How to Get Help for Authority Standards Network

Compliance obligations rarely announce themselves clearly. An organization may operate for years under the assumption that its practices meet applicable standards, only to discover during an audit, a contract negotiation, or a regulatory review that significant gaps exist. Knowing where to turn — and what kind of help to seek — is not always obvious. This page explains how to identify when professional guidance is warranted, what kinds of expertise apply to compliance and standards questions, and how to evaluate the credibility of the sources you consult.

Recognizing When You Need More Than Information

There is a meaningful difference between gathering information about compliance requirements and actually determining whether your organization meets them. Reference material — including what is published here — can explain what a standard requires, how a framework is structured, or what a regulation covers. It cannot assess your specific situation, apply judgment to ambiguous facts, or tell you whether a particular practice is defensible in front of a regulator.

Several situations signal that it is time to move beyond general research:

When your organization has received a notice of violation, citation, or inquiry from a regulatory agency, the response requires legal and compliance expertise, not general reading. The same applies when you are preparing for a formal audit, entering a regulated industry for the first time, or assuming responsibility for a compliance function you did not set up yourself.

If your organization has experienced a data breach, a workplace safety incident, a billing irregularity, or a reportable event under applicable law, the window for appropriate response is often short and consequential. Consulting a qualified professional early reduces risk and preserves options.

For organizations working through a compliance gap analysis or building out the elements of a compliance program from the ground up, external expertise helps ensure that internal assessments are accurate and that remediation priorities reflect actual regulatory exposure, not assumptions.

Types of Qualified Professionals in This Space

Compliance is an interdisciplinary field. Depending on the nature of your question, you may need one or more of the following:

Attorneys with regulatory practice experience. Legal counsel is essential when compliance questions carry legal liability, when regulatory agencies are involved, or when the interpretation of a statute or rule is genuinely contested. Attorneys who specialize in administrative law, healthcare law, environmental law, or financial regulation bring knowledge of enforcement patterns and agency practice that general counsel often does not.

Certified compliance professionals. The Society of Corporate Compliance and Ethics (SCCE) administers the Certified Compliance and Ethics Professional (CCEP) credential. The Health Care Compliance Association (HCCA) offers the Certified in Healthcare Compliance (CHC) credential. These designations indicate formal training in compliance program development, risk management, and regulatory interpretation. When hiring consultants or evaluating internal staff, these credentials are meaningful indicators of baseline competence.

Auditors and assurance professionals. For organizations subject to financial reporting obligations, the American Institute of Certified Public Accountants (AICPA) establishes auditing standards that govern how financial compliance is assessed. Internal audit functions are often guided by standards from the Institute of Internal Auditors (IIA), which publishes the International Standards for the Professional Practice of Internal Auditing. These standards matter when evaluating whether your compliance audit standards align with recognized frameworks.

Industry-specific specialists. Compliance in healthcare, financial services, environmental management, and workplace safety involves sector-specific regulatory knowledge that general compliance professionals may not possess. Healthcare compliance standards, for example, require familiarity with the Office of Inspector General (OIG) guidance documents, the False Claims Act, and CMS conditions of participation — a body of knowledge distinct from what governs financial compliance standards or data privacy compliance standards.

Common Barriers to Getting Effective Help

Organizations often delay seeking qualified guidance for reasons that are understandable but costly in retrospect.

Cost concerns lead some organizations to rely on internal resources that lack the expertise the situation requires, or to defer action until a problem becomes significantly more expensive to address. In regulated industries, the cost of a compliance failure — including penalties, remediation, and reputational damage — typically exceeds the cost of prevention by a substantial margin. The compliance penalties and consequences associated with OSHA violations, HIPAA breaches, or SEC enforcement actions are matters of public record and provide useful context for weighing the cost of professional guidance against the cost of noncompliance.

Uncertainty about who to call is common in smaller organizations that have not previously engaged compliance professionals. Starting with a professional association — the SCCE, HCCA, or a relevant industry group — can help identify practitioners with specific credentials or sector experience.

Overconfidence in informal interpretation is a frequent problem. Compliance standards are often more technical and context-dependent than they appear. The regulatory compliance vs. voluntary standards distinction, for example, has real consequences for enforcement exposure that are not always obvious from reading a standard's text alone.

What to Ask When Evaluating a Compliance Resource or Advisor

Not all consultants, attorneys, or published resources carry equal weight. When evaluating a source of compliance guidance, consider the following questions:

What credentials does the individual hold, and are those credentials current? The CCEP, CHC, and similar designations require continuing education and periodic recertification. A lapsed credential is not the same as an active one.

Does the advisor have direct experience with the specific regulatory body or framework relevant to your situation? General compliance knowledge does not substitute for familiarity with how a particular agency enforces its rules, how it interprets ambiguous provisions, or what it looks for in an investigation.

Is the guidance based on the current version of applicable rules? Regulations change. Compliance training standards that were accurate two years ago may not reflect recent agency guidance or rule amendments. Any advisor worth consulting should be able to cite the specific regulatory text, guidance document, or standard version their advice is based on.

Does the resource distinguish between what the law requires and what represents best practice? This distinction matters. Some compliance frameworks — particularly voluntary standards like ISO 37301 (Compliance Management Systems) or elements of the U.S. Sentencing Guidelines' criteria for effective compliance programs — describe practices that are not legally mandated but that regulators use as benchmarks when evaluating organizational culpability.

How This Site Fits Into Your Research

The Authority Standards Network publishes reference material intended to help compliance professionals, organizational leaders, and individuals understand the structure and substance of compliance obligations across regulated industries. The compliance standards overview provides a foundation for understanding how standards are categorized and applied. Pages covering compliance roles and responsibilities, compliance risk assessment standards, and ethics and compliance standards address specific dimensions of program design and governance.

This site does not provide legal advice and does not establish a professional relationship of any kind with readers. The material here is a starting point — a way to understand the landscape well enough to ask better questions, identify the right professionals, and evaluate the guidance you receive.

If you are a compliance professional, provider, or consultant seeking information about contributing to or working with this network, the for providers page explains that process separately.

For direct assistance navigating the resources available on this site, the get help page provides additional guidance on how to use this network effectively.

Key External References

**Society of Corporate Compliance and Ethics (SCCE):** Administers the CCEP credential and publishes guidance on compliance program design. [corporatecompliance.org](https://www.corporatecompliance.org)
**Health Care Compliance Association (HCCA):** Administers the CHC credential and publishes sector-specific healthcare compliance resources. [hcca-info.org](https://www.hcca-info.org)
**Institute of Internal Auditors (IIA):** Establishes the International Standards for the Professional Practice of Internal Auditing, widely used as a benchmark for internal compliance audit functions. [theiia.org](https://www.theiia.org)

📜 1 regulatory citation referenced · 🔍 Monitored by ANA Regulatory Watch · View update log