Leading Your Whole Organization Through the Pandemic and Beyond

Across the globe, as we collectively begin to emerge from mandatory shelter-in-place orders, our dialogue has shifted from “how do we conduct business effectively with a remote workforce?” to “when and how do we safely re-open our offices, shops and plants?”

It is a tenuous time for business leaders who feel immense pressure to bring their organizations back up to full speed while weighing the multitude of risks associated with moving too fast. In fact, leadership’s role in risk management has never been more important or on display for investors, partners, customers and employees. Decisions made during the next phase of this pandemic must consider employee and community safety more broadly than before and then balance those considerations with operational demands and customer requirements. When all stakeholders and commitments seem equally important, it is never easy to prioritize. But let me suggest this approach:

Lead Your Employees First  

Addressing employee concerns must be a top priority. Clearly, any plans to return to the office, warehouse or storefront must align with government and health officials’ recommendations. But beyond that, how will you prepare your workplace for your employees’ return? To bring back a fully engaged workforce, you must instill confidence that decisions are being made with employees’ best interests in mind, right alongside the interests of customers and investors. At NAVEX Global, we are planning a slow, phased approach that incorporates new social distancing and sanitation protocols along with a hybrid work-from-home model – essentially at any one time only about half of our employees will be in an office while the other half work remotely.  In addition, we will offer the flexibility to continue working from home for the foreseeable future to those who have concerns about returning to one of our eight offices worldwide. We are fortunate that, as a software company, we have options to support a work-from-home model as long as needed, so with an abundance of caution, we aren’t rushing employees back to our offices.

Other types of businesses may not have that same flexibility, so they will need to demonstrate care for their employees in other ways – providing PPE, requiring mandatory testing, etc. – but the goal must be to reassure employees and help them feel as safe as possible. Employees who are confident that their safety is a priority will be more productive and engaged to better serve customers. Your customers will notice and appreciate it. And your employees will respect you for it.     

Next, Lead Your Board  

I echo what NAVEX Global’s Chief Risk and Compliance Officer, Carrie Penman, wrote in this space last month: After the pandemic ends, investors sifting through the negative financial results will start asking the inevitable question: Where was the board?

Is your board narrowly focused only on the current sales forecast and the impact of Covid19 on financials? If so, it’s up to you to broaden their attention to include the more existential threats to shareholder value such as business continuity, environment health and safety, and supply chain disruption (among other risks that may be unique to your business). Board members need to be part of the strategy that 1) gets the organization to adopt a broad risk assessment, and 2) helps identify remediation steps to address key risk areas. Help your board see the bigger picture, which includes everything from managing cash flow to employee concerns about workplace safety to disrupted supply chains.

There is no better learning moment than right now – for executive leadership and the board – to identify gaps in the organization’s business continuity risk management planning and work to close those gaps quickly, especially if predictions of a “second wave” prove true. Now is the time to evaluate lessons learned and implement corrective actions while the learnings are still top-of-mind and there is an opportunity to limit future damage to the business and its reputation.

Finally, Be an Example to Your Suppliers

COVID-19 has caused greater supply chain and third-party service disruption than most of us have ever experienced. And since nearly all businesses are part of another’s supplier network in some way, we are all learning the importance of third-party risk management and contingency planning. When it comes to mitigating vendor risk, my recommendation is to lead by example.

Develop a thoughtful and targeted third-party risk management plan. Identify and document key points of (potential) failure as well as contingencies to address failures. But be careful; a one size approach does not fit all suppliers and third-parties.  Recognize that your partners, suppliers and agents are managing their own internal risk issue during this crisis. Ensure that you are carefully managing your oversight with a risk-based approach to your third parties; ask them the questions you really need answered rather than just sending blanket surveys and forms. Then – and this is perhaps just as important – share appropriate parts of your plan with key third parties to ensure buy-in and adoption. Show them where they fit into your planning and, by example, where they should bolster their own integrated risk management processes.

What’s Next?

The current pandemic has shown us all just how interdependent and integrated our businesses are both locally and globally. If your leadership takes its job as risk managers seriously, it is likely your organization will be less impacted, more resilient and better prepared for the next major disruption.  

For information, insights and tools to help protect your people and business though COVID-19, visit NAVEX Global’s Stronger Together resource pages on our website.

For more insights from Risk & Compliance Matters on leadership during the COVID-19 pandemic, we recommend the following articles:

Chat with a solutions expert to learn how you can take your compliance program to the next level of maturity.

NIST SP 800-53 Rev. 5: What You Need To Know

NIST SP 800-53 Rev. 5 is still in the works, and perhaps for good reason. Here’s what to expect from Rev 5 and how it affects your risk management and cybersecurity programs.

Previous/Next Article Chevron Icon of a previous/next arrow. Previous Post

Justice Department Updates Business Compliance Guidance for 2020

On June 1, the DOJ updated its guidance for evaluating effective corporate compliance programs and one thing is clear – having a compliance program isn't enough. Matt Kelly tells us what’s new.

Next Post Previous/Next Article Chevron Icon of a previous/next arrow.


Subscribe Now!