To effectively meet compliance obligations, it is essential to differentiate regulatory and compliance demand according to their designs.
Regulations and standards are typically designed according to one of the following four types:
prescriptive
management-based
performance-based
general duty / liability
Each type of design requires a different approach and can create different demands on organizations which can be categorized as:
Persistent maintenance – needs to be true for all time.
Persistent achievement – needs to be achieved by a deadline and then always true after that.
Non-Persistence – they need to be true when a certain condition arises.
Compliance obligations are the promises that organizations agree to keep with respect to compliance demand. Obligations have in the past been mostly prescriptive in nature. However, increasingly, they are better described as promises to achieve a certain capability of compliance maturity that is expected to improve over time. As such, they will each have their own set of goals, measures and risks.
In the context of increasing and often overlapping compliance demand an integrated taxonomy enables companies to rationalize their obligations which can lead to an increase in efficiency and overall effectiveness.
Adopting ISO 19600 (obligation management guideline) helps companies to organize and manage their obligations in a consistent manner which when combined with an integrated taxonomy afford organizations with the knowledge they need to help ensure that all their obligations are addressed.