Compliance Strategy & Management

Building effective Compliance Strategy and the establishment of Compliance Management Systems (CMS) bring great value to any organization that is operating in a highly regulated industry. Compliance requirements of different sources (laws & regulations, standards, industry mandates, internal policies and contractual obligations) need to be properly identified, evaluated, and assessed. Risks associated with non-compliance shall be evaluated, treated and brought to leadership attention. Over several years of experience assisting clients in establishing and maturing their compliance practices, it has been noticed that organizations that continue to underestimate the importance of compliance management and\or consider this a complementary exercise expose their environments to great risks. Compliance Management went into several transformations between the past, the present while yet to have more in the future with the adoption of advanced concepts, approaches, and science powered by machine learning and artificial intelligence. Coming soon is my new publication on the subject: “A Code of Practice for Compliance Management Using ISO37301:2021” – co-author Dr. Walid Al Ahmed – my teacher and great mentor. The publication has deep insights on the use of ISO27301:2021(1) in CMS for enterprise and cyber. It is the result of several years of hard work and experience in establishing compliance functions for several organizations in the region across different sectors.

(1) The diagram in this post is created with XMind(2022) only and only for demonstration purposes and not intended to publish partially or fully any part of the standard document. Original standard document available at ISO website (https://www.iso.org/home.html)