Five Steps to Organizing Compliance Activities – Making a Breeze out of Obtaining Certifications, Passing Inspections, and the Due Diligence of Expanding Operations

Organizing compliance activities and their associated documents is key to confidently, efficiently, and effectively passing both internal and external audits and inspections as well as preparing for operational expansion.

  • Is this an existing company with years of compliance related documentation needing to be organized, archived, or disposed of?
  • Is this a startup thinking of expanding new or existing operations into a new region?
  • Is navigating the compliance arena one of the bottlenecks to expansion?
  • Is maintaining regulatory compliance difficult or intimidating?

If the answer is yes to any of these questions, then read on to help get support in navigating and organizing the complex compliance arena to efficiently facilitate any compliance audit or inspection with ease and/or confidently expand operations to include another activity or location.

1.      Ask the Big Questions

Using an ISO9001 standard process-based approach as the foundation for getting organized not only provides a place to start thinking about how to get organized, but it also sets the stage for obtaining future safety, quality, and environmental certifications. Start with thinking about compliance related to company processes such as:

  • HSQE (health, safety, quality, environmental)
  • Facilities and Maintenance
  • Contractual Obligations
  • Operational Planning
  • Training

Then ask the question:

What are the fundamental things we need to document to ensure these processes are going to run smoothly and consistently, time and time again?

The same concept applies to regulatory compliance. Think about the processes above that require permits, certifications, licenses, and other compliance documents as well as their associated training and reporting requirements. Then ask the question:

What are the fundamental things we need to document to ensure the compliance requirements are captured, renewals, expirations, and reports are completed on time, and documentation of compliance is available when the inspections and audits occur?

2.      Get Organized

Regardless of what service is used for document sharing, a simple folder structure by process provides a baseline for organizing data. Allowing multiple users access to save documents in the system provides more flexibility for documents to get uploaded. For example, when creating a main folder called Environmental Compliance, a subfolder with categories such as Air, Land and Water can be used to separate the records.

Every folder structure is looks different depending on the type of processes that are involved with the operations. A company that manufactures widgets may need to focus on waste disposal. A company that provides coating focus on air emissions and hazardous waste. A company that has above, or underground storage tanks might focus more on stormwater permits and the SPCC Rule.

Obtaining a fundamental idea of each company process and organizing the associated documentation around those processes will not only provide the foundation for an organized system but will help employees access the information in an easy to discover and efficient way. This step is crucial in showing control and confidence in providing documentation during an audit, inspection, or expansion.

3.      Collect Existing Documents

Once the foundation is set for organizing the data, begin collecting the data and putting it into its respective folders. If a hazardous waste permit or manifest was located, scan it, and place it in the hazardous waste subfolder. If an annual stormwater report is discovered, save it in the associated subfolder. If an opacity test was found in the break room, take a picture of it, and save it in the air emissions subfolder.

As the documents are getting organized over time, track them in a simple excel spreadsheet with the regulating agency, title, description of compliance activity, and expiration or due date. This matrix will become the foundation of tracking and monitoring all compliance activities.

4.      Re-evaluate & Reorganize

Once enough documents and data are collected, re-evaluate the existing documentation and re-organize it so it makes sense to the end user. The folders and subfolders can change over time. Don’t be afraid to make changes to the folder names and hierarchy if it makes sense to do so. If the folders are becoming a monster, it may be time to evaluate whether a simple software program would help with the organization, especially if the software can push notifications to a specific person or group of people when items are due.

5.      Maintain Diligent Upkeep

Once the system is established, the easiest thing to do is to get caught up in day-to-day operational activities and not take the time to prioritize staying on top of organizing compliance documents. Next thing you know an entire quarter or year has gone by and you’re finding a stack of paperwork staring at you from the corner of your desk and the compliance matrix is showing numerous expirations.

Maintaining diligent upkeep of the system is key to passing an unannounced inspection, as well as avoiding the last-minute scramble for documentation in preparation for an announced one. Find simple applications on your phone that work hand in hand with the software or other programs being utilized to efficiently take a picture or scan of a document and upload it to the appropriate folder. Getting the document in there is half the battle, and most applications allow the title to be changed upon saving to maintain a consistent naming convention for the documents. There are many tricks out there to help maintain a simple and healthy management system.

Analyzing Operational Expansion

With a well-established and maintained compliance system in place, completing the due diligence to expand operations into different regions becomes significantly easier. By reviewing the existing compliance matrix, simply go through it line by line and determine if any of the process-based operational activities apply to the new location. If the answer is yes, then add a line in the matrix and save all the documentation in the applicable subfolder for the new operation.

Cross-posted at The Compliance & Ethics Blog