One of the often-overlooked aspects of church safety and security is regulatory change management. As my team conducts vulnerability assessments across the country, one recurring issue we encounter is a lack of structured processes for tracking and implementing regulatory changes. This gap is particularly evident in nonprofit schools and religious institutions, where compliance oversight is not always prioritized. However, staying ahead of regulatory changes is critical to maintaining a safe and legally compliant environment.
Understanding Regulatory Change Management
Regulatory change management is the systematic process of identifying, assessing, implementing, and monitoring changes in laws and regulations that impact an organization’s operations. Whether at the federal or state level, these laws influence everything from emergency preparedness to mandatory training and reporting requirements. Failing to track these updates can lead to noncompliance, legal penalties, and reputational damage.
The Impact of Noncompliance: A Case Study from Minnesota
A recent example in Minnesota highlights the risks of failing to track regulatory changes. In October 2023, Minnesota enacted legislation prohibiting schools from requiring students in early childhood through grade 12 to participate in active shooter drills. Schools are now required to allow parents to opt their children out and must provide students in grades six through 12 with at least one hour of violence prevention training annually. Furthermore, school boards must conduct an annual review of active shooter drills, assessing their impact on student and staff safety and mental health.
Despite this change, my team has found that many schools remain unaware of these requirements, placing them in violation of the law. The challenge? A lack of formal regulatory change management processes. Schools are not tracking new legislation, nor are they assessing its impact on their operations. This failure creates legal exposure and, more importantly, could compromise student safety.
Key Components of an Effective Regulatory Change Management Program
For churches, nonprofit schools, and other faith-based institutions, implementing a structured approach to regulatory change management is essential. Here are five critical components to consider:
- Monitoring and Identification – Establish a process to track new or updated regulations. Some organizations rely on Google Alerts, while others invest in third-party compliance services. The key is to ensure continuous monitoring so that regulatory updates do not go unnoticed.
- Impact Assessment – Once a new law is identified, conduct an internal assessment to determine how it affects policies, procedures, and operations. For example, with the Minnesota law, schools must now decide how to inform parents about opting out of drills and how to integrate violence prevention training into their curriculum.
- Implementation – Develop and update internal policies and procedures to comply with new regulations. This includes notifying staff, revising training materials, and documenting compliance efforts to ensure accountability.
- Training and Communication – Educate staff, volunteers, and other stakeholders about regulatory changes. Clear communication ensures that everyone understands their roles in maintaining compliance. In the Minnesota case, school faculty must be made aware of the new law to properly implement opt-out procedures and violence prevention training.
- Ongoing Monitoring and Auditing – Establish a process for regularly reviewing compliance. Conduct internal audits and assess whether new policies are being followed. This step helps ensure sustained adherence to regulatory requirements.
Why Regulatory Change Management Matters
Effective regulatory change management is more than just checking a compliance box—it’s about risk mitigation, operational continuity, and reputation management. Noncompliance can result in fines, lawsuits, and, in some cases, serious safety risks. By proactively tracking and implementing regulatory changes, churches and schools can protect their organizations while demonstrating accountability and integrity.
If your nonprofit lacks a structured approach to regulatory change management, now is the time to act. Start by identifying the laws that apply to your operations, determine how you will track future changes, and establish clear procedures for compliance. Taking these steps now can help ensure that your organization remains prepared, compliant, and, most importantly, safe.
About the author
Simon Osamoh serves as the editor of Worship Security and is nationally recognized for his work in safeguarding houses of worship. He began his career in England, spending 14 years as a detective specializing in serious and organized crime before leading Counter Terrorism at the Mall of America in Minnesota. Simon founded Kingswood Security Consulting and the Worship Security Academy, providing security solutions to houses of worship and nonprofits. He is the author of two Amazon bestselling books and the host of the Church Security Talk Podcast. For submissions or topic ideas, reach out to Simon at sosamoh@worshipfacility.com
