Purpose of Compliance Assessment
ISO compliance:
On-going activities that demonstrate your compliance with the mandatory and non-mandatory requirements of an ISO standard (necessary to pass the surveillance audits in years 2,3 and the re-certification audit in year 4).
ISO certification:
Formal assessment to obtain recognition for meeting an ISO standard (in year 1).
Compliance assessment is required to show that your organization meets its certification obligations & maintains a strong compliance framework as well as continuous improvement. To assess your organization’s compliance with an ISO standard, you will need to regularly evaluate the effectiveness of your compliance policies and programs.
Compliance Gaps Identification
Risk Mitigation
Continuous Improvement
Compliance Assessment Program
A.Internal auditor course (detailed)
GlobalCert can help you put in place a compliance assessment program for your organization. We typically conduct a compliance assessment along five key steps:
Key stakeholder consultations:
- - Meet with your senior leadership and department heads to review assessment findings and proposed mitigation strategy for each identified risk.
Compliance assessment:
- - Collect relevant data and documents (such as policies, procedures and records).
- - Conduct interviews/surveys to assess the level of compliance, identify risks and characterize areas of non-compliance.
Evaluation and gap analysis:
- - Evaluate compliance findings against the assessment criteria.
- - Conduct a gap analysis to identify discrepancies between current practice and compliance requirement.
- - Assess effectiveness of mechanism for employees to report issues.
- - Prepare a gap analysis report summarizing assessment findings, areas of compliance and non-compliance, and recommendations.
Compliance improvement plan:
- - Communicate compliance improvement plan to your departments and employees.
- - Identify the key people and agree on target dates.
- - Re(distribute) critical policy and procedures to employees.
- - Propose training programs for employees.
- - Conduct competency checks and scenario-based evaluations to test employee knowledge.
Review implementation:
- - Control the implementation progress of the improvement tasks with the key people.
- - Close completed tasks and make sure records are kept.
![[object Object]](/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fimprovement.62af72f9.png&w=1920&q=75&dpl=dpl_45NUZeAWvDCm51DRXZLhfXE4uWvW)