Search

How we do it

We have developed process and techniques that allow us to tackle the highly complex problem of capturing, consolidating and managing an organisation's governance, risk and compliance issues.

We can explain in detail how we do this when we meet you for the first time.

In advance of that, however, let us give you an outline of the areas that we cover to give you a feel for the completeness of our service:

  • Identify a company’s compliance obligations, and assemble them into a coherent knowledge base.
  • Establish a system Lexicon (sometimes known as ontology) to clearly define the terms that comprise the system Taxonomy, thus enhancing the precision rate in searching for documents and facilitating activities such as global risk profiling and cross-referencing.
  • Map, link and route compliance obligations to the appropriate positions within the company to establish accountability and ensure that there are no “accountability gaps”.
  • Uncover and include the current status of all of the metrics regarding the operational, business conduct, legal, regulatory, policy, and voluntary commitment (including contractual) compliance risks confronting the company.
  • Design a comprehensive recording method for hazards and risks, and their economic and non-economic consequences, including an operational risk scoring mechanism to focus management resources.
  • Define notification alerts and escalations and the use of operational dashboards to enforce internal and external due dates, whilst providing the ability to reassign resources on the fly when a person is unable to act on a due date (absent, ill, on leave, etc) to ensure that there are no gaps in the fulfilment of obligations.
  • Incorporate a Key Reporting Views Process, which is continually updated in a constant cycle of replicating information back to the Master Compliance Database for delivery to the appropriate business level, including Global, Regional, National, Business Unit, and any other level to which the timely delivery of compliance obligation information is critical, enabling the company to expose global non-compliance risk and to compare compliance management across the entire enterprise.
  • Develop a system for handling change notifications for compliance obligations, which are automatically invoked through business processes that monitor automatic update notification services from third party compliance portals, either internal or external to the company.
  • Develop a method that ensures that recording a risk will trigger an automated process, which requires the recording of a Risk Mitigation and Action Plan.
  • Develop a method that ensures that recording a compliance-related incident will trigger an automated process, requiring the recording of a Corrective Action Plan.
  • Design (and optionally deploy) an IT system architecture, centred on the Master Compliance Database, that fully encapsulates the system requirements above, but that can be implemented within the company’s current IT application, network and security infrastructure.

A brief sample of our Management Compliance Process is available to view here.

| © d2OPS international | all rights reserved | +44 (0)1628 400609 | +1 415 946 8886 | contact us |