Compliance Assessment Solutions

The ArborSys Group understands compliance. We specialize in business and technology consulting in highly-regulated industries.

Compliance Officers need tools to help them assess, analyze, and action their compliance programs. ArborSys provides compliance assessment solutions that do just that. Our solutions are scalable and can be quickly deployed in-house or implemented as a cloud-based solution.

Our compliance assessment solution is built on the Appian Business Process Management platform. It supports compliance organizations of all sizes and complexity. It provides tools and functionality to setup, configure, assign, execute, and track compliance programs and projects. Based on the results of compliance assessments, corrective Management Action Plans (MAPs) can be created, monitored, tracked for completion, and used for reporting. Key metrics and trends available through Dashboard reporting can be used by Compliance Officers and Steering Committees to implement applicable improvement programs.

ArborSys compliance assessment dashboard

Compliance Assessment Dashboard


Organizations are as unique as their compliance needs. We have designed our solution to meet the reporting and organizational needs of any size entity. Data elements are organized into compliance programs. Those programs can have one or more compliance projects associated with them. Each project is linked to an assessment that meets the objectives of that project. Applicable Assessment templates are configured within a library, providing the organization with a framework to set up a series of compliance requirements covering mandatory aspects – for example: Sarbanes-Oxley, standards like ISO 31000, or guidelines or internal policies for procurement and supplier management.

compliance assessment data organization model

Compliance Assessment Information Structure

regulatory compliance risk assessment template

Assessment Template

compliance assessment programs list

Compliance Assessment Programs List

compliance assessment projects list and configuration

Compliance Assessment Projects List and Configuration

Within our solution, user roles are configured to define functions and responsibilities within the application. Users are assigned roles that define their functional access to specific compliance programs, projects, and assessments, as appropriate. The table below outlines the typical summary of roles and responsibilities within a compliance organization. Utilizing user roles allows us to adapt this structure to meet the needs of your organization.

compliance organization roles and responsiblities

Compliance Organization Roles and Responsibilities

Some of the key capabilities of our solution include:

  • Creation of Assessment templates, and review / approval workflows to finalize and make templates available for use
  • Creation of Compliance programs, configuration of assessment projects associated with that program, and assignment of resources for assessment, reviews, and approvals
  • Tracking the Regulations, Policies and Procedures addressed through specific programs or projects
  • Review / approval processes for assessments to finalize them as completed
  • Creation of a MAP for completed assessment findings
  • Review / approval processes for the MAPs developed from completed assessments
  • Tracking and managing the MAPs
  • Dashboards for visibility to the Assessment projects, programs, and MAPs, for all levels of the organization

Key Benefits

The key benefits of our solution include:

  • Enables consistent and repeatable compliance assessments against the requirements defined within the organization’s compliance program at enterprise, functional, and departmental levels
  • Facilitates cross-functional, multi-disciplinary, enterprise-wide compliance programs, lifting compliance from departmental silos
  • Streamlines the compliance processes, enabling process owners to take direct responsibility for managing controls while allowing auditors to focus on key compliance risks
  • Facilitates the tracking and monitoring of action plans to completion
  • Provides comprehensive compliance dashboards which offer enterprise-wide visibility into compliance, and highlights issues that need to drive operational improvement at all levels of the organization
  • Provides visibility into any risk areas associated with specific Regulations, Policies or Procedures across the enterprise
  • Provides visibility to metrics and trends for key areas of non-compliance or risks for improvement programs

The ArborSys Difference

ArborSys can help you implement your compliance solution. Our in-depth industry knowledge provides us with an understanding of your business operations and compliance requirements. ArborSys business and technology experts have industry and domain knowledge to work with your staff and anticipate your needs. Since they are familiar with compliance assessment and analysis through hands-on implementation experience, our team can address installation, configuration, and implementation issues unique to your organization. Let us help you see “the art of what is possible” by using an automated compliance solution.

Learn More

Compliance programs cannot completely prevent compliance violations. However, they can mitigate the impact. When compliance violations occur, fines, penalties, and other forms of punishment may well be significantly reduced if the organization has an effective compliance program in place that shows a consistent record of assessment and corrective action.

Being able to show periodic assessment and review of compliance capabilities and practices goes a long way with regulators in demonstrating that the organization was acting in good faith and made concerted efforts to maintain compliance. This can have a big impact on the severity of the punishment.

Effective compliance is built into business processes. It is part of day-to-day operations. Responsibility for compliance is on the frontlines with staff who execute those processes. These processes and integrated compliance activities are frequently supported with technology. The processes, supporting technology, and compliance requirements are sustained by focused, relevant training. These training programs should provide the knowledge of compliance requirements for each functional role within the context of the process and technology. To create an exceptionally effective compliance programs though, you need on-going communications and awareness campaigns.

Why? A communications and awareness campaign allows you to control and target your message to make it more effective, meaningful, and memorable. It also allows you to constantly reinforce your message in a positive way. Too often, compliance communications and training are not engaging and they often focus on the negative outcomes. The impact of compliance violations are serious. Fines, loss of reputation, civil liability, loss of business, etc. are all very negative consequences. However, an effective communications and awareness program targets the positive actions that helps prevent those consequences from occurring.

communications and awareness example

Take this first example of a poster for a truck driver safety program, where the emphasis is on professionalism and an implication of winning. The reminder to not be distracted by a cell phone is clear without mentioning the potential for damage, danger to the driver and others, and potential company and driver liability.

communications and awareness example

Another example is this reminder poster for healthcare workers to check and verify patient identification prior to any procedures. This poster uses a simple acronym, “IDB4” to remind workers of this important step. No negative outcomes for failing to do so are mentioned. In addition to printed posters, a campaign such as this one can be used in multiple ways. One application would be to install it as a standard computer screensaver in the healthcare setting. It could also be used in newsletters, and other communications.

A majority of compliance training is delivered via e-learning. Because this training is important, a great deal of time goes into making sure it is engaging. Making it interactive, adding case studies or workplace scenarios, creating a game environment, etc., all increase learner engagement and enjoyment. However, a key design factor that is frequently not given enough attention is relevance. It is much easier to create one e-leaning course than it is to create courses for specific target audiences.

One example would be Sunshine Act training. The staff in product development or manufacturing do not need to know as much about these compliance requirements as the people in sales and marketing. Designing one course for both audiences is a recipe for disaster. You may be able to create one course, but include branching to specific content for specific audiences.

chunked learning

Chunking e-learning content into discrete modules or segments is a better approach for two reasons. First, you can present only the “chunks” that are relevant to a particular user. Second, if the content changes or needs to be updated due to a change in the compliance requirements, those updates are easier because they only effect small components of the overall course.

The key to developing the right "chunks" of content is a through analysis of audience needs. This analysis also facilitates content reuse across similar courses which reduces development and long-term maintenance costs.

Related Content

Related Offerings / Services

Content You Should Also View

Case Studies