SNAPSHOT What is this compliance thing? 

Compliance is made up for 4 things:

• Policy and policy management – policy defines the way that things should be done, how things must be treated or managed, I always talk about policy as the rules to be followed in the organisation. 

• Document management – having the right information when you need it is crucial. Finding the information from (hopefully) an organised file system, knowing it’s the most up-to-date version, having shared documents that step out how to do things, or codify the skills and competencies needed for a job role are illustrations of why document management is important.

• Risk assessment – knowing your weak spots in any part of the awarding business can help anticipate and avoid potential problems and adverse effects. The process of managing those risks is important too, also remembering that risk is not just about negatives, it’s about managing opportunities too. 

• Regulatory review – which is about your process for checking the organisation is meeting its regulatory obligations. 

We use controls to help us maintain compliance, to help us adhere to policy or the correct way of doing things. Written down procedures are a good illustration of controls because they describe how things should be done, by whom and when to make sure that policy and regulations are followed. 

It’s often when something breaks down, or there is a problem and we look underneath that we can see it’s because controls are failing, not working effectively, or maybe are not in place.

Controls take many different forms, illustrated in the information below.

 

Policy

- That outlines standards and rules on what is, or can be expected.

- Provide a framework around which procedures are written.

Procedures

- System and work flows, and procedures that direct work and activity.

- Checks and balances that are carried out.

Management oversight 

– Regular reporting from staff and management including reporting on work, achievement of objectives, difficulties and barriers. 

- Staff supervision where work activities are observed.

- Team meetings and staff briefings, where important information is shared. 

People based

- Having job roles and associated skills and competences specified, against which staff and management are recruited.

- Effective recruitment methods.

- Induction that covers organisational requirements as well as role based information and guidance. 

- Performance management and supportive training and development.

- Segregation of duties, to avoid conflicts.

Authorisation and physical controls 

- Access controls to systems, files, documents. Includes things like secure logins that present a barrier to personal or sensitive data or documentation.

- Locked cabinets etc to secure documents etc that need to be kept securely or could have a value to others. 

- Authority levels on who can take certain decisions, approve things. Includes things like spending level authorisation. 

Organisational

- Business targets and KPIs against which team performance may be evaluated. 

- Budgets that present constraints.

 

By Heather Venis

Principal, Awarding First

E: heather@awardingfirst.co,uk M: 0789 479 6262 

Heather of Awarding First works with many different AOs. Supporting understanding of Ofqual compliance needs and how best to monitor and maintain compliance; working with individuals and teams to help with organisational development; and providing a specialist contribution to qualifications development and quality assurance arrangements. Get in touch for your 2018 projects now. 

© Awarding First November 2017

24/11/2017

← Back to Latest News

cock

Quick links

Legal bits

Write to us

  • Awarding First
    Curscote,
    Priest Weston,
    Montgomery,
    Shropshire,
    SY15 6DF

Get in contact