerns as more employees worked remotely, only 9% of respondents stated there was an increase in their compliance department budget.
The pandemic forced many organizations to revisit their priorities to ensure resources were allocated to the areas that would keep the business moving forward. Based on the findings from our Compliance Benchmark Report, compliance programs found a place on this priority list.
And though the need for compliance programs were essentially untouched during the pandemic, aspects of the compliance programs themselves (strategy, coordination, execution, etc.) did advance out of necessity. Therefore, we’re likely to see an evolution in the way organizations approach audits and assessments in the future, including remaining with a remote audit approach and introducing technology as a tool in their compliance management program. The end result could mean more efficient and affordable audits for organizations in the future.
Ready to refine your compliance program?