Tag Archives: compliance

For L&D Managers

give your compliance learning program a shake up

Leave a comment

L&D Managers: is your compliance learning program increasing risk, wasting time, money and employee brainpower, and damaging your internal brand?

Most organisations, particularly large ones, usually have a comprehensive compliance-based learning program covering the legislative and regulatory obligations of employers and employees. Course topics generally include health, safety and environment, corporate ethics, information and systems usage and employee conduct.

Getting compliance-based learning right is a critical risk mitigation process for organisations, and for many employees, these courses will probably be the most regular and predictable training they undertake across the course of their employment. But if the content is overloaded, irrelevant, and not immediately applicable, it might also be the most boring training they will ever do!

L&D departments have an important role to play in ensuring that the learning process doesn’t take a back seat to ‘butt-covering’. If you feel that there is room for improvement in how your organisation does compliance training, then read on for some handy tips to set you up for success before you design your new program.

1. Develop a current state view, including costs

Start by analysing your entire compliance learning program, and quantify everything you can. Put together a table capturing summary info on each course: topic areas; learning objectives; modes of delivery; completion timeframes; reaccreditation requirements and completion rates. To get to a deeper level of analysis, include the relationship between each course and the specific legislative, regulatory or risk elements they are designed to address. Going back to these first principles of what and why is particularly important to understand and capture, especially if you have a legacy program that has been in place and/or added to over a long period.

Make some assumptions about what the overall program costs to implement on a recurring annual basis. If you have access to standardised hourly labour rates across your company, and can apply this to the number of learners completing the programs in any given year, then use this calculate the exact costs. If you don’t have standardised rates, get your calculator and work out an average hourly rate for all learners and use this. It’s important to understand the true costs of your total compliance learning program so you can make informed assessments about impact and value.

This overall current state analysis will be very useful throughout the process of engaging stakeholders and informing review and future state design considerations, and later as a baseline to evaluate your new program against.

2. Know your stakeholders

There are many people who have a stake in the process and outcomes of compliance programs. The most obvious ones are the people who are responsible for organisational compliance. At the highest level, your CEO and/or Board are the people who are ultimately accountable for ensuring that all employees know what they need to know to keep the company out of legal trouble.

Depending on the size and complexity of your organisation, you may have a legal, risk or compliance team, who have assumed some delegated responsibility from the CEO and/or Board for managing the overall compliance program.

There will likely also be subject matter experts, who are the key authority for a particular topic. These people can be the trickiest to manage, as they will be neck-deep in the specifics of their focus areas, and may not be able to see ‘the wood for the trees’.

Managers are also stakeholders, from the perspective of the amount of time it takes them and their team members to complete the program of courses, and having to manage the application of what has been learned to daily business operations.

The most important stakeholder group are the learners themselves. With compliance programs, this is everyone, from the boardroom to the frontline, including everyone in the above groups.

3. Ask for feedback

Whether you want to gather feedback formally via focus groups or surveys, or informally via observation, anecdotal evidence or random interviews, it’s important to understand what people across all stakeholder levels think of your current program.

To get a richer level of feedback, try to construct questions that go beyond content and delivery, and gather information about the relevance, application and effectiveness of the learning. Look for examples of where the programs may have failed, and dive into why that could be. Your earlier analysis of costs, along with feedback gathered, will be important information to use if you decide to proceed with a project to revamp your program.

4. Research and create the overarching principles for your new program

Compliance programs can historically be dry and boring, and are often overloaded with content, so don’t fall into this trap with your new design. A good guiding principle is to include only that content that ‘everyone in your organisation needs to know every day.’ This in itself may sound like a recipe to include everything, but it’s not! You should aim to elevate the content to just the absolute basics. Many employees may not need to apply their learning very frequently, so it’s important that the content covered is relevant, delivered appropriately and immediately useful, to make the knowledge as sticky as possible.

Where more detailed information needs to be included, consider the performance support options available to your learners. Your program principles should then include how to best build your employee’s understanding of when and where to access this additional information e.g.: via your company policy and procedure manuals, intranet/portal sites for further information or key contacts for specific expertise or help desks.

It’s far more important that learners can identify and understand when and where to seek further information than it is to attempt to build a program that imparts an encyclopaedic knowledge of everything. It will cost a fortune, it won’t work, the learners will hate doing it, and your compliance risks will skyrocket.

5. Reference best practice and standards wherever possible

When considering the principles for your new design, refer to best-practice wherever you can. It can be very helpful to reference external research or published standards for compliance programs, particularly if you find yourself dealing with stakeholders who want to include reams of unnecessary content at the expense of the learning process.

There is a new ISO standard (19600:2014 – Compliance Management System Guidelines) that goes into some detail about the competence and training requirements of compliance programs. Copyright restrictions prevent me from including the full reference, but in nutshell it suggests that organisations should make sure that employees are competent via education, training and work experience, and that results would be evaluated for effectiveness and evidence of competence records should be retained. It also suggests that training should be tailored to company and employee obligations, be based on an assessment of knowledge and competence gaps, practical, relevant and easily understood, and flexible enough to allow for different needs.

For those of you with programs that have a never-ending cycle of reaccreditation – i.e.: some or all courses need to be redone at regular intervals – the ISO standard has a section on what the triggers for considering retraining should be. These include when there is a change of positions, responsibilities, policy, procedure, structure, company obligations, or issues arising from program failures or recorded non compliances. So unless any of the above have occurred, or you are subject to a piece of legislation that specifically mandates a training frequency, the courses in your compliance program should not need reaccreditation.

Your stakeholders might think that repetition = learning, but that doesn’t mean it’s true. Do we really still believe that a person who needs to repeat a course on an annual basis understands everything on day 364, and on day 365 the knowledge just falls out of their head? It’s a ludicrous proposition, and if you can’t appeal to your stakeholder’s better judgment by referencing your feedback analysis and/or adult learning principles, the ISO standard might just help you to prove it.

Click here to purchase the full standard if you’re in Australia, or here for the rest of the world.

So what are you waiting for?

Compliance based learning programs get a bad rap in the world of work. And if they aren’t designed and reviewed properly, they probably should. If you’ve gotten this far, the next steps are where the fun begins – design, development, implementation and measurement!

Need help?

Contact Open Access Learning if you’d like more information or support to review and redesign your compliance learning program.

Further reading

Andrew Gerkens has published a great post on compliance training on LinkedIn Pulse – you can access it here

SAI Global have developed a useful and free illustrated guide to effective policy communication and training – you can access it here

Printable PDF: give your compliance learning programs a shake up

For L&D Managers, For Risk Managers

is competence critical to your core business?

Leave a comment

L&D Managers:  are you effectively managing competence-related risks?

Many businesses, particularly those governed by legislation or regulation, rely on the competence of individual employees or contractors to continue operating safely and effectively.

It definitely makes sense for every business to have a focus on hiring, developing and retaining competent leaders and employees.  But for some industries, including mining, manufacturing, aviation, road and rail transport, utilities and construction, it’s often a legal imperative, and there can be serious consequences for employee, customer, community and environmental safety if company executives get it wrong.

Regardless of the jurisdiction of regulators, most of the legislation relating to safe and effective business operations will refer to the operator/business owner ensuring the effective management of risk. So it makes good business sense for organisations to analyse and manage employee or contractor capability using a Risk Based Competence Management approach.

What is it?

Risk Based Competence Management is a process for identifying, analysing and prioritising the competence related controls (human knowledge, skill and behaviour) that help to manage or mitigate the risk of incorrect task performance.

How to get started with Risk Based Competence Management

1. Understand the risk context

The logical place to start is with your company’s risk statement, risk policy, matrix, or whatever you have in place that captures your operating risks.  Most organisations will also have some kind of risk quantification analysis, which, bleak as it is, defines the likelihood of a risk actually occurring, and what the consequence or impact would be.  Don’t get too hung up on the corporate risk documents at this stage – you will need them later on in the process.

2. Understand and analyse the ‘risky roles’

Now you need to get down to business with the competence related aspects of your model.  You have two choices here – you could start from the macro-level, and brainstorm the critical aspects of your business that would be affected by a failure of competence, or you could start with those roles that are most critical to your business operations and work from the bottom up.  Either way, it would be useful if you ended up with a list of critical roles that could be maintained for easy reference and cross checking in the future.

3. Understand and analyse the tasks that the ‘risky roles’ are responsible for

Because competence is always dependent on role and task context, your next step will be to break down each critical role into tasks that can be analysed more deeply.  The information needed includes the technical and non-technical skills required to perform the task correctly, how difficult the task is, and how frequently it is performed.  Difficulty and frequency are important factors, as they weigh heavily on how competence is maintained over time.

4. Analyse the controls already in place, and identify control gaps

This is an important step, as many risks are effectively managed by controls other than training or competence.  In fact, on the scale or ‘hierarchy of controls’, human competence rates fairly low, behind more effective controls that can eliminate, substitute or engineer risk out of a process.

Learning or competence related controls should only be used when no higher control mechanism is available, and should then be prioritised to firstly manage the risks that relate to high task difficulty, and infrequent task performance.

5. Identify learning, assessment and competence management requirements

This final step is where the process bears fruit. With the rich information you have previously gathered and analysed, you will now be able to rigorously quantify and justify what the learning and competence management program should be.  An important part of this analysis is the level of ‘fidelity’ that the program of learning and assessment requires.  Fidelity is just a fancy way of saying how realistic the program needs to be compared to actual task performance.  For example, if the required fidelity level is low, then a theoretical or hypothetical basis could be used to support understanding and future task performance.  However, if the required fidelity level is high, then learning and assessment activities should be performed in a real-task, real-world, and real-time context.

The value of a Risk Based Competence Management process

Learning, assessment and competence management is an important process for many organisations who need to manage the risk of incorrect task performance across critical roles.  The use of a process that methodically analyses and quantifies risks, tasks and competence requirements can significantly reduce overall risk, through ensuring that high priority competence is assessed and maintained effectively and efficiently.  L&D Managers can also use Risk Based Competence Management to generate a sound evidence base for reducing the time, cost and effort spent developing and delivering learning and assessment programs that may be targeted to low priority areas.

Need help?

Contact Open Access Learning if you’d like more information or support to implement Risk Based Competence Management in your organisation.

See the resources page for an overview of our Risk Based Competence Management model.

Printable PDF: is competence critical to your core business