The regulatory landscape is constantly changing and organizations need systems in place to ensure they keep up. But complying with laws and regulations can be so much more than just ticking a box: it can be the result of a deeply entrenched culture of integrity and good ethics. All of which is a recipe for business success. A compliance management system is a way of getting there and a new standard has just been published to help.
ISO 37301, Compliance management systems – Requirements with guidance for use, provides everything an organization needs to know to develop, implement, maintain and improve an effective compliance management system. It replaces ISO 19600:2014, Compliance management systems — Guidelines.
Howard Shaw, Chair of the ISO technical committee that developed the standard, said compliance is not just about avoiding fines and should not be limited to one department. It is everyone’s affair.
“Organizations want to work and collaborate with companies they can trust,” he said.
“And trust is built on a company culture of doing the right thing, where every employee contributes because they understand and believe in the importance of it. Central to this is good leadership and clear values, which have to come from the top.”
In this way, ISO 37301 recommends the involvement of senior management and advocates compliance as a principle of good governance. It also recommends integrating compliance management right across the organization, to be embedded in its financial, risk, quality, environmental and health and safety management processes as well as its operational requirements and procedures.
The benefits of implementing ISO 37301 are expected to include not only a reduced risk of fines due to non-compliance, but enhanced reputation and credibility, providing greater confidence to clients and other stakeholders and increased business opportunities.
The standard can also be integrated into an organization’s other management systems, such as ISO 37001 for anti-bribery or ISO 9001 for quality, thus increasing efficiencies, effectiveness and productivity.
ISO 37301 was developed by ISO technical committee ISO/TC 309, Governance of organizations, whose secretariat is held by BSI, ISO’s member for the UK. It can be purchased from your national ISO member or from the ISO Store.