Compliance Assessment
Ongoing assessment of your policies and programs helps you maintain a strong level of compliance with the ISO standards that you have adopted.
Compliance assessment has three main objectives:
- Identify compliance gaps
- Mitigate risks
- Seek continuous improvement
Compliance is different from certification.
- ISO compliance: Compliance assessment happens after certification, looking at on-going activities that demonstrate your compliance with the mandatory and non-mandatory requirements of an ISO standard (necessary to pass the surveillance audits in years 2-3 and the re-certification audit in year 4).
Compliance assessment approach
Fiqra can help you put in place a compliance assessment program for your organization.
We typically conduct a compliance assessment along five key steps:
1. Assessment planning:
- Develop assessment criteria that will be used to conduct the assessment.
2. Compliance review:
- Collect relevant data and documents (such as policies, procedures and forms).
- Conduct interviews/surveys to assess the level of compliance, identify risks and characterize areas of non-compliance.
3. Evaluation and gap analysis:
- Evaluate compliance findings against the assessment criteria.
- Conduct a gap analysis to dentify discrepancies between current practices and compliance requirements.
- Prepare a gap analysis report.
4. Key stakeholder consultations:
- Meet with your senior leadership to review assessment findings and recommended mitigation strategy for each identified risk.
5. Compliance improvement plan:
- Communicate compliance improvement plan to your departments and employees.
- Distribute critical policy and procedures to employees.
- Propose training programs for employees.
- Conduct competency checks and scenario-based evaluations to test employee knowledge.
Compliance assessment approach
