Your path to success Starts from here
Phase 1 Planning For Success
Establish
Establish a common governance language and framework across the whole of your organisation.
Develop
Develop the knowledge and skills of your management and staff.
Establish a governance framework
To ensure management operates under good governance and makes the right decisions, directors, officers and senior executives need to establish, direct and control a culture of compliance to protect the organisation and themselves from risk.
Compliance Literacy For Directors, Officers And Executives
These seminars and workshops provide directors, officers and senior executives with the tools, skills and literacy they need to mentor the organisation to develop and establish sound compliance governance as well as the knowledge to monitor and supervise its effectiveness at the board and audit committee level.
Seminars
- Seminar 1 – Reframing red tape as an opportunity
- Seminar 2 – Exploring the operational assurance landscape
- Seminar 3 – The assurance framework
- Seminar 4 - The obligation hierarchy and the ORC model
- Seminar 5 – The obligations register
- Seminar 6 – The feedback loop – monitoring and reporting
- Seminar 7 – Governance review
Seminar 1
Reframe red tape as an opportunity
This introductory seminar reviews the current structural problems with red tape and provides an historical reference for success. It introduces directors and officers to foundational principles so you can effectively understand and monitor assurance and the compliance of the organisation(s) you govern.
Key learnings
- The hidden cost of compliance
- The quality revolution, six sigma and the lean revolution
- ISO 37301 for the governing body and executives
- Compliance responsibilities of the governing body and executives
At the end of this seminar, you will have the fundamentals to minimise personal and organisational risk.
Seminar 2
Exploring the operational assurance landscape
Building on ISO 37301, this seminar introduces obligations into the governance, risk and compliance (GRC) framework; separates governance, obligations, risk and compliance (GORC) into financial, operational and strategic; and looks at how PESTLE analysis can be used to uncover the root cause of the mandatory and voluntary obligations.
Key learnings
- GORC vs GRC
- Financial, operational and strategic assurance
- The GORC landscape
- PESTLE analysis
At the end of this seminar, you will have foundational strategic documents that can be reviewed and updated on a regular basis.
Seminar 3
The assurance framework
There’s a well-known joke about a big city tourist lost in the countryside. He asks a local how to get to a nearby big city. The local tries to give him directions, then gives up and says, “If I wanted to get there, I wouldn’t start from here.”
Efficient and effective operational governance is built from a solid starting point. Present day financial governance and compliance is built on centuries of knowledge and experience and by building from this existing, well known foundation, this seminar provides a framework for applying core financial practices to the operational environment.
Key learnings
- The GORC/DIKW assurance framework
- The control/monitoring feedback loop
At the end of this seminar, you will be able to create an aspirational operational GRC structure to drive the organisation’s compliance culture and create a competitive advantage.
Seminar 4
The obligation hierarchy and the ORC model
Returning to core financial concepts, FinGORC has its chart of accounts, ‘a digestible breakdown of all the financial transactions that a company conducted during a specific accounting period, broken down into subcategories’.
The ORC model provides a similar digestible breakdown for OpGORC. This seminar first introduces directors and officers to the obligations hierarchy, a method for categorising and prioritising an organisation’s mandatory and voluntary obligations. Building from this, the seminar introduces the ORC model and shows how it breaks down red tape into easily digestible portions.
Key learnings
- The obligation hierarchy
- The ORC model
- The Rumsfeld grid
At the end of this seminar, you will have been exposed to the complexity of the red tape problem and taken through the building of your unique ORC framework. You will now have the knowledge and tools to complete the model, mentor others in the organisation and have the right language to ask the right questions.
Seminar 5
The obligations register
An effective risk management framework requires that the risk committee regularly review and update the risk register. In the same way, an effective assurance framework requires that the risk and audit committee regularly review and update the organisation obligations register.
This seminar explores the structure of an effective obligations register to deliver efficient board reports.
Key learnings
- The risk cascade and the risk register
- The obligations cascade and the obligations register
At the end of this seminar, directors and officers will have an understanding of the process so they can mentor executives and have the right language to ask the right questions.
Seminar 6
The feedback loop – monitoring and reporting
Returning to FinGORC, this seminar reviews the financial feedback loop of monitoring reporting by use of the financial reports and the annual report and examines how the same principles could be applied to operational reporting.
In the same way that directors have a duty to prevent insolvent trading, directors have a duty to ensure the organisation is compliant. They need reports that help them answer the fundamental compliance questions:
- Who or what is non-compliant?
- Why are they non-compliant?
- What are we doing about it?
This seminar looks at the core building blocks for monitoring and reporting and proposes the operational equivalents of the P&L, cash flow and balance sheet reports.
Key learnings
- Single source of truth
- Control groups
- Risk Register
- Obligations register
- RAG report (known knowns)
- Exception report (known unknowns)
At the end of this seminar, you will be able to define the operational assurance equivalents of the financial P&L, balance sheet, cash flow and management reports.
Seminar 7
Governance review
The final seminar presents a compliance-based variant of the three lines model, an internal audit model that helps organisations identify structures, design processes and assign responsibilities that best assist the achievement of objectives and facilitate strong governance and risk management.
It concludes by asking participants a number of questions designed to challenge the organisations board governance, asking what, if anything, needs to change to create a governance culture and drive a competitive advantage.
Key learnings
- Four lines model
- Compliance appetite statements
- Is OpGORC adequately resourced?
At the end of this seminar, you will be able to review operational governance and propose possible changes for review at the next board meeting.
Purpose
Assisting your organisation to obtain ISO 37301 accreditation by facilitating you to implement and maintain a robust, efficient compliance management system
Objective
Provide managers and staff with tools and techniques to build a compliance culture and manage an effective compliance management system
Benefits
Minimise risk and cost by turning red tape into a competitive advantage
Develop staff knowledge and skills
ISO 37301 accreditation as a competitive advantage.
Six sigma and lean manufacturing created a quality culture by placing quality decision making and problem-solving in the hands of front-line staff through quality circles. Today, compliance decision and problem-solving making needs to be placed in the hands of front-line staff.
ISO 37301 Tools and Techniques for Managers and Key Staff
Strytex equips managers and staff with GORC tools and techniques so the organisation can build an effective compliance culture and manage an effective compliance management system.
The workshop sessions provide managers and staff with the complete overview of the compliance framework and provides them with the tools and techniques needed for the implementation assignments.
Key learnings
- An introduction to ISO 37301: Compliance Management Systems
- Obligations vs commitments vs compliance
- The operational assurance landscape
- The GORC/DIKW Framework
- The Obligation Hierarchy and the ORC model
- The Obligations register
- The Single Source of Truth
- Monitoring and reporting
- Building the business case
Session 1
Reframing red tape as an opportunity - Putting compliance in context
Every successful journey has a starting point, a destination, a map and the resources to get to the destination. This session prepares participants for the journey by
- reviewing the current structural problems with red tape and
- examines a well recognised comparative reference for success.
It introduces managers and key staff to foundational principles so they can effectively understand and monitor assurance and the compliance of the organisation.
Key learnings
- The hidden cost of compliance
- The quality revolution, six sigma and the lean revolution
- An introduction to ISO 37301: Compliance Management Systems
- The GORC/DIKW assurance framework
The objective is to provide managers and staff with the fundamental map and building blocks for creating an effective compliance management system and the links to competitive advantages.
Session 2
Exploring the operational assurance landscape - Recalibrate your thinking
Building on ISO 37301, this seminar introduces obligations into the governance, risk and compliance (GRC) framework; separates governance, obligations, risk and compliance (GORC) into financial, operational and strategic; and looks at how PESTLE analysis can be used to uncover the root cause of the mandatory and voluntary obligations.
Key learnings
- GORC vs GRC
- Financial, operational and strategic assurance
- The GORC landscape
- PESTLE analysis
Workshop
Participants will first work individually to list known regulators and statutes and then work in groups to build a more comprehensive picture of the financial GORC (FinGORC) and operational GORC (OpGORC) assurance landscapes, including voluntary obligations. Then by using a PESTLE framework, participants will expose and analyse the key external root causes and share their findings.
The objective is to for managers and staff the create a list of foundational strategic documents which can be reviewed and updated on a regular basis.
Session 3
The assurance framework - The right starting point
There’s a well-known joke about a big city tourist lost in the countryside. He asks a local how to get to a nearby big city. The local tries to give him directions, then gives up and says, “If I wanted to get there, I wouldn’t start from here.”
Efficient and effective operational governance is built from a solid starting point. Present day financial governance and compliance is built on centuries of knowledge and experience and by building from this existing, well known foundation, this seminar provides a framework for applying core financial practices to the operational environment.
Key learnings
- The GORC/DIKW assurance framework
- The control/monitoring feedback loop
Workshop
In this workshop participants compare and contrast the financial GRC structure of their organisation with the existing operational GRC structure.
The objective is to create an aspirational operational GRC structure to drive the organisations compliance culture and create a competitive advantage.
Session 3
The assurance framework - The right starting point
There’s a well-known joke about a big city tourist lost in the countryside. He asks a local how to get to a nearby big city. The local tries to give him directions, then gives up and says, “If I wanted to get there, I wouldn’t start from here.”
Efficient and effective operational governance is built from a solid starting point. Present day financial governance and compliance is built on centuries of knowledge and experience and by building from this existing, well known foundation, this seminar provides a framework for applying core financial practices to the operational environment.
Key learnings
- The GORC/DIKW assurance framework
- The control/monitoring feedback loop
Workshop
In this workshop participants compare and contrast the financial GRC structure of their organisation with the existing operational GRC structure.
The objective is to create an aspirational operational GRC structure to drive the organisations compliance culture and create a competitive advantage.
Seminar 4
The obligation hierarchy and the ORC model - Breaking the problem down
Returning to core financial concepts, FinGORC has its chart of accounts, ‘a digestible breakdown of all the financial transactions that a company conducted during a specific accounting period, broken down into subcategories’.
The ORC model provides a similar digestible breakdown for OpGORC. This session first introduces managers and staff to the obligations hierarchy, a method for categorising and prioritising an organisation’s mandatory and voluntary obligations. Building from this, the session introduces the ORC model and shows how it breaks down red tape into easily digestible portions.
Key learnings
- The obligation hierarchy
- The ORC model
- The Rumsfeld grid
Workshop
Participants first construct the risk axis of their organisation’s ORC model and then work on populating a portion of the model
The objective is to provide managers and staff with the tool to simplify the complexity of the red tape and take them through building the custom ORC framework.
Session 5
The obligations register - Listing what must be done and what should be done
Many organisations have a risk register that is regularly reviewed, however very few organisations have an obligations register, listing all their mandatory and voluntary obligations, let alone reviewing it on a regular basis.
This seminar explores the structure of an effective obligations register to deliver efficient management reports.
Key learnings
- The risk cascade and the risk register
- The obligations cascade and the obligations register
Workshop
Participants will use a policy and procedure to populate the obligations register from root cause through all upstream and downstream obligations and documentary evidence requirements.
The objective is to provide managers and staff with the tools and techniques to build an effective obligations register.
Seminar 6
The feedback loop – monitoring and reporting, Reporting and control
Returning to FinGORC, this session reviews the financial feedback loop of monitoring reporting used by departmental financial reports and examines how the same principles could be applied to operational reporting.
Management and staff need reports that help them answer the fundamental compliance questions:
- Who or what is non-compliant?
- Why are they non-compliant?
- What are we doing about it?
This session looks at the core building blocks for monitoring and reporting and proposes the operational equivalents of the departmental financial reports.
Key learnings
- Single source of truth
- Control groups
- Risk Register
- Obligations register
- RAG report (known knowns)
- Exception report (known unknowns)
In this workshop, participants will develop and establish a few control groups and then define the different levels of reporting required for
- Board reports
- Risk and Audit Committee
- Management reporting
The objective is to define the operational assurance equivalents of the financial departmental report, P&L, balance sheet, cash flow and management reports.
Session 7
Building the busines case - benefits, risks and resources
The final session provides mentoring to the core team as they put together the business case for resources for approval to the board or senior management team.
Workshop
- Four lines model
- Compliance appetite statements
- Is OpGORC adequately resourced?
At the end of this session, particpants will have created a detailed and fully costed business case for ISO 37301 accreditation, with a detailed project plan, costing and list of benefits to the business.
The objective is for participants to outline and own the case for ISO37301 accreditation for their business.
Purpose
Assist your organisation to obtain ISO 37301 accreditation by facilitating your implementation of a robust, efficient compliance management system.
Objective
Provide managers and staff with tools and techniques to build a compliance culture and manage an effective compliance management system.
Benefits
Minimise risk and cost by turning red tape into a competitive advantage.
So what's next?
Take a look around and get in touch.
Strytex will help your organisation get ready for ISO 37301 accreditation before your competitors so you can increase your market share, reduce your risk and make customers, shareholders and regulators happy.
