BizPort Diagnostic Check-up

  • BizPort Diagnostic Check-up

  • The BizPort Diagnostic Check-up focuses on 7 major areas of business compliance risk.

     

    You will often hear from business owners that they do not utilise all 7 of these areas

    but in some way all businesses do, and they are interactive with each other.

     

    Just like all of the different parts of the human body interacts with each other.

  • Image field 428

  • Roadmap Stages

  • Image field 395
  • Image field 396
  • Image field 397
  • Image field 398
  • Image field 399
  • Image field 400

  • Please enter your company details.


    We respect your privacy. Your details will only be used for the intended purpose and will not be shared to 3rd Party.

  • Stage 1: Complete this Diagnostic form

    • Human Resources 
    • Image field 4

    • H1: Hazards and Risks

    • H1.A Has your written policies & procedures been updated in last 12 months?*

    • H2: Controls

    • H2.A Do you work within those policies & procedures?*

    • H3: Monitoring

    • H3.A Do you have a documented process to advertise, recruit & onboard new employees?*

    • H4: Protocols

    • H4.A Do you have a relevant and recorded training & education program and process?*

    • H5: Safety Systems

    • H5.A Does the business have effective lines of communication with the workers?*

    • H6: Communication

    • H6.A Do you have KPI’s in place for each worker and are they reviewed regularly?*

    • H7: Inspections

    • H7.A Are there any documented disciplinary guidelines for workers?*

    • H8: Problem Resolution

    • H8.A Do you have an offboarding/dismissal process?*

    • H9: Records

    • H9.A Is there a process to record all contractors' details?*

    • H10: Subcontractors

    • H10.A Do you have full records of a workers? Medical needs/requirements, all of the leave allowances they are entitled to, their award entitlements, and emergency contacts?*
    • Workplace Health & Safety 
    • Image field 54

    • S1: Hazards and Risks

    • S1.A Are the hazards and risks in the workplace, regularly assessed and prioritized?*

    • S2: Controls

    • S2.A Are measures in place to control and mitigate hazards and risks?*

    • S3: Monitoring

    • S3.A Are the hazard and risk controls monitored and reviewed?*

    • S4: Protocols

    • S4.A Are there protocols in place to respond to and recover from emergencies?*

    • S5: Safety Systems

    • S5.A Are safety systems regularly reviewed and are they complying?*

    • S6: Communication

    • S6.A Does management communicate with the workers about safety, and are they encouraged to report safety issues?*

    • S7: Inspections

    • S7.A Are regular safety inspections carried out?*

    • S8: Problem Resolution

    • S8.A Are problems in safety identified and reported?*

    • S9: Records

    • S9.A Are there records maintained to demonstrate the safety program? Are workers records individually kept showing they have been properly trained, provided SWMS/SOPS?*

    • S10: Subcontractors

    • S10.A Are subcontractors and vendors compliant with the required standards?*
    • Quality Assurance 
    • Image field 93

    • Q1: Governance and Leadership

    • Q1.B Are your directors and officers act with a duty of care and loyalty to the company?*
    • Q1.A Does your company have a clear governance structure in place, with defined roles and responsibilities for decision-making?*
    • Q1.C Does your leadership team demonstrate ethical business practices and uphold the principles of corporate social responsibility?*

    • Q2: Regulatory Compliance

    • Q2.A Are you familiar with the specific laws and regulations that apply to your industry and location?*
    • Q2.B Do you have processes in place to monitor and adapt to relevant regulatory changes?*

    • Q3: Employment Practices

    • Q3.A Are your hiring practices in line with equal opportunity legislation, and do they minimize the risk of discriminatory hiring?*
    • Q3.B Is your compensation and benefits structure consistent with the Fair Labor Standards Act, including minimum wage and overtime pay?*
    • Q3.C Are you providing a safe working environment, and do you have a protocol for handling occupational safety and health issues?*

    • Q4: Data Privacy and Security

    • Q4.A Do you have policies and procedures in place to protect confidential and sensitive data?*
    • Q4.B Have you appointed a data protection officer to oversee the processing of personal data in accordance with GDPR (General Data Protection Regulation)?*
    • Q4.C Can you promptly respond to data breaches and are you aware of your legal obligations in the event of a breach?*

    • Q5: Financial Management

    • Q5.A Are your financial records accurate, up-to-date, and maintained in accordance with generally accepted accounting principles (GAAP)?*
    • Q5.B Do you understand anti-money laundering regulations, and have you implemented measures to prevent money laundering activities?*
    • Q5.C Does your business have clear understanding, control, and visibility over tax compliance?*

    • Q6: Business Operations

    • Q6.A Are your contracts and other legal documents compliant with relevant laws and regulations?*
    • Q6.B Do you maintain the health and safety standards necessary in your industry and location and keep records of those efforts?*
    • Q6.C Have you identified and mitigated the risks associated with your supply chain?*

    • Q7: Intellectual Property

    • Q7.A Have you adequately protected your intellectual property, including trademarks, copyrights, and patents?*
    • Q7.B Do you avoid infringing the rights of others and have you checked that your products and services are not infringing any third-party patents or copyrights?*
    • Q7.C Are your employees and contractors aware of the importance of intellectual property compliance?*

    • Q8: Environmental Compliance

    • Q8.A Do you understand and meet the environmental protection laws that apply to your business and industry?*
    • Q8.B Have you considered the environmental impact of your operations on local communities, wildlife, and the planet?*
    • Q8.C Are you prepared for natural and man-made disasters, and do you have a business continuity plan in place?*

    • Q9: Digital Marketing

    • Q9.A Are your marketing and advertising practices in compliance with consumer protection laws and regulations?*
    • Q9.B Do you follow the requirements of the CAN-SPAM Act for email marketing, and do you have an opt-out mechanism for recipients?*
    • Q9.C Have you reviewed the legal and regulatory requirements, including age-restriction rules, for the social media platforms you utilize?*

    • Q10: Workplace Culture and Ethics

    • Q10.A Is your workplace culture conducive to open and honest communication about compliance issues?*
    • Q10.B Do you promote a speaking-up culture where employees feel empowered to report violations without fear of retaliation?*
    • Q10.C Are there clear consequences for compliance breaches, and are they consistently enforced?*

    • Q11: Public Relations and Crisis Management 

    • Q11.A Do you have a public relations and crisis management strategy in place to address potential compliance-related issues that may arise?*
    • Q11.B Is your PR and crisis management team well-prepared to respond to compliance-related incidents quickly and effectively?*
    • Q11.C Have you conducted scenario testing to prepare for various compliance crises?*

    • Q12: E-commerce Compliance 

    • Q12.A Do you follow the proper steps to ensure that your website and online business are compliant with regulations such as the ADA (Americans with Disabilities Act) and the PCI DSS (Payment Card Industry Data Security Standard)?*
    • Q12.B Are you providing the legally required information and clear return and refund policies to your online customers?*
    • Q12.C Are your online marketing practices compliant with relevant laws and industry standards?*

    • Q13: Intellectual Property and Copyright Laws

    • Q13.A Are you aware of and compliant with the intricate details of copyright laws, and do you have a system to monitor and prevent copyright infringement?*
    • Q13.B Do you have a system in place to act on the Digital Millennium Copyright Act (DMCA) notices swiftly and legally?*

    • Q14: Finance and Taxation Compliance

    • Q14.A Have you got systems to register and file your taxes according to the legal deadlines and procedures?*
    • Q14.B Do you have a strategy to mitigate the risk of tax fraud including cybersecurity measures to protect financial data?*
    • Q14.C How has each department communicated the importance of adhering to tax laws and regulations?*

    • Q15: Operational Compliance and Process Management 

    • Q15.A Have you prepared the necessary documentation and systems for audit compliance in all business operations?*
    • Q15.B In your business operations, do you have a process to vet and update vendors to ensure continued compliance?*
    • Q15.C Have any new technological or operational changes in your business prompted a review of compliance within that area?*

    • Q16: Risk Management and Insurance Compliance

    • Q16.A Are you consistent in managing and reviewing your business risk, and have you enlisted an experienced professional to aid in this?*
    • Q16.B Have you updated your business insurance policies to mitigate new risks identified through changes or expansions to your business?*
    • Q16.C What processes have you implemented to ensure insurance compliance and that all areas of the business are covered by policy?*

    • Q17: Employee Management and HR Policies 

    • Q17.A Have you conducted a wage and hour audit to ensure employees are being compensated and work under appropriate conditions as per law?*
    • Q17.B Are your data protection and privacy policies transparent and compliant with legal requirements and best practices?*
    • Q17.C What training or resources do you provide to assist your HR department in compliance knowledge and application?*

    • Q18: Supply Chain and Manufacturing

    • Q18.A Do you have a process to ensure that all suppliers and manufacturers meet the standards outlined in your compliance framework?*
    • Q18.B Have you reviewed your supply chain in the context of the corporate responsibility requirements and taken appropriate actions?*
    • Q18.C How are you ensuring that new regulations and standards are comprehensively communicated and implemented across your supply chain?*

    • Q19: Marketing Practices and Compliance 

    • Q19.A Are you monitoring changes to marketing regulations and laws that could impact your industry and specific channels?*
    • Q19.B How do you ensure that all marketing activities, including those conducted by third parties, comply with FTC (Federal Trade Commission) guidelines?*
    • Q19.C In what ways are you actively preventing deceptive marketing practices or misrepresentation of your business or its products/services?*

    • Q20: Contractual and Legal Obligations

    • Q20.A Do you have a process to regularly update and communicate changes to contracts and legal agreements to all relevant parties?*
    • Q20.B How do you ensure that contract-related obligations are met, and is there a system for recording and reporting on this?*
    • Q20.C Are employees who deal with contracts trained in the legal and compliance parameters to recognize and amend non-compliant terms?*

    • Q21: Health and Safety Compliance

    • Q21.A Can you demonstrate compliance with all OSHA (Occupational Safety and Health Administration) safety requirements applicable to your business?*
    • Q21.B What strategies and measures have you implemented to continually improve health and safety standards in your workplace?*
    • Q21.C Do you have a system for traceability and recall of products in the market to ensure that they are compliant with health and safety laws?*

    • Q22: Intellectual Property Rights and Protection

    • Q22.A What is your strategy to continuously monitor and protect your intellectual property rights and address infringement?*
    • Q22.B Are you educating employees about patent, trademark, and copyright and the importance of complying with IP laws?*
    • Q22.C How do you handle global patent and trademark filing requirements, which may differ widely across jurisdictions?*

    • Q23: Cybersecurity and Data Protection

    • Q23.A What measures have you implemented to secure your digital assets and protect them from cyber threats and data breaches?*
    • Q23.B How often are these measures tested and reviewed by an independent entity or internal audit?*
    • Q23.C Do you have a data breach response plan in place?*

    • Q24: Environmental and Sustainability Compliance

    • Q24.A How do you stay informed on changes in environmental regulations and ensure compliance with them?*
    • Q24.B Are your corporate sustainability and environmental policies aligned with industry best practices and regulations?*
    • Q24.C Do you conduct regular environmental impact assessments of your operations and take corrective action where necessary?*

    • Q25: Standard of QA Required

    • Q25.A Do you need QA for everyday client's satisfaction?*
    • Q25.B Do you submit tenders or work on contracts that require you to present a standard of QA?*
    • Q25.C Do you want to be able to tender/undertake contracts that require ISO Certification or ISO Ready Standards?*
    • Q25.D Do you realise there is a significant effort & time cost increase to become ISO Certified as against ISO Ready standard both initially & ongoing?*
    • Q25.E Have you undertaken ISO standards program before & do you know how time consuming it is?*
    • Q25.F Would you consider either doing it yourself or having an external party do the vast majority of it for you?*
    • Cyber Security 
    • Image field 221
    • C1.A Is the businesses software up to date, across all devices?*
    • C1.B Is there a continuing procedure within the company that ensures strong, unique passwords for each login?*
    • C1.C Is there a regular back up all data, and is it stored safely?*
    • C1.D Has the company disabled Wi-Fi sense and automatic connections to public networks on all internal devices and requested such for workers using laptops at home when entering the companies network?*
    • C1.E Is there a procedure in place for all workers to pre verify the links and attachments they interact with, especially those from unknown sources?*

    • C2: Digital Footprint: What Are You Allowing Out There?

    • C2.A Do the company check which apps workers have access to the company's information, and is there a procedure to limit unnecessary access?*
    • C2.B Does the company issue to workers a policy & procedure as to social media privacy settings to control who sees content and information?*
    • C2.C Is there a policy & procedure issued to workers on what to post or confirm online, knowing it could be used for identity theft?*

    • C3: Email Security

    • C3.A Does the company use encrypted email services for financial and sensitive communications?*
    • C3.B Are all workers trained for the common signs of phishing attempts, such as unexpected requests for company or personal information for Managers/Owners or other personnel or suspicious links?*
    • C3.C Is the company using email filtering to reduce the number of phishing attempts that reach their inboxes?*
    • C3.D Has the company set up email scanning services that check for malware and suspicious content?*

    • C4: Training and Awareness

    • C4.A Do the company invest in regular cybersecurity training and awareness programs for the team?*
    • C4.B Have all workers be clearly advised that unsanctioned software installations can pose serious threats to our organisation?*
    • C4.C Are all employees familiar with the GDPR and our organisation’s compliance requirements?*
    • C4.D Is there an incident response plan in place in case of a data breach or cyber-attack?*

    • C5: IT and Mobile Devices

    • C5.A Does the company check and enforce that all workers must use strong, unique passwords for IoT devices and changing default passwords?*
    • C5.B Are all mobile devices equipped with the latest security upgrades and have anti-malware software installed?*

    • C6: Secure Remote Access

    • C6.A Have I instructed my team to avoid using public Wi-Fi networks for company tasks, if possible?*
    • C6.B Is there a procedure of enforced strong, rotating passwords for accounts that allow remote access to critical systems?*
    • C6.C Is there a BYOD (Bring Your Own Device) policy that emphasizes the importance of securing personal devices used for work?*

    • C7: Policies and Procedures

    • C7.A Is there a robust cybersecurity policy in place, and are they regularly reviewed and updated?*
    • C7.B Has the company communicated these policies effectively with the team, and do they understand why they’re important?*
    • C7.C Has the company set up a system that enforces certain cybersecurity behaviours and practices within the organisation?*

    • C8: Incident Response

    • C8.A Does everyone have a clear understanding of the most common cybersecurity threats and how to mitigate them?*
    • C8.B Does the company make everyone aware of the latest cybersecurity developments and malware trends?*
    • C8.C Is there a dedicated response team or individual in charge of dealing with cyber incidents?*
    • C8.D Is there established clear communication channels with internal staff and external stakeholders during a cyber incident?*

    • C9: Legal Compliance

    • C9.A Are the company owners/managers up-to-speed with all the legal requirements and regulations pertaining to cybersecurity?*
    • C9.B Is there a policy and has it been issued to all in regard to understanding of the legal implications of a data breach?*
    • C9.C Has the company in the last 12 months performed a cybersecurity risk analysis to ensure the measures are aligned with legal expectations?*
    • C9.D Does our privacy policies and terms of service clearly communicate how we handle customer data and their rights?*
    • C9.E Has there been any known Cyber-attacks in the past 12 months?*
    • Environmental 
    • Image field 268

    • E1: Environmental Policy

    • E1.A Does this reflect how the organisation feels about the environment?*
    • E1.B Does this identify environmental impacts of processes and products?*
    • E1.C Does this ensure compliance with environmental requirements?*
    • E1.D Does this commit the organisation to prevent pollution, reduce environmental risks, and share information with external stakeholders?*

    • E2: Environmental Requirements and Voluntary Initiatives

    • E2.A Do employees understand their roles in meeting environmental requirements?*
    • E2.B Does this identify management and manufacturing practices that affect the organisation's ability to meet requirements?*
    • E2.C Does this identify and work with programs that encourage preventing pollution?*

    • E3: Objectives/Targets

    • E3.A Has the organisation set these environmental objectives: compliance with requirements, continuous improvement, and pollution prevention?*
    • E3.B Are the objectives specific to the organisation?*
    • E3.C Have timeframes been set to meet the objectives?*
    • E3.D Are objectives updated as environmental requirements evolve?*

    • E4: Structure, Responsibility and Resources

    • E4.A Does the organisation have the personnel and resources needed to meet objectives?*
    • E4.B Are managers held responsible for the environmental performance of their unit?*
    • E4.C Have procedures been developed for attaining objectives?*

    • E5: Operational Control

    • E5.A Has a procedure been established to ensure the proper waste management hierarchy is followed?*
    • E5.B Have simple procedures been developed to measure and report environmental impacts of processes and products?*

    • E6: Corrective and Preventive Action and Emergency Procedures

    • E6.A Are procedures documented for identifying, correcting and preventing mistakes?*
    • E6.B Have emergency procedures been developed to minimise or eliminate adverse environmental impacts associated with accidents or emergencies?*
    • E6.C Are causes of potential hazards being corrected to prevent pollution?*

    • E7: Training, Awareness and Competence

    • E7.A Are staff whose roles affect meeting objectives being trained and verified as capable of carrying out their required duties?*
    • E7.B Do mandatory trainings include detailed pollution prevention methods?*

    • E8: Organisational Decision-making and Planning

    • E8.A Is life-cycle analysis being used to identify the environmental impact of products?*
    • E8.B Are all employees empowered to make pollution prevention improvements that don't require significant resources?*

    • E9: Document Control

    • E9.A Are steps being documented for future evaluation of meeting objectives?*
    • E9.B Is electronic documentation being used to improve record management?*
    • E9.C Are all pollution prevention suggestions being documented?*

    • E10: Continuous Evaluation and Improvement

    • E10.A Do you conduct and document periodic objective-based audits of the organisation's performance?*
    • E10.B Are audits used to assess pollution prevention efforts?*
    • Psychosocial 
    • Image field 317

    • P1: Relevant Trends

    • P1.A Are there any indications when looking at employee sick leave, with or without certificates, which show relevant trends?*

    • P2: Sick Leave

    • P2.A Are there any branches, departments, roles or positions that are showing higher levels of sick leave compared with others?*

    • P3: Absenteeism Rate

    • P3.A Is your absenteeism rate above 3.3% per month average?*

    • P4: Staff Turnover

    • P4.A Is there higher than average turnover of staff?  (The average employee turnover for the 12 months to the end of April 2024 was reported at above 9.5%)*

    • P5: Records

    • P5.A Are there work schedule records that reflect overtime usage, overwork, excessive leave accumulation or other relevant leave information?*

    • P6: Employee Assistance Program

    • P6.A Do you have an Employee Assistance Program for when they may need assistance for mental health issues?*

    • P7: Compensation

    • P7.A Are there cases of workers’ compensation for psychological injuries (e.g. post-traumatic stress disorder, anxiety and/or depression) in the last year?*

    • P8: Return to Work Period

    • P8.A Is your average period for return to work for psychological injury longer than 3 months?*

    • P9: Worker Culture

    • P9.A Is the worker culture that makes it difficult to ask other team members for help?*

    • P10: Communication

    • P10.A Does the company have a regular communication to workers in regards psychological health and that it is ok to discuss with a nominated person to discuss their issues in strict confidence?*

    • P11: Management

    • P11.A Is the company management equipped well enough to understand, monitor & health with worker psychological issues?*

    • P12: External Program and Support

    • P12.A Would an external program and support be more accepted within the management & workers of the company?*
    • Return to Work 
    • Image field 350

    • R1: Program Requirements

    • R1.A Is the program developed in consultation with workers and their industrial union? Does it align with the insurer's injury management program? Is it accessible and communicated to all workers? Is it reviewed at least every two years?*

    • R2: Program Guidelines

    • R2.A Does the program comply with the relevant State Insurance Regulatory Authority (SIRA) Guidelines for workplace return to work programs?*

    • R3: Worker Rights and Obligations

    • R3.A Does the program detail how workers' rights and obligations will be communicated to them?*

    • R4: Worker Notification

    • R4.A Does the program require workers to notify their employer as soon as possible after a work-related injury?*

    • R5: Injury Management Plan

    • R5.A Does the program require workers to participate and cooperate in establishing an injury management plan?*

    • R6: Treating Doctor

    • R6.A Does the program allow workers to authorize their nominated treating doctor to provide relevant information to their insurer or employer?*

    • R7: Recovery at Work

    • R7.A Does the program require workers to make all reasonable efforts to recover at work?*

    • R8: Workplace Culture

    • R8.A Does the workplace culture support workers recovering through work?*

    • R9: Resolution Plan

    • R9.A Does the program have a disagreement of Plan Resolution process?*

    • R10: RTW Co-Ordinator

    • R10.A Does the business have a qualified RTW Co-Ordinator?*

    • R11: RTW Program

    • R11.A If so are they allowed by the Employer to be independent in conducting the RTW Program?*

    • This information will now proceed to Stage 2 for a specialised analyst review, after which a senior practitioner will develop a recommendation report to mitigate the risk.

    • Should be Empty: