The Art of Making Leadership Fall in Love With Compliance

Introduction

Does your leadership appreciate you?

Well not exactly you – stated more accurately, does your leadership appreciate the value of Security Compliance and what you and your team do each day? Do they understand why Security Compliance is a crucial undertaking? Can they appreciate why existing frameworks need to be met and new ones need to be onboarded as the company grows? Do they grasp the significance of creating a mature and integrated Compliance program?

Chances are they have no clue.

Getting leadership to understand, and then appreciate, the importance of Security Compliance activities can be challenging. Among their ever-growing list of concerns or areas to focus their limited energies on, it's not so hard to see why Compliance might not always make their Top 10.

But this lack of understanding and appreciation can be highly problematic; without sufficient executive buy-in, you’ll find your journey to be stagnated in every direction, your efforts thwarted, your suggestions shot down.

In short, if you want to be a successful Compliance leader, you need
executive buy-in.

In this guide, we’ll explore best practices you can put into practice to show leadership the value of your work. Culled from industry leaders and veterans, these techniques can help you demonstrate to your leadership the value of Compliance across the organization and thus, help secure the backing you need to drive growth.

As a Compliance leader in a growing company, your job is filled – brimming, in fact – with challenges; due to the nature of your position, you are tasked with hounding people for evidence, forcing stakeholders to implement controls that make no sense to their workflow, and getting leaders to support initiatives they may not understand, and often do not care about. This last point is especially problematic, as the ripple effect will create a disconnect between Compliance’s goals and those of the remainder of the organization.

Leadership in organizations tends to focus and care about areas that are mission-critical, and issues that impact the bottom line. Without an understanding of WHY they should care about your rules and regimes, to them, you're just a stickler. And while it’s true that in many more mature organizations, leadership is aware of the IMPORTANCE of Compliance, that doesn't mean they appreciate you, your team, or your collective endeavors.

In this short guide, we will walk you through the key elements you need to nail if you want to get your leadership to like and appreciate you – not for your own sake of course (okay, maybe a little bit for your own sake) – but so that you can get the backing you need to leverage Compliance as a tool for expanded and accelerated growth.

Align with their goals

Before you do anything else, make sure you are aligned with leaderships’ goals. What makes them tick and what keeps them up at night? Don’t try to bring them into your world before you’ve firmly planted yourself in theirs. The more deeply you understand their goals and concerns, the more you’ll be able to empathize with them and build a meaningful line of communication.

‍

Speak their language

As a Compliance leader, you need to speak many languages to effectively communicate with various teams across the organization. The same goes for leadership; Speak to them in terms that are relevant to them. When addressing leadership, don't focus on the importance of Compliance in-and-of-itself, because honestly, all functions are important to some degree. Instead, give them a reason to see Compliance as a business enabler. Focus on the ROI that comes with being optimally compliant and show them how being compliant can serve as a competitive advantage and a vehicle to impress prospects.

‍

Give short, business-driven updates

The typical execs are, understandably, very busy people. They don’t want extra information or long stories without a true connection to the impact on the business. It’s not enough to cull information from external sources and expect them to read it; you’ll need to extract the EXACT information they need to be aware of. In cases where they need to turn their attention to an issue, they expect information to be to-the-point and business-driven, with the dollars-and-cents impact clearly explained, crafted especially for their at-a-glance needs. Visual tools, like charts and infographics, can be super helpful here, to deliver fast memorable messages.

‍

Deliver information on
a consistent basis

Linked to the point above, once they begin to see that Compliance does indeed affect the bottom line, leadership will expect to be informed of any issues impacting it. Use this to your advantage by creating a continual feed of Compliance-related information to share with them at regular intervals. Create short reports covering: any changes to the Compliance ecosystem, i.e., what regulations/frameworks are set to change in the upcoming future; any major news items touching on issues that may affect your organization as well; and any significant wins you've had since the last update.

‍

Use numbers and 
percentages – and give context

You definitely want to convey to leadership that under your guidance, the Compliance posture is improving (unless you're already at optimal posture – and in that case, good job!). But it’s not enough to tell leaders that you’ve improved and now your controls are more effective; you want to quantify that information. Thus it’s much more effective to say things like, “We had 10 control failures this quarter, as opposed to last quarter when we had 15.” Or, “It took us 3 weeks to close control gaps, instead of 6 weeks like last time.” Statements like these provide much-needed context and tangible numbers, which can help leadership quantify and measure the improvements you've made.

‍

Demonstrate an ability to learn and change

In the fast-evolving Compliance ecosystem of changing regulations, additional contractual obligations, and shifting security threats, constant change is one of the only certainties. Showing leadership your ability to adapt and learn new tricks will go a long way to proving your worth as a flexible, dynamic problem solver. The cumulative impact of showing leadership that, time and time again, you are a consummate problem solver will enable them to see you as a leader in your own realm and someone they can count on. And now that you have this baseline of trust, this is also a great opportunity to onboard new tools which will help you do your job better. With leadership now confident in your ability to problem-solve and think outside the box, they’ll understand that when you tell them you need something, they’ll know they can trust your word.

‍

Become a trusted, calming force

When news of a breach or a security threat breaks, it’s only natural for the C-suite to feel some level of panic. As a numbers-driven Compliance leader, you have the ability to calm their nerves and provide a true data-backed perspective on the level of threat said issue presents to the organization. The fact that you've been plying execs with data, percentages, and context along the way means that you've established a foundation of trust, accountability, and transparency, which will help them feel confident in your assessment of the given situation.

‍

Be a likable person

Okay, this may sound obvious – but honestly, in high-tension, high-stress environments, it bears repeating. Listening before you speak, smiling, admitting mistakes, dropping the combative stance, and being an open and sincere person, paired with the tips listed above is your golden ticket to becoming a truly valued person within your organization. Not only will this serve you well, but it will also help solidify the function of Compliance as a key focal point across the organization.