As part of their risk management responsibilities, project managers (PMs) need to keep abreast of legislation that applies to the company and the industry that it operates in. This is becoming an increasingly challenging prospect, particularly in the financial services sector, which has faced an onslaught of new legislation and compliance regulations in recent years. But, daunting as it may seem, it is vital that PMs keep up to date with, at the very least, key legislation that applies to their project.
It falls to the PM to brief the project team on the legislative and compliance issues that impact on the project and to monitor that no breaches occur either during the execution of the project or once it comes online. And it’s not only external regulations that must be complied with. The project rules must at all times comply with the company’s IT security plan, which itself may be a shifting target, necessitating regular review to ensure compliance.
The PM should protect him or herself by regularly communicating with the team about internal and external regulations and governance requirements. Simply put, if required, you may need to prove due diligence in terms of having disseminated the relevant information. This includes ensuring that the team has been exposed to the relevant company policies on a variety of potentially harmful issues like social media, data security and sexual harassment, to name but a few.
One very important piece of legislation that PMs must keep abreast of (and keep the project team aware of) is the Protection of Personal Information (PoPI) Act in terms of which all South African institutions must behave responsibility when collecting, processing, storing and sharing personal information.
The PM who has proactively and regularly touched on a wide variety of external and internal regulations and compliance requirements will be in a good position to put up a convincing defence should transgressions occur.
© Tony McManus, McManus Consulting.
Image designed by Freepik.com