If you work in a regulated environment, or in any environment in which you must comply with documented procedures, you probably are familiar with some of the procedures you must follow. Inevitably, there are some procedures that you don't understand quite so well, because they might be new, newly revised, or rarely used. Because you can't be certain that your understanding of all procedures is up to date, there is some doubt in your mind that you're doing everything by the book.
To add to your anxiety, auditors occasionally drop by to verify that you're complying with the requirements of all those procedures. The anxiety can be more intense if the degree of compliance the auditors find can be an important indicator of your career success.
Unfortunately, The people who devise procedures don't
always know whether the burdens those
procedures impose are sustainablethe people who devise procedures don't always know whether the burdens those procedures impose are sustainable. That is, the effort required to understand and comply with the procedures might not be consistent with the effort available, given the other constraints on your work, such as deadlines, budgets, and other procedures.
The problem you face can be challenging. Here are seven insights that can help ease the burden of working in procedure-driven, audited environments.
- Auditors attend to deviations that create high risk
- The deviations auditors most value are those that create the greatest risks. It isn't that the auditor wants to find noncompliance that generates risk. Rather, most auditors are even happier to find compliance in all areas where noncompliance generates high risk.
- But either way, they must examine work products and processes for instances of noncompliance that create greatest risk.
- Auditors often use sampling techniques
- Many auditors are resource-constrained. Because their audits don't have enough resources or time to examine every attribute of every work product and process, they sometimes examine attributes determined by a random sampling method.
- If you can determine what sampling method the auditors use, you can apply it to your own work to search for deviations in advance of the audit. Correcting what you find, in advance, can improve work output quality. Otherwise, there really isn't much you can do to anticipate what the auditors will examine based on random sampling, because it's random.
- When you find deviations on your own, extrapolate
- If you make self-auditing a part of your own work routine, you can improve audit results proactively. When you find an indicator of noncompliance, correct it, of course. But also examine analogous attributes of all work products and processes to repair any analogous deviations that might have occurred.
- Auditors favor examining what's easy to examine
- Clever auditors search for noncompliance in areas where noncompliance is easy to recognize when it occurs. A high cost of verifying compliance is a deterrent for resource-constrained auditors.
- If examining a work product for noncompliance is laborious, then auditors are relatively less likely to examine that work product, all other factors being equal.
- Audit tools reduce audit costs
- Resource-constrained auditors can expand what they examine by employing automation. They create tools that examine work products to ensure that they're in compliance with standards. For example, if all documents must bear identifiers that comply with a standard for identifiers, writing a tool to check for this is a simple matter.
- If you can get access to the tools yourself, you can ensure compliance with the standards that the tools measure. If you can't get access to the tools, you can create your own tools if you know what the tools check for.
- Pay attention to what auditors found in the work of others
- If you know what auditors found in the work of others, you can check for those same things in your own work. That much is obvious.
- But knowing what auditors found in the work of others also tells you where the auditors looked. Even more important: because auditors usually find something wherever they look, knowing that they found nothing in some areas tells you where they didn't look. For either of these ploys to work, you need to exchange audit results with a group of colleagues who are subject to similar audits.
- Some audits have specific agendas
- Some audits arise as results of accidentally discovered incidents of noncompliance. Such incidents are often surprising to all concerned. They can even be embarrassing. The audits that result have agendas.
- When an audit has an agenda, the auditors want to examine work products in which they expect to find deviations of a particular kind. Examinations can range more broadly, but they have a specific purpose: to eliminate as far as possible from the set of work products any noncompliance of the kind that matches the agenda of the audit. Be certain that you address that kind of noncompliance in advance.
Most important: your past performance is a guide. It tells you where unintentional noncompliance is most likely to re-occur. If you have a record of deviation in specific areas, auditors might examine those areas more carefully. But much depends on what were the causes of past deviations. For example, if in the past your noncompliance arose from failing to maintain currency in your understanding of some procedures, then focus not on the nature of the noncompliance, but instead on those procedures that have recently changed. In any case, analyzing the results of past audits is probably a good starting place. Top Next Issue
Projects never go quite as planned. We expect that, but we don't expect disaster. How can we get better at spotting disaster when there's still time to prevent it? How to Spot a Troubled Project Before the Trouble Starts is filled with tips for executives, senior managers, managers of project managers, and sponsors of projects in project-oriented organizations. It helps readers learn the subtle cues that indicate that a project is at risk for wreckage in time to do something about it. It's an ebook, but it's about 15% larger than "Who Moved My Cheese?" Just . Order Now! .
Your comments are welcomeWould you like to see your comments posted here? rbrenHoWzUJVeioCfozEIner@ChacbnsTPttsdDaRAswloCanyon.comSend me your comments by email, or by Web form.
About Point Lookout
Thank you for reading this article. I hope you enjoyed it and found it useful, and that you'll consider recommending it to a friend.
Point Lookout is a free weekly email newsletter. Browse the archive of past issues. Subscribe for free.
Support Point Lookout by joining the Friends of Point Lookout, as an individual or as an organization.
Do you face a complex interpersonal situation? Send it in, anonymously if you like, and I'll give you my two cents.
More articles on Project Management:
- Seeing Through the Fog
- When projects founder, we're often shocked — we thought everything was moving along smoothly.
Sometimes, with the benefit of hindsight, we can see that we had — or could have had — enough
information to determine that trouble was ahead. Somehow it was obscured by fog. How can we get better
at seeing through the fog?
- Scheduling as Risk Management
- When we schedule a complex project, we balance logical order, resource constraints, and even politics.
Here are some techniques for using scheduling to manage risk and reduce costs.
- Shining Some Light on "Going Dark"
- If you're a project manager, and a team member "goes dark" — disappears or refuses to
report how things are going — project risks escalate dramatically. Getting current status becomes
a top priority problem. What can you do?
- Communication Traps for Virtual Teams: II
- Communication can be problematic for any team, especially under pressure. But virtual teams face challenges
that are less common in face-to-face teams. Here's Part II of a little catalog with some recommendations.
- Risk Creep: I
- Risk creep is a term that describes the insidious and unrecognized increase in risk that occurs despite
our every effort to mitigate risk or avoid it altogether. What are the dominant sources of risk creep?
See also Project Management and Personal, Team, and Organizational Effectiveness for more related articles.
Forthcoming issues of Point Lookout
- Coming June 7: Toxic Disrupters: Tactics
- Some people tend to disrupt meetings. Their motives vary, but they use techniques drawn from a limited collection. Examples: they violate norms, demand attention, mess with the agenda, and sow distrust. Response begins with recognizing their tactics. Available here and by RSS on June 7.
- And on June 14: Pseudo-Collaborations
- Most workplace collaborations produce results of value. But some collaborations — pseudo-collaborations — are inherently incapable of producing value, due to performance management systems, or lack of authority, or lack of access to information. Available here and by RSS on June 14.
I offer email and telephone coaching at both corporate and individual rates. Contact Rick for details at rbrenHoWzUJVeioCfozEIner@ChacbnsTPttsdDaRAswloCanyon.com or (650) 787-6475, or toll-free in the continental US at (866) 378-5470.
Get the ebook!
Past issues of Point Lookout are available in six ebooks:
- Get 2001-2 in Geese Don't Land on Twigs (PDF, )
- Get 2003-4 in Why Dogs Wag (PDF, )
- Get 2005-6 in Loopy Things We Do (PDF, )
- Get 2007-8 in Things We Believe That Maybe Aren't So True (PDF, )
- Get 2009-10 in The Questions Not Asked (PDF, )
- Get all of the first twelve years (2001-2012) in The Collected Issues of Point Lookout (PDF, )
Are you a writer, editor or publisher on deadline? Are you looking for an article that will get people talking and get compliments flying your way? You can have 500-1000 words in your inbox in one hour. License any article from this Web site. More info