Information about ISO 37301

Companies without compliance risks? Your search returned no results. Whether a large corporation or an SME, compliance risks always exist - the important thing is to manage them. The implementation and certification of a compliance management system according to ISO 37301 helps you to address compliance with legal requirements and rules in a systematic, structured, and proactive manner.

Improved public image and increased trust

Evidence of corporate due diligence compliance

Easy integration with other management systems

Improved effectiveness of your CMS

Beschreibung Standard/Regelwerk

ISO 37301 - Certification of compliance management systems

Back in 2014, ISO 19600 was published; a standard that describes how organizations can implement and maintain a compliance management system (CMS). ISO 19600 was designed as a guideline and assistance - it was explicitly not a certification standard. However, it was quickly realized that this did not give companies the opportunity to prove the effectiveness of their CMS.

ISO 37301 now closes this gap: it not only replaces ISO 19600, but is also a certification standard that sets clear and verifiable requirements for compliance management systems. Thus, it offers organizations the opportunity to demonstrate the implementation of an effective CMS through certification.

Show more
Show less
Welche Arten

What is a compliance management system?

A compliance management system (CMS) is a set of processes designed to ensure that an organization complies with all applicable laws, regulations, and codes of conduct. Due to the ever-changing nature of laws and regulations in different countries and regions, it is imperative to continuously keep up to date with the applicable regulations. An effective CMS enables you to identify relevant requirements, ensure compliance throughout your organization, and monitor and optimize compliance.


What is the purpose of ISO 37301?

The international standard ISO 37301 provides guidelines for effective compliance management systems. Based on the principles of good governance, proportionality, transparency, and sustainability, it describes the key components and processes of an effective CMS. The standard is an important benchmark for companies that want to implement a compliance management system or standardize their system.

Chancen und Risiken

How does ISO 37301 relate to other standards?

ISO 37301 and ISO 37001ISO 37301, the standard for compliance management systems, and ISO 37001, the standard for anti-corruption management systems, are both based on ISO principles for management systems. Among other things, this means that both standards require a risk-based approach and both follow the Plan-Do-Check-Act (PDCA) process cycle. While ISO 37301 takes a holistic approach to compliance management, ISO 37001 focuses on one aspect: Anti-corruption management. Since both standards are based on the same principles, they can be easily combined and integrated.

ISO 37301 and ISO 19600ISO 37301 replaces ISO 19600, which was originally published in 2014. Unlike ISO 19600, ISO 37301 is not a guideline, but a certification standard.

Show more
Show less

What is the certification process of ISO 37301?

First, you exchange information with us about your company, your management system, and the goals of a certification. On this basis, you will promptly receive a detailed and transparent offer, tailored to your individual needs.

Especially for larger certification projects, a planning meeting is a valuable opportunity to get to know your auditor as well as to develop an individual audit program for all departments and locations involved.
A pre-audit also offers the opportunity to identify potential for improvement as well as strengths of your management system in advance. Both services are optional.

The certification audit starts with a system analysis (audit stage 1) and the evaluation of your documentation, objectives, results of your management review and internal audits. In this process, we determine whether your compliance management system is sufficiently developed and ready for certification.
In the next step (system audit stage 2), your DQS auditor assesses the effectiveness of all management processes on site. In a final meeting, they will provide you with a detailed presentation of the results and possible improvement potential for your company. If necessary, action plans will be agreed upon.

After the certification audit, the results are evaluated by the independent certification board of DQS. You will receive an audit report documenting the audit results. If all requirements of ISO 37301 are met, you will receive an internationally recognized certificate.

To ensure that your company continues to meet all the important criteria of the standard after the certification audit, we conduct surveillance audits on an annual basis. This provides competent support for the continuous improvement of your management system and business processes.

The certificate is valid for a maximum of three years. Recertification is carried out in good time before expiry to ensure continued compliance with the applicable standard requirements. Upon fulfillment, a new certificate is issued.


How much does ISO 37301 certification cost?

The cost of ISO 37301 certification depends on a number of factors. For example, it plays an important role whether a certified management system already exists. In addition, the size of your company and the complexity of the compliance requirements have an influence on the duration of the audit and thus on the price. We will be happy to make you an individual offer for your company or organization without obligation.


Why DQS is the perfect partner for your ISO 37301 certification

  • Global network of highly qualified auditors
  • Highly solution-oriented and customer-focused
  • High levels of expertise in all industries
  • Quotes and services tailored to your company's needs

Request a quote

Your local contact

We will be happy to provide you with an individual quote for ISO 37301 certification.