Organizational Compliance Management for Global Security

Verified

Added on 2023/01/20

AI Summary

This report provides a detailed analysis of the compliance management system for Global Security, a New Zealand-based security company. It begins with an overview of compliance management systems, emphasizing their role in helping organizations meet legal obligations and mitigate risks. The report then outlines the current compliance requirements of Global Security, encompassing internal safety and quality management requirements, legal obligations under the Health and Safety in Employment Act 1992 and the Resource Management Act 1991, and industry mandates like privacy and non-disclosure of customer data and unbiased employment practices. The report identifies potential breaches from internal policies and external requirements, such as customer demands not being met and external data breaches. It proposes procedures to deal with these breaches, including implementing FDA/global regulatory inspectors and ISO auditors, and utilizing the ISO 27000 framework. The report also emphasizes the importance of active engagement with internal and external stakeholders, suggesting meetings with the security development team and the use of third-party security experts. Finally, it details techniques and performance indicators for monitoring compliance management, such as regular audit checks, customer feedback documentation, and AI-driven intrusion detection. The report concludes with a summary of the findings and recommendations for ensuring effective compliance management.

Organizational Compliance Management
1

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Table of Contents
1. Introduction and Overview of the Compliance Management System................................2
2. Current Compliance Requirements Based on Information Gathered.................................2
Internal Requirements............................................................................................................2
Legal Obligations...................................................................................................................2
Regulatory Codes and Standards/ Industry Mandates...........................................................3
3. Identification and Analysis of Possible Breaches...............................................................3
Breach from Internal Policies.................................................................................................3
Breach from External Requirements......................................................................................3
4. Procedures to Deal with Possible Breaches........................................................................4
5. Active Engagement with Internal and External Stakeholders for Managing Possible
6. Techniques..........................................................................................................................4
Conclusion..................................................................................................................................5
Reference List............................................................................................................................6
2

1. Introduction and Overview of the Compliance Management System
Compliance Management System or CMS can be defined as a program that provides
comprehensive compliance to organizations. The CMS includes an integrated system
involving various processes, functions, controls, tools and documents. Such systems support
organizations to deal with legal obligations and reduce the harm from violation of laws for
customers (Kothari, 2012). Generally, every aspect of an organization ranging from sales to
advertisement are all secured by a compliance management system. The company chosen for
the assignment is a New Zealand based security company named Global Security that provide
security solutions to other big and small organizations with the best solution available in the
market.
2. Current Compliance Requirements Based on Information Gathered
The present compliance requirements of Global Security Solutions are provided below
consisting of internal requirements, legal obligations and regulatory codes and industry
mandates.
Internal Requirements
Safety Requirements
The company has been suffering from the workplace safety that helps the company maintain
a safe and secured environment for ensuring the workplace of safety of its employees. Using
a compliance management system would prevent any future legal actions that may be caused
due to workplace accidents.
Quality Management Requirements
The company needs to develop a plan for their business operations and execute them properly
to meet the demands of the customers. Documenting the plans and strategies in the integrated
system of CMS is a priority for Global Security.
Legal Obligations
Health and Safety in Employment Act 1992
The Employment Act of 1992 states in its health and safety section about the well-being of
citizens of New Zealand and is considered their fundamental right when working in an
organization. Using CMS in the Health and Safety section of the Employment Act 1992
would prevent any future issue related to it.
3

Resource Management Act 1991
This controversial act of New Zealand encourages the management of sustainable resources
and using a compliance system in this act would be helpful to avoid in legal violations that
the company might incur.
Regulatory Codes and Standards/ Industry Mandates
Privacy and non-disclosure of Customer Data
The company follows the global standard of keeping their customers’ data private and any
disclosure of them without consent of the customer will be a violation of individual privacy.
Using CMS for this standard is essential to avoid future legal consequences.
Unbiased Employment
Global security does not discriminate against gender, race, religion or ethnicity when offering
services or recruiting employees. Covering this area of business with the CMS is useful to
prevent future accusations of discrimination.
3. Identification and Analysis of Possible Breaches
The company might be suffering from the following internal and external breaches if they are
not covered by the Compliance Management System.
Breach from Internal Policies
The quality management of Global Security is to provide security systems to other big and
small companies and also for the household. However, if they are unable to meet customer
demands, and their security systems fails to provide the protection the customers require, they
might by sued by the customers for breach of their policies (Venkataet al., 2017).
Breach from External Requirements
As the company keeps all their customer data secured and confidential, any external attack by
hackers might disclose them and the company can be subject to legal consequences for the
disclosure of sensitive and personal data.
4. Procedures to Deal with Possible Breaches
Implementing FDA/ global regulatory inspectors and ISO auditors for checking the quality of
the security systems decreases the risk of product recalls. The FDA and ISO compliance
improves product quality, increases customer satisfaction and better service by the
organization (Bichou,2015).
4

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Using the ISO 27000 framework for securing private and sensitive data would prevent the
company from any legal obligation in case the data is stolen by external attackers (Pesci-
Andersonet al., 2014). Although, using such compliance methods provides protocols to
organization system which make it difficult to steal data in the first place.
5. Active Engagement with Internal and External Stakeholders for Managing
Possible Breaches
Conducting a meeting with the security development team of the company would ensure the
improved quality of security systems that the company provide and reduce the risk of any
product failure and inability to meet customer demand.
The company can hire third-party security experts to implement ISO framework on their
internal data and investment from external investors for securing the data would increase
their chance of protecting internal organizational information to a greater extent.
Identifying Compliance Roles and Responsibilities
It is the responsibility of the compliance team to develop any necessary policies required for
operating business process and maintain the inventory, training, risk assessment and audits on
behalf of the organization.
They should also develop measures to track the effectiveness of their programs.
Techniques and Performance Indicators for Monitoring Compliance Management of
PossibleBreaches
The compliance management system must keep on monitoring the mentioned breaches to
ensure their effectiveness. The techniques and performance indicators for monitoring
compliance management of the possible breaches are mentioned below.
6. Techniques
 Running audit checks by FDA inspectors and ISO auditors on a regular basis.
 Documenting customer feedback of security systems provided by the company.
 Using ISO framework model along with AI to detect outside intruders.
 Using updated firewall and security measures to prevent any data breach.
Performance Indicators
 Positive feedback from FDA inspectors and ISO auditors.
 Decreased number of product recall and positive feedback from customers.
5

 Minimal detection of intrusion by the AI monitoring system.
 Decreased number of cases related to data security.
Conclusion
The details of compliance management system for New Zealand based company, Global
Security has been briefly discussed in the assignment. The possible data breaches, both
internal and external have been evaluated along with the role of current compliance
requirement of the organization. The prevention measures and monitoring techniques has
been provided for preventing future compliance issues.
6

Reference List
Bichou, K. (2015). The ISPS code and the cost of port compliance: an initial logistics and
supply chain framework for port security assessment and management. In Port
Management (pp. 109-137). Palgrave Macmillan, London.
Kothari, P. (2012). U.S. Patent No. 8,117,104. Washington, DC: U.S. Patent and Trademark
Office.
Pesci-Anderson, J., Carignan, M., Lahue, L. H., McCauley, M. B., Stelter, K. A., Telychka,
L. T., &Vollmar, W. R. (2014). U.S. Patent No. 8,914,299. Washington, DC: U.S.
Patent and Trademark Office.
Venkata, B. K. J., Maheshwari, H., Abdul, M. R. G. M., & Kandasamy, P. (2017). U.S.
Patent No. 9,749,311. Washington, DC: U.S. Patent and Trademark Office.
7