Overview to ISO 37301, Compliance Management Systems (CMS)

What is Compliance Management Systems (CMS)

The regulatory landscape is constantly changing and organizations need systems in place to ensure they keep up. But complying with laws and regulations can be so much more than just ticking a box: it can be the result of a deeply entrenched culture of integrity and good ethics. All of which is a recipe for business success. A compliance management system is a way of getting there and a new standard has just been published to help.

ISO 37301, Compliance management systems – Requirements with guidance for use, provides everything an organization needs to know to develop, implement, maintain and improve an effective compliance management system.

Howard Shaw, Chair of the ISO technical committee that developed the standard, said compliance is not just about avoiding fines and should not be limited to one department. It is everyone’s affair.

“Organizations want to work and collaborate with companies they can trust,” he said.

“And trust is built on a company culture of doing the right thing, where every employee contributes because they understand and believe in the importance of it. Central to this is good leadership and clear values, which have to come from the top.”

ISO 37301 recommends the involvement of senior management and advocates compliance as a principle of good governance. It also recommends integrating compliance management right across the organization, to be embedded in its financial, risk, quality, information security, environmental and health and safety management processes as well as its operational requirements and procedures.

Who is ISO 37301 for

ISO 37301 is applicable to all organizations, regardless of type, size, activities, and location, and covers all types of compliance risk.

What are the benefits for my business

The benefits of implementing ISO 37301 are expected to include not only a reduced risk of fines due to non-compliance but enhanced reputation and credibility, providing greater confidence to clients and other stakeholders and increased business opportunities.

The standard can also be integrated into an organization’s other management systems, such as ISO 37001 for anti-bribery or ISO 9001 for quality, thus increasing efficiencies, effectiveness and productivity.


[1] ISO 37301, Compliance management systems — Requirements with guidance for use 

Please contact us for more information or support neededinfo@tksg.global 

Last modified: Monday, 17 October 2022, 9:58 PM