OR …… will the world most popular standard be ISO 27001 and ISO 22301 series to reach Business Sustainability?
1. What is compliance?
Compliance is state of being in accordance with established guidelines, law or specifically set internal specifications. In a business environment, compliance means conforming to a rule, such as a specification, policy, standard or law.
The Purpose of a Corporate Compliance Program/ Strategy is a formal system to help your organization maintain compliance in all areas of operation. It’s a Framework to work towards to and stay within that structure when changes occur.
A Compliance Strategy includes a set of policies, allocation of responsibilities and business processes that set the way an organisation is managed, controlled and administrated which achieves advantages for the organisation through its configuration of business processes and resources within a challenging environment, to meet the needs of stakeholders, customers, employee’s.
There are a number of compliance requirements, such as legal, clients, employee’s, stakeholders, neighbours, and the public. To manage these requirements it’s important to have a framework to work towards. Such frameworks can be as simple as the PLAN, DO, CHECK, ACT methodology of ISO standards or just a simple 7 point framework such as:
- Establish commitment from Top management to participate in the vision to comply with relevant or adopted requirements;
- Evaluate compliance based on business risks;
- Study industry standards and see which fits your organization’s processes the best;
- Authorise outsourced consultants and experts to assist you to align your company to these standards;
- Train your staff members and other relevant stakeholders on the vision and requirements that they need to achieve;
- Be involved in the implementation and coaching. Be an example by complying to what your responsibilities are;
- Ensure the effectiveness of the programme by evaluating results.
2. Risk management and regulatory compliance
Increasingly, businesses are turning to good governance to reap the wider benefits that it brings by developing their governance to become more efficient and effective in managing their business compliance, risks and opportunities. Many organisations today work in new and unknown markets where traditional risk management practices may be insufficient. Understanding of the environment and its unique nuances and then mitigating negative impact is key to sustainable business growth and shareholder confidence.
3. Challenges that can be overcome
4. What is the future of ISO standards?
The first, most important aspect of any ISO standard, is that the requirements must form part of the business processes. The requirements were invented by industry SME’s and therefore, should be applied in context and to the benefit of the company’s goals.
5. The future of Quality management
Changes during the next two decades will require a new top manager: The CHIEF Enterprise Integration Officer (CEIO).
The deliverables expected from the CEIO will most probably look like this:
- Identify high risks to the sustainability of the organization;
- Reorganize structure and processes to prevent and mitigate those risks;
- Identify stakeholders that does not adapt to changes, develop skills and transfer stakeholders to a new, better way of achieving results. Should stakeholders not adapt, they literally need to go.
Reporting directly to the CEO, the CEIO will help to create a new kind of organization that will SURVIVE domestic and international market turbulence, satisfy customer’s increasingly critical demands and accelerate the pace of improvement in all its functions.
6. Where must the CHIEF Enterprise Integration Officer (CEIO) start?
The main achievements of the CEIO will be the 3 R’s, which refers to:
We all know that is easier said than done and defenitely not the only 3 things to consider.
The following RIGHT things must also be applied diligently:
6.2 Apply Corporate governance
Identifying governance gaps and recommending governance improvements.
6.3 Manage Enterprise risks
Maintaining operational excellence for long term success through the application of various ISO requirements, such as: ISO 9001, ISO 14001, ISO 45001, ISO 27001, ISO 22000,ISO 22301. We consult as auditors for various Certification bodies, National and International and ensure that the interpretation of ISO requirements are understood and applied correctly. Training is therefore conducted by registered, internationally qualified auditors;
6.4 Manage Financial risks
Identifying, measuring and managing market risk, credit risk and insurance risk. We partner with reputable insurance companies to help you to reduce financial risks.
6.5 Regulatory advisory
Helping you stay on top of your compliance issues – both at home and abroad. Our Legal team are equipped to deal with difficult statutory incidents and they make it their responsibility to ensure that they advice you right the first time. Reputational damage is not something a business get rid of easily. Social media is a platform that spreads a bad fire very easily. You would want to put this compliance requirement at the top of your priority list.
6.6 Manage Information Security
Information security is an integral part of all busineses. A reality that we cannot take lightly. Software solutions plays a vital part of the organisation’s sustainability and the ISO 27001 Series of management system standards, is a MUST to implement for all organisations. The maturity of a IS-MS might change from company to company, but sections of these standards, must be applied.