SEARCH

to be very effective for certain processes, when it comes to meeting performance and outcome based compliance We have created the Lean Compliance A3 format which incorporates the bow-tie analysis along along with measures of effectiveness, performance, and compliance to help you continually advance towards better

tutelage of prescriptive rules and audits it is no wonder that the question of what and how to improve compliance is met with: we are fully compliant, there is nothing to improve, and we have someone that does that It's time for a new mindset if compliance wants to see new and better results.

This is in fact a "Digital Thread" the first of its kind to be used by regulators to improve compliance The future of compliance looks like it is here so let's find out what digital threads are all about and why it is so important for compliance. It is this latter aspect which is of significance for compliance specifically where traceability and What Digital Threads Mean For Compliance Evidence of compliance has always been needed and this means

standards that take up the majority of their compliance resources. Compliance needs excellence So how do you improve compliance and would compliance excellence look like Compliance failure often leads to mission failure. Companies require "operational excellence" in how it does compliance. Until it does, compliance must itself make "Compliance Excellence" a priority to support their quality

their compliance programs. compliance metrics. Nimonik is a compliance software company that provides environmental, health, and safety compliance managing compliance documentation. on risk assessments, compliance audits, and compliance gap analysis.

Compliance management systems are used by organizations for the purpose of helping them first achieve What is essential for a compliance system to be effective? How are outcomes created? Another way of saying this is a compliance system is not the sum of its parts. Compliance system properties We have found that the following properties contribute to a compliance system's to fulfill their compliance function.

In the world of compliance, humility is a critical trait that is often overlooked. How does humility help compliance? Being humble in compliance means acknowledging that no compliance program is perfect and that there is Being humble in compliance also means being willing to learn from mistakes. Humility in compliance means recognizing the importance of collaboration.

Some may be aware of an obscure but important guideline called ISO 19600 “Compliance Management System . provides description of what is considered a regulatory compliance culture. highlights the issues of independence, staffing and skills of Regulatory Compliance to operate without interventions and with Is this standard what you need to modernize your compliance? ISO 37001 is applicable for organizations that: want to modernized their corporate compliance efforts

When it comes to compliance success, you need to pay attention to all the risk – the threats and the Compliance is not just about ticking boxes. Understanding Holistic Compliance Risk When we think about risk in compliance, we often focus solely A holistic approach to compliance risk involves: Identifying Obligations and Commitments: both mandatory Path Forward Compliance involves meeting obligations and keeping commitments.

Safety performance is improved when organizations take a comprehensive and systemic view of their safety efforts. This requires different skills than implementing separate activities connected with requirements where the "means" have already been specified.  With todays performance and outcome-based regulatory designs, organizations must now identify and determine how they will achieve targeted safety goals; which can be considered as obligations. A "design" step is needed to translate requirements to design specifications. These specifications describe the ends (key results and objectives) and the means (people, process, technology) of the safety effort needed to meet your obligations. API RP 1173 Management of Change (MOC) Example The following completed system requirements canvas demonstrates how this looks like for a Management of Change (MOC) sub-system for a Pipeline Safety Managment System (SMS) using API RP 1173. Although, this approach can be applied to other types of systems where improvement in both performance and outcomes have been targeted. This canvas maps requirements to the processes and capabilities that have been identified to achieve MOC effectiveness. Since API RP 1173 is a recommended practice (i.e. not mandatory) and uses a performance-based approach, it is no surprise that elements only include minimum procedural requirements that could be verified using an internal or external audit. Although, no certification body exists or is expected. When considering requirements a necessary (and perhaps the first) step is to identify what effectiveness looks like. This goes beyond looking at minimum prescriptive requirements and includes consideration of the system's overall purpose, internal and external dependencies and requirements that come from improving essential capabilities to achieve key results and objectives. For an MOC subsystem, effectiveness can be defined as: Management of change is effective when it keeps pipeline safety risk (individual and aggregate) within acceptable risk levels (risk tolerance) resulting from technical, physical, procedural or organizational change. This measure of effectiveness will create additional requirements although not specified in API RP 1173, are certainly expected as part of its adoption. A comprehensive design will also consider overall system properties which for a purposively system, like a Pipeline SMS, can be expressed in the following way: The first property we have already addressed, although not for the system as a whole. We know from system theory that a system is not the sum of its parts and is rather the product of its interactions. We expect that all subsystems will be designed to contribute to the production of the essential system properties. Therefore, we must identify what is needed for the MOC subsystem itself and its contribution to the whole (i.e. dependency requirements) with respect to being: effective, proactive, viable, sustainable, resilient, efficient, adaptive, and transparent. A design structure matrix (as shown below) can be used to identify dependency requirements along with possible vulnerabilities or gaps in system capabilities: Summary To meet performance and outcome-based obligations each organization must establish their own goals and objectives along with the means by which they will be achieved. It is in meeting these obligations that create performance requirements that extend beyond procedural specifications within the API RP 1173 framework as in our MOC example. A design step is now needed to translate performance, element, and system requirements to design specifications for solutions that advance overall outcomes. As safety is an emergent property of an overall safety system the design step requires knowledge and skills in system design, cybernetic controls, and risk-based strategies to ensure that safety is advanced. These are not only needed for adopting API RP 1173 but for all performance and outcome-based regulations and standards.

This approach is especially powerful in compliance, where the stakes of failure—whether in regulatory Why Inversion Works So Well in Compliance Compliance success increases the probability of mission success However, the reverse is almost always true: compliance failure leads to mission failure. systems, and processes designed to reduce the likelihood of non-compliance. Avoiding Failure is Success in Compliance Achieving compliance success can be challenging for many to

By Raimund Laqua, PMP, P.Eng., Founder and Chief Compliance Engineer at Lean Compliance I've spent 30 years in the trenches of compliance, and one question keeps coming up: "Are all compliance obligations There's no magical tool that will transform your compliance program overnight. Raimund Laqua, PMP, P.Eng. is Founder and Chief Compliance Engineer at Lean Compliance Consulting, Inc on topics of risk, compliance, lean, and responsible and safe AI.