BSBCOM603 -Assessment1

Plan and establish compliance management systems

BSBCOM603

Assessment task 1

Compliance is the process by which an organisation ensures that relevant external and internal requirements such as legislation, rules, guidelines, standards, codes, policies, procedures and controls are complied with. The compliance function assists the business in complying as well as gaining assurance from the business that they have complied.

Many compliance functions have traditionally covered only external requirements (external compliance).The wider definition also takes into account compliance with internal requirements (internal compliance). The wider definition is used here and both internal and external will be covered.

Report

1. Compliance Requirements:

Internal Compliance

The objectives of internal compliance are to:

Provide assurance that all key internal policies, codes, standards and controls are being complied.

Provide a framework to assist in achieving compliance.

External Compliance

The objectives of external compliance are to:

provide assurance that the organisation is complying with all material external requirements.

provide a framework to assist in achieving that compliance.

 

External compliance may be achieved using a range of approaches. At the more basic level, periodic manual sign off by management of compliance with external requirements is used. More comprehensive approaches involve regular compliance attestations by a wide group of management andstaff together with inclusion of non-compliance risk into the ongoing risk and control self assessment process.

Industry compliance requirements

Informed consent forms are completed correctly;

The correct informed consent form is being used;

Informed consent forms are being signed and dated by the applicant;

Informed consent forms are securely stored as per CrimTrac requirements;

There is a valid and specific reason for check provided on the informed consent form (typically their position title and the industry they work in)

Proof Of Identity is being carried out in line with CrimTrac requirements (with evidence they have been sighted, signed and dated by an approved employee of your organisation);

The correct personnel are ensuring check subject privacy is maintained as per CrimTrac requirements; and

Informed consent and proof of idenity is carried out before the lodgment of the police check application trhough the client portal.

Police check reports can only be shared with the individual and not any other 3rd party.

......

2. Compliance Effects:

Areas affect

The Charity Care has employs about 50 employees who are assisted in various charity tasks by community volunteers. Charity-Care operates two major front line community services and one service is Community-Care.

The Community-Care has two 100sqm first floor drop-in office centres operating in Spring Hill on Brisbane’s Northside and Wooloongabba on Brisbane’s Southside and provides counselling services, short term ‘rent loans’ and $20 supermarket gift food vouchers for people in need. Each centre has a manager, receptionist, office clerk and four counselling staff, and is fitted out with a reception/waiting room, two counselling offices and a staff general office area that includes a kitchenette. Private information is collected on people seeking the counselling services and recorded in a central database that can be accessed from all centre computers. Volunteer staff operate the call centre and visits seeking donations from local businesses and households.

Computer-Care a retail business on the CBD fringe that specialises in selling re-conditioned second-hand ex-government computers to needy families for children’s educational purposes. The small 70sqm shop is supported by a 1,000sqm warehouse and repair centre in Fairfield, a Brisbane suburb. 50% of the computers are picked up from the shop and 50% are delivered from the warehouse. Computers for repair are dropped off and picked up from the warehouse. Repair costs are paid by the customers to the service centre staff. There is a manager of the Computer-Care initiative who manages both the shop with its 15 employees as well as the warehouse (eight employees) and service centre (four employees). Head office for Charity-Care is based in Fortitude Valley. This is where the CEO and you as the business manager have offices. There is a board room, reception/waiting area and an open office area where the accounts payable, accounts receivable, payroll clerk and bookkeeper each have a workstation.

2. Risks

The CEO has explained the organisation has grown quickly and the management and compliance systems have not had a chance to catch up. Issues were found with the last audit and there has been some disquiet from the association’s stakeholders about the way the association has been managed – particularly with the cash handling processes and keeping of transaction records. The business manager is totally focused on providing the best possible outcomes for the clients. He is very passionate about making sure they are looked after but does not really worry too much ...