Analysis: To Stay Compliant, Train

What can you do to protect your organization from mistaken or

The ongoing Enron trial has highlighted one reason why companies should rethink the way they handle employee training. Some of the problems for Enron and Arthur Andersen stemmed from employee acts such as shredding documents relevant to the government investigation into Enron.

What can you do to protect your organization from mistaken or intentional employee actions? Practice information management compliance. The basic elements are: good policies and procedures; executive-level program responsibility; proper delegation of program roles and components; and program dissemination, communication and training. Also important are auditing and monitoring to measure program compliance, effective and consistent program enforcement, and continuous program improvement.

Though all these components are important, employee training is particularly effective. ARMA's "Keeping Good Company" training program, for example, teaches employees how to handle common compliance issues. If you develop your own curriculum, make sure you cover any stated company policies.

One of Arthur Andersen's policies — which employees either ignored or weren't aware of — read, "Reasons for extended retention might include agency investigations (e.g., by the SEC), pending tax cases or other legal action... In such cases, material in our files cannot be altered or deleted."

Editor's Choice
Samuel Greengard, Contributing Reporter
Cynthia Harvey, Freelance Journalist, InformationWeek
Carrie Pallardy, Contributing Reporter
John Edwards, Technology Journalist & Author
Astrid Gobardhan, Data Privacy Officer, VFS Global
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing