Under the International Standard for Compliance Management Systems - AS ISO:19600 (2015) / ISO:19600 (2014), an "obligation" is defined as either a Compliance Requirement (a requirement that an organisation has to comply with) or a Compliance Commitment (a requirement that an organisation chooses to comply with).
Examples of Compliance Requirements include: laws, regulations, permits, licenses or other forms of authorisation, orders, rules, guidance issued by regulatory agencies, judgements of court or administrative tribunals, treaties, conventions, and protocols.
Examples of Compliance Commitments include: agreement with community group, agreement with non-governmental organisation, agreement with public authority, agreement with customer, organisation policy, organisation procedure, voluntary principle, code of practice, voluntary labelling, environmental commitment, obligation arising under contractual arrangement, and organisation standards.
TIQK currently supports document compliance audits that consider Compliance Requirements, plus some Compliance Commitments relevant to the production of SoAs by the Australian Financial Services industry.
- Legislation Regulations
- Regulatory Guides
- Industry best practices