Knowing what data to collect about a compliance program is an obvious and necessary first step to measuring its effectiveness, but figuring out the logistics of data collection and analysis is just as important. In the first article in this four-part series we discussed how to begin generating compliance metrics. The second article laid out seven areas of compliance a company can measure and the third part discussed the challenges of measuring compliance program quality. This final article discusses how to gather and analyze data and use it to continually improve a compliance program. See “Developing Key Performance Indicators and Tracking Metrics Using ISO 37001 (Part One of Two)” (Nov. 9, 2016); Part Two (Nov. 23, 2016).