For certifiable compliance management systems
DIN ISO 37301
With DIN ISO 37301, an international type A standard is currently being developed as a standard with which companies can have their compliance management system certified in the future. We expect ISO 37301 to have the same significance for companies as the EU General Data Protection Regulation that came into force in 2018. The practical relevance of the new standard is particularly important. ISO 37301 defines guidelines for compliance management systems and recommended practices in the future. It is intended to support an organization in improving the general management of its compliance obligations.
DIN ISO 37301 – certifiable and relevant to practice
DIN ISO 37301 describes the requirements for organizations of all sizes and industries for the installation of an effective compliance management system. Accordingly, an effective compliance management system must be feasible and viable at all levels of an organization. In the previous draft it says:
“Organizations that want long-term success need to establish and maintain a culture of integrity and compliance with the needs and expectations of interested parties. Integrity and compliance are therefore not only the basis, but also an opportunity for a successful and sustainable organization. […] An effective organization-wide compliance management system enables an organization to demonstrate its commitment to complying with relevant laws, including legislative requirements, industry regulations and organizational standards, as well as the norms of good corporate governance, best practices, ethical principles and expectations of society. ”
What are the benefits of the new Type A standard?
ISO 37301 will become a certifiable international type A standard. It pursues a holistic approach across all industries, company sizes and areas, with practical relevance and applicability for all testing organizations. The new standard will not only specify how a compliance management system is to be introduced. It also specifies the requirements when a CMS receives a certificate. This goes well beyond the previous “guidelines” of ISO 19600. In addition, an appendix to ISO 37301 will contain practical instructions on how the standard should be used.
STANDARDS ALREADY EXIST - WHY DIN ISO 37301?
There are already standards according to which a compliance management system can be introduced and its implementation assessed. The internationally recognized ISO 19600 is the best-known standard, as it can be used equally for all corporate sectors and sizes. But it cannot be certified.