What is ISO 19600 Compliance Assurance?
ISO 19600 helps establish, develop, evaluate, and maintain a compliance management system. It brings together separate strands of compliance management and risk management, and its processes align very closely with ISO 31000, another risk management standard.
The guidelines on compliance management systems are applicable to all types of organizations. The extent of the application of these guidelines depends on the size, structure, nature and complexity of the organization. ISO 19600:2014 is based on the principles of good governance, proportionality, transparency and sustainability.
What is meant by Compliance Management?
Simply put, Compliance Management refers to a company obeying applicable laws, relevant industry standards and internal policies (e.g. codes of conduct) it has decided to implement because they impact upon its business, its staff and its treatment of consumers.
Amongst many other things, the new standard “recommends” that organisations: “adopt a risk-based approach to compliance” and “develop a risk appetite for compliance risks”. The standard gives comprehensive guidance with helpful and easy-to-follow examples for users wanting to implement a compliance management system or benchmark their framework against a standard.