Agile companies do things faster. You must be agile yourself, and that means running your compliance effort in an agile way.
About ten years ago, the software development industry moved towards rapid iteration, quick improvements, and moving faster. Agile Development has become ubiquitous, particularly in startups.
Over the last few years, these agile concepts moved from software development to startup business processes in the “Lean Startup” model: all about quick wins, ruthless prioritization, external focus, and continuous improvement.
Fast-growing billion-dollar startups fear that they won’t be able to stay agile, and large companies need to become more agile to compete with them. Much of that fear comes from their perspective that things like compliance will slow them down.
But this doesn’t have to be the case!
Here’s the Agile Compliance manifesto:
- Focus on quick wins, not multi-year plans
- Listen to your company’s customers, most new compliance requirements come from them, not the government
- Iterate, iterate, iterate, and do continuous controls and testing improvement on regular weekly, monthly, and quarterly cycles
- Your job is to mitigate and advise on risk, not just to say “no” (helps everyone else be agile)
- Do more with less
We believe in these Agile Compliance tenants, and Reciprocity helps our customers scale their Agile Compliance programs with our tool, ZenGRC. Having an Agile Compliance program helps your company stay fast, and sets you up for success now and in the future.
Photo Credit: a4gpa