The key to an effective risk management strategy is a comprehensive global process for identification, analysis, evaluation, mitigation, and monitoring of risks. That’s according to a new blog post from Wolters Kluwer that argues an Enterprise Legal Management (ELM) platform unites a company’s systems that manage legal, risk, and compliance activities on one secure and collaborative framework.
An ELM platform allows legal and compliance departments to work together managing legal matters, legal spend, and Governance, Risk and Compliance (GRC), as well as integrated functions such as claims defense (for insurance carriers) and outside counsel collaboration. The platform also enables the company to use data from across functions to mitigate risk and more strategically manage costs.
“It is this process of setting out controls and monitoring compliance that allows the company to prevent many crises from occurring. And if they do, the company is protected by having a process that clearly separates its role from the role of the individuals involved,” notes Greg Gosling, London-based director of Professional Services, EMEA, for Wolters Kluwer’s ELM Solutions business. “Compliance systems offer oversight preventing employees from engaging in non-compliant activities. If those controls are circumvented by rogue employees, even a serious incident doesn’t have to be a crisis when a GRC system with robust audit reports is in place.”
While it is difficult to quantify the impact of having proper policies and procedures to prevent incidents, there are examples of courts and tribunals deciding that, even though a breach had occurred, the corporation in question had sufficiently robust checks in place to absolve the company. (For instance, the U.S. Department of Justice has declined to prosecute when companies with strong compliance programs cooperated with investigations.)
Furthermore, businesses not only need to have defined policies and procedures, but must also pay genuine attention to adherence and be able to show that commitment. When an incident management tool is used as part of a GRC solution that also documents internal controls and procedures, corporations can not only execute an effective response, but also understand the genesis of issues. “A platform that includes matter management also offers litigation management benefits, when necessary, by seamlessly transitioning an incident into a matter, carrying with it all associated documentation and data,” Gosling notes.