Regulation is a legal/advisory and audit framework for an organisation which sets the terms of acceptable activity and conduct on some aspect of business, and against which checks are made for compliance.

Most organisations are subject to some form of regulatory control.  They may be legal (supported by legislation), or non-legal such as voluntary certification or adherence to industry standards, best practices, or professional codes.  Also, vendors are increasingly being expected to comply with standards as part of tender qualification.

UK/EU/US regulatory legislation includes Financial Services Act 2012, Basel III, UK Corporate Governance Code, Sarbanes Oxley Act 2002. Popular standards against which organisations seek certification are in the domains of quality managementenvironment management,  security, health & safetybusiness continuity, governance, risk managementICT service management.

Ongoing compliance in a regulated organisation is vital if it is to avoid the possible consequences of breach – ie litigation for legal non-compliance and certification withdrawal or failed tender submissions for non-legal breach – along with reputational, commercial and financial implications. Examples of legal regulation are widespread and the most important. Compliance with standards etc involves the organisation adopting and embedding requirements into its processes. It is therefore vital that an organisation is able to demonstrate to itself and its auditors/regulators that it is compliant.

AiM can provide specialist advice and auditing expertise throughout the compliance cycle:

  • achieving compliance
  • design and implementation of supporting systems, e.g document management
  • pre-audit audits to ensure compliance is being maintained
  • compliance audits.