Compliance management

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

  1. Compliance Requirement relevant to the organization

It is been stated (Martin T. Biegelman 2008) that Compliance means following the law and more. It’s making sure the organizations adhere to all applicable legal requirements. When it applies to this organization is that Access Group solutions has to aware of the relevant laws and regulations and take steps to comply with them. However in detail compliance can be more described as follows. (Matthew 2013) Compliance is simply an act or process of acting accordance to a desire, request or order, plan, or schedule, or to force and it is an agreement in fulfilling official requirements. Therefore it is clear that compliance is not only complying with laws and regulations as well as internal codes of conduct and policies and procedures.

As the Access Group Solution is an Australian company; it has to comply with the Australian laws and regulations, the Accounting and Auditing Standards and other required internal codes of conduct, policies and procedures which will help to achieve company’s vision ‘To deliver service excellence that balances social, environmental and economic priorities.’ Further the company’s aspect of their service is tailored to meet their client’s individual needs and it Solutions has a dedicated and highly customer focused team of professionals who provide strategic support to Retail, Commercial and Industrial portfolios.

  1. Specification of compliance management functions, accountabilities and responsibilities within your organization.

Compliance management functions of this organization can be defined as follows

  1. Learning the responsibilities of compliance of Access Group Solutions
  2. Ensuring the understanding of the responsibilities by employees of Access.
  3. Ensuring the incorporating of the requirements to the Access’s business process.
  4. Reviewing operations of Access to ensure the pre assigned responsibilities are carried out and all the requirements are achieved.
  5. Taking corrective actions.

First of all the company has to identify the policies of the organization. A policy entails a long term commitment, which many dread and tend to avoid. (Fredmund Malik. 2012) Then the processes which are management of regulations, complaints, whistle blowing, regular checks, and controls reporting communication has to be implemented. Furthermore training updates to management and activity reporting is required.

The responsibility of the company towards compliance is to promote a powerfull code of ethics within the operations of the organization and it is mandatory to ensure all the contracts and policies and procedures and comply with the existing regulations

  1. Compliance related to the management information systems

Management information system of Acces group solutions can be defined as a system which provides the required information to manage the organization effectively and efficiently. Mainly it is a computer system which is used for managing with 05 components which are hardware, software, data and procedures, and people. (James O'Brien, George M. Marakas. 2007). When it comes to the compliance related to the management information system it has to be a single web based system to enter, track and inspect and compliance issues in operations of the company. The company has to use this type of system for evaluating risk, setting inspections and documenting such inspections and for taking the compliance actions. ‘The best approach to managing compliance is to establish an intelligent information governance process one supporting by enabling technology’ (Patricia C. Franks). The company can use technologies to support these functions such as ERP systems as Oracle SAP, Report generation based on Crystal and other new techniques. This system will help Access to track staff inspections on their work all fields – facility management, Security services, landscaping and etc.

  1. Record Keeping Systems required for compliance management

The company needs for creating and maintaining of full and correct records of its activities. As explained previously it is required for a MIS with new technology where the records can be retained in digital format. Therefore company can focus on a Digital Record keeping system. However if Access already has a digital recording system; then it has to identify whether the high risk business processes are supported by the system. If it supports, ensuring compliance must be achieved. However more standardization is required in records management exercises of the Access as Statutes as US Sarbanes-Oxley Act created many new concerns on compliance management of organizations. Although Records management is normally seen as not necessary or low important administrative task, it is clear that records management is a responsibility of all employees of the organization.

  1. Liaison Procedures with relevant internal and external personal on compliance related matters.

The company Access involves with Facilities Management, Security Services, Cleaning, Presentation and Hospitality Services, Resources Support, Total Maintenance Solutions, Management of Capital Works and Projects, Traffic management and many more unrelated services. Company will find difficult to do compliance management due to variety of these services. Furthermore the required personnel who have the relevant knowledge may not be at the company. Therefore Access will have to liaise with internal or external personnel on compliance related matters. When consider about the effectiveness of the internal controls of the group can be assessed by an internal auditor. Furthermore company can obtain the advices or consultancy on work environment safety, IT advices for the system which it operates and for the financial and accounting external audits can be performed to make sure the company’s financial statements are prepared without material misstatements and in accordance with applicable accounting and auditing standards.

And company can obtain consultancy from the experts such as SAP, Oracle, Hay group or any other company with the globalized knowledge. Further Compliance audits also can be performed which involves Total Quality Management, Continuous Quality Management and Six Sigma, Auditing Procedures, Financial, Operational and Acquisition Audits, Procedures related to Performance improvement, Performance Management and Accreditation Interface, and Business Process Reengineering for the Process Level, Corporate Level and Business Level. (Duane C. Abbey. 2008)

  1. Breach Management policies and processes (including identification, classification, investigation, rectification, and reporting breaches) in compliance requirements.

Company has to develop the relevant procedures to respond for the breaches in internal and external compliance requirement. The next step has to be monitoring adherence to compliance requirements by reviewing complaints on breaches in compliance requirements. Further company has to examine the compliance management information system to identify any breach of compliance requirements.

Then the managing the identified and rectifying breaches in compliance has to be achieved through assigning appropriate staff to take the correct action to investigation of breaches in compliance requirements.

The next step must be liaise with relevant authorities in regard to breaches in requirements and related action to be taken and to take advice from the experienced external or internal parties and advices to be taken to correct the breached compliance requirement.

Then the response has to be evaluated and rectified of breaches in compliance. Finally the documentation and dissemination of the breach of management activities and outcomes must be done by Access.

  1. Compliance for reporting procedures

When consider about the reporting procedures a business intelligence system which is well designed and planned supports to meet compliance report guidelines as it shares important information with all the staff of the organization who really need those. Furthermore Financial information which can be defined as Financial reporting of the company must be accurate and can be audited to prevent potential lawsuits, Applicable accounting, auditing framework and standards and potential violations.

Company has to take the necessary liaison from the external and internal experts to ensure that the information had been reported which are accurate and comply with the required laws and regulations and company internal control and other policies. These can be done obtaining advice by internal and external auditing. However company has to concern about the cost of these services and ensure whether the expenses are budgeted and sufficient funds are available and act accordingly.

  1. Corporate induction and training processes related to compliance management

Compliance training is crucial for Access Group Solutions as it is the way that helps the employees to understand the legal boundaries within the company operates. Further it helps them to identify the internal work environment and the controls in it.

Training is the foundation to make the employees to meet its legal obligations and work standards. (Arindam Nag. 2011)

As described previously after identifying the company’s system changes and improvements and all the other company policy changes and etc all of the new challenges have to be communicated to the employees. And the set targets and the procedures for the breach of compliances have to be communicated. Access can conduct sessions to all the employees in every service category. However the training expense has to be incurred as to the pre budgeted amounts. The best time for obtaining the training or knowledge of compliance requirement for the top management is the initial stage and the middle level management has to be trained after the top management agreements on the compliance process and the operational level employees have to be trained after the implementation of the process. However the training can be obtained whether by traditional class room lessons, computer based, web based and team meetings (Stephen Butler Page. 2000)

  1. Processes for the internal and external communication and promotion of information on compliance requirements and a compliance program management system.

Communication is a basic organizational activity and competency. Internally communication processes are embedded in operational resilience management processes such as incident management, governance and compliance and etc. (Richard, Julia, David. 2010). Internal Communication on Compliance can be done by giving ongoing training on the code of conduct, relevant legal and regulatory issues and compliance policies and process. This can be done by live and web based trainings. Furthermore External communication can be done by audio and video advertisements, seminars and via newspapers and websites.

Promotion of compliance is encouraging voluntary compliance with the Access’s compliance requirements. This will help the company to overcome at least few of the barriers to compliance. Assisting educationally and technically, Building public support, Publicizing success stories, Creative financing arrangements, Economic Incentives the ways of a success promotion.

  1. Compliance for complaints handling process

Complaint handling process which is well developed will enhance the company’s business strategy, set of directions and guidelines. Procedures to be taken to handle any written or verbal complaints received from clients, employees or any other stakeholder of the company in a fair and prompt manner.

When considering with our company Access which involves business activities in many industries and exposed to a vast area and which can be received many of complaints. Access has to understand the need of a complaint system and next it has to study the process and then better to plan and implement the customer complaint process. As an example for Security Services, if a customer has a complaint against a service he or she obtained he can first talk to the hotline of the company and place the complaint to the customer care officer. If the complaint can be solved in her authority it can be solved at htat level. If it cannot be the complaint has to be sent to the next level. When planning the Compliance management process a significant attention has to be paid to this area and the level of authority must be assigned correctly.

  1. Continuous improvement processes for compliance (including monitoring, evaluation and review)

The 03 interdependent elements of the effective compliance system of the company Board and management oversight, compliance program, compliance audit have to assist the objective of continuous improvement of the compliance process. Not only doing the planning and implementation the company has to monitor, evaluate and review the compliance management system continuously.

To keep the continuous improvement of reviews which are ongoing must be conducted in all of the business areas. Those must be conducted by the top management with the support of the responsible officers. Further internal audits have to be carried out to ensure the internal controls in the company are in accordance with the requirements. An Internal Audit report can be provided to the Board of directors of the company to highlight the areas which had breached the required laws and company policies and areas which have to be developed. Based on these reports company can evaluate the company’s position in relevant to the compliance management system.

  1. Strategies for developing a positive compliance culture within your organization.

Building a positive compliance culture with the organization will ensure that each and every worker will put up with the ethical standards and being accountable.

Strategies of developing a positive compliance culture can be defined as integration of the system in training and education activities, Incentive programs, make accountable the people who violate policies, incorporated in the management and use of information systems and remaining inseparable from the company structure, process and management style. (Ilya Leybovich. 2009.) Therefore these have to be followed by the organization to build appositive compliance culture within the company. Further the company must follow enterprise risk management, identification and establishing the documented risk in each and every strategic area of the company. Further this involves association with the relevant employees w ho responsible for managing the compliance elements.

  1. Techniques and Performance indicators for monitoring the operation of a compliance program/management system.

Monitoring the Compliance management process has to be designed to fit and integrated with each and every activity. Only planning and implementation would not make the organization success. Access will fail without strong and developed monitoring techniques. Compliance processes will fail or fall out of date as the business environment is dynamic. According to Jason Lunday 2010 Monitoring can be done by, ‘Preactivity Approvals, Transaction reviews such as travel expense reports, Reviews of in-process quality checks and outcome data, Review of staff-completed checklists, Listening to or reviewing recorded customer service intake calls and Attending sales presentations’. Company can set Performance indicators as a monitoring target such as no of customer complaints, no of legal proceedings over non compliance with laws and regulations, ratings of the divisions based on the internal audit report

  1. Reporting processes on compliance management including reports on breaches and rectification action.

When considering the reporting process on compliance management of the company one important thing is providing for recurrent reports by the compliance officer to the Board of Directors of the company. Further regardless of who performed the audit whether a person from the institution or a contractor all the audit findings has to be reported to the board of directors and to the Audit committee. A written compliance report always includes four facts which are scope of the audit, identified modifications and deficiencies, detail of the sample of transactions (product type or category type) and description or suggestion or corrective action and time frame. The board of directors or senior management shall response to the audit report. Further the compliance officer should be provided all compliance audit reports and he has to act to address all noticed deficiencies. Then his responsibility is to do required changes.


Martin T. Biegelman. 2008. Building a world class compliance program Best Practices and Strategies for Success. Wiley

Matthew Bretzius, 2013. Defining Compliance for Your Organization [Online] Available at: [Accessed at 08 August 2014]

Fredmund Malik. 2012. Corporate Policy and Governance: How Organizations Self-Organize. Campus Verlag.

James O'Brien, George M. Marakas. 2007. Management Information Systems with MISource McGraw-Hill/Irwin

Patricia C. Franks. 2013. Records and Information Management. ALA Neal-Schuman.

Duane C. Abbey. 2008. Compliance for Coding, Billing & Reimbursement, 2nd Edition: A Systematic Approach to Developing a Comprehensive Program. Productivity Press

Arindam Nag. 2011. Importance of Regulatory Compliance Training in an Organization [Online] Available at: [Accessed at 08 August 2014]

Stephen Butler Page. 2000. Achieving 100% Compliance of Policies and Procedure. Process Improvement Publishing.

Richard A. Caralli, Julia H. Allen. David W. White. 2010. CERT Resilience Management Model (CERT-RMM): A Maturity Model for Managing Operational Resilience. Addison-Wesley Professional.

Promoting Compliance [Online] Available at: [Accessed at 08 August 2014]

Ilya Leybovich. 2009. Rules to Work By: A Culture of Compliance [Online] Available at: [Accessed at 08 August 2014]

Jason Lunday. 2010. Monitoring for Compliance: A Strategic Approach [Online] Available at: [Accessed at 08 August 2014]