3 Tips for a Better Gap Analysis with Less Effort

2019-05-09T21:27:58+00:00 May 9th, 2019|Business Development, Vulnerability|

If you have a safety standard to comply with, you also have a gap analysis you need to complete on a regular basis. For many people, it’s like doing their taxes. You put it off as long as possible and move on from it as quickly as you can. Which often means simply checking the boxes and filling in the blanks.

That kind of approach can set you up for trouble down the road. You could lose your certification, lose clients and lose revenue as a result.

You can do a quality gap analysis without killing yourself, if you follow some basic best practices. Here are the top three practices I see people skipping most often.

Get Out of Your Chair

This might seem obvious, but to know your gaps, you’ve got to actually observe and record the state of your facility. That means leaving your desk.

I’m surprised how often people just answer the questions while sitting at their desk. Some assessments are even designed to enable that approach. They weren’t designed to be mobile, but only to be filled out. So a person can just stay at their desk and answer the questions, and call it done. If you take that approach, you’re only increasing your liability.

To do a gap analysis right, you’ve got to observe what really is, not what you think it is. You need to go out and observe. Take photos and document their locations.

Be critical and put yourself in the mindset of the assessor or auditor. We have all experienced that auditor who seems to be able to see a flaw in our program that we missed despite going over it several times, but seems obvious once it is pointed out. You can only achieve that level of critical review by getting out there and performing an actual “eyes on” inspection. Continuous improvement is born out of these good habits.

Don’t Do It Alone

Safety and security should be built into your organizational culture. If you don’t have one already, create a multi-departmental safety committee that involves people throughout your organization—security, safety, human resources, facilities, legal, IT—you name it.

Your safety committee should do the assessments together, as a team. Pair up and send teams of two throughout the building. Rotate assignments each time, so that they get more exposure and experience. Then, work together as a team on reporting and remediation. This is a healthy practice for any organization and creates a natural mentoring relationship within your team.

Bringing in people from outside your security team creates a third-party perspective, and it lets you get more done while reducing your workload. It also gives you people in various areas of your organization who are becoming more familiar with safety and security practices. So when they’re making decisions, they can make more informed decisions that consider safety and security.

Not everybody approaches problem solving the same way. Therefore, the more your team interacts with other disciplines, the more varied approaches to problem solving they’ll be exposed to on a regular basis.

Use the Right Software

You shouldn’t be spending more time performing the assessments than you do performing remediation. The assessment process should be efficient, and it should allow you to spend time as a committee remediating the problems you identify. That starts with using the right software.

Circadian Risk assessment software is designed to reduce your assessment and reporting time by as much as 80 percent. Its visualized features, built-in surveys and auto-generated Corrective Action Plans give you more than a list of findings and recommendations. Instead, you get an objective analysis and remediation plan that’s easy to read and powerful to use.

Built-in project management tools allow you to prioritize your issues, assign tasks and due dates, communicate with team members, and track progress. With Circadian Risk, you’re equipped to do more complete gap analysis, more efficiently. No other risk assessment tool matches its capabilities and usability.

Bonus: Don’t Rush Your Assessments

Here’s one worst practice to avoid. I’ve seen organizations wait until the last minute to do their assessments, and it doesn’t do them any favors. They’re required to do four assessments per year, but it doesn’t specify one per quarter. So they squeeze in all four assessments in the last two months.

Not only does this put an inordinate drain on your valuable resources, you’re taking all kinds of risks. Pushing your gap analyses to the last minute places a wager that your team won’t run into problems that slow them down. You’re also risking the health and safety of your people and your organization for ten months out of the year. You’re betting against the house on this, and the house always wins.

Close the Gap!

Following these best practices can make it easier to do more effective gap analyses—and to keep your safety certifications. Circadian Risk was built on the principle of making organizations safer, and doing it more easily. Need to talk to an expert about boosting your company’s security and safety? Let’s start a conversation!

Subscribe to the Blog

  • This field is for validation purposes and should be left unchanged.
Daniel Young
Daniel Young is the Founder and CIO at Circadian Risk Inc. He was a Regional Bioterrorism Coordinator, Security Account Manager, and has been a security and risk expert for over 10 years.