What is compliance management

Last updated: 2021-10-11
See our solution:
GRC ManagementGRC Management software
Was this article helpful?
15 of total 18 found this helpful.

Compliance management and company processes

Compliance management is a continuous process of monitoring and evaluating company processes and regulations to ensure their compliance with the requirements of the regulator, legislation, standards, norms or customer requirements. In a broader sense, it also includes the monitoring and evaluation of internal regulations and their interrelationships.

Failure to comply with requirements can lead to fines, loss of license or certificates, threats to corporate security and similar threats to the organisation as a whole. 

What a good compliance management needs

Compliance management also involves the correction of identified deficiencies and, by its very nature, is close to risk management. It also uses similar management methods. It typically includes the following activities and processes:

  • keeping an overview of all the requirements that the organization must comply with
  • monitoring requirements and changes to them (legislation, standards, norms)
  • monitoring the compliance of company processes with these requirements
  • identification of compliance gaps
  • proposing and implementing corrective actions 

The most common areas and market segment where compliance is essential 

  • Compliance in the area of privacy and personal data protection (e.g. GDPR, HIPAA)
  • Financial and tax compliance, compliance of financial institutions and companies
  • Environmental compliance
  • Technology compliance with supply chain requirements or standards
  • Information technology compliance
  • IT security compliance
  • Anti-corruption compliance
  • Labour relations compliance, equal opportunities and non-discrimination