The BarnOwl compliance module enables an organisation to document and manage its regulatory universe by identifying and monitoring compliance to the acts, regulations and provisions at every level of the organisation. The compliance module is fully integrated with 3rd party compliance content providers. BarnOwl supports and embeds best practices frameworks such as Generally Accepted Compliance Practice Framework (GACP). BarnOwl facilitates compliance through the automatic generation of compliance risk management plans (CRMPs) and compliance checklists which can be maintained and completed online by the relevant compliance officers and business owners (i.e. continuous compliance self-assessments). BarnOwl enables the group compliance function to conduct independent compliance audits, compliance monitoring, as well as reporting to Exco and the Board. Online action plans are sent out automatically by the system to the relevant owners responsible for addressing non-compliance issues ensuring effective compliance monitoring and remedial action.

The BarnOwl Compliance module allows you to:

  • Maintain an up-to-date regulatory universe in support of the Compliance Institute’s best practice framework

  • Import acts, sections, headings and provisions from 3rd party compliance content providers or populate your own content

  • Create compliance risk management plans automatically

  • Create, publish and track compliance checklists automatically

  • Monitor and track non-compliance: online action plans (free to unlimited users)

  • Generate compliance reporting and provide an up-to-date dashboard of your compliance universe (scorecards, trends, heat maps…)

  • Provide Director/Accounting officer protection (formalised approach to risk management / compliance)

Compliance Software Clickable Diagram



Compliance Risk Identification

  • Simply import the relevant acts from 3rd party compliance content providers into BarnOwl's regulatory library of acts, regulations and provisions (requirements) and apply them to the individual divisions/subsidiaries
  • Capture your own policies and procedures into BarnOwl’s regulatory library and apply to them to the individual divisions/subsidiaries



Compliance Risk Assessment

  • Categorise the identified acts in terms of core/primary, secondary or topical/pertinent for the organisation as whole and for the individual divisions/subsidiaries
  • Prioritise the identified acts by rating each in terms of Probability and Seriousness for the organisation as a whole and at the various levels of the organisation where applicable
  • BarnOwl automatically generates compliance risk management plans (CRMPS) and checklists for each requirement which has been identified for compliance
  • Rate (prioritise) the compliance risks (provisions) at the various levels of the organisation based on Impact and Likelihood in line with best practice risk management



Compliance Risk Management (Control optimisation)

  • Identify the control measure which will monitor compliance
  • Set the target date and responsible owner/s for implementing the control measures
  • BarnOwl sends out automated risk and control self-assessments to the relevant owners to rate control adequacy and effectiveness
  • Automation of checklists and surveys



Compliance Risk Monitoring

  • Monitors action plan activity by owner and due date
  • Enables a review process of risk & control self-assessments and compliance checklists
  • Enables tracking of tip-offs, issues, loss events, complaints, gifts, conflicts of interest related to the compliance function
  • Provides extensive compliance reporting: compliance risk and control ratings, non-compliance findings, issues, overdue action plans
BarnOwl’s built-in methodology supports best practice compliance frameworks such as the Generally Accepted Compliance Practice (GACP) framework.Simplifies embedding a best practice compliance management framework in your organisation.
Configurable compliance parameters.Enables you to configure BarnOwl according to your compliance methodology.
Setup your regulatory categories and define your rating lists and colours for monetary and image impact, seriousness and probability.
Maintain a centralised regulatory library of acts with provisions (obligations) and checklists, which can be published to the relevant business units / subsidiaries. Enables group compliance to manage and keep up to date all acts, regulations and provisions applicable to your organisation and publish the relevant provisions or obligations to the relevant business units.
Import compliance content supplied by 3rd party compliance content providers or alternatively capture your own compliance content.Keeps your compliance content up to date.
Rate the importance (seriousness) of each act at every level (subsidiary / business unit) of your organisation.Provides an overview of your regulatory universe highlighting the most serious areas.
Automatic generation of compliance risk management plans (CRMPs).Pre-populated compliance risk management plans (CRMPs) save you time and embed best practice risk-based compliance management.
Distribute pre-populated compliance checklists to unlimited (internal) respondents.Allows you to collect compliance scores and monitor & report on compliance across the organisation on an ongoing basis.
Create action plans accessible to unlimited (internal) respondents.Enables effective monitoring of all non-compliance issues and remedial actions across the organisation. Drive ownership and accountability for compliance across the organisation.
Extensive compliance reporting including dashboards, compliance scorecards, compliance trends and integration to the BarnOwl data warehouse for reporting using tools such as Excel, Power BI etc.Provides insight into areas of non-compliance at every level of the organisation.
Incident management is fully integrated with the compliance module.Track all non-compliance issues or events and mitigation plans on an ongoing basis.
Audit is fully integrated with the compliance module.Enables group compliance to conduct independent compliance audits (a deep dive), raise findings, mitigation plans and perform ongoing compliance monitoring.

View More →


  • What is Compliance?

    Understanding the environment (legal, contract, accepted practices, etc.) in which you operate is key to mitigating regulatory risks that could substantially impact the organisation. Compliance demands have extended across legislators and regulators, investors, customers, employees, and other stakeholders. Factoring regulatory compliance into the risk management strategy dramatically assists in reducing incidents of compliance failure and the resultant penalties, going a long way to solidifying director protection and increasing organisational durability.

    Principle 13 of the King IV code (copyright Institute of Directors Southern Africa) states that the governing body should govern compliance with applicable laws and adopted non-binding rules, codes, and standards in a way that supports the organisation being ethical and a good corporate citizen.

    Besides the most apparent reason to comply, namely, that it is the law and the risk of penalties, fines, imprisonment, and loss of operating license for failing to comply is high, complying with the requirements provides additional benefits to an organisation. Organisations that have practical compliance functions create a competitive advantage for themselves through:

    • Enhanced client satisfaction and confidence. There is a direct link between high levels of client satisfaction and certainty for businesses that are perceived to be compliant,

    • Management of reputational risk. A practical compliance function is vital in the monitoring and mitigation of reputational risk critical to the sustainability of any business,

    • Enhanced investor confidence. Organisations that have a practical compliance function demonstrate transparency and business integrity, thus enhancing investor and stakeholder confidence,

    • Enhanced access to capital and financial markets due to improved disclosure and investor confidence,

    • Higher market value for the organisation from increased investor confidence,

    • Better organisational performance resulting from ‘running a tight ship’ with good internal controls,

    • Enhanced social and environmental standing. An effective compliance function demonstrates ‘good corporate citizenship’ necessary for the survival and growth of any organisation,

    • The ability to operate in a global business environment. For an organisation to survive the accelerated dynamics of a worldwide market (‘village’), it requires a practical compliance function demonstrating good corporate governance.

    Compliance is a crucial business function for all organisations. Keeping up with the regulatory landscape requires time and resources, but it is vital to remain compliant. Compliance means that employees and operations adhere to regulations and standards in a business. This is an essential function for ensuring that the company runs smoothly.

  • What can Compliance software do?

    Compliance programs must be well-defined to ensure that they achieve their objectives. In addition, they should be aligned with the expectations of the organisation’s stakeholders. Whether the organisation is a non-profit or a large corporation, it is important to ensure the effectiveness of its compliance program. To this end, the Board of Directors should receive regular updates from the Chief Compliance Officer. The Board should also review the compliance program annually. The board should discuss the results and approve any changes that are necessary.

    A compliance program should clearly define the organisation’s "why." This "why" should be a set of values and ethical principles. The compliance function should help the organisation reach these principles by training employees and holding them accountable for their actions. Compliance complexity and the consequences of non-compliance are increasing all the time. Without a structured approach enabled by specialised compliance management software, compliance is a daunting task, bordering on impossible.

    The BarnOwl compliance module enables an organisation to document and manage its regulatory universe by identifying and monitoring compliance with the acts, regulations, and provisions at every level of the organisation. The BarnOwl compliance module supports and embeds best practices frameworks such as Generally Accepted Compliance Practice Framework (GACP). The BarnOwl compliance management software:

    • Dramatically reduces the administrative burden of compliance,

    • Enables an organisation to manage and keep up to date all acts, regulations, and provisions as they pertain to your organisation,

    • Embeds a culture of compliance in your organisation with the automation of compliance checklists, control self-assessments, and ‘living’ action plans,

    • Provides ongoing monitoring of your compliance environment with early warning notifications of non-compliance,

    • Automates follow-up and monitoring of treatment action plans,

    • Provides register/s for non-compliance issues, loss events, near misses, conflict of interest, gift register, etc.,

    • Generates regulatory and management reporting,

    • Limits director exposure through a formalised approach to risk and compliance management.

  • Pros and Cons


    Allows businesses to:

    • Integrated compliance requirements all in one place; up to date regulatory universe with latest acts and provisions (obligations) available in a centralised database

    • Streamline the compliance process, save time, achieve better compliance

    • Track and monitor compliance related provisions / obligations and remedial actions

    • Automate compliance-related tasks such as online compliance checklists and action plans

    • Minimise potential fines and / or penalties relating to non-compliance

    • Provide director / accounting officer protection by demonstrating a formalised system

    • Embed corporate governance culture by driving compliance ownership and accountability across the organisation

    • Improve overall efficiency by identifying areas of improvement in compliance-related processes

    • Provide insightful reporting to enable informed decision making regarding compliance-related matters


    Some of the barriers to using compliance software include:

    • The volume of compliance content can be overwhelming, however this is what is required to perform compliance effectively

    • Compliance functions are intrusive and can result in information overload for the business

    • Superficial tracking of compliance can be done in Excel.

    • Compliance is a huge administrative burden and requires dedicated time and effort

    • Compliance software together with 3rd party compliance content can be costly

    • Ongoing cost of keeping acts up to date can be onerous and costly

Recommended Reading


King IV – Now More Than Ever

BarnOwl Info Sharing Insight: Compliance – One Bite at a Time… with Cherryn-Paige Bissett

Tip of the Month: Taking the ‘Pain’ Out of Compliance


BarnOwl Compliance Management Datasheet

BarnOwl Intelligence Datasheet

BarnOwl Info Sharing Presentation: Compliance – One Bite at a Time… with Cherryn-Paige Bissett


Compliance Software Demonstration by BarnOwl

Risk Management Software | Audit Software | BarnOwl Software

BarnOwl Introduction

Subscribe to BarnOwl's Information Portal

Subscribe to BarnOwl’s information portal today and receive our monthly newsletter with the latest GRC and audit insights, industry updates, priority access to exclusive events, tip of the month and more straight to your inbox!


GRCReady is the official provider of risk management content for the BarnOwl GRC software solution. GRCReady provides extensive risk libraries and risk maturity checklists/surveys which are integrated with BarnOwl.

GRCReady, based in Australia, offers a comprehensive and holistic library of products and associated services including templates, policies, procedures, guidelines, checklists etc. to help owners and directors of SMEs, startups and corporates to satisfy their corporate governance, risk management and regulatory compliance needs.

By integrating GRCReady's rich content libraries into BarnOwl's GRC software, we are able to offer our clients a state of the art, turnkey GRC solution.

GRCReady provides, arguably, the most comprehensive risk and governance maturity assessment framework with detailed steps and artefacts. BarnOwl's survey and action plan portal provides a simple and effective way to monitor and report on your current state of risk maturity and suggest and drive remedial action plans to take you to your desired state of risk and governance and maturity.

By integrating GRCReady's risk libraries with the BarnOwl GRC software, means that you don't have to start from scratch. In addition, ongoing updates and insights keep you informed and up-to-date on best practices.


Season Rhyrhm is BarnOwl's preferred partner in Botswana assisting with BarnOwl implementations, support services and client relationship management.

Season Rhythm is an established and distinguished player in the ICT sector in Botswana, specialising in a range of cutting-edge solutions. Season Rhythm leverages BarnOwl to provide tailored GRC&A services to businesses in Botswana facilitating:

  • Governance: Enabling organisations to establish and uphold effective governance structures, ensuring transparency and accountability in decision making processes.
  • Risk Management: Equipping businesses with tools to identify, assess and mitigate risks, safeguarding against potential threats and ensuring continuity in a business environment.
  • Compliance: Ensuring adherence to regulatory frameworks and industry standards, protecting businesses from non-compliance penalties and fostering trust among stakeholders.
  • Audit: Streamling the audit process with comprehensive tools for planning, execution and reporting, driving efficiency and accuracy in internal audit and compliance assessments.


BarnOwl works closely with NSA in the field of GRC and assurance.

NSA is an education and risk & assurance advisory services provider, consisting of a team of professional consultants and facilitators who have been hand-picked on experience and expertise. NSA services include:

  • Strategic intervention: 30 expert consultants facilitating strategic planning, combined assurance, effective governance and risk management assignments.
  • Continuous professional development: CPD training for internal auditors, external auditors, accountants, risk managers, government officials, and psychologists.
  • Online learning: accredited training for the local government sector, including the Municipal Financial Management Program and Supply Chain Management.
  • Online skills development: skills in demand for 2030, including cybersecurity, Protection of Personal Information, Artificial Intelligence, Robotics and programming.

BarnOwl and NSA work closely with our clients to align and enable best practice GRC and assurance framework & methodologies within BarnOwl. NSA regularly presents online information sharing sessions together with BarOwl.


Nico Technologies is BarnOwl's preferred partner in Malawi assisting with BarnOwl implementations, support services and client relationship management.

Nico Technologies Limited is an established IT products and services provider in Malawi, specialising in managed IT services, IT infrastructure services, IT project management, digital solutions, digital transformation and IT advisory.

Nico Technologies uses BarnOwl extensively within their own organisation to automate and manage their own risk and compliance functions.


Morgan Solus is BarnOwl's preferred business continuity specialist consulting firm with its 'BCM toolkit' software. BarnOwl GRC together with the BCM toolkit, provides a comprehensive risk management and BCM software solution.

Morgan Solus is a specialist consultancy firm focusing on risk, resilience and continuity. Morgan Solus's core services are centred on resilience, crisis management, business continuity (BCM), IT services continuity and disaster recovery (DRP) and training.

The BCM toolkit ensures a consistent approach to implementing BCM and IT disaster recover and cuts down implementation timelines by 60% whilst driving up successful outcomes.

BarnOwl's extensive GRC and assurance functionally coupled with Morgan Solus's BCM toolkit provide the ultimate risk management and BCM software solution.


Arbutus Analytics is Barnowl's preferred data analytics software. BarnOwl GRC integrated with Arbutus Analytics, provides the ultimate in continuous risk monitoring.

Arbutus Analyzer is a powerful data access and analysis solution specifically developed for auditors, business analysts, and fraud investigators. Its robust performance and user-friendly features offer you the ability to access and analyse data quickly and simply.

BarnOwl GRC, integrated with the real-time metrics from Arbutus provides a strategic early warning system driving preventative and predictive capability facilitating effective business decision making business improvement. with local sub-sahara African distributor


Barnowl works closely with Pax Resilience in the field of GRC and sustainability.

Pax Resilience offers solutions in risk, resilience and cyber security. Pax Resilience strive to create peace of mind by assisting you to build the resilience in your organisation so essential to survive and thrive in the volatile, uncertain, complex and ambiguous world we live in.

Pax Resilience regularly presents online information sharing sessions together with Barnowl.


Paige Law is the official provider of compliance content for the Barnowl GRC software solution. Paige Law provides an extensive Library of South African acts including provisions [CRMPs] and checklists which are integrated with Barnowl.

Paige Law specialises in compliance, Commercial Law, Legal process consultancy, managed legal services and POPIA/ GDPR.


Registered Address

75 Malibongwe Drive
Linden Ext
South Africa

Postal Address

PO BOX 3009


+27 (0) 11 540 9100


More Information:
Product Support:

Let Us Contact You
Let Us Contact You
I grant BarnOwl permission to contact me for marketing purposes*
*You will receive BarnOwl monthly newsletters & invitations to online events. You can unsubscribe at any time.


If you need assistance with your BarnOwl software, there are three channels available to you:


You will be emailed a ticket number from our issue tracking system and your request will be managed in
this ticket until it is completed.


You can view all your existing tickets or create new ones.


+27 (0) 11 540 9112
to speak to a support consultant

Let Support Contact You
Let Support Contact You