Compliance is the act of “conforming to rules”. Deciding to, or not to, conform to rules affects the decisions we make. Compliance is therefore an integral part of decision making.
The question is “What are the rules that we will apply in our business decisions?” These rules can come from two primary sources as described by the ISO 19600 Standard: “Compliance Management Systems”. This standard recognises two main types of compliance obligations:
• Compliance Requirements: Requirements that an organisation has to comply with. These normally arise from external regulatory requirements and contractual requirements.
• Compliance Commitments: Requirements that an organisation chooses to comply with. These are normally manifested through internal policies, practices, codes of conduct, etc.