Compliance
While the GOVERNANCE function provides ongoing oversight to hold stakeholders accountable, the COMPLIANCE function identifies requirements an organization must adhere to (e.g., laws, regulations, frameworks, contractual agreements, internal dictates, etc.). The primary focus of the COMPLIANCE function is to ensure the organization has sufficient evidence of due diligence and due care to demonstrate it is secure, compliant and resilient.
COMPLIANCE FUNCTION
As part of that role, the GOVERNANCE function is generally tasked with the following responsibilities:
- Performing no less than annual reviews to identify applicable:
- Laws;
- Regulations;
- Industry-recommended practices; and
- Contractual obligations.
- Maintaining a register of applicable compliance requirements.
- Educating executive leadership on compliance requirements and the cost of non-compliance.
- Establishing an Internal Audit (IA) function to perform ongoing assessments.
- Perform pre-production control testing activities.
- Contribute to the organization's centralized "risk register" as risks are identified from ongoing compliance actions.
- Review the organization's policies and standards to ensure compliance obligations are sufficiently addressed.
** SPONSORED CONTENT **
