Learn how to use Agile and Scrum principles in implementing compliance and risk programs. Use Agile tools to select the best approach for project management. How the agile mindset can help the chief compliance officer and the chief risk officer to address customer´s needs.
5. Agile methodology
Mindset originally introduced for software
development
Agile principles
can be used for managing any project in
dynamic environments
prioritize and focus a project to the customer's
needs
are based on cross-functional and self-
organizing teams
7. Iterative learning
Scrum master plans the project in sprints
– short span tasks from 1 to 4 weeks
– with particular deadlines and skill sets
Team members retrospectively analyze
deviations at the end of each sprint for future
improvements
Scrum master continuously discusses
objectives for the next sprint
12. Choosing the right methodology
Waterfall
Simple projects only impacting
compliance or risks with few
internal clients and skillsets
The final delivery cannot be
divided by components
Sequencial execution and
approval of tasks
Defined requirements at the
beginning
Agile
Complex cross-functional
projects involving many
stakeholders, skillsets and
countries
Projects able to be broken down
into individual components
Incremental tasks with few
dependencies
Lack of undestanding on the
requirements
13. Examples of project implementation
Waterfall
Creating a procedure for
reporting HSE incidents
Updating contract templates for a
single business unit
Detecting under-insurance issues
Training on using the policy
repository
Defending a simple litigation
Performing a data protection
impact assessment
Agile
Implementing a GDPR
compliance program
Creating a crisis protocol
Reporting on non-financial
information
Assessing global compliance
risks
Integrating a large purchased
company
14. Was your compliance and risk program
designed as a cathedral? designed as a bazaar?
15. Agile project example
Design, validate and test a pilot for a
due diligence procedure in a small but
representative country
Improve and expand the due diligence
pilot in other representative countries
Choose and implement an IT planform
Hire and train the supporting team
Escalate the due diligence procedure
to all countries
Draft and approve the due diligence
policy
16. Waterfall project example
Define a new due diligence framework
aligned to other frameworks
Draft and approve the due diligence
policy
Choose and implement an IT planform
Hire and train the supporting team
Rollout the new due diligence
procedure to all countries
17. The selection of
waterfall or agile
methodologies is
unrelated to the
level of information
technology involved
18. Stories
Small project component describing a problem
to be solved for the customer
Brief description of a desired feature of the
product from the customer´s perspective
KISS principle > keep it stupid simple
Capture and prioritize requirements
As a role, I want to action so that benefit
WHATWHO WHY
19. Stories
Independent > self-contained, without
interdependencies
Negotiable > only an essential need for further
discussion
Valuable > delivers value to customer
Estimable > able to be prioritized and fit into
sprints
Small > one or two lines
Testable > able to be confirmed by an
acceptance criteria
20. Stories
As a business planner, I want to use a risk
model for assumptions so that I can plan
different scenarios
As a purchase manager, I want to
automatically screen potential vendors so that I
can comply with the OFAC sanction programs
As a role, I want to action so that benefit
WHATWHO WHY
21. Time-boxing
Strictly limit the time dedicated to a specific
task or delivery in advance
Focus on the most valuable and urgent tasks
Reduce over-budget and delay risks
Prevent adding unneeded complexities and
functionalities
Have control points for kick-off, reviews and
close-out
23. Minimum viable product
Early develop the core features matching the
maximum validated customer needs with the
least efforts
– without fully developing the product, but
– delivering a workable product
Observe how the customer uses and reacts to
the product
Measure the use data to improve and add
more functionalities
Working products are the primary measure of
progress
24. Agile risk and compliance
Focus on business objetives for your internal
and external customers
Use pilots to scale them up for a global
program
Develop stories to communicate how deliveries
are impacting your customers
Test deliveries early and during the project, not
at the end
25. Compliance and
risk as a product
Offering the risk and
compliance information to
external customers as part
of current offers will
benefit from writing stories
26. Kanban board
Visualize all project tasks by phase from the
commitment to the delivery
Limit the numbers of cards in a line to avoid
bottlenecks
Color-code to focus on urgencies
Tasks can be reprioritized, reassigned or
updated
27. Kanban board
To do In progress Testing Completed
Plan GoingPlan Going
Urgent
28. Risk and compliance managers as
scrum masters
Hold team members accountable
Facilitate processes, deadlines and
learnings
Coach during the iterative learning
Validate the requeriments with internal
and external customers
Start from decisions and deliveries, not
from documentation
29. Risk and compliance managers as
scrum masters
Be responsive to the changing customer
needs
Continually collaborate with customers
Use direct communications, not formal
documentation
Keep commitment to simplicity, flexibility
and rapidity
30. Agile manifesto
Individuals and interactions
over processes and tools
Working solutions
over comprehensive documentation
Customer collaboration
over contract negotiation
Responding to change
over following a plan