Compliance. In general, compliance means conforming to a specification, standard, law or regulation. Public as well as privately held and government organizations are required to comply with a wide range of legally binding government statutes and regulations. These statutes are levied to ensure the safety, health, and well-being of citizens. An example of such a statute, the Health Insurance Portability and Accountability Act (HIPAA), regulates the handling of personally identifiable information (PII) to protect the privacy of individuals by reducing the risk for stolen identify and related theft. Another example, Sarbanes-Oxley tightens the personal responsibility of publicly listed company’s top management to ensure the accuracy of reported financial statements. Financial Improvement and Audit Readiness regulations serve the same purpose for government organizations requiring them to provide auditable financial statements.
Accreditation. Accreditation/certification is a process whereby a professional association or nongovernmental agency grants recognition to an organization (e.g., school or health care institution) for demonstrated ability to meet predetermined criteria for established standards, such as the accreditation of hospitals by the Joint Commission on Accreditation of Healthcare Organizations (JCAHO). JCAHO certification is a process that a health care institution, provider, or program undergoes to demonstrate compliance with JCAHO standards.
Certification. Approval or endorsement by an authority based on an organization meeting certain predetermined standards. This process includes an evaluation and comparison of performance against benchmarks/standards. The purpose of certification is to ensure that the standards met are those necessary for safe and ethical practice of the profession or service. Verifies that an organization has met the standards. The purpose of certification is to assure other professionals and the public that the person has mastered the skills necessary to practice a particular specialty and has acquired the standard body of knowledge common to that sponsors.
The Marlin Migration Model provides a framework to identify the organization’s vision which in this case may be certification at a specific level.
Marlin typically assists organizations prepare for an external formal assessment or evaluation rather than performing the certification or accreditation. Marlin reviews related regulations, standards, and criteria; creating a matrix that clearly defines the performance criteria and artifacts required for validation of performance levels.
A data-gathering phase includes interviews, document reviews and observations which are subjected to in-depth analysis to identify gaps to be addressed in preparation for the formal audit/assessment. A SWOT analysis highlights strengths as well as weaknesses, opportunities and threats. A report of findings and recommendations outline gaps in performance compared to the standards adopted as well as strengths to leverage. Recommendations include suggested mitigation and remediation activities to address gaps in preparation for a formal assessment. Marlin provides a Plan of Action and Milestones to address the Mitigation and Remediation needed to include a project plan with resourcing strategies to streamline the effort.