These Compliance Management Procedures describe the methodology for the development, management, monitoring and review of a compliance program as part of an organisation’s internal processes. It includes the approach for identifying compliance obligations and compliance risks, assessing compliance risks and establishing a review, reporting and continuous improvement process.
These Compliance Management Procedures are suitable for organisations of all sizes and complies with the guidelines of the International Standard for Compliance Management Systems.
- Purpose. 2
- Scope. 2
- Methodology. 2
- Plan. 2
- Do. 3
- Check. 4
- Act 4
- Document information. 5
The purpose of developing these Compliance Management Procedures (Procedures) is to set out the processes and procedures for the compliance management system established by [Organisation name] and described in the Compliance Management Framework and Compliance Management Policy.
These Compliance Management Procedures must be read in conjunction with the following documents:
These Compliance Management Procedures apply to all directors, officers, employees, consultants and contractors of [Organisation name]. The Procedures extend to all current and future activities of [Organisation name], and to any new opportunities [Organisation name] may encounter from time to time.
The methodology used by [Organisation name] to establish these Compliance Management Procedures complies with the Plan Do Check Act (PDCA) model adopted by the Compliance Management Framework. The Procedures expand on the model with respect to identifying compliance obligations, assessing compliance risks and managing obligations.
Compliance planning includes establishing business strategy and scope, governance and accountability structure, frameworks and documentation and other processes required to ensure the development of an effective and responsive compliance management system.
- Understand business and operating environment
- Understand legal and regulatory environment
- Identify types of obligations and affected business functions
- Create a Primary Compliance Register
- Create compliance registers for each business unit
- Document compliance obligations