The establishment of CMS as the initiator of the implementation of other management and integration systems
What is Compliance Management System?
Business compliance management (CMS) is part of a business system management system. Its main goal is to monitor and control whether it functions in accordance with its external and internal obligations – legislation, regulation, management standards, professional standards, rules, policies, licenses, authorizations, agreements, contracts, investor requirements, case law, etc.
More about the sources of these obligations and the consequences of their non-compliance can be found on the links:
What does this approach mean - The establishment of CMS as a driver for the implementation of other management and integration systems?
In this approach, CMS is used as an indicator of the development of various internal management systems, a trigger for their improvement, a trigger for the implementation of still missing other areas of management and mutual integration. This is why it can also be called CMS – All in One.
Advantages of this approach:
This approach enables the establishment of a unique management platform for the business system based on international norms and frameworks, which achieves:
• Complete identification of all compliance obligations and integrated management of business risks,
• Checking the compliance of existing but isolated management systems (e.g. quality, information security, environmental protection,…),
• By initiating the application of other management systems that have not yet been introduced, and growing needs dictate it,
• By integrating all individual management systems into a single management platform,
• Shaping the “big picture” of the compliance area, adopting its correct strategy, architecture and unified policy for all management segments,
• Optimization of resources, reduction of documentation in use, easier auditing, reduction of costs, etc.,
• Supervision of the business system as a whole and taking corrective and preventive actions according to business priorities, etc.
Consulting services of ZIH
ZIH has developed ways and procedures to successfully realize all these phases, which
We can present to you at your request. Expected priority areas for which adjustments are necessary in 2023. are:
For each of these areas, the following are identified:
• Motives / Need for compliance,
• Existing situation / Risks arising from the existing situation i
• Proposal for improvement
If some of these areas have not yet been implemented in a business system, ZIH has solutions to introduce them within a reasonable period of time.
Trainings from this approach:
• Management of business compliance in majority state-owned companies
• Compliance management in business systems
o Compliance management in the business system
o Certified ISO 37301 Foundation (PECB)
o Certified ISO 37301 Lead Implementer (PECB)
• Education and certification of Compliance Officers
• Audit of the business compliance management system
• Certified ISO 37301 Lead Auditor (PECB)
• Education from each of the mentioned areas that have not yet been implemented
o Integrated assessments of business risks
o Cyber security
o Information security
o Management of incidents / business continuity
o Privacy protection management / GDPR
o Anti-corruption management
o Managing the protection of whistleblowers