ISO 37301:2021 — Building and Maintaining a Culture of Compliance

Article written by Albana Iseni

Share on facebook
Share on twitter
Share on linkedin

In a world of global business activity, following requirements and complying with applicable laws is becoming an increasingly complex endeavour. The demand on business enterprises to behave in step with the law is increasing. In this light, stakeholders are more aware of the regulations and their requirements, and expect organizations to ensure compliance along the entire value chain. 

The increased regulatory density and the crisis to maintain a good reputation in the marketplace have alerted organizations to compliance issues. In the past, many companies have focused their compliance management system (CMS) solely on individual goals and risk avoidance strategies. However, with the publication of ISO 19600:2014, organizations have been able to follow and maintain a uniform standard for the first time. 

ISO 37301:2021 – A certifiable standard

In April 2021, ISO 37301 got published and replaced its predecessor ISO 19600:2014 which has been long considered as a recommendation for implementing a CMS. On the other side, ISO 37301 is a Type A management system standard that sets out the requirements and provides guidelines for establishing, developing, implementing, evaluating, maintaining, and continually improving a compliance management system (CMS), and is therefore certifiable. 

Besides the opportunity to get certified against it, the holistic approach of ISO 37301:2021 across all sectors regardless of the organization’s size, nature, and complexity, is one of the main advantages of this standard. Furthermore, apart from providing the necessary information regarding the implementation of a CMS, the new standard specifies the requirements for the certification of a CMS, which goes beyond the guidelines provided in ISO 19600:2014.  

Individuals certified against ISO 37301:2021 will be able to help organizations in establishing a compliance management system, satisfy international legal norms, and maintain a good organizational reputation in the market, amongst others. 

Who is responsible for compliance?

A crucial element for the proper functioning and success of a compliance management system is how practice-oriented, efficiently, and sustainably is the system built and designed. Therefore, compliance should be implemented, understood, and truly exemplified at all levels of the organization. In this way, employees will be able to properly understand the objectives and align their daily actions to them.

As stated in the ISO 37301 standard, corporate management plays a special role when it comes to organizational compliance. In this regard, the management determines whether the organization is set up as required and in accordance with the laws and regulations applicable. In addition, it is the responsibility of the management to define the organizational objectives, goals, and make sure that the personnel have the necessary resources to develop and implement the compliance management system. 

To make sure that the employees are aware of the procedures that should be followed within the organization, the management is responsible for establishing internal rules such as guidelines for action, process definitions, or codes of conduct. In this regard, an ISO 37301:2021 certification would be an important asset for everyone involved in the organization, it would help them understand processes and be prepared to take any action to ensure compliance. 

Therefore, all the necessary procedures that should be followed, from establishing to maintaining a compliance management system, are integrated and provided into the ISO 37301:2021 standard. Following the requirements of the standard, together with external laws and regulations, the organization will be less exposed to potential violations. 

What are the benefits of the ISO 37301:2021 certification?

The ISO 37301 certification is a confirmation that the organization works transparently, reliably, and in compliance with relevant laws and regulations. In addition, for organizations aiming international markets, this would be a competitive advantage. 

Amongst other benefits, individuals certified against ISO 37301:2021 would be able to help their organizations in: 

  • Developing a culture of compliance
  • Addressing and overcoming compliance issues
  • Protecting the organization’s reputation
  • Preventing and detecting unethical conduct
  • Improving the organization’s sustainability
  • Building customer trust and loyalty

How can Crest Advisory Africa help you?

Crest Advisory Africa, through PECB, offers training courses and certification services which represent recognition of an individual’s professional capabilities in their respective fields.

By attending one of our ISO 37301:2021 Compliance Management System training courses, you have the opportunity to advance your knowledge and skills in order to help organizations meet their compliance obligations. 

For more information, please contact us at info@crestadvisoryafrica.com.  

About the Author

Albana Iseni is a Product Marketing Manager for GRC and Privacy at PECB. She is in charge of conducting market research while developing and providing information related to ISO standards.

Leave a Reply

Your email address will not be published. Required fields are marked *

Testimonals
Crest Advisory Africa Logo
PECB Platinum Partner
The Institute of Risk Management South Africa
Services SETA