ISO 19600: Risk-Based Compliance Management
ISO (International Organization for Standardization) is an independent, non-governmental membership organization. It is the world’s largest developer of voluntary International Standards. ISO’s goal is to spark and sustain innovation across industries, creating solutions to a variety of challenges across the world. Learn more at http://www.iso.org/.
ISO 19600:2014 integrates risk assessments, the risk management process, and compliance management. By following ISO risk management practices, companies embed compliance within the risk-based process. This is an important characteristic of effective compliance management, because it breaks down silos and allows the organization to focus on root-cause risks. This streamlines the compliance process, making it easier to meet the obligations of not only government entities, but the host organization’s own internal code of ethics and its social responsibility objectives.
About ISO Compliance and Risk Management
Compliance management goes beyond the mere satisfaction of legal requirements. Compliance is also related to meeting the needs and expectations of a wide range of stakeholders. Therefore, making sound choices and setting priorities appropriately is an important part of effective compliance management. ISO 19600 takes a risk-based approach to compliance management. As a result, it aligns with ISO 31000:2009, Risk Management – Principles and guidelines, which according to ISO “provides principles, framework and a process for managing risk.”
The LogicManager Platform Provides:
To assist in the enterprise adoption ISO 19600, LogicManager’s ISO 19600 plugin provides actionable tools necessary to achieve a risk based compliance management process, integrated into the LogicManager ERM software platform. Compliance obligations and risks can both be linked to policies, procedures, and general company practices in order to ensure a risk based approach is adopted. While traditional compliance management software treats risk as an ad-hoc component of the process, LogicManager’s risk based GRC software solution integrates risk with all aspects of governance.