After a merger or acquisition, your organization has changed into a new entity, and this entity may have different risk management needs than the old one. Perform a new risk assessment based on what the company looks like post-M&A and create a step-by-step process of what needs to be accomplished; do not assume your previous risk assessment is sufficient for your new organization.
Once you have completed a new risk assessment, determine the gaps that need to be filled and begin tackling them on a priority basis. This assures that critical progress will be made sooner rather than later. For example, fulfilling new training or policy needs first could make important corrections to your company that could reduce the need for other later adjustments.
New management provides an opportunity for positive change in the company. Show new managers respect and look for common ground. Working in the beginning to forge these relationships will not only help you garner support for the long haul, but help foster the right compliance and ethics culture for the new organization.