BSBCOM603 Plan and establish compliance management systems Assessment Task 2

Implementation planning

Performance objective

This task requires you to develop for an organisation an implementation plan for the compliance management system that has been identified in the previous assessment task.

Assessment description

In this assessment task, following on from Assessment Task 1, you are required to plan and document the compliance management system to be implemented in the organisation, and gain approval from both the CEO (or relevant internal approval authority) and an external auditor prior to beginning the implementation process. You will need to respond to two scenarios, one for internal approval, and one for external approval.

Scenario: Internal approval

You are an external consultant hired to conduct research into and propose an appropriate compliance management system for an organisation.

The CEO, or relevant internal approval authority, has now asked you to prepare an implementation plan for your compliance management system. Your plan will need to include:

  • specifications
  • action schedule
  • budget, with a breakdown of costs for each component of the system.

Your plan, to fulfil organisational requirements, must be in the following format:


    For the proposed compliance management system:

    1. describe the management information system requirements
    2. identify all components of the compliance management system, including any documentation required to be developed
    3. document the specifications of each component.

    For the proposed compliance management system:

    1. determine personnel requirements for staffing
    2. select suitable personnel from those available within the case study
    3. assign key responsibilities to each position.

    Identify and describe:

    1. the training requirements for implementing the proposed compliance management system
    2. suitable training options for staff.

    Identify and describe:

    1. a complaints management system
    2. a strategy for developing a compliance management culture
    3. processes and procedures for identifying and managing compliance breaches, including integration with existing policies and procedures
    4. processes and procedures for meeting compliance reporting requirements
    5. processes and procedures for internal and external liaison processes
    6. performance indicators to be measured by the system so that it can be objectively evaluated, for example:
      1. individual compliance/non-compliance
      2. training numbers
      3. numbers of complaints
      4. numbers of breaches
      5. ratio of payroll errors/breaches to number of transactions.


    1. the budget required to resource implementation (including human resources for developing, implementing, reviewing and maintaining the proposed compliance management system)
    2. an action schedule outlining target milestones for all aspects of implementation, including training, review and maintenance.

You will need to meet with your CEO, or relevant internal approval authority, to present and defend your implementation plan, particularly on the basis of:

  • adherence to budget
  • the ability of the plan to contribute to a culture of compliance in the organisation.

Note: If you are basing your assessment on the Charity-Care case study, you will need to meet with your assessor in place of the CEO.

Scenario: External approval

As in the above scenario, you are an external consultant hired to conduct research into and propose an appropriate compliance management system for an organisation.

The CEO, or relevant internal approval authority, has now approved your implementation plan for your compliance management system.

In order to build credibility for the organisation among clients, customers, and suppliers, as well as government and regulatory authorities, you have been asked to meet with an external auditor (representing an accredited certification body). This external auditor will help you take the first steps towards certifying the organisation with respect to, for example, AS/NZS 3806:2006 Compliance programmes, AS ISO 10002:2006 Guidelines for complaints handling, AS/NZS ISO 31000:2009 Risk Management – Principles and guidelines or AS ISO 15489:2004 Records management.

You will need to satisfy the auditor that the planned implementation will be compliant with the principles set out in the relevant standards. Example questions that an auditor could ask with respect to AS/NZS 3806:2006 Compliance programmes, for instance, could include:

  • How does the planned implementation of the compliance management system:
    • ensure commitment by top management to effective compliance throughout the organisation?
    • ensure the compliance policy aligns with business goals?
    • ensure appropriate resources are allocated to the compliance program?
    • ensure endorsement by top management?
    • ensure compliance obligations are identified and assessed?
    • ensure responsibilities for compliance are set?
    • ensure training needs are met?
    • ensure appropriate behaviours are encouraged?
    • ensure controls are put in place to achieve desired behaviours and outcomes?
    • ensure performance of the compliance program is monitored, measured and reported?
    • ensure that the organisation can demonstrate compliance through documentation?
    • ensure the program is continuously reviewed and improved?

You will need to answer the auditor’s questions with specific reference to the implementation plan for the compliance management system as you have developed it.

Note: You will need to meet with your assessor (as the external assessor) or a person assigned to role-play an external auditor.


  1. Review the two scenarios above, in addition to the recommendations you made in Assessment Task 1.
  2. Arrange with your assessor a time, place and method to present your implementation plan for approval and agree on a relevant standard to be audited against for external approval.
  3. Present a summary of your report to the CEO for approval. Prepare to answer questions on your proposed plan from your CEO, or other internal approver (who may be your assessor), on how your planned system adheres to budgetary constraints set in Assessment Task 1 and contributes to an organisational culture of compliance.
  4. Answer questions from an external auditor (your assessor) on how the proposed compliance management system adheres to principles of the relevant standard agreed in advance with your assessor.
  5. Submit documentation as per specifications below. Keep copies for your records. You will need to draw on this documentation to complete Assessment Task 3.


You must provide:

  • a written implementation plan, including specifications, budget and action schedule.

Your assessor will be looking for:

  • your ability to contribute to a positive culture of compliance within an organisation
  • interpersonal skills to relate to internal and external personnel
  • literacy skills to write reports containing complex concepts
  • knowledge of relevant Australian and international standards
  • knowledge of elements of compliance program/management systems
  • knowledge of relevant organisational policies and procedures.

Adjustment for distance-based learners

  • No variation of the task is required. Meeting with the CEO and/or your assessor may be conducted via teleconferencing tool.
  • A follow-up interview may be required (at the discretion of the assessor).
  • Documentation can be submitted electronically or posted in the mail.