Compliance: A Cinderella Story

Remember the moment in Cinderella where her tattered dress transforms into a beautiful ball gown? Compliance is experiencing a similar transformation event. Compliance used to be that necessary evil part of business. It was what you did because you had to. If you had a Compliance Manager, no one wanted to see them coming. That “ugh, not you again” feeling of always making people do something that felt more tedious than important. Companies preferred to keep compliance locked away like Cinderella in the attic and expected the sweeping and cleaning up to occur quietly with as little disruption as possible to the revenue generators.

Many defense contractors are seeing the heavy lift required to implement CMMC and looking for somewhere to balance the cost. Conversations around what certifications they have to have and which ones are no longer worth maintaining are becoming more prevalent. Do we get CMMC and drop ISO? What compliance requirements are the proposal team seeing in the latest RFPs? Compliance has been considered only a cost line item for so long that organizations are scrambling to recoup the cost of CMMC. Maintaining all of your certs, or even going after more, is a hard sell to a CFO.

What happens when you change your perspective? Bibbidi bobbidi boo - let’s look at compliance as part of business development. You have this certification – now you can build that into your identity. Train your proposal team to write to the certification and how it makes your technical approach stronger, so it becomes a capability that you are always selling. Each certification you carry gives you an edge if you write to it that way. Even if every certification isn’t a requirement for every bid, you should always sell them all as a capability. It’s a tool in your tool belt; treat it like one.

Operationally you have to do it right. Whether you’re implementing CMMC, ISO, or CMMI, each of these standards can create process improvement in your organization when implemented properly. When it’s just a put out the fires checklist you use right before an audit and dust off old documentation that you only give to auditors, it’s a burden. But when you apply the methodologies and implement processes in a way that actually works for your organization, compliance becomes an output. When you apply what works and provides quality and efficiency first, the compliance comes a lot easier.

When you start to consider compliance as a capability versus a requirement, you will start to see where it can be used as a revenue generator. Maybe the proposal you’re writing doesn’t have your certification as a requirement, but when you write to it as a capability, it holds the power to make your approach stand out over your competitors.

When Cinderella snuck out of her attic and went to the ball, she became a princess. It’s time to let compliance out of the attic. Stop treating it like the thing no one likes and start treating it like the revenue generating princess it is. If you’d like to talk more about implementing compliance standards in your organization or making what you already have work better for you, reach out. BWIT Solutions can help your organization find your happily ever after in compliance.

Thanks for reading!

Feel free to contact us if you have any questions or would like to discuss further!