11.2 - Manage compliance
PCF ID: 17467 | Elements: 16 | Metrics Available: N | Benchmarkable: 0
Definition
Managing steps to confirm enduring compliance to industry regulations and government legislation.
Overview
This process group covers manage compliance within the broader context of Manage Enterprise Risk, Compliance, Remediation, and Resiliency.
Process Hierarchy
Processes
| ID | Process | PCF ID | Sub-elements | Metrics |
|---|---|---|---|---|
| 11.2.1 | Establish compliance framework and policies | 17468 | 4 | N |
| 11.2.2 | Manage regulatory compliance | 16463 | 9 | N |
11.2.1 - Establish compliance framework and policies
PCF ID: 17468
Definition: Developing a set of procedures detailing an organization's progress in complying with established guidelines, provisions, and legislation.
| ID | Activity | PCF ID | Tasks | Metrics |
|---|---|---|---|---|
| 11.2.1.1 | Develop enterprise compliance policies and procedures | 17469 | 0 | N |
| 11.2.1.2 | Implement enterprise compliance activities | 17470 | 0 | N |
| 11.2.1.3 | Manage internal audits | 14133 | 0 | N |
| 11.2.1.4 | Maintain controls-related technologies and tools | 14137 | 0 | N |
11.2.1.1 - Develop enterprise compliance policies and procedures
Definition: Creating a standardized approach to ethics and compliance. Have a programmatic approach for compliance that focuses on the definite risks the organization faces.
11.2.1.2 - Implement enterprise compliance activities
Definition: Implementing standardized for ethics and compliance. Have a programmatic approach, built from the top down, to enterprise compliance that focuses on the definite risks the organization faces.
11.2.1.3 - Manage internal audits
Definition: Managing accounts and prepare regular reports on financial performance.
11.2.1.4 - Maintain controls-related technologies and tools
Definition: Managing technologies and tools related to the confidentiality, integrity, and availability of data in order to ensure the security of the organization's information.
11.2.2 - Manage regulatory compliance
PCF ID: 16463
Definition: Obeying laws, guidelines, strategies, and stipulations related to the business.
| ID | Activity | PCF ID | Tasks | Metrics |
|---|---|---|---|---|
| 11.2.2.1 | Develop regulatory compliance procedures | 16464 | 0 | N |
| 11.2.2.2 | Identify applicable regulatory requirements | 16465 | 0 | N |
| 11.2.2.3 | Monitor the regulatory environment for changing or emerging regulations | 16466 | 0 | N |
| 11.2.2.4 | Assess current compliance position and identify weaknesses or shortfalls therein | 16467 | 0 | N |
| 11.2.2.5 | Implement missing or stronger regulatory compliance controls and policies | 16468 | 0 | N |
| 11.2.2.6 | Monitor and test regulatory compliance position and existing controls | 16469 | 0 | N |
| 11.2.2.7 | Compile and communicate compliance scorecard(s) | 19595 | 0 | N |
| 11.2.2.8 | Compile and communicate internal and regulatory compliance reports | 19596 | 0 | N |
| 11.2.2.9 | Maintain relationships with regulators as appropriate | 16470 | 0 | N |
11.2.2.1 - Develop regulatory compliance procedures
Definition: Developing procedures and methodologies to comply with relevant laws and regulations of an organization's obedience to laws, guidelines, strategies and stipulations related to business.
11.2.2.2 - Identify applicable regulatory requirements
Definition: Determining the regulatory requirements that are most appropriate for the organization. Identify goals in order to follow the appropriate rules and regulations, guidelines, and strategies.
11.2.2.3 - Monitor the regulatory environment for changing or emerging regulations
Definition: Analyzing and overseeing the regulatory environment in order to spot any changing or emerging regulations. This process element calls upon the organization to monitor the regulatory environment for any new statutes, policies, and enactments issued by the respective government authorities or those which have been updated.
11.2.2.4 - Assess current compliance position and identify weaknesses or shortfalls therein
Definition: Evaluating current regulatory policies and regulations. Assess their performance. Make necessary changes.
11.2.2.5 - Implement missing or stronger regulatory compliance controls and policies
Definition: Assessing the current policies and policies. Implement missing and necessary changes environmental changes, political changes, technological changes, etc.
11.2.2.6 - Monitor and test regulatory compliance position and existing controls
Definition: Monitoring, appraising, and evaluating the compliance position of the organization in order to fine-tune for effective remediation. Track efforts for handling regulatory and compliance requirements necessitated by law. Test the robustness of internal frameworks, procedures, and approaches for dealing with these requirements, in order to clearly identify any necessary changes.
11.2.2.7 - Compile and communicate compliance scorecard(s)
Definition: Creating a graphical representation of metrics in order to communicate the general health of the organization in relation to risk and compliancy.
11.2.2.8 - Compile and communicate internal and regulatory compliance reports
Definition: Submitting compliance reports to regulatory agencies. These reports can be made to environmental, securities, or human resources agencies as stipulated by the local governing body.
11.2.2.9 - Maintain relationships with regulators as appropriate
Definition: Developing and preserving relationships with the regulators, without compromising the legal basis of the relationship.
Change Summary (v7.2.1 vs v6.1.1)
Changes indicated by:
+XXXXX- New element added-XXXXX- Element removedcXXXXX- Element changedNEW- Newly introduced
Complete Element List with Definitions
All 16 elements
| ID | Name | Definition |
|---|---|---|
| 11.2 | Manage compliance | Managing steps to confirm enduring compliance to industry regulations and government legislation. |
| 11.2.1 | Establish compliance framework and polic... | Developing a set of procedures detailing an organization's progress in complying with established gu... |
| 11.2.1.1 | Develop enterprise compliance policies a... | Creating a standardized approach to ethics and compliance. Have a programmatic approach for complian... |
| 11.2.1.2 | Implement enterprise compliance activiti... | Implementing standardized for ethics and compliance. Have a programmatic approach, built from the to... |
| 11.2.1.3 | Manage internal audits | Managing accounts and prepare regular reports on financial performance. |
| 11.2.1.4 | Maintain controls-related technologies a... | Managing technologies and tools related to the confidentiality, integrity, and availability of data ... |
| 11.2.2 | Manage regulatory compliance | Obeying laws, guidelines, strategies, and stipulations related to the business. |
| 11.2.2.1 | Develop regulatory compliance procedures | Developing procedures and methodologies to comply with relevant laws and regulations of an organizat... |
| 11.2.2.2 | Identify applicable regulatory requireme... | Determining the regulatory requirements that are most appropriate for the organization. Identify goa... |
| 11.2.2.3 | Monitor the regulatory environment for c... | Analyzing and overseeing the regulatory environment in order to spot any changing or emerging regula... |
| 11.2.2.4 | Assess current compliance position and i... | Evaluating current regulatory policies and regulations. Assess their performance. Make necessary cha... |
| 11.2.2.5 | Implement missing or stronger regulatory... | Assessing the current policies and policies. Implement missing and necessary changes environmental c... |
| 11.2.2.6 | Monitor and test regulatory compliance p... | Monitoring, appraising, and evaluating the compliance position of the organization in order to fine-... |
| 11.2.2.7 | Compile and communicate compliance score... | Creating a graphical representation of metrics in order to communicate the general health of the org... |
| 11.2.2.8 | Compile and communicate internal and reg... | Submitting compliance reports to regulatory agencies. These reports can be made to environmental, se... |
| 11.2.2.9 | Maintain relationships with regulators a... | Developing and preserving relationships with the regulators, without compromising the legal basis of... |
Back to: Category 11.0 - Manage Enterprise Risk, Compliance, Remediation, and Resiliency | APQC PCF Overview | Full Glossary