An Introduction to ISO 19600
To understand ISO 19600:2014, one needs to understand compliance. When an organisation is compliant, it means that it conforms to a rule, such as a specification, policy, standard or law. A company can be ISO certified when it follows the guidelines issued by the International Organisation for Standardisation. Compliance offers many benefits for businesses, including reduced legal problems, improved operations and safety, better public relations and higher employee retention.
With the new laws and regulations coming into play almost every week and the high cost of non-compliance, compliance management standard ISO 19600:2014 offers organisations a workable and worthwhile business solution. ISO 19600:2014 is based on the principles of good governance, proportionality, transparency and sustainability. This standard integrates risk assessments, the risk management process and compliance management in order to embed compliance within the risk-based processes of companies. ISO 19600:2014 provides organisations with guidance on developing, establishing, evaluating, maintaining and improving a capable and responsive compliance system.
All organisations must attempt to comply with the regulatory and statutory requirements that apply to them. Despite their best efforts to align with the requirements, this may often prove difficult and can potentially lead to fiscal, legal or even criminal penalties. ISO 19600 provides comprehensive guidance with easy-to-follow examples for users wanting to implement a compliance management system to benchmark their framework against a standard.
ISO 19600 offers a risk-based approach to compliance management. By following and cooperating with ISO risk management practices, companies embed compliance within the risk-based process and ensures that the system is in alignment with the organisation’s objectives. This also establishes the basis for the implementation of a compliance management system. ISO does not specify requirements but provides guidance on compliance management systems.
ISO 19600 follows the common high-level structure for ISO management system standards. All the standard components of a management system are adapted and supplemented to integrate compliance requirements. The processes of ISO 19600:2014 align closely with those of ISO 31000, another risk management standard. The guidance of ISO 19600 has been written in such a way that it is adaptable, and the usage of this guidance can differ based on the size and maturity level of an organisation’s compliance management system, as well as the nature, content and complexity of the organisation’s activities. This standard emphasises the use of a Plan, Do, Check, Act cycle and can be combined with any existing management system standards that the organisation may have already implemented.
ISO 19600 is a highly valuable standard, which sets up the prerequisites needed for companies to meet their various obligations. This standard offers many benefits for organisations of all sizes.
DQS South Africa is your local business solutions partner, offering solutions that work for your sector. We form part of an international network dedicated to ensuring compliance and business conformity. For any questions about our services or to contact us, please visit dqs.co.za.