Get trained and certified in establishing, managing, operating, and auditing an ISO 19600 Compliance Management System
Every day, organizations face the ever-increasing need to manage and fulfil regulatory and industry requirements to allow them to conduct business. "Compliance" is no longer simply a legal concern isolated to a legal compliance unit. After all, how the organization operates determines its ability to comply with external stakeholder requirements. This means that compliance requirements permeate all business activities - from procurement, to human resource management, to information management, to manufacturing processes, to environmental management - and on and on. Since complying with one requirement can impact compliance with another requirement, compliance with all of the various requirements in total gets quite complicated. Compliance must be very carefully designed, managed, and monitored - throughout the organization.
Managing compliance is inexorably linked to managing risk.
Whether fulfilling legal filing and reporting requirements, protecting health and safety, or maintaining quality in manufacturing, we are inevitably managing risk - the uncertainty of successful achieving our objectives. Governmental regulation, industry standards of best practice, and even normal service contracts all exist primarily to ensure the organization manages risk appropriately within externally mandated tolerances. Today, organizations need a mature and well-structured approach to integrating compliance and risk management throughout the enterprise. Not coincidentally, this results in good governance.
What is the ISO 19600 standard?
Developed and published by the International Organization for Standardization in 2014, ISO 19600 provides guidance for establishing, developing, implementing, evaluating, maintaining and improving an effective and responsive risk-based compliance management system within an organization. The guidelines on compliance management systems are applicable to all types of organizations. The extent of the application of these guidelines depends on the size, structure, nature and complexity of the organization. ISO 19600:2014 is based on the principles of good governance, proportionality, transparency and sustainability.
Compliance management goes beyond the mere satisfaction of legal requirements. Compliance is also related to meeting the needs and expectations of a wide range of stakeholders. Therefore, making sound choices and setting priorities appropriately is an important part of effective compliance management. ISO 19600 takes a risk-based approach to compliance management. As a result, it aligns with ISO 31000 Risk Management – Principles and guidelines, which according to ISO, “provides principles, framework and a process for managing risk.” In conjunction with ISO Standard 31000 (Enterprise Risk Management), ISO 19600 is used to establish a formal enterprise wide management system for Governance, Risk, and Compliance (GRC) that will effectively and measurably improve organizational performance. Since such a program is designed and operated to well-recognized international standards of best practices for GRC, the organization also achieves greater confidence and respect among stakeholders including investors, lenders, regulators, suppliers, customers, and trading partners just to name a few.
ISO 19600 integrates risk assessments, the risk management process, and compliance management. By following ISO risk management practices, organizations embed compliance within the risk-based process. This is an important characteristic of effective compliance management, because it breaks down silos and allows the organization to focus on root-cause risks. This streamlines the compliance process, making it easier to meet the obligations of not only government entities, but the host organization’s own internal code of ethics and its social responsibility objectives.
How do we get started?
Running an organization requires leadership and teamwork across the entire organization - not just a piece of it. Likewise, establishing, managing, and integrating effective GRC throughout the enterprise requires the same leadership and team members to be trained to support effective GRC together.
Certified Information Security provides the training and credentialing you and your management team need to become recognized as authorities in planning, deploying, managing, and auditing risk and compliance management according to well-recognized and respected international ISO standards that fulfills the expectations and requirements of its regulators, customers, suppliers, and investors.
Upon completion of this training and certificate program, you will:
Certified ISO 19600 Compliance Professional™ (CCP)
ISO 19600 CCP™ is the compliance management certification appropriate for managers at every level, including top management at the officer and vice president level. This certification validates competence and understanding for developing and managing a custom risk-based compliance management system and methodology based upon the ISO Compliance Management System framework.
Upon completion of this training and certificate program, you will:
Getting certified is easy
The ISO 19600 CCP™ certification is available to qualified candidates who:
ISO 19600 CCP certification requires successful completion of the following IRMCB-authorized course delivered by IRMCB-Authorized Training and Education Centers (ATECs). Certified Information Security is authorized to provide all required training and exams for CCP certification. CCP certification candidates must successfully complete the following mandatory training:
Required Exam - #CCP101
Exam #CCP101 maps to the ISO 19600 content areas explained in Certified Information Security's IRMCB-accredited training.
CCP Content Areas
ISO 19600 CCP™ is the compliance management certification appropriate for managers at every level, including top management at the officer and vice president level. This certification validates competence and understanding for developing and managing a custom compliance management system and methodology based upon the ISO 19600 framework. ISO 19600 CCP has no experience requirements.
Certified Information Security provides the training and credentialing you need to become recognized as an authority in developing and managing a custom compliance management system and methodology based upon the ISO compliance management system framework. CCP has no experience requirements. You choose the method of delivery: online through our secure website, or in-person at a publicly available course or privately at your facility. We take care of the rest – from administration, to record keeping, to providing certificates of completion and certification.
Online students have the additional convenience of taking courses whenever they want without the need to travel or disrupt their busy schedules. Our program allows users to start and stop without losing their place or data. Learning and certifying expertise has never been so easy!
A summary of the costs associated with CIS' professional risk management & internal controls training and certification is as follows:
1. Required CIS Membership Application Fee & Membership Dues
2. Required Training
|Required Course (Choose one)||Instructor-Led Option||Online Option|
CIS Policy Workshop: ISO 19600 Compliance Management System
3. Optional online practice exam recommended for exam preparation
CABCM101 online practice exams:
4. Required Certification Exam
CABCM101 online certification exam: