But what I can do is offer five building blocks that could help start this necessary shift.
1. Evaluate: As with any business decision, you have to evaluate the situation and determine if there’s a reason for the function. In this case, you’re asking a question at the macro level: does my organization need a trust office? From there, evaluate the business as a whole and what trust means to your people, processes, and products.
2. Enable: Who’s in charge of this new undertaking? Create the role(s) and ensure the person or committee taking this on will be enabled with support from the board room and C-suite. Once this is established, communicate this out to both employees and customers that your organization is taking this charge seriously and looking to begin the process.
3. Develop: What is the operating model going to look like? What resources are needed to make this happen, and what’s the starting point for that? As I mentioned earlier, it was OneTrust’s need to adopt integrated management systems driven by ISO standards that then created our desire to build a platform that could do the same for our customers.
4. Establish: Now it’s time for goal setting. Start small and look at a single year. What are the cross functional aspects that can be determined, and how are those met? What ‘wins’ are most important in this year-one ramp-up? Determining those benchmarks will create needed landmarks along the way.
5. Create: Finally, how can we measure this? As with any business initiative, it needs to be tracked. Beware, however. Don’t treat this like run-of-the-mill data gathering, i.e., number of security incidents or other firmographic metrics. Ideally this will be measured in the same way a customer satisfaction rating would be: What’s working, what’s not, how can improvements be made and redundancies removed? Do our people believe our products and processes exude trust?
Who’s doing what?
Using the five building blocks as a guide — and obviously adaptable to whatever your business feels is the best way forward — our Trust Office took shape by collaborating with the following stakeholders and departments who could lend their expertise and insights to this always-on initiative. We created Centers of Excellence (CoE) across specific domains we learned are important to our customers, including:
- Privacy: Led by our Data Protection Officer
- Security: Led by our Chief Information Security Officer
- Ethics & Compliance & ESG: Led by our Chief Ethics & Compliance Officer
Each Center of Excellence brings together a cross-functional group of experts in their domain to:
- Be the expert in their field to help guide our product, marketing, sales, and support teams as we advise our thousands of global customers on their own programs
- Serve the community by sharing resources and best practices on their industry and domain
- Build the best trust program internally using the OneTrust platform