(Deprecated) HOPEX Regulatory Compliance > Introduction to HOPEX Compliance > Compliance Management Process
Compliance Management Process
 
Compliance Steps
Defining the Legal Inventory
Implementation
Assessing requirements
Testing requirements
Monitoring and Remediation
Generating reports
Remediating non-compliances
Compliance allows employees of an enterprise to comply with external laws and regulations, as well as with procedures, policies and directives of their organizations and with ethical principles.
HOPEX Compliance covers different phases of the regulatory compliance management process and simplifies compliance setting.
Compliance Steps
Compliance phases are the following:
Definition of legal inventory of the enterprise
Implementation of the compliance management process via:
Assessment of requirements
Compliance tests (testing)
Issue processing using action plans
*Reporting functions are available at all times, either globally or for each compliance management process step.
 
Defining the Legal Inventory
Legal inventory definition is a prerequisite to assessment of requirements.
The solution enables definition of the compliance level of the enterprise, using identification of the regulatory framework universe of the organization and identification of impacts of regulations and requirements on processes, risks and controls.
HOPEX Compliance allows compliance managers to:
identify and define regulations and requirements
contextualize controls in the enterprise repository, that is to connect them to regulations and other appropriate context objects.
Implementation
The implementation phase comprises:
assessment of requirements directly or via assessment campaigns.
testing of requirements via compliance tests.
*Assessment and testing of requirements can be carried out independently.
Assessing requirements 
The objective of assessing requirements is to assess the potential risk of non-compliance with regulatory requirements. In this framework, questionnaires are sent to operational management.
*For more details, see "Assessing Requirements", page 47.
Testing requirements 
Compliance controllers can execute tests to determine effectiveness of process control.
*For more details, see "Testing Requirements", page 79.
Monitoring and Remediation
Generating reports 
Numerous reports supplied as standard enable identification of non-compliances and assure efficient follow-up during compliance management phases.
Remediating non-compliances 
Issue solving is formalized by implementation of action plans. These action plans enable organization and restructuring of processes in order to comply with the defined level. For more details, see "Managing Issues and Action Plans", page 69.
*In the case of testing requirements via compliance tests, controllers process non-compliances by means of recommendations and actions. See "Test Follow-Up", page 111.