Consortium Releases First Draft Of Compliance Framework

The Compliance Consortium, an international membership organization formed in June 2004 to promote effective governance, risk and compliance (GRC) management, today unveiled the first draft of its compliance framework, an approach for managing GRC requirements within the enterprise.

Applicable to both public and private companies, the framework is designed to assist senior management and boards of directors in setting objectives for managing compliance-related activities and instituting the programs needed to attain those objectives.

The first draft is a "public draft" and is intended to invite comment and criticism and ultimately to build a broad consensus within the hundreds of companies that have registered as part of The Compliance Consortium Community over the past year.

Leveraging the guidelines set forth by the U.S. Sentencing Commission, the Consortium has defined seven operational concerns to serve as a framework for organizing and managing GRC operations. These range from clearly assigning responsibilities at all levels of the organization to establishing incentives and discipline to promote compliance

The Consortium has developed a list of 12 questions that board members and senior management should ask to help ensure organizations are on track with their GRC objectives. "Unquestionably, the passage of the Sarbanes-Oxley Act has increased the focus for public companies on the areas of corporate governance, risk management and compliance," said Ted Frank, chairman of the Compliance Consortium advisory committee and president of Axentis, in a prepared statement. "It's important to remember that, for many companies, Sarbanes-Oxley is just one of hundreds of mandates from the SEC, FDA and other regulatory bodies that they must manage. Our goal with the creation of this framework is to help all organizations define, execute and ultimately profit from low risk and efficient governance, risk and compliance management, regardless of the specific regulation or statute."

Interested parties may access "Governance, Risk Management, and Compliance: An Operational Approach" on the Consortium web site .