Section 11.102 Compliance

Question 1

Compliance

Answer 1

Ensures adherence to laws, regulations, guidelines, and specifications

■ Includes compliance reporting and compliance monitoring

Question 2

Compliance Reporting

Answer 2

Systematic process of collecting and presenting data to demonstrate adherence to compliance requirements

■ Two Types of Compliance Reporting: Internal & External

Question 3

Internal Compliance Reporting

Answer 3

Ensures adherence to internal policies and procedures

○ Conducted by an internal audit team or compliance department

Question 4

External Compliance Reporting

Answer 4

Demonstrates compliance to external entities

○ Mandatory, often by law or contract

Question 5

Compliance Monitoring

Answer 5

Regularly reviews and analyses operations for compliance

■ Includes due diligence and due care, attestation and acknowledgement, and internal and external monitoring

Question 6

Due Diligence and Due Care

Answer 6

Due Diligence: Identifying compliance risks through thorough review

Due Care: Steps taken to mitigiate identified risks

Question 7

Attestation

Answer 7

Formal declaration by a responsible party that the organisation’s processes and controls are compliant

Question 8

Acknowledgement

Answer 8

Recognition and acceptance of compliance requirements by all relevant parties

Question 9

Internal Monitoring

Answer 9

Regularly reviewing an organisation’s operations to ensure compliance with internal policies

Question 10

External Monitoring

Answer 10

Third-party reviews for compliance with external regulations or standards

Question 11

Role of Automation in Compliance

Answer 11

Automated compliance systems can streamline data collection, improves accuracy, and provides real-time
monitoring