Our Process

WHAT WE DO

It is our job to assist with risk management, guidance and providing insight in compliance requirements. We help you develop a practical and easy compliance plan, and review your policies, processes and standard operating procedures in order to simply implement compliant actions and controls.

Critical elements of this implementation includes training, monitoring and reporting to the right people.

The practise performs its compliance monitoring activities on multiple levels.
Firstly, we conduct a gap analysis on the current state of compliance in your business and establish the existence of policy and procedure. We do this by way of questions, and verify the responses through supporting documentation and through observation and sampling during site visits. This allows us to develop an understanding of your business and any areas of special note.

THE PURPOSE OF THE ASSESSMENT IS TO:

 

 

  • Allow us to understand your business and align our efforts with your priorities;
  • Identify areas of potential material non-compliance for immediate action;
  • Find the most cost effective, practical solution to implement
  • Develop a framework for ongoing monitoring and sampling;
  • Determine the level of involvement of additional resources to provide compliance related information and services; and
  • Provide you with a written compliance plan for the period leading up to the end of the first reporting period

Secondly, we test your understanding, of your own procedures. We do this again through a series of interviews, questions and observation, the answers to which are checked during interaction, be these personal visits or through written or verbal communication.

Lastly, we check to determine whether the policy and procedure translates to practice i.e. do you practice what you preach? To do this effectively, we need to access your internal policies, processes, and files and work through these as part of an audit process.

This audit process must meet certain requirements in order to provide both us and you with the level of assurance and comfort that an acceptable level of compliance is in place.

We commit, at all times, to treat you with respect and provide you with every aid at our disposal to discharge your duties, but we do not discharge your duties for you. Simply Comply is committed to an ethical relationship where conflicts of interest are managed effectively. Our agreements include a clause for dispute resolution, including the details of how any dispute will be resolved.

THE AUDIT ON INTERNAL PROCESSES AND RECORDS MUST:

 

 

  • Be conducted without interference and independently;
  • Be random by reference to the selection of interventions and/or files; (eg. Ask an employee a random question to assess training/ understanding)
  • Be sufficiently deep to provide an acceptable level of assurance, which is determined by each client’s risk profile; and
  • Be conducted in an environment where enough attention can be paid to the subject matter and problematic issues can be escalated to management.

Generally, an audit is interpreted as an annual exercise, however we use monthly and quarterly themed audits in order to break up a large exercise into more workable pieces.

We commit, at all times, to treat you with respect and provide you with every aid at our disposal to discharge your duties, but we do not discharge your duties for you. Simply Comply is committed to an ethical relationship where conflicts of interest are managed effectively. Our agreements include a clause for dispute resolution, including the details of how any dispute will be resolved.

All monitoring and sampling activities are in line with the guidelines issued by the Compliance Institute of South Africa.