White Paper - The ORC Model for Compliance Management

Whitepaper

This is a members only resource.

This page contains member-exclusive resources designed to support your professional practice. Please log in via the top right-hand corner to access the full content.

Author

Nigel Dalton-Brown

FGIA, GAICD, AMIIA, MBA

Date

2025

Topics Explored

Governance

Format

White Paper

Extract/Description

By applying the ORC model, Internal Audit will have a foundational structure similar to a financial chart of accounts; that is, a digestible breakdown of all of the organisation’s obligations broken down into subcategories. This foundation will provide the basis for further tools and standardised reporting.

Key Points

  • An organisation’s obligations start at the top, with corporate governance and the risk appetite statement.
  • Every single internal compliance document, irrespective of industry or subject matter, falls into one of six classes where each class describes an entity.
  • Risk topics are discussed by different managers, but from slightly different perspectives.
  • The ORC model provides organisations with a framework from which they can build a comprehensive obligations register.

Relevant Industries

All

Level of Assumed Knowledge

Intermediate

Aligned to Global Internal Audit Standards

Not Applicable