ISO 37301: Foundation
The ISO 37301: Foundation course provides participants with a solid understanding of the requirements, structure, and practical application of a Compliance Management System (CMS) based on ISO 37301. ISO 37301 is published by the International Organization for Standardization (ISO) and is a certifiable, requirements-based standard for establishing, implementing, maintaining, and continually improving effective compliance management. It applies to organizations of all sizes and sectors and supports compliance with laws, regulations, contractual obligations, and voluntary commitments. This Foundation-level course moves beyond awareness and introduces learners to core ISO 37301 clauses, compliance risk management concepts, governance responsibilities, and operational controls. It prepares participants to support CMS implementation, audits, and continual improvement, or to progress to advanced ISO 37301 certifications. Course Objectives By the end of this course, participants will be able to: Understand the purpose, scope, and benefits of ISO 37301 Interpret the structure and key requirements of a CMS Understand compliance risk assessment principles Identify key compliance controls and processes Recognize governance, leadership, and compliance function responsibilities Support CMS implementation, operation, and monitoring Prepare for the ISO 37301 Foundation certification examination
Course Curriculum
1
- Definition and scope of compliance
- Legal, regulatory, contractual, and voluntary obligations
- Consequences of non-compliance
- Role of compliance in governance and risk management
2
- Purpose and scope of ISO 37301
- Intended users of the standard
- Benefits of implementing a CMS
- ISO 37301 vs ISO 19600
3
- High-Level Structure (Annex SL)
- Context of the organization
- Leadership and planning
- Support and operation
- Performance evaluation and improvement
4
- Responsibilities of governing body and top management
- Compliance policy requirements
- Independence and authority of the compliance function
- Accountability and oversight
5
- Identifying compliance obligations
- Compliance risk identification and analysis
- Risk evaluation and prioritization
- Linking risks to controls and actions
6
- Policies, procedures, and internal controls
- Integration into business processes
- Managing third-party and contractual compliance
- Documentation and record keeping
7
- Compliance awareness programs
- Training requirements
- Internal and external communication
- Promoting ethical behavior and speak-up culture
8
- Reporting non-compliance and concerns
- Handling investigations
- Corrective and disciplinary actions
- Protection of reporters
9
- Monitoring compliance performance
- Defining indicators and metrics
- Internal audit and review (overview)
- Management review
10
- Managing nonconformities
- Corrective and preventive actions
- Updating compliance risks and controls
- Sustaining CMS effectiveness
11
- Certification process overview
- Audit expectations and evidence
- Common nonconformities
- Maintaining certification
12
- Review of ISO 37301 Foundation syllabus
- Sample questions and exam techniques
- Certification exam guidance
13
- Governance, risk, and compliance professionals
- Legal and regulatory affairs staff
- Internal auditors and assurance professionals
- Compliance officers and managers
- Senior managers and supervisors
- Professionals preparing for ISO 37301 Foundation certification
14
- No formal prerequisites
- Basic understanding of governance, compliance, or risk management is beneficial
This course includes
- 14+ Activity Modules
- 40 hours + lessons
- Lifetime access
- Certificate of completion
- Available on desktop and mobile
Some of Our Partners
