ISO 19600:2014: Why is Compliance Management one of the biggest challenges facing businesses today?

Compliance has become one of the biggest challenges facing businesses today. Failing to have the right controls and culture in place could mean forking out millions in fines. So how can businesses get it right? Look no further than the newly published ISO 19600:2014 for guidelines on compliance management systems.

With new laws and regulations announced almost every week, and the steep cost of non-compliance, ISO 19600 could be just the solution that large and small organisations are looking for.

Simply put, compliance refers to a company obeying applicable laws, relevant industry standards and internal policies (e.g. codes of conduct) it has decided to implement because they impact upon its business, its staff and its treatment of consumers.

Basically, the foremost goal of compliance is to make sure that companies fulfil their responsibilities and effectively manage the risk of doing harm to their reputations.

Developed by ISO project committee ISO/PC 271, Compliance management systems, the new ISO 19600 gives comprehensive guidance with helpful and easy-to-follow examples for users wanting to implement a compliance management system or benchmark their framework against a standard.

Many businesses, however, question the need for compliance and its associated costs. But there is a catch, and not bothering to have the right controls in place could result in hefty fines as well as reputational damage. So what’s a company to do?

According to Martin Tolar, Chair of ISO/PC 271, the new standard could greatly assist the continual improvement of compliance frameworks. “ISO 19600:2014 is expected to serve as a global benchmark for compliance officers, businesses, commentators, academics – and regulators and the courts of course. And thanks to the standard’s customisable guidance, all organisations can benefit.”

What is ISO 19600?

ISO 19600 provides guidelines for establishing, developing, implementing, managing and improving a compliance management system within an organisation. This standard is applicable to all sizes, nature, and complexity of company’s business activities. This will allow organisations to encounter all their regulatory requirements and manage their operational risks with one uniform compliance framework. Compliance Management is more than just a legal requirement; it is also a bound to meet the stakeholder’s needs and expectations regardless of industry.

By being certified against ISO 19600, the organisation will be capable to detect all existing compliance gaps and implement appropriate corrective actions by following ISO 19600 recommendations.

Why is Compliance Management important for you?

Being certified against ISO 19600 helps you ensure that your organisation is adhering to legal regulations and contractual obligations. You may also be able to evaluate the organisation’s practices by ensuring that they are in line with specific ethical standards within the limitations of the laws. You will also get acquainted with the appropriate knowledge to offer advice on how to address any areas of noncompliance and how to guard against future compliance risks. Compliance is important for your reputation and career perspectives. By following the Compliance Management System recommendations you can support your organisation to continuously improve compliance programs and reduce the non-compliance risk rates.

Aligning your organisation’s compliance framework with the ISO 19600 recommendations will demonstrate that you have established an appropriate framework to manage compliance risks, fill their responsibilities and at the same time deliver confidence and value to customers, employees and other parties.

Benefits of ISO 19600 Compliance Management

By becoming ISO 19600 certified, you will be able to:

  • Demonstrate to business partners that your organisation can fulfill its contractual compliance obligations
  • Build customer trust and loyalty
  • Create competitive advantage that creates more efficiency while reducing risks
  • Create transparency while properly complying with all the laws
  • Improve standardisation and uniformity
  • Implement a framework for the identification of organisational risks associated with applicable legal requirements
  • Develop controls to ensure adherence to legal requirements

ISO Internationally Certified: ISO 19600: Compliance Management Training

Crest Advisory Africa is accredited by the PECB to conduct internationally accredited training with our Public Courses through our CAA Training Academy (CAATA), we also offer correspondence training and if needed, to do it on site, with our In-house Training offerings.

The training for each of the standards consists of the following modules for different audiences:


(2 days)

  • ISO 19600 Foundation training enables you to learn the basic elements to implement and manage a Compliance Management System (CMS) as recommended by ISO 19600. During this training course, you will be able to understand the different modules of a CMS, including compliance policy, controls, procedures, performance measurements, management commitment, internal audit, management review and continual improvement.
  • After completing this course, you can sit for the exam and apply for a “PECB Certified ISO 19600 Foundation” credential. A PECB Foundation Certificate shows that you have understood the Compliance Management Systems methodology, guidelines, and management approach.


Based on practical exercises, you will be able to master audit techniques and become competent to manage an audit program, audit team, communication with customers, and conflict resolution.

Organisational Gap analysis against ISO 19600

Organisations will then need to perform a gap analysis to assess the nature of changes that are required in their business. Should you not feel confident in conducting a gap analysis, you may call on a CAA qualified Lead Implementer and Auditor to assist. CAA offers guidance that will lead your team to certain compliance.

Once ready, you can contact CAA to conduct a pre-certification, or readiness audit, implement corrective action and you’re good to go.

Contact Crest Advisory Africa (CAA):

To begin this process, click the button below to get in touch with us:





Should you have any further questions you can contact us on:

  • Mobile: +27 (0) 76 403 4307