Required knowledge and understanding include:

• elements of compliance programs and related management systems including:

- documentation of compliance requirements relevant to the organisation

- specification of compliance management functions, accountabilities and responsibilities within the organisation

- compliance related management information systems

- record-keeping systems required for compliance management

- liaison procedures with relevant internal and external personnel on compliance related matters

- breach management policies and processes including the identification, classification, investigation, rectification and reporting of breaches in compliance requirements

- compliance reporting procedures

- corporate induction and training processes related to compliance management

- processes for the internal and external promulgation and promotion of information on compliance requirements and compliance program/management system

- complaints handling systems

- continuous improvement processes for compliance including monitoring, evaluation and review

- strategies for development of a positive compliance culture within the organisation

- techniques and performance indicators for monitoring the operation of a compliance program/management system

- reporting processes on compliance management including reports on breaches and rectification action

• relevant organisational policies and procedures including:

- compliance plans and policies in various compliance areas

- organisational standards for operations and ethics

• relevant Australian and international standards including but not limited to:

- AS 3806: Compliance Programs

- AS 4269: Complaints Handling

- A/NZS 4360: Risk Management

- AS ISO 15489: Records Management

• relevant organisation policies and procedures including:

- plans and policies in various compliance areas

- organisational standards for operations and ethics

Required skills and attributes include:

• ability to relate to people from a range of social, cultural and ethnic backgrounds, and physical and mental abilities

• ability to contribute to a positive culture of compliance within an organisation

• ability to source information on compliance requirements

• ability to analyse and organise information on compliance requirements

• project management skills:

- managing other personnel involved in the activity

- time management

- financial management

• communication and interpersonal skills:

- written and verbal communication skills

- ability to relate to internal and external personnel and in particular those representing relevant regulatory authorities, professional institutes and organisations, standards organisations, etc.

Key competencies or generic skills relevant to this unit

The seven key competencies represent generic skills considered essential for effective work participation. Innovation skills represent a further area of generic competence. The bracketed numbering indicates the performance level required in this unit:

Level (1) represents the competence to undertake tasks effectively

Level (2) represents the competence to manage tasks

Level (3) represents the competence to use concepts for evaluating and reshaping tasks

The bulleted points provide examples of how the key competencies can be applied for this unit.

Communicating ideas and information (3)

• consulting with others and sharing ideas

• communicating with representatives of relevant regulatory authorities

Collecting, analysing and organising information (3)

• gathering and analysing information on relevant compliance requirements

• identifying and organising information on compliance requirements

Planning and organising activities (3)

• planning and organising processes for sourcing information on compliance requirements and identifying, interpreting and analysing relevant requirements

Working in a team (2)

• managing the work of others performing specific functions as part of compliance management activities

Using mathematical ideas and techniques (1)

• determining and interpreting any quantitative aspects of compliance requirements

Solving problems (2)

• solving problems arising in the sourcing, identifying, and interpreting information on compliance requirements

Using technology (2)

• using computers and software packages for the sourcing and identification of information on compliance requirements

Innovation skills (2)

• recognising and creating opportunities for identifying and interpreting compliance requirements

Products that could be used as evidence include:

• work activity plans for sourcing, identifying and interpreting compliance requirements

• outcomes of the identification and analysis of compliance requirements

• collected information on compliance requirements (published information on relevant legislation, regulations, standards codes of practice and printouts of relevant information sourced on the Internet or on CD-ROM databases)

• implementation documentation (records of searches, conversations, schedules, summaries of regulatory requirements, codes of practice, programs, correspondence etc.)

Processes that could be used as evidence include:

• how the organisation's range of operations and sphere of business were identified and confirmed

• how information on compliance requirements were sourced

• how gathered information in various compliance areas was interpreted, analysed and prioritised and its relevance to the organisation's operations established

• how gathered information on compliance requirements was organised, stored and reported

• how personnel performing relevant compliance management functions have been managed

• how activity to identify and interpret compliance requirements was monitored and evaluated

Resource implications for assessment include:

• access to organisation policies, standard operating procedures, procedures and plans

• access to relevant published material on relevant legislation, regulations, licensing requirements, codes of practice, standards, etc.

• access to appropriate computer resources for online searching and review of relevant compliance requirements

Validity and sufficiency of evidence requires:

• that where assessment is part of a learning experience, evidence will need to be collected over a period of time, involving both formative and summative assessment

• full documentation of at least three activities involving the identification and interpretation of specific compliance requirements, either within simulated projects or actual activities developed and implemented

Integrated competency assessment means:

• that this unit can be assessed alone or as part of an integrated assessment activity involving other relevant compliance management units or related records management units

This unit covers the identification and interpretation of the range of external and internal compliance requirements and obligations that must be fulfilled by an organisation. It has been designed to be consistent with Australian Standard AS 3806: Compliance Programs

Business management services

Domain

Compliance management

Application of the Competency

This unit could be undertaken as part of a broader role of a chief executive or manager in a small organisation, or as a member of a compliance management team within a larger organisation. It also covers competencies required by an internal or external consultant as part of a broader advisory role to the chief executive or management team of a large or small organisation on compliance management policies and systems.

While competence in this unit requires the demonstration of a core of knowledge associated with the general processes of identifying and interpreting compliance requirements, there is also a variable knowledge set related to the specific legislative requirements, code(s) of practice and internal standards and procedures relevant to the operations and sphere of business of the organisation and/or industry sector concerned.

This unit differs from BSBCOM601A Research compliance requirements and issues, as the identification and interpretation activities are focused primarily on identifying and interpreting the specific legislative requirements, code(s) of practice and internal standards and procedures as they relate to a particular organisation. Researching compliance issues is a higher-order competence aimed at carrying out research into a wider range of compliance related issues, such as the costs of compliance, the

potential impact of compliance on an organisation or industry, and the risks and consequences of non-compliance, etc.

This unit is intended to ensure that compliance is an integral part of normal business operations.

Application of this unit must be consistent with the pertinent sections of relevant Australian and international standards and legislative requirements including – AS 3806: Compliance Programs, AS 4269: Complaints Handling, A/NZS: 4360 Risk Management and AS ISO 15489: Records Management.

Element

Performance Criteria

Elements define the critical outcomes of a unit of competency.

The Performance Criteria specify the level of performance required to demonstrate achievement of the Element. Italicised terms are elaborated in the Range Statement.

1. Clarify the scope of operations

1.1 The relevant range of operations and the sphere of business arrangements of the organisation are identified and reviewed

1.2 An analysis of the operations and business arrangements of the organisation is conducted and the functions, products and services that may be subject to compliance requirements are identified

1.3 Work activity plans for determining relevant compliance requirements are developed and documented

1.4 Approval of plans is obtained from relevant organisational personnel

2. Identify the compliance requirements

2.1 A search is carried out of sources of information on internal and external compliance requirements using appropriate search resources including relevant Australian and international standards dealing with compliance requirements and related compliance program/management systems

2.2 The search of compliance requirements scans across all relevant jurisdictions of laws, regulations and industry and organisational codes and standards and identifies pertinent compliance requirements

2.3 Information collected is progressively reviewed in terms of its relevance to the organisation's operations, services and products

2.4 Gathered information on relevant compliance requirements is organised and stored in an appropriate format for further analysis

3. Interpret, analyse and prioritise the identified compliance requirements

3.1 Collected information is reviewed and interpreted in terms of its relevance to the organisation's functions, services and products

3.2 Ambiguities, uncertainties and problems experienced while interpreting identified compliance information are discussed and clarified with relevant internal or external personnel

3.3 Relevant compliance requirements are identified, analysed and prioritised in terms of the critical implications for the organisation and the risks and consequence of possible breaches

3.4 Pertinent compliance requirements are grouped into those that are critical and central to the organisation's operations, those that are important in some circumstances but are not central to the organisation's operations, and those that are pertinent but are incidental to the organisation's operations

4. Document the compliance requirements

4.1 Outcomes of the identification and interpretation activities are organised and documented

4.2 Reports of relevant compliance requirements and assessed implications are prepared and communicated to relevant personnel performing specific compliance management functions

Legislation, codes and national standards relevant to the workplace may include:

• award and enterprise agreements and relevant industrial instruments

• relevant legislation from all levels of government that affects business operation, especially in regard to occupational health and safety (OHS) and environmental issues, equal opportunity, industrial relations and anti-discrimination

• relevant industry codes of practice

Range of operations is dependent on the role of the manager concerned and may include:

• the operations of a particular section or organisational unit

• the full range of operations of an organisation at a particular site

• the full range of operations of an organisation distributed across multiple sites

• the full range of operations of an organisation including mobile units such as vehicles, railway trains, maritime vessels, aircraft, etc.

Compliance requirements may include but are not limited to:

• cross-industry, industry-specific and internal organisational compliance requirements in such areas as (examples only in alphabetical groupings):

- anti-discrimination (including discrimination by race, sex, disability, religion, etc.), alcohol licensing (licensing regulations covering clubs, pubs, licensed premises, etc.), aviation

- bankruptcy

- chemical use, child protection, construction, conveyancing/real estate, copyright, corporate governance, customs, credit

- education, electricity, environmental protection, equal opportunity

- financial services (including banking), fire, food hygiene, freedom of information, freight forwarding

- gambling, gene technology

- health, human rights

- insurance, immigration, intellectual property

- land management

- maritime, mining

- pharmaceuticals, patents, privacy

- quarantine

- racing, rail transport, road transport

- safety (includes cross-industry generic regulations as well as industry, equipment or product-specific sub-categories e.g. marine safety, rail safety, food safety, aviation safety, road safety, dangerous goods, construction safety, mine safety, road safety, etc.), security, sewage, superannuation

- taxation, telecommunications, tobacco, trade practices and consumer protection

- water supply, workers compensation, workers rehabilitation

• different types of external and internal compliance requirements including:

- regulations of a state, national or international regulatory authority

- accreditation requirements of an institute, professional organisation or registration body

- requirements for certification under statutory licensing systems

- statutory standards or codes of practice

- internal policies, procedures, standards or codes of practice of an organisation

Sources of information on internal and external compliance requirements may include:

• internal policies, standard operating procedures, standards, codes of practice

• relevant legislation, regulations and licensing requirements pertinent to the organisation's operations and sphere of business

• published material relevant to compliance held in either internal or external libraries

Search resources may include:

• published information on relevant legislation, regulations, licensing requirements, codes of practice, Australian standards, etc

• computer terminals linked to data sources either via the Internet, internal networks, or CD-ROMs

• library resources and materials including compliance related books, journals, manuals, standards, CD- ROMs and other multimedia resources

Relevant Australian and international standards may include but are not limited to:

• AS 3806: Compliance Programs

• AS 4269: Complaints Handling

• A/NZS 4360: Risk Management

• AS ISO 15489: Records Management

Jurisdiction of laws, regulations, industry and organisational codes and standards may include:

• organisational

• industry

• local

• state

• national

• global

Information on relevant compliance requirements may include:

• published information on legislation, regulations, codes of practice, standards, licensing requirements, standard operating procedures, etc.

• information downloadable from relevant Internet websites

• records of conversations and meetings with relevant internal and external personal

• correspondence, emails and other written information provided by internal and external personnel contacted during search activities

• newsletters, bulletins and information sheets and other similar periodic documentation distributed by relevant regulatory authorities and standards bodies

Relevant internal personnel may include:

• chief executive officer

• board of directors

• senior management team

• frontline managers

• compliance management team (where relevant)

• compliance specialists at the operational level

Relevant external personnel may include:

• representatives of relevant authorities in pertinent compliance areas

• representatives of professional associations and institutes relevant to the organisation's operations and sphere of business

• legal and business advisors and consultants with expertise in compliance management

Relevant personnel performing specific compliance management functions may include:

• compliance managers

• compliance management officers

• compliance management consultants

• legal personnel specialising in compliance management

• line managers with specific compliance functions