< Back

ISO 37301 COMPLIANCE MANAGEMENT SYSTEM (CMS)

What is ISO 37301?
ISO 37301 is a Type A management system standard which sets out the requirements and provides guidelines for establishing, developing, implementing, evaluating, maintaining, and continually improving a compliance management system (CMS). A CMS provides organizations a structured approach to meet all compliance obligations, i.e., requirements that they mandatorily have to comply with such as laws, regulations, court rulings, permits, licenses, as well as those that they voluntarily choose to comply with such as internal policies and procedures, codes of conduct, standards, and agreements with communities or NGOs.

ISO 37301 can be applied to all organizations, regardless of their size, nature, or complexity of activity. CMS is based upon the principles of integrity, good governance, proportionality, transparency, accountability, and sustainability.

As with the most of management system standards, ISO 37301 also follows the high-level structure (HLS) developed by ISO. The HLS structure defines the common terminology and definitions used, as well as the clause sequence (1 to 10), where the requirements for the CMS are set out in clauses 4 to 10. The HLS enables organizations to integrate various management systems, meaning that organizations can either adopt a CMS as a stand-alone management system or they can integrate it with other existing management systems.

Didn’t ISO already publish a standard on compliance management systems?
Yes, in 2014, ISO 19600 Compliance management systems — Guidelines was published. The main difference between these two standards is that organizations can get certified against ISO 37301 by undergoing a conformity assessment via an independent third party. Nevertheless, ISO 37301 builds and expands upon its predecessor (ISO 19600), and organizations that established a CMS based on the guidelines of ISO 19600 already have a head start in complying with the requirements of ISO 37301.

Why is ISO 37301 important for organizations?
For organizations seeking growth and long-term success, consistently adhering to compliance obligations is a must, not an option. A CMS based on the requirements and guidance of ISO 37301 equips organizations with a set of tools (policies, processes, and controls) that allows them to establish and maintain a culture of compliance.

Organizations with a CMS based on ISO 37301 commit to sound norms of corporate governance, good practices, and ethical conduct. However, the CMS cannot completely eliminate the risk of noncompliance. In this regard, ISO 37301’s requirements and guidance improve the organization’s ability to identify and respond to noncompliance. In some jurisdictions, the existence of a CMS can be an indicator of the organization’s due diligence and commitment to compliance which may be useful in limiting legal liability and lowering penalties for contraventions of relevant laws.

ISO 37301 includes requirements that address competence, communication, and awareness. By complying with these requirements, organizations ensure that the vision of the top management is translated and embedded into the conduct of managers and employees. ISO 37301 also requires and encourages the establishment of concise and effective policies, procedures, and controls which set organizations on a path toward a compliance culture and high ethical and integrity standards.

ISO 37301 outlines the quest toward compliance, which begins with setting the tone at the top of the organization. The commitment toward a good compliance culture is articulated by the organization’s governing body and top management through a compliance policy and the setting of compliance objectives at various levels. In addition, the governing body and top management are also required to show leadership and commitment by providing the necessary resources, establishing a compliance function, defining the roles and responsibilities and so on. Above all, the governing body and top management should actively and visibly demonstrate their commitment to the CMS through their actions and decisions.

Why should you pursue a certification in ISO 37301?
Internationally recognized, ISO certifications represent peer recognition of an individual’s professional capabilities to contribute in an organization’s CMS, as an auditor, implementer, or CMS implementation team member. By attending one of our ISO 37301 training courses, you have the opportunity to develop your competence in order to help organizations meet their compliance obligations.

ISO 37301 Introduction training course is appropriate for professionals who want to have a brief and general understanding of ISO 37301 requirements for a CMS
ISO 37301 Transition training course is appropriate for professionals who are already acquainted with ISO 19600 and want to update their knowledge.
ISO 37301 Foundation training course is appropriate for entry-level professionals and members of a compliance team. This two-day training course familiarizes you with ISO 37301 requirements and guidance for a compliance management system.
ISO 37301 Lead Implementer is a five-day training course that allows you to acquire the necessary knowledge and skills to implement a CMS in an organization, based on the requirements and guidance of ISO 37301.

ISO 37301 Lead Auditor is also a five-day training course which aims to improve your professional capabilities to audit a CMS based on ISO 37301, in compliance with the guidelines for auditing management systems provided in ISO 19011 and the certification process described in ISO/IEC 17021-1.
Benefits of implementing ISO 37301 in an organization
By implementing a CMS based on ISO 37301, organizations will be able to:

Undergo a formal third-party conformity assessment for their CMS
Develop a positive culture of compliance
Quickly and effectively address compliance concerns
Protect their reputation and safeguard their integrity by preventing and detecting unethical conduct
Improve business opportunities and sustainability
Carefully consider requirements and expectations of internal and external interested parties
Develop strong and valuable relationships with regulators
Increase the confidence of third parties in the organization’s capacity to achieve sustained success
Build customer trust and loyalty
How do I get started with ISO 37301 training courses?
Considering the rapid development of industries and global market competition, being an ISO 37301 certified professional gives you the opportunity to help your organization continuously meet compliance obligations.

Our experts are willing to assist you in the process of obtaining an ISO 37301 credential and developing your career skills.

Contact us to begin with the first step
https://forms.wix.com/dc28a387-c5fb-4950-b171-841ffcde0e1a:cdd4bfa3-1c72-41f3-9bcf-35590e335827

PECB Certified ISO 37301 Training Courses Available
Enhance your knowledge and advance your career by participating in our ISO 37301 training courses.
Check the training courses below and find the one that suits you best.



ISO 37301 Introduction
Why should you attend?
ISO 37301 Introduction training course introduces you to the basic concepts of compliance and ISO 37301 requirements for a compliance management system (CMS). Moreover, this training course shows the importance of a CMS and the benefits resulting from its implementation.

Who should attend?
Managers, consultants, and compliance officers wishing to get introduced to ISO 37301 requirements for a CMS
Individuals wishing to contribute in maintaining organizational integrity by supporting ethical behavior
Managers and members of governance, risk management, and compliance teams
Individuals aspiring to become compliance officers or compliance management consultants
Learning objectives
This training course will help you:

Develop an overall understanding of the compliance concepts
Have a general understanding of the ISO 37301 requirements for a compliance management system (CMS)
Educational Approach
This training course is participant centered and contains:

Essay-type exercises and multiple-choice quizzes
Interaction between participants by means of questions and suggestions
Prerequisites
There are no prerequisites to participate in this training course.

ISO 37301 Foundation
Why should you attend?
The Certified ISO 37301 Foundation training course presents the basic concepts of compliance and the requirements of ISO 37301 for a compliance management system (CMS). In this training course, you will learn about the various aspects of a CMS, including the compliance policy, compliance culture, compliance risk assessment, operational controls, performance measurements, leadership and commitment, internal audit, management review, and continual improvement.

After completing the training course, you can sit for the exam. If you successfully pass the exam, you can apply for the “Certified ISO 37301 Foundation” credential. An internationally recognized “ ISO 37301 Foundation” certificate demonstrates that you have the necessary professional capabilities to be part of an ISO 37301 CMS implementation project.

Who should attend?
The ISO 37301 Foundation training course is intended for:

Managers and consultants seeking knowledge about the basic concepts of a CMS
Compliance officers and members of compliance teams who want to get acquainted with ISO 37301’s requirements
Individuals wishing to contribute in maintaining the organizational integrity by supporting ethical behavior
Managers and members of governance, risk management, and compliance teams
Individuals wishing to pursue a career as a compliance officer
Learning objectives
By participating in this training course, you will:

Understand the basic compliance management concepts, definitions, and approaches
Get acquainted with the ISO 37301 requirements for a compliance management system
Develop a general understanding of how an organization can meet the requirements of ISO 37301
Educational approach
The training course is participant centered and contains:

Lecture sessions illustrated with graphics, examples, and discussions
Interactions between participants by means of questions and suggestions
Quizzes with similar structure to the certification exam
Prerequisites
There are no prerequisites to participate in this training course.

ISO 37301 Lead Implementer
Why should you attend?
The benefits of implementing a compliance management system (CMS) based on ISO 37301 are manifold: helping the organization avoid or mitigate the costs, risks, and damage of noncompliance, ensuring the long-term sustainability of the organization, promoting trust and confidence, encouraging good governance practices, due diligence, and ethically sound business dealings, etc.

The ISO 37301 Lead Implementer training course provides the knowledge needed to establish, implement, manage, maintain, and continually improve a CMS. It aims to provide an in-depth understanding of ISO 37301 requirements, as well as the best practices and approaches used for the implementation and subsequent maintenance of the compliance management system.

The training course enables you to help organizations establish processes needed to adhere to all compliance obligations and establish controls that proactively prevent noncompliance and contribute to the creation of a culture of integrity, transparency, and openness.

The training course is followed by the certification exam. If you pass, you can apply for the “PECB Certified ISO 37301 Lead Implementer” credential. The “ ISO 37301 Lead Implementer” certificate is internationally recognized. It validates your professional capabilities and competences to implement a CMS in an organization based on the requirements of ISO 37301.

Who should attend?
Managers, consultants, and compliance officers wishing to develop a thorough understanding of ISO 37301 requirements for a compliance management system
Managers and consultants seeking a comprehensive CMS implementation framework
Compliance officers responsible for practicing due diligence with regard to compliance risks
Individuals wishing to contribute in maintaining organizational integrity by supporting ethical behavior
Managers and members of governance, risk management, and compliance teams
Individuals aspiring to become compliance officers or compliance management consultants
Learning objectives
This training course will help you:

Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of a CMS
Acknowledge the correlation between ISO 37301 and other standards and regulatory frameworks
Gain the ability to interpret the requirements of ISO 37301 in the specific context of an organization
Develop the necessary knowledge and expertise to support an organization in effectively planning, implementing, managing, monitoring, and maintaining a CMS
Acquire the expertise to advise an organization in implementing CMS best practices
Educational approach
This training course is participant centered and contains:

Theories, approaches, and best practices used in compliance management system implementation
Lecture sessions illustrated with practical examples based on a case study that includes role-playing and discussions
Interaction between participants by means of questions and suggestions
Quizzes with stand-alone questions and scenario-based questions, which are a simulation and preview of the certification exam
Prerequisites
The main requirements for participating in this training course are a basic knowledge of ISO management system standards, as well as a general understanding of ISO 37301 (or ISO 19600 guidelines) and the MS implementation principles.


ISO 37301 Lead Auditor
Why should you attend?
The Certified ISO 37301 Lead Auditor training course enables you to develop the necessary competence to perform compliance management system (CMS) audits by applying widely recognized audit principles, procedures, and techniques.

Many organizations seek competent auditors to determine whether their policies, procedures, and controls adhere to ISO 37301 requirements. This training course aims to help you complete these tasks successfully and intends to reflect the importance of effective CMS audits. In addition, this training course aims to strengthen your knowledge and skills to plan and carry out CMS audits based on the guidelines for auditing management systems provided in ISO 19011 and the certification process described in ISO/IEC 17021-1.

This training course can potentially qualify you to conduct audits on behalf of conformity assessment bodies.

The exercises, quizzes, and case studies provided in this training course are designed to help you practice the most important aspects of a CMS audit: ISO 37301 requirements, auditing principles, tools and techniques used to obtain evidence, leading a team of auditors, conducting interviews with auditee, reviewing documented information, drafting nonconformity reports, and preparing the final audit report.

After successfully completing the training course, you can sit for the exam which is designed to measure your knowledge and skills regarding CMS audits. If you successfully pass the exam, you can apply for the “PECB Certified ISO 37301 Lead Auditor” credential. An internationally recognized “PECB ISO 37301 Lead Auditor” certificate validates your professional capabilities and demonstrates that you have the knowledge and skills to audit a CMS based on ISO 37301.

Who should attend?
The ISO 37301 Lead Auditor training course is intended for:

Auditors seeking to perform and lead CMS audits
Managers or consultants seeking to master the CMS audit process
Individuals responsible for maintaining conformity to ISO 37301 requirements in an organization
Technical experts seeking to prepare for a CMS audit
Expert advisors and compliance officers
Learning objectives
This training course enables you to:

Understand the main concepts of a compliance management system (CMS) and its processes based on ISO 37301
Acknowledge the relationship between ISO 37301 and other standards and regulatory frameworks
Understand the auditor’s role in planning, leading, and following up on a CMS audit in accordance with ISO 19011
Interpret the requirements of ISO 37301 in the context of a CMS audit
Plan an audit, lead a team of auditors, draft nonconformity reports, and follow up on an audit
Act with due professional care during an audit
Educational approach
This training course is participant centered and contains:

Theories, approaches, and best practices used in ISO management system audits
Lecture sessions illustrated with examples based on case studies that were inspired by real events
Practical exercises based on a case study which includes role-playing and discussions
Interaction between participants by means of questions and suggestions
Quizzes with stand-alone questions and scenario-based questions, tailored to prepare the participants for the certification exam
Prerequisites
A fundamental understanding of ISO 37301 requirements (or ISO 19600 guidelines) for a CMS and a comprehensive knowledge of audit principles.





ISO 37301 COMPLIANCE MANAGEMENT SYSTEM (CMS)