Updated: Nov 27, 2019
Compliance needs to operate as a business. It must create value, advance goals & objectives, and manage resources and systems to deliver a return on investment.
Compliance creates value by building trust when obligations are met and protects against the erosion of value when they are not.
ISO 19600 provides a framework to manage all your obligations under one governance system. It does this by establishing processes to identify, implement, evaluate, and maintain all mandatory and voluntary obligations covering: quality, safety, environment, security, regulatory, and other risk-based obligations. The goal of ISO 19600 is to promote compliance effectiveness.
An important first step is establishing an obligations registry where you can manage: performance / outcome goals, threats & opportunities, controls, improvement objectives, and measures of compliance, performance and effectiveness.
This will help you to know the status of your compliance, and as importantly, whether you have the capabilities you need to be effective.