The Process that Could Be Making You Non-Compliant, Without You Even Knowing
By Jeff Weil, General Manager Qvidian
Thanks to the surge of high-profile and costly cyber attacks in the last year, coupled with the General Data Protection Regulation (GDPR), businesses everywhere have been making security and compliance their No. 1 priority. Executives must be examining every facet of their organizations’ operations to ensure they’re appropriately handling and securing mission-critical corporate information, as well as customer and employee data.
But compliance isn’t just the domain of IT: marketing and sales teams now need to rethink their strategies when leveraging data from third-party vendors and customers. This is particularly critical when it comes to the proposal process, which can require sales and IT teams to complete extensive security questionnaires and demands that every piece of content used in pitches is current, approved, and compliant.
The Risks Posed by the Proposal Process
Despite being a crucial step in the sales process, responding to RFPs can be a daunting task if an organization hasn’t streamlined and intelligently automated some of the steps. For some companies, the process is also putting them at serious risk for non-compliance, which exposes them to the potential risk of huge, multimillion-dollar penalties on top of losing new business deals.
Sales and proposal executives at organizations that may fall into this category should consider how their current workflows may be creating compliance issues. There are plenty of organizations, for example, that still choose to manually track the content they use in proposals, typically in an Excel spreadsheet or an internal database. Not only is this time-consuming and intensive, but it also leaves ample room for the misuse of content assets and information that may be considered non-compliant.
This is an especially detrimental mistake in the age of GDPR, and one that organizations in highly regulated industries like financial services and healthcare can’t ever afford to make. Not only does this have the potential to cost organizations a great deal in fines, but it also impacts their brand equity, marking them as a company that mishandles information in their sales processes.
The Burden of Security Questionnaires
On top of worrying about whether the content being used in their pitches is up-to-date and compliant, sales and proposal teams are also being inundated with security questionnaires in the proposal process. These questionnaires – given to vendors bidding on a prospect or to existing vendors for annual assessments – request information from companies on their security policies and best practices for ensuring client data is not at risk.
Not surprisingly, responding to these often highly detailed and complex questionnaires on top of compiling a deal-winning proposal can be burdensome – and the inclusion of these questionnaires in RFPs is only expected to increase given the current state of cybersecurity for businesses and the GDPR compliance requirements. With that in mind, it’s become increasingly important for sales and proposal teams to identify the most efficient ways to collaborate with their IT teams, who are typically tasked with providing responses to these questionnaires.
The Secret to Managing These Concerns
With cyber security and data protection ever-increasing issues, businesses with risky proposal processes should reevaluate their strategies. There are a few key tips that they should consider, such as:
- Creating an audit trail – To avoid the mistake of using an outdated or inaccurate piece of content, sales and proposal teams should leverage the power of tools that offer audit trails for tracking content. Not only would these ensure that any pieces used in proposals are compliant, but they also allow teams the ability to see what changes have been made to content pieces, when those changes were made, and who made them.
- Developing a centralized library of approved content – Not only is tracking the edits made to content important, but teams should also think about how that content will be stored. Having a library that includes all approved key messages, assets, and security questionnaires responses will help organizations streamline some of the more cumbersome aspects of the proposal process while ensuring every team member has access to the most up-to-date content.
- Leveraging the power of automation – An added bonus to the above points is finding a tool that can help sync updates automatically to ensure every change or addition is reflected to each content asset. This will help teams streamline review cycles and – in some instances – provide detailed reports to help them assess the success of certain content assets in winning deals.
For every sales, proposal and marketing team, RFPs are a vital component of their everyday lives. But for some teams, they’re also causing significant problems in their security and compliance strategies, making them open to risk for using inaccurate and noncompliant content. Thankfully, there are ways to make the process more seamless and stress-free for all those involved – and for those who don’t want to miss out on winning key deals or face multi-million-dollar fines, now is the time to consider what needs to change.