- person(s) with responsibility for compliance (3.17) management
Compliance Management System (CMS)
- set of interrelated or interacting elements of an organization (3.1) to establish policies (3.8) and objectives (3.9) and processes (3.10) to achieve those objectives
- Note 1: A management system can address a single discipline or several disciplines.
- Note 2: The system elements include the organization’s structure, roles and responsibilities, planning, operation, etc.
- Note 3: The scope of a management system may include the whole of the organization, specific and identified functions of the organization, specific and identified sections of the organization, or one or more functions across a group of organizations.
What is compliance?
- The compliance function (as per ISO 37301)is established as a result of the organisation’s efforts in ensuring that the applicable laws, rules, regulations or norms are no violated by employees or others associated with the organisation
- It is considered as a type of internalised law enforcement that, when operated effectively, can replace the majority of the enforcement activities by external parties (auditors, regulators, etc.)
- Compliance function, jointly with governance and risk management, is an essential internal control activity for large corporations and complex organisations.
Challenges of being compliant
- Compliance is the process of adhering to a set of regulations or guidelines set by government agencies, regulators, associations, international standards, or the internal policies set by the organisation itself.
- Compliance is not a one-time project, so adhering to compliance obligations often poses a challenge for organisations because of the following issues:
- The constant introduction of new/updated regulations
- Ambiguously written regulations that require interpretation
- Overlapping of multiple laws, regulations and or jurisdictions
Compliance Management System (CMS): ISO 37301
Service Level Agreement (SLA): Compliance & Performance
- SLA’s has specific compliance and performance KPA and KPI’s
- These KPA and KPI is extremely important for the effective and efficient management of the performance of the SLA against the objectives of the company
- ISOLTX makes provision for a variety of measurements about the SLA management
- Every non-conformance, incident or finding, can be logged on the I²MAS module of ISOLTX and this can generate reports regarding the SLA performance