Compliance Matrices

An essential aspect of compliance is documenting the link between a set of regulations (for example, an ISO standard when pursuing certification) and the corresponding objects in the management systems that fulfill these regulations or requirements.

The Compliance Matrices are available from the standard tiles on the Compliance Desktop. One tile for regulatory compliance and another for requirements,

The Compliance Matrices can also be access from the left-menu under Compliance.

 

 

 

 

 

 

 

 

 

 

 

 

 

The tile “Compliance and Gap Analysis” and the menupoint “Regulatory compliance” provides access to the list of Regulation Diagrams in the repository. The Regulation Diagram allows the user to create a diagram containing the relevant regulation for a specific purpose. This may be the entire set of clauses in an ISO standard, or it may be a selected set of regulations that the business needs to document compliance towards.

Note, you need to add a regulation diagram / requirement diagram to the repository, to get content in the compliance matrix. Click here to learn how to create a compliance matrix.

When a Regulation Diagram is selected in the list, the tool does not show a diagram. Instead, two analysis tabs with compliance analysis and gap analysis are available. The Compliance Analysis looks like this:

The left part of the compliance analysis lists the objects complying with a regulation. If compliance is missing, the Complying object part of that row will be empty (see section below for how to add content to the complying object). The right part of the analysis details the audits that have been executed with focus on the complying objects. This way, the auditor can easily find the validation of a compliance, and identify needs for target to upcomming audits.

The gap analysis includes the same left part as the compliance analysis, but the right part shows a list of Change Requests defined for the complying objects:

With this analysis, it is easy to see which changes are required to reach the desired level of compliance.

Similar tabs and compliance matrices are associated to the requirement models.

Create a Compliance Matrix

  1. To create a compliance matrix, you need to create a regulation diagram or a requirement model that contains the relevant regulations or requirements in scope for your organisation.
  2. Once you have created the regulations/requirements in the repository, you can associate the relevant complying objects in the repository to each of the relevant regulations/requirements
    • You link from the complying object to the regulation via the “Compliance With” association
    • The easiest way to establish the link is via the standard “Property” spreadsheets on the process dashboards on the “Edit” tile.