Limited functionality available
A new international standard for compliance management systems (CMS) was published on April 13th 2021. Known as ISO 37301, the standard replaces ISO 19600. There are several new developments.
If your organisation is already aligned with ISO 19600, then it is important to understand the developments in ISO 37301. We have no doubt that these developments will be embraced by organisations who aim to have a strong and robust CMS.
Seven key developments with the introduction of ISO 37301:
What does this mean for you?
Organisations already aligned with ISO 19600 understand how a robust CMS helps to build sustainable businesses. At Deloitte, we believe that ISO 37301 takes the management of compliance risk to the next level, with practical, relevant and detailed guidance. The developments have been agreed to by subject-matter experts from around the world, who know exactly what industries need. Deloitte’s compliance experts are on hand to help guide your organisation through the amendments, supporting your business to continue to have a strong and robust CMS.
How can Deloitte help?
Deloitte has over 30 years’ experience supporting organisations to assess their compliance management systems against prior standards, advising required changes and assisting with implementation. We are also active committee members working with the Governance Risk and Compliance Institute (GRCI) who represent the International Federation of Compliance Associations (IFCA) in contributing to the draft development of ISO 37301.
Keep watching this space as we will be providing regular updates on the development of ISO 37301. If you require further information or other support with improving your compliance management system or preparing for ISO 37301, please contact us.
Angela is a Risk Advisory Partner at Deloitte who seeks to help the power and utilities sector embrace regulatory disruption through her deep and trusted relationships, her tenacity and fast adoption of tech-enabled solutions. Angela is a regulatory compliance and conduct risk professional with over 19 years of experience working in Australia and across the Asia Pacific region. She has a strong focus on helping clients navigate disruption in both regulatory and stakeholder expectations, and understand the impact of this change to business processes, controls, customers, third party relationships and operational performance. She has been working as a professional consultant for Tier 1 firms, with a solid foundation in governance, risk and compliance technical skills, team leadership and business development acumen.
As part of the GRC team in Audit & Assurance, Heather’s focus is on Compliance operating models - design, implementation and embedding - including the development of RegTech solutions to achieve more with less. Over the last 20 plus years, Heather’s work at the C-suite level in financial services has included reviewing, designing, implementing and testing compliance operating models and advising boards and management on how to develop a positive compliance culture as well as negotiating and interacting with regulators, politicians and industry bodies across Europe, the Americas, Middle East, Africa and Australasia. If organisations plan to build resilience and increase profitability post the requirements flowing from the Royal Commission, they must take a different approach. Bolting-on people, processes and systems in the second line is not an answer but rather empowering the first line and utilising existing and new systems and new technologies (including Regtech) will have impact and sustainable outcomes. Without a cross-organisational approach and a positive compliance culture, change will be ineffective.