Continuous improvement with effective management
Phase 3 Co-Sourced Internal Audit
An effective compliance management system requires continuous improvement.
Monitor the business for the continuous growth.
Continuously improve your assurance
Once the baseline has been established the focus turns to continuous improvement.
Strytex works with organisations to focus on four main areas…
The Obligation Hierarchy
The obligations hierarchy prioritises compliance by the potential consequence of non-compliance for an organisation.
Mandatory governmental obligations are the top priority and dealt with first and then all the remaining voluntary obligations are dealt with in turn.
The Risk Matrix
The risk matrix prioritises non-compliance by likelihood and consequence.
Very high risk non-compliances are the top priority and dealt with first and then all the remaining risk are dealt with in decreasing priority.
Document quality is a constant problem.
- Templates are often badly designed making it difficult for users to complete and
- Completed forms are missing vital information like dates, signatures, uncompleted tasks, defect ratings.
Strytex works with organisation to improve the quality of their documentation. We help redesign template forms to make them easy to follow and complete; we audit every compliance certificate to check it provides organisation with the protection and assurance they need.
Suppliers of maintenance service often simply tick the boxes however, our clients rely on their suppliers for their specialist knowledge and expertise to keep their staff and stakeholders safe.
Strytex, on behalf of our clients, works with suppliers to modify their approach from box-ticking to assurance, keeping our clients and their stakeholders safe and sound.
Monitoring the business
The Strytex portal dashboard provides management and staff with near real-time compliance data so they can quickly see who or what is non-compliant and drill down to see why they are non-compliant.
The RAG report
The RAG (red, amber, green) report provides a daily snapshot of what documents
— are about to expire
— have expired but within tolerance
— have expired and are now out of tolerance
The RAG report enables staff to chase expired activities as well as execute corrective actions and plan for activities that are about to expire. or that are current but failed.
The Exception Report
The exception report not only takes into account the known knowns from the RAG report but also applies the control groups to highlight the known unknows, i.e. what’s missing.
The exception report provides the artificial intelligence and measurable assurance that the controls are in place and being followed.
So what's next?
Take a look around and get in touch.
Strytex will help your organisation get ready for ISO 37301 accreditation before your competitors so you can increase your market share, reduce your risk and make customers, shareholders and regulators happy.