there is an increasing focus on the compliance risks it faces and how to achieve it. compliance means that an organization complies with applicable laws, regulations, and regulatory requirements, as well as relevant standards, contracts, principles of effective governance, or codes of ethics. failure to comply can result in legal sanctions, regulatory penalties, significant property damage, and reputational damage to the organization, and the resulting risk is called compliance risk.
in 2021, the iso organization will release iso 37301:2021 "compliance management system requirements and use guidelines", which provides a more advanced, authoritative, and universal and strategic tools and methodologies also provide opportunities and pathways for the compliance management of various organizations to gain global recognition through third-party certification.
based on the risk management mindset, iso 37301 applies process methods and pdca logic, and provides requirements and guidelines for organizations to establish, formulate, implement, evaluate, maintain and improve an effective compliance management system around compliance governance principles.
iso 37301 applies the management system standard structure of iso/iec directives annex sl, which makes it easier for the compliance management system to integrate with other existing management systems based on iso organizational standards. the standard is intended to improve the ability of other management systems to meet compliance-related requirements and to help organizations improve their overall management of their compliance obligations.
organizations prevent compliance risks by establishing an effective iso 37301 compliance management system. on the basis of identifying, analyzing and evaluating the compliance risks faced by the organization, the organization establishes and improves the compliance management process, so as to achieve effective response and control of risks.
establishing an effective iso 37301 compliance management system cannot prevent non-compliance, but it can reduce the risk of non-compliance. in many countries or regions, when non-compliance occurs, the managers of the organization and the organization use the established and implemented effective compliance management system as a defense to mitigate or even exempt from administrative, criminal or civil liability. this defense may accepted by administrative law enforcement agencies or judicial agencies. this is especially important for organizations growing both domestically and abroad.
compliance with this standard will help organizations build trust with customers and other stakeholders, demonstrating a competitive advantage.
because iso 37301 compliant management system certification is not industry-specific and product-specific, it can be used by organizations that provide any product or service.
○ iso 37301:2021 "compliance management system requirements and guidelines for use"
○ "gb/t 35770-2017 compliance management system guidelines"
○ "conformity assessment management system audit and certification body requirements part 13: compliance management system audit and certification capability requirements"
○ improve business opportunities and sustainability;
○ protect and strengthen the reputation and credibility of the organization;
○ consider the expectations of interested parties;
○ demonstrate the organization's commitment to managing compliance risks effectively and efficiently;
○ increase third-party confidence in the organization's ability to continue to succeed;
○ reduce the occurrence of illegal activities and the consequent costs, and reputational damage;
○ drives trust in your business—gives your customers and stakeholders greater confidence in the security of their data and information.
tel: 86-400 821 5138
fax: 86-21 3327 5843
email:noa@noagroup.com
