SlideShare a Scribd company logo

ISO 37301:2021 (Compliance Management Systems) Awareness Training

Operational Excellence Consulting
Operational Excellence Consulting

[Note: This is a partial preview. To download this presentation, visit: https://www.oeconsulting.com.sg/training-presentations] ISO 37301:2021 is an international standard designed and formulated to help organizations implement a robust Compliance Management System (CMS). The standard specifies requirements and provides guidelines for establishing, developing, implementing, evaluating, maintaining and improving an effective Compliance Management System (CMS) within an organization. A CMS provides organizations a structured approach to meet all compliance obligations, i.e., requirements that they mandatorily have to comply with such as laws, regulations, court rulings, permits, licenses, as well as those that they voluntarily choose to comply with such as internal policies and procedures, codes of conduct, standards, and agreements with communities or NGOs.  This presentation can be used to brief your employees so as to create awareness of compliance best practices. The material can be integrated to your organization's management system standards training program. It includes the what and why of ISO 37301, the CMS clause structure, and offers practical tips on how to handle an audit session. LEARNING OBJECTIVES 1. Provide background knowledge on ISO 37301 2. Gain an overview of ISO 37301 structure 3. Understand the ISO 37301 certification process 4. Describe the audit approach and learn useful tips on handling an audit session CONTENTS   1. OVERVIEW OF ISO 37301 About ISO What are Standards? Introduction to Compliance Management What is Compliance? Why is Compliance Management Important? What is ISO 37301? What is the Purpose of ISO 37301? Who is ISO 37301 For? How Does ISO 37301 Relate to ISO 37001? What is the Difference Between ISO 37301 and ISO 19600? How Does ISO 37301 Work? Benefits of ISO 37301 Advantages of ISO 37301 Certification Getting Started to Setting Up a CMS 2. ISO 37301 STRUCTURE Annex L - Implications Overview of Annex L High-level Structure (HLS) HLS: The Same Core Elements The ISO 37301 Structure is Based on the ISO HLS for MSS The Plan-Do-Check-Act (PDCA) Process Model PDCA and ISO 37301 Clause Structure Elements of a Compliance Management System ISO 37301 Key Clause Structure (4-10) - Context of the Organization - Leadership - Planning - Support - Operation - Performance Evaluation - Improvement 3. ISO 37301 CERTIFICATION Becoming ISO 37301 Certified ISO 37301 Certification Process Audit Findings 4. HANDLING AN AUDIT SESSION Rights of Auditee Rights of Auditor How to Handle the Audit Session? Auditee's Conduct Do's Don'ts To download this presentation, visit: https://www.oeconsulting.com.sg/training-presentations

Business
1 of 26
© Operational Excellence Consulting. All rights reserved. © Operational Excellence Consulting. All rights reserved. ISO 37301:2021 Compliance Management Systems
© Operational Excellence Consulting. All rights reserved. 2 © Operational Excellence Consulting. All rights reserved. 2 Learning Objectives Provide background knowledge of ISO 37301 Gain an overview of the ISO 37301 structure Understand the ISO 37301 certification process Describe the audit approach and learn useful tips on handling an audit session NOTE: This is a PARTIAL PREVIEW. To download the complete presentation, please visit: https://www.oeconsulting.com.sg
© Operational Excellence Consulting. All rights reserved. 3 Contents 2 3 4 ISO 37301 Structure ISO 37301 Certification Handling an Audit Session 1 Overview of ISO 37301
© Operational Excellence Consulting. All rights reserved. 4 Introduction to Compliance Management § A Compliance Management System (CMS) is a set of processes to make sure that an organization operates in accordance with all applicable laws, regulations and codes of conduct § Due to the ever-changing nature of laws and regulations across countries and regions, keeping up to date with the applicable regulations is a never-ending task § An effective CMS enables you to determine the relevant documents, to ensure compliance across the organization and to track and improve compliance
© Operational Excellence Consulting. All rights reserved. 5 What is Compliance? Meeting all the needs or expectations that are stated, generally implied or obligatory that an organization has to comply with or chooses to voluntarily comply with.
© Operational Excellence Consulting. All rights reserved. 6 Compliance Management Why Compliance Management?
© Operational Excellence Consulting. All rights reserved. 7 Real Life Cases of Non-compliances Facebook to pay $650 million in 2021 to settle a class action lawsuit over the use of facial recognition software for its “tagging” feature involving photographs without consent, which was prohibited under Illinois privacy law. HSBC to pay a $1.9 billion fine to regulators for a lack of adequate control processes in compliance and anti-money laundering in 2012. Mattel to pay $2.3 million in civil penalties for violating a federal lead paint ban that resulted in the recall of millions of its Barbie, Dora and other popular-branded toys in 2007. French regulatory body Commission Nationale de L’informatique et des Libertés (CNIL) imposed a GDPR fine of €50 million in 2019 against Google for lack of transparency and valid consent.
© Operational Excellence Consulting. All rights reserved. 8 What is ISO 37301? § ISO 37301:2021 specifies requirements and provides guidelines for establishing, developing, implementing, evaluating, maintaining and improving an effective Compliance Management System (CMS) within an organization § Published in April 2021 § Replaced ISO 19600:2014 § A certification model
© Operational Excellence Consulting. All rights reserved. 9 What is the Purpose of ISO 37301? § Provides a framework to assist in the implementation of specific compliance-related requirements in any management system § Defines requirements and provides guidance for establishing, developing, implementing, evaluating, maintaining and improving an effective compliance management system in organizations
© Operational Excellence Consulting. All rights reserved. 10 Who is ISO 37301 For? § Applies to all types of organizations regardless of the type, size and nature of the activity § Covers any organization from the public, private or non-profit sector
© Operational Excellence Consulting. All rights reserved. 11 With the publication of ISO 37301 in April 2021, the ISO 19600 is withdrawn and becomes obsolete. What is the Difference Between ISO 37301 and ISO 19600? ISO 19600 § Published in 2014 § Type B Management System Standards § Only a set of guidelines § Not for certification ISO 37301 § Published in April 2021 § Type A Management System Standards § Specifies requirements and provides guidelines § A certification standard
© Operational Excellence Consulting. All rights reserved. 12 What Benefits Can ISO 37301 Provide? § Developing a culture of compliance § Addressing and overcoming compliance issues § Protecting the organization’s reputation § Preventing and detecting unethical conduct § Improving the organization’s sustainability § Building customer trust and loyalty
© Operational Excellence Consulting. All rights reserved. 13 Overview of Annex L § Although Annex L is a framework for a generic management system, it requires the addition of discipline-specific requirements to make a fully functional standard Annex L High-level structure Identical core text Common definition
© Operational Excellence Consulting. All rights reserved. 14 HLS: The Same Core Elements Environment ISO 14001 Food Safety ISO 22000 Quality Management ISO 9001 Occupational Health & Safety ISO 45001 THE SAME CORE ELEMENTS ISO 37301 can be combined with existing management system standards (e.g. ISO 9001) and generic guidelines (e.g. ISO 31000).
© Operational Excellence Consulting. All rights reserved. 15 ISO 37301 is Based on the ISO High-Level Structure (HLS) for Management System Standards (MSS) 1. Scope 2. Normative References 3. Terms & Definitions 4. Context of the Organization 5. Leadership 6. Planning 7. Support 8. Operation 9. Performance Evaluation 10. Improvement
© Operational Excellence Consulting. All rights reserved. 16 The Plan-Do-Check-Act (PDCA) Process Model Implement the processes of the CMS Establish objectives, programs and processes necessary to deliver results in accordance with the organization’s CMS policy Monitor and measure activities and processes with regard to the CMS policy and objectives, and report the results Take actions to continually improve the CMS performance to achieve the intended outcomes Plan Do Act Check
© Operational Excellence Consulting. All rights reserved. 17 Elements of a Compliance Management System Source: Based on ISO 37301:2021 PRINCIPLES INTEGRITY | GOOD GOVERNANCE | PROPORTIONALITY | TRANSPARENCY | ACCOUNTABILITY | SUSTAINABILITY OBJECTIVES INTEGRITY | CULTURE | CONFORMITY | REPUTATION | VALUE | ETHICS ORGANIZATION & ITS CONTEXT LEGAL | SOCIAL | CULTURAL | DIGITALIZATION | FINANCE | STRUCTURE | ENVIRONMENT | INTERESTED PARTIES COMMITMENT AT ALL LEVELS DETERMINING THE SCOPE COMPLIANCE POLICY ROLES & RESPONSIBILITIES OBLIGATIONS & RISKS SUPPORT COMPETENCE & AWARENESS COMMUNICATION & TRAINING OPERATION CONTROLS & PROCEDURES DOCUMENTATION INTERNAL AUDIT MANAGEMENT REVIEW MONITORING & MEASUREMENT RAISING AWARENESS INVESTIGATION PROCESS MANAGING NONCOMPLIANCE CONTINUAL IMPROVEMENT CHECK DO PLAN ACT LEADERSHIP GOVERNANCE CULTURE LEADERSHIP GOVERNANCE CULTURE
© Operational Excellence Consulting. All rights reserved. 18 ISO 37301 Key Clause Structure (4-10) PLAN DO CHECK ACT 4. Context of the organization 5. Leadership 6. Planning 7. Support 8. Operation 9. Performance evaluation 10. Improvement 4.1 Understanding the organization and its context 5.1 Leadership and Commitment 6.1 Actions to address risks and opportunities 7.1 Resources 8.1 Operational planning and control 9.1 Monitoring, measurement, analysis and evaluation 10.1 Continual improvement 4.2 Understanding the needs and expectations of interested parties 5.2 Compliance policy 6.2 Compliance objectives and how to achieve them 7.2 Competence 8.2 Establishing controls and procedures 9.2 Internal audit 10.2 Nonconformity and corrective action 4.3 Determining the scope of the compliance management system 5.3 Roles, responsibilities and authorities 6.3 Planning of changes 7.3 Awareness 8.3 Raising concerns 9.3 Management review 4.4 Compliance management system (CMS) 7.4 Communication 8.4 Investigation processes 4.5 Compliance obligations 7.5 Documented information 4.6 Compliance risk assessment
© Operational Excellence Consulting. All rights reserved. 19 Becoming ISO 37301 Certified § The certification body examines the CMS for conformity to the ISO 37301:2021 standard § The CMS audit is a compliance audit § Certification means the organization has a documented CMS that is fully implemented and meets ISO 37301:2021 requirements § After the successful completion of the certification audit, you will receive a certificate which is valid for three years § To maintain your certification, annual surveillance audits are required
© Operational Excellence Consulting. All rights reserved. 20 ISO 37301 Certification Process Implementation of Compliance Management System Conduct Internal Audit and Review Result by Top Management Selection of a Certification Body Stage 1 Audit Stage 2 Audit Confirmation of Registration Continual Improvement and Surveillance Audits
© Operational Excellence Consulting. All rights reserved. 21 Audit Findings Minor Non-conformity Observation Major Non-conformity
© Operational Excellence Consulting. All rights reserved. 22 How to Handle the Audit Session? § Do not panic § Ask and clarify § Admit obvious non-conformities § Offer evidence and explain patiently § Take note of improvement areas highlighted by the auditor § Show internal audit report, when necessary
© Operational Excellence Consulting. All rights reserved. 23 Auditee’s Conduct § Polite § Professional § Positive / Receptive § Sincere § Commitment § Formal but not overly serious
© Operational Excellence Consulting. All rights reserved. 24 Interacting with Auditors § Be honest and open § Recognize they may be experts § Realize they may not be subject matter experts § Understand the purpose of the meeting and review related records prior to interviews § Turn mobile phones to silent mode
© Operational Excellence Consulting. All rights reserved. 25 Interacting with Auditors § Assume auditors are familiar with your organization’s CMS § Challenge auditors § Show more competence in ISO 37301 § Argue internally § Express unfairness § Ask for solution § Fix non-conformities on the spot
© Operational Excellence Consulting. All rights reserved. 26 Operational Excellence Consulting is a management training and consulting firm that assists organizations in improving business performance and effectiveness. Based in Singapore, the firm’s mission is to create business value for organizations through innovative design and operational excellence management training and consulting solutions. For more information, please visit www.oeconsulting.com.sg

Recommended

ISO 22301:2019 (Business Continuity Management Systems) Awareness Training
ISO 22301:2019 (Business Continuity Management Systems) Awareness TrainingISO 22301:2019 (Business Continuity Management Systems) Awareness Training
ISO 22301:2019 (Business Continuity Management Systems) Awareness TrainingOperational Excellence Consulting
 
ISO 37000:2021 (Governance of Organizations) Awareness Training
ISO 37000:2021 (Governance of Organizations) Awareness TrainingISO 37000:2021 (Governance of Organizations) Awareness Training
ISO 37000:2021 (Governance of Organizations) Awareness TrainingOperational Excellence Consulting
 
ISO 9001 Foundation Training Course - Sample Slides
ISO 9001 Foundation Training Course - Sample SlidesISO 9001 Foundation Training Course - Sample Slides
ISO 9001 Foundation Training Course - Sample SlidesStratos Lazaridis
 
PECB Webinar: ISO Internal Audits - A signpost to ISO compliance
PECB Webinar: ISO Internal Audits - A signpost to ISO compliancePECB Webinar: ISO Internal Audits - A signpost to ISO compliance
PECB Webinar: ISO Internal Audits - A signpost to ISO compliancePECB
 
ISO 37301 Compliance Management Systems
ISO 37301 Compliance Management SystemsISO 37301 Compliance Management Systems
ISO 37301 Compliance Management SystemsNimonik
 
To ISO or not to ISO?
To ISO or not to ISO?To ISO or not to ISO?
To ISO or not to ISO?SIKM
 
Session 3B Quality Assurance and Building Effective Oversight System - Betty ...
Session 3B Quality Assurance and Building Effective Oversight System - Betty ...Session 3B Quality Assurance and Building Effective Oversight System - Betty ...
Session 3B Quality Assurance and Building Effective Oversight System - Betty ...International Federation of Accountants
 
Iso 22301 2012 bcm
Iso 22301 2012 bcmIso 22301 2012 bcm
Iso 22301 2012 bcmfaisal_ss
 

Recommended

ISO 22301:2019 (Business Continuity Management Systems) Awareness Training
ISO 22301:2019 (Business Continuity Management Systems) Awareness TrainingISO 22301:2019 (Business Continuity Management Systems) Awareness Training
ISO 22301:2019 (Business Continuity Management Systems) Awareness TrainingOperational Excellence Consulting
 
ISO 37000:2021 (Governance of Organizations) Awareness Training
ISO 37000:2021 (Governance of Organizations) Awareness TrainingISO 37000:2021 (Governance of Organizations) Awareness Training
ISO 37000:2021 (Governance of Organizations) Awareness TrainingOperational Excellence Consulting
 
ISO 9001 Foundation Training Course - Sample Slides
ISO 9001 Foundation Training Course - Sample SlidesISO 9001 Foundation Training Course - Sample Slides
ISO 9001 Foundation Training Course - Sample SlidesStratos Lazaridis
 
PECB Webinar: ISO Internal Audits - A signpost to ISO compliance
PECB Webinar: ISO Internal Audits - A signpost to ISO compliancePECB Webinar: ISO Internal Audits - A signpost to ISO compliance
PECB Webinar: ISO Internal Audits - A signpost to ISO compliancePECB
 
ISO 37301 Compliance Management Systems
ISO 37301 Compliance Management SystemsISO 37301 Compliance Management Systems
ISO 37301 Compliance Management SystemsNimonik
 
To ISO or not to ISO?
To ISO or not to ISO?To ISO or not to ISO?
To ISO or not to ISO?SIKM
 
Session 3B Quality Assurance and Building Effective Oversight System - Betty ...
Session 3B Quality Assurance and Building Effective Oversight System - Betty ...Session 3B Quality Assurance and Building Effective Oversight System - Betty ...
Session 3B Quality Assurance and Building Effective Oversight System - Betty ...International Federation of Accountants
 
Iso 22301 2012 bcm
Iso 22301 2012 bcmIso 22301 2012 bcm
Iso 22301 2012 bcmfaisal_ss
 
ISO 9001:2015 (QMS) Awareness Training
ISO 9001:2015 (QMS) Awareness TrainingISO 9001:2015 (QMS) Awareness Training
ISO 9001:2015 (QMS) Awareness TrainingOperational Excellence Consulting
 
ISO9001_2015_Frequently_Asked_Questions.docx
ISO9001_2015_Frequently_Asked_Questions.docxISO9001_2015_Frequently_Asked_Questions.docx
ISO9001_2015_Frequently_Asked_Questions.docxSunil Arora
 
What is iso 9001 qms
What is iso 9001 qmsWhat is iso 9001 qms
What is iso 9001 qmsBusiness Beam
 
The Nuts & Bolts of ISO 9001
The Nuts & Bolts of ISO 9001The Nuts & Bolts of ISO 9001
The Nuts & Bolts of ISO 9001BSI America
 
ISO Auditing: What Is It and Why Should You Consider It?
ISO Auditing: What Is It and Why Should You Consider It?ISO Auditing: What Is It and Why Should You Consider It?
ISO Auditing: What Is It and Why Should You Consider It?Triumvirate Environmental
 
Quality management system services 'QMS' in India
Quality management system services 'QMS' in IndiaQuality management system services 'QMS' in India
Quality management system services 'QMS' in IndiaManojHosur
 
Improving BCM through Measurement and Benchmarking
Improving BCM through Measurement and BenchmarkingImproving BCM through Measurement and Benchmarking
Improving BCM through Measurement and BenchmarkingContinuity and Resilience
 
SEAI Quality Management Systems Fundimentals
SEAI Quality Management Systems FundimentalsSEAI Quality Management Systems Fundimentals
SEAI Quality Management Systems FundimentalsSustainableEnergyAut
 
Accountability Corbit Overview 06262007
Accountability Corbit Overview 06262007Accountability Corbit Overview 06262007
Accountability Corbit Overview 06262007Humberto Bruno Pontes Silva
 
LRQA ISO Standards Update - Integration as Standard? October 2013
LRQA ISO Standards Update - Integration as Standard? October 2013LRQA ISO Standards Update - Integration as Standard? October 2013
LRQA ISO Standards Update - Integration as Standard? October 2013Lloyd's Register - Management Systems
 
Asset Mnmt Std ISO 55001 Imp Benefits for 4PL.pptx
Asset Mnmt Std ISO 55001 Imp Benefits for 4PL.pptxAsset Mnmt Std ISO 55001 Imp Benefits for 4PL.pptx
Asset Mnmt Std ISO 55001 Imp Benefits for 4PL.pptxVenkatGupta8
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingOperational Excellence Consulting
 
ISO 37002:2021 (Whistleblowing Management Systems) Awareness Training
ISO 37002:2021 (Whistleblowing Management Systems) Awareness TrainingISO 37002:2021 (Whistleblowing Management Systems) Awareness Training
ISO 37002:2021 (Whistleblowing Management Systems) Awareness TrainingOperational Excellence Consulting
 
ISO Certification in Dubai (2).pdf
ISO Certification in Dubai (2).pdfISO Certification in Dubai (2).pdf
ISO Certification in Dubai (2).pdfZoyaAbdul1
 
ISO 22000:2018 (Food Safety Management Systems) Awareness Training
ISO 22000:2018 (Food Safety Management Systems) Awareness TrainingISO 22000:2018 (Food Safety Management Systems) Awareness Training
ISO 22000:2018 (Food Safety Management Systems) Awareness TrainingOperational Excellence Consulting
 
SWE 333 - ISQM ISO 9000-3.ppt
SWE 333 - ISQM ISO 9000-3.pptSWE 333 - ISQM ISO 9000-3.ppt
SWE 333 - ISQM ISO 9000-3.pptOswaldo Gonzales
 
A Compact guide of ISO certification with quality process manual
A Compact guide of ISO certification with quality process manualA Compact guide of ISO certification with quality process manual
A Compact guide of ISO certification with quality process manualEstartupindia.com
 
Hernan Huwyler SCCE New ISO 37301 Compliance Management Systems
Hernan Huwyler SCCE New ISO 37301 Compliance Management SystemsHernan Huwyler SCCE New ISO 37301 Compliance Management Systems
Hernan Huwyler SCCE New ISO 37301 Compliance Management SystemsHernan Huwyler, MBA CPA
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Hendri Eka Saputra
 
ISO 9000
ISO 9000ISO 9000
ISO 9000Laureana Veronika Vicedo
 
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...Operational Excellence Consulting
 
Six Sigma Improvement Process: Transforming Processes, Elevating Performance
Six Sigma Improvement Process: Transforming Processes, Elevating PerformanceSix Sigma Improvement Process: Transforming Processes, Elevating Performance
Six Sigma Improvement Process: Transforming Processes, Elevating PerformanceOperational Excellence Consulting
 

More Related Content

Similar to ISO 37301:2021 (Compliance Management Systems) Awareness Training

ISO9001_2015_Frequently_Asked_Questions.docx
ISO9001_2015_Frequently_Asked_Questions.docxISO9001_2015_Frequently_Asked_Questions.docx
ISO9001_2015_Frequently_Asked_Questions.docxSunil Arora
 
What is iso 9001 qms
What is iso 9001 qmsWhat is iso 9001 qms
What is iso 9001 qmsBusiness Beam
 
The Nuts & Bolts of ISO 9001
The Nuts & Bolts of ISO 9001The Nuts & Bolts of ISO 9001
The Nuts & Bolts of ISO 9001BSI America
 
ISO Auditing: What Is It and Why Should You Consider It?
ISO Auditing: What Is It and Why Should You Consider It?ISO Auditing: What Is It and Why Should You Consider It?
ISO Auditing: What Is It and Why Should You Consider It?Triumvirate Environmental
 
Quality management system services 'QMS' in India
Quality management system services 'QMS' in IndiaQuality management system services 'QMS' in India
Quality management system services 'QMS' in IndiaManojHosur
 
Improving BCM through Measurement and Benchmarking
Improving BCM through Measurement and BenchmarkingImproving BCM through Measurement and Benchmarking
Improving BCM through Measurement and BenchmarkingContinuity and Resilience
 
SEAI Quality Management Systems Fundimentals
SEAI Quality Management Systems FundimentalsSEAI Quality Management Systems Fundimentals
SEAI Quality Management Systems FundimentalsSustainableEnergyAut
 
Asset Mnmt Std ISO 55001 Imp Benefits for 4PL.pptx
Asset Mnmt Std ISO 55001 Imp Benefits for 4PL.pptxAsset Mnmt Std ISO 55001 Imp Benefits for 4PL.pptx
Asset Mnmt Std ISO 55001 Imp Benefits for 4PL.pptxVenkatGupta8
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingOperational Excellence Consulting
 
ISO 37002:2021 (Whistleblowing Management Systems) Awareness Training
ISO 37002:2021 (Whistleblowing Management Systems) Awareness TrainingISO 37002:2021 (Whistleblowing Management Systems) Awareness Training
ISO 37002:2021 (Whistleblowing Management Systems) Awareness TrainingOperational Excellence Consulting
 
ISO Certification in Dubai (2).pdf
ISO Certification in Dubai (2).pdfISO Certification in Dubai (2).pdf
ISO Certification in Dubai (2).pdfZoyaAbdul1
 
ISO 22000:2018 (Food Safety Management Systems) Awareness Training
ISO 22000:2018 (Food Safety Management Systems) Awareness TrainingISO 22000:2018 (Food Safety Management Systems) Awareness Training
ISO 22000:2018 (Food Safety Management Systems) Awareness TrainingOperational Excellence Consulting
 
SWE 333 - ISQM ISO 9000-3.ppt
SWE 333 - ISQM ISO 9000-3.pptSWE 333 - ISQM ISO 9000-3.ppt
SWE 333 - ISQM ISO 9000-3.pptOswaldo Gonzales
 
A Compact guide of ISO certification with quality process manual
A Compact guide of ISO certification with quality process manualA Compact guide of ISO certification with quality process manual
A Compact guide of ISO certification with quality process manualEstartupindia.com
 
Hernan Huwyler SCCE New ISO 37301 Compliance Management Systems
Hernan Huwyler SCCE New ISO 37301 Compliance Management SystemsHernan Huwyler SCCE New ISO 37301 Compliance Management Systems
Hernan Huwyler SCCE New ISO 37301 Compliance Management SystemsHernan Huwyler, MBA CPA
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Hendri Eka Saputra
 

Similar to ISO 37301:2021 (Compliance Management Systems) Awareness Training (20)

ISO 9001:2015 (QMS) Awareness Training
ISO 9001:2015 (QMS) Awareness TrainingISO 9001:2015 (QMS) Awareness Training
ISO 9001:2015 (QMS) Awareness Training
 
ISO9001_2015_Frequently_Asked_Questions.docx
ISO9001_2015_Frequently_Asked_Questions.docxISO9001_2015_Frequently_Asked_Questions.docx
ISO9001_2015_Frequently_Asked_Questions.docx
 
What is iso 9001 qms
What is iso 9001 qmsWhat is iso 9001 qms
What is iso 9001 qms
 
The Nuts & Bolts of ISO 9001
The Nuts & Bolts of ISO 9001The Nuts & Bolts of ISO 9001
The Nuts & Bolts of ISO 9001
 
ISO Auditing: What Is It and Why Should You Consider It?
ISO Auditing: What Is It and Why Should You Consider It?ISO Auditing: What Is It and Why Should You Consider It?
ISO Auditing: What Is It and Why Should You Consider It?
 
Quality management system services 'QMS' in India
Quality management system services 'QMS' in IndiaQuality management system services 'QMS' in India
Quality management system services 'QMS' in India
 
Improving BCM through Measurement and Benchmarking
Improving BCM through Measurement and BenchmarkingImproving BCM through Measurement and Benchmarking
Improving BCM through Measurement and Benchmarking
 
SEAI Quality Management Systems Fundimentals
SEAI Quality Management Systems FundimentalsSEAI Quality Management Systems Fundimentals
SEAI Quality Management Systems Fundimentals
 
Accountability Corbit Overview 06262007
Accountability Corbit Overview 06262007Accountability Corbit Overview 06262007
Accountability Corbit Overview 06262007
 
LRQA ISO Standards Update - Integration as Standard? October 2013
LRQA ISO Standards Update - Integration as Standard? October 2013LRQA ISO Standards Update - Integration as Standard? October 2013
LRQA ISO Standards Update - Integration as Standard? October 2013
 
Asset Mnmt Std ISO 55001 Imp Benefits for 4PL.pptx
Asset Mnmt Std ISO 55001 Imp Benefits for 4PL.pptxAsset Mnmt Std ISO 55001 Imp Benefits for 4PL.pptx
Asset Mnmt Std ISO 55001 Imp Benefits for 4PL.pptx
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
 
ISO 37002:2021 (Whistleblowing Management Systems) Awareness Training
ISO 37002:2021 (Whistleblowing Management Systems) Awareness TrainingISO 37002:2021 (Whistleblowing Management Systems) Awareness Training
ISO 37002:2021 (Whistleblowing Management Systems) Awareness Training
 
ISO Certification in Dubai (2).pdf
ISO Certification in Dubai (2).pdfISO Certification in Dubai (2).pdf
ISO Certification in Dubai (2).pdf
 
ISO 22000:2018 (Food Safety Management Systems) Awareness Training
ISO 22000:2018 (Food Safety Management Systems) Awareness TrainingISO 22000:2018 (Food Safety Management Systems) Awareness Training
ISO 22000:2018 (Food Safety Management Systems) Awareness Training
 
SWE 333 - ISQM ISO 9000-3.ppt
SWE 333 - ISQM ISO 9000-3.pptSWE 333 - ISQM ISO 9000-3.ppt
SWE 333 - ISQM ISO 9000-3.ppt
 
A Compact guide of ISO certification with quality process manual
A Compact guide of ISO certification with quality process manualA Compact guide of ISO certification with quality process manual
A Compact guide of ISO certification with quality process manual
 
Hernan Huwyler SCCE New ISO 37301 Compliance Management Systems
Hernan Huwyler SCCE New ISO 37301 Compliance Management SystemsHernan Huwyler SCCE New ISO 37301 Compliance Management Systems
Hernan Huwyler SCCE New ISO 37301 Compliance Management Systems
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)
 
ISO 9000
ISO 9000ISO 9000
ISO 9000
 

More from Operational Excellence Consulting

The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...Operational Excellence Consulting
 
Six Sigma Improvement Process: Transforming Processes, Elevating Performance
Six Sigma Improvement Process: Transforming Processes, Elevating PerformanceSix Sigma Improvement Process: Transforming Processes, Elevating Performance
Six Sigma Improvement Process: Transforming Processes, Elevating PerformanceOperational Excellence Consulting
 
Kaizen Event Guide: Transforming Challenges into Opportunities
Kaizen Event Guide: Transforming Challenges into OpportunitiesKaizen Event Guide: Transforming Challenges into Opportunities
Kaizen Event Guide: Transforming Challenges into OpportunitiesOperational Excellence Consulting
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Poster
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness PosterISO/IEC 27001:2022 (Information Security Management Systems) Awareness Poster
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness PosterOperational Excellence Consulting
 

More from Operational Excellence Consulting (20)

The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
The McKinsey 7S Framework: A Holistic Approach to Harmonizing All Parts of th...
 
Six Sigma Improvement Process: Transforming Processes, Elevating Performance
Six Sigma Improvement Process: Transforming Processes, Elevating PerformanceSix Sigma Improvement Process: Transforming Processes, Elevating Performance
Six Sigma Improvement Process: Transforming Processes, Elevating Performance
 
Kaizen Event Guide: Transforming Challenges into Opportunities
Kaizen Event Guide: Transforming Challenges into OpportunitiesKaizen Event Guide: Transforming Challenges into Opportunities
Kaizen Event Guide: Transforming Challenges into Opportunities
 
Kaizen: Elevating Continuous Improvement for Success
Kaizen: Elevating Continuous Improvement for SuccessKaizen: Elevating Continuous Improvement for Success
Kaizen: Elevating Continuous Improvement for Success
 
Strategic Planning: A3 Hoshin Planning Process
Strategic Planning: A3 Hoshin Planning ProcessStrategic Planning: A3 Hoshin Planning Process
Strategic Planning: A3 Hoshin Planning Process
 
A3 Problem Solving Process & Tools
A3 Problem Solving Process & ToolsA3 Problem Solving Process & Tools
A3 Problem Solving Process & Tools
 
Digital Strategic Business Planning Methodology
Digital Strategic Business Planning MethodologyDigital Strategic Business Planning Methodology
Digital Strategic Business Planning Methodology
 
Root Cause Analysis (RCA)
Root Cause Analysis (RCA)Root Cause Analysis (RCA)
Root Cause Analysis (RCA)
 
Business Process Reengineering (BPR)
Business Process Reengineering (BPR)Business Process Reengineering (BPR)
Business Process Reengineering (BPR)
 
5 Steps of Problem Solving
5 Steps of Problem Solving5 Steps of Problem Solving
5 Steps of Problem Solving
 
Seven Advanced Tools of Quality (Seven Advanced QC Tools)
Seven Advanced Tools of Quality (Seven Advanced QC Tools)Seven Advanced Tools of Quality (Seven Advanced QC Tools)
Seven Advanced Tools of Quality (Seven Advanced QC Tools)
 
Seven Basic Tools of Quality (Seven Basic QC Tools)
Seven Basic Tools of Quality (Seven Basic QC Tools)Seven Basic Tools of Quality (Seven Basic QC Tools)
Seven Basic Tools of Quality (Seven Basic QC Tools)
 
Problem Solving & Visualization Tools
Problem Solving & Visualization ToolsProblem Solving & Visualization Tools
Problem Solving & Visualization Tools
 
PDCA Problem Solving Process & Tools
PDCA Problem Solving Process & ToolsPDCA Problem Solving Process & Tools
PDCA Problem Solving Process & Tools
 
8D Problem Solving Process & Tools
8D Problem Solving Process & Tools8D Problem Solving Process & Tools
8D Problem Solving Process & Tools
 
Digital Transformation Process Poster
Digital Transformation Process PosterDigital Transformation Process Poster
Digital Transformation Process Poster
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Poster
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness PosterISO/IEC 27001:2022 (Information Security Management Systems) Awareness Poster
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Poster
 
Four Steps of Jidoka Poster
Four Steps of Jidoka PosterFour Steps of Jidoka Poster
Four Steps of Jidoka Poster
 
Lean Startup: Build-Measure-Learn Process Poster
Lean Startup: Build-Measure-Learn Process PosterLean Startup: Build-Measure-Learn Process Poster
Lean Startup: Build-Measure-Learn Process Poster
 
AIDA Marketing Model Poster
AIDA Marketing Model PosterAIDA Marketing Model Poster
AIDA Marketing Model Poster
 

Recently uploaded

Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Servicediscovermytutordmt
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangaloreamitlee9823
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Delhi Call girls
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...Aggregage
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with CultureSeta Wicaksana
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdfRenandantas16
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageMatteo Carbone
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxWorkforce Group
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communicationskarancommunications
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataExhibitors Data
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANIlamathiKannappan
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...amitlee9823
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Roland Driesen
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsP&CO
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxAndy Lambert
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLSeo
 
John Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfJohn Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfAmzadHosen3
 

Recently uploaded (20)

Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Service
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with Culture
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors Data
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
 
John Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfJohn Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdf
 

ISO 37301:2021 (Compliance Management Systems) Awareness Training

  • 1. © Operational Excellence Consulting. All rights reserved. © Operational Excellence Consulting. All rights reserved. ISO 37301:2021 Compliance Management Systems
  • 2. © Operational Excellence Consulting. All rights reserved. 2 © Operational Excellence Consulting. All rights reserved. 2 Learning Objectives Provide background knowledge of ISO 37301 Gain an overview of the ISO 37301 structure Understand the ISO 37301 certification process Describe the audit approach and learn useful tips on handling an audit session NOTE: This is a PARTIAL PREVIEW. To download the complete presentation, please visit: https://www.oeconsulting.com.sg
  • 3. © Operational Excellence Consulting. All rights reserved. 3 Contents 2 3 4 ISO 37301 Structure ISO 37301 Certification Handling an Audit Session 1 Overview of ISO 37301
  • 4. © Operational Excellence Consulting. All rights reserved. 4 Introduction to Compliance Management § A Compliance Management System (CMS) is a set of processes to make sure that an organization operates in accordance with all applicable laws, regulations and codes of conduct § Due to the ever-changing nature of laws and regulations across countries and regions, keeping up to date with the applicable regulations is a never-ending task § An effective CMS enables you to determine the relevant documents, to ensure compliance across the organization and to track and improve compliance
  • 5. © Operational Excellence Consulting. All rights reserved. 5 What is Compliance? Meeting all the needs or expectations that are stated, generally implied or obligatory that an organization has to comply with or chooses to voluntarily comply with.
  • 6. © Operational Excellence Consulting. All rights reserved. 6 Compliance Management Why Compliance Management?
  • 7. © Operational Excellence Consulting. All rights reserved. 7 Real Life Cases of Non-compliances Facebook to pay $650 million in 2021 to settle a class action lawsuit over the use of facial recognition software for its “tagging” feature involving photographs without consent, which was prohibited under Illinois privacy law. HSBC to pay a $1.9 billion fine to regulators for a lack of adequate control processes in compliance and anti-money laundering in 2012. Mattel to pay $2.3 million in civil penalties for violating a federal lead paint ban that resulted in the recall of millions of its Barbie, Dora and other popular-branded toys in 2007. French regulatory body Commission Nationale de L’informatique et des Libertés (CNIL) imposed a GDPR fine of €50 million in 2019 against Google for lack of transparency and valid consent.
  • 8. © Operational Excellence Consulting. All rights reserved. 8 What is ISO 37301? § ISO 37301:2021 specifies requirements and provides guidelines for establishing, developing, implementing, evaluating, maintaining and improving an effective Compliance Management System (CMS) within an organization § Published in April 2021 § Replaced ISO 19600:2014 § A certification model
  • 9. © Operational Excellence Consulting. All rights reserved. 9 What is the Purpose of ISO 37301? § Provides a framework to assist in the implementation of specific compliance-related requirements in any management system § Defines requirements and provides guidance for establishing, developing, implementing, evaluating, maintaining and improving an effective compliance management system in organizations
  • 10. © Operational Excellence Consulting. All rights reserved. 10 Who is ISO 37301 For? § Applies to all types of organizations regardless of the type, size and nature of the activity § Covers any organization from the public, private or non-profit sector
  • 11. © Operational Excellence Consulting. All rights reserved. 11 With the publication of ISO 37301 in April 2021, the ISO 19600 is withdrawn and becomes obsolete. What is the Difference Between ISO 37301 and ISO 19600? ISO 19600 § Published in 2014 § Type B Management System Standards § Only a set of guidelines § Not for certification ISO 37301 § Published in April 2021 § Type A Management System Standards § Specifies requirements and provides guidelines § A certification standard
  • 12. © Operational Excellence Consulting. All rights reserved. 12 What Benefits Can ISO 37301 Provide? § Developing a culture of compliance § Addressing and overcoming compliance issues § Protecting the organization’s reputation § Preventing and detecting unethical conduct § Improving the organization’s sustainability § Building customer trust and loyalty
  • 13. © Operational Excellence Consulting. All rights reserved. 13 Overview of Annex L § Although Annex L is a framework for a generic management system, it requires the addition of discipline-specific requirements to make a fully functional standard Annex L High-level structure Identical core text Common definition
  • 14. © Operational Excellence Consulting. All rights reserved. 14 HLS: The Same Core Elements Environment ISO 14001 Food Safety ISO 22000 Quality Management ISO 9001 Occupational Health & Safety ISO 45001 THE SAME CORE ELEMENTS ISO 37301 can be combined with existing management system standards (e.g. ISO 9001) and generic guidelines (e.g. ISO 31000).
  • 15. © Operational Excellence Consulting. All rights reserved. 15 ISO 37301 is Based on the ISO High-Level Structure (HLS) for Management System Standards (MSS) 1. Scope 2. Normative References 3. Terms & Definitions 4. Context of the Organization 5. Leadership 6. Planning 7. Support 8. Operation 9. Performance Evaluation 10. Improvement
  • 16. © Operational Excellence Consulting. All rights reserved. 16 The Plan-Do-Check-Act (PDCA) Process Model Implement the processes of the CMS Establish objectives, programs and processes necessary to deliver results in accordance with the organization’s CMS policy Monitor and measure activities and processes with regard to the CMS policy and objectives, and report the results Take actions to continually improve the CMS performance to achieve the intended outcomes Plan Do Act Check
  • 17. © Operational Excellence Consulting. All rights reserved. 17 Elements of a Compliance Management System Source: Based on ISO 37301:2021 PRINCIPLES INTEGRITY | GOOD GOVERNANCE | PROPORTIONALITY | TRANSPARENCY | ACCOUNTABILITY | SUSTAINABILITY OBJECTIVES INTEGRITY | CULTURE | CONFORMITY | REPUTATION | VALUE | ETHICS ORGANIZATION & ITS CONTEXT LEGAL | SOCIAL | CULTURAL | DIGITALIZATION | FINANCE | STRUCTURE | ENVIRONMENT | INTERESTED PARTIES COMMITMENT AT ALL LEVELS DETERMINING THE SCOPE COMPLIANCE POLICY ROLES & RESPONSIBILITIES OBLIGATIONS & RISKS SUPPORT COMPETENCE & AWARENESS COMMUNICATION & TRAINING OPERATION CONTROLS & PROCEDURES DOCUMENTATION INTERNAL AUDIT MANAGEMENT REVIEW MONITORING & MEASUREMENT RAISING AWARENESS INVESTIGATION PROCESS MANAGING NONCOMPLIANCE CONTINUAL IMPROVEMENT CHECK DO PLAN ACT LEADERSHIP GOVERNANCE CULTURE LEADERSHIP GOVERNANCE CULTURE
  • 18. © Operational Excellence Consulting. All rights reserved. 18 ISO 37301 Key Clause Structure (4-10) PLAN DO CHECK ACT 4. Context of the organization 5. Leadership 6. Planning 7. Support 8. Operation 9. Performance evaluation 10. Improvement 4.1 Understanding the organization and its context 5.1 Leadership and Commitment 6.1 Actions to address risks and opportunities 7.1 Resources 8.1 Operational planning and control 9.1 Monitoring, measurement, analysis and evaluation 10.1 Continual improvement 4.2 Understanding the needs and expectations of interested parties 5.2 Compliance policy 6.2 Compliance objectives and how to achieve them 7.2 Competence 8.2 Establishing controls and procedures 9.2 Internal audit 10.2 Nonconformity and corrective action 4.3 Determining the scope of the compliance management system 5.3 Roles, responsibilities and authorities 6.3 Planning of changes 7.3 Awareness 8.3 Raising concerns 9.3 Management review 4.4 Compliance management system (CMS) 7.4 Communication 8.4 Investigation processes 4.5 Compliance obligations 7.5 Documented information 4.6 Compliance risk assessment
  • 19. © Operational Excellence Consulting. All rights reserved. 19 Becoming ISO 37301 Certified § The certification body examines the CMS for conformity to the ISO 37301:2021 standard § The CMS audit is a compliance audit § Certification means the organization has a documented CMS that is fully implemented and meets ISO 37301:2021 requirements § After the successful completion of the certification audit, you will receive a certificate which is valid for three years § To maintain your certification, annual surveillance audits are required
  • 20. © Operational Excellence Consulting. All rights reserved. 20 ISO 37301 Certification Process Implementation of Compliance Management System Conduct Internal Audit and Review Result by Top Management Selection of a Certification Body Stage 1 Audit Stage 2 Audit Confirmation of Registration Continual Improvement and Surveillance Audits
  • 21. © Operational Excellence Consulting. All rights reserved. 21 Audit Findings Minor Non-conformity Observation Major Non-conformity
  • 22. © Operational Excellence Consulting. All rights reserved. 22 How to Handle the Audit Session? § Do not panic § Ask and clarify § Admit obvious non-conformities § Offer evidence and explain patiently § Take note of improvement areas highlighted by the auditor § Show internal audit report, when necessary
  • 23. © Operational Excellence Consulting. All rights reserved. 23 Auditee’s Conduct § Polite § Professional § Positive / Receptive § Sincere § Commitment § Formal but not overly serious
  • 24. © Operational Excellence Consulting. All rights reserved. 24 Interacting with Auditors § Be honest and open § Recognize they may be experts § Realize they may not be subject matter experts § Understand the purpose of the meeting and review related records prior to interviews § Turn mobile phones to silent mode
  • 25. © Operational Excellence Consulting. All rights reserved. 25 Interacting with Auditors § Assume auditors are familiar with your organization’s CMS § Challenge auditors § Show more competence in ISO 37301 § Argue internally § Express unfairness § Ask for solution § Fix non-conformities on the spot
  • 26. © Operational Excellence Consulting. All rights reserved. 26 Operational Excellence Consulting is a management training and consulting firm that assists organizations in improving business performance and effectiveness. Based in Singapore, the firm’s mission is to create business value for organizations through innovative design and operational excellence management training and consulting solutions. For more information, please visit www.oeconsulting.com.sg