When regulatory compliance and risk management come to mind, they usually evoke feelings of fear, uncertainty, and doubt as to how well an organization is prepared for government scrutiny or any worst-case business scenario. Questions arise, such as: Have we developed the proper procedures to ensure product compliance? How can we measure and actually know if we are within the regulatory guidelines?  Do we have “proof of absence” or are we at risk from “absence of proof” by market and regulation? Do our systems help or hinder us?

The consumer recalls in 2007 are prime examples of how compliance and risk management go well beyond internal operations to span the entire supply chain. A comprehensive strategy includes three dimensions:

 …