When we consider the actual burden placed on the organisation to ensure compliance with all regulatory obligations we should also consider that when viewed in another way such compliance may also be viewed as “minimum compliance.”
Means we can look a lot deeper into the organisations objectives and to set internal standards which then become the basis of the audit criteria, so we should appreciate that whilst attaining the minimum standard is in fact compulsory. The organisation is of course at liberty to develop a set of standards which are focused either at a higher level of requirements when compared to for example EASA regulations or alternatively may relate to a set of standards which are totally outside of the remit of EASA.
One process of driving the organisation beyond compliance is to use Key Performance Indicators. (KPI’s) When we start to consider KPI’s we are moving beyond simple compliance Key Performance Indicators (KPIs) help to reveal a company’s goals and objectives, measured through specific performance management tools. We should recognise that in general, our organisational goals are achieved through the combined activities of multiple people throughout the organization not just the work of individual.
The advantage of a shared KPI environment is that it also provides for a “shared accountability” Such date may then become the foundation to analyse and monitor performance across the business.
Using the Quality Assurance or Compliance Audit department to manage the data associated with KPI’s often makes sound business sense. In fact Interpreting high-level strategy into specific objectives can help to develop an individual understanding regarding the responsibility of individuals and the expectations of day to day achievable activities
As well as developing techniques based on KPI processes the introduction of an enhanced Root Cause based Analysis approach may support the further Identification of any major non-conforming findings or other risk connected exposures. The root cause system would include both primary root causes as well as secondary or contributory causes.
It is necessary that the persons performing the Root cause activities are suitable trained and have an appropriate level of competence to perform the activities required of them. Any common root causes will be identified and addressed business wide after analysis for both exposure and return on investment.
Of course any major risks or exposures will deserve a higher value management discussions and may finish in the hands of the senior management team or post holders for resolution
For details of additional training and support please see www.sassofia.com or email office@sassofia.com
