New products CeCert

The current year brings many novelties in terms of standards, which often meet market expectations. One of the areas that can be classified as more and more strongly developing is the group of standards from the “organization management” family – the 37XXX series, for the development and publication of which is the responsibility of the ISO / TC309 technical committee. The current standard 37001 – “Anti-corruption management systems” has recently been joined by two new ISO 37002 – “Reporting management systems” and ISO 37301 – “Compliance management systems”.

The first of these standards is nothing more than a guide for organizations that want to implement system solutions for reporting irregularities. This standard was not developed with certification in mind, but due to the fact that it is harmonized with other ISO standards, it can be included in the certification process, e.g. for compliance with ISO 37001, ISO 27001 or ISO 9001. It should therefore be considered as a natural consequence of the development of compliance systems, because in many EU countries (including Poland), some entities already have, or will soon have, an obligation to have systems for reporting irregularities, including corruption incidents. This is related, inter alia, with the entry into force of the Directive of the European Parliament and of the Council (EU) 2019/1937 of 23 October 2019 on the protection of persons reporting breaches of EU law, commonly known as the Whistleblower Protection Directive. It imposes on entrepreneurs and top management many new obligations related to ensuring the protection of whistleblowers. For entities employing more than 250 employees, these regulations will be obligatory from December 17, 2021. For entities employing 50 to 249 employees, this period was extended until December 17, 2023. Importantly, the size of employment does not matter in the case of entities obliged to have whistleblower protection systems resulting from regulations, anti-money laundering and terrorist financing – e.g. accounting offices. Therefore, it is so important to have a whistleblower protection system in place, implemented and maintained now. & Nbsp;

The second of these standards is a set of guidelines for organizations that want to implement a system compliance solution. In contrast to the 37002 standard, the 37301 standard is intended for certification alone as well as in integration with other standards, such as ISO 9001, ISO 27001 or ISO 37001. It replaces ISO 19600: 2014 & nbsp; becoming a natural standard ordering the subject of “compliance” in the organization. One of its main goals is to support employees’ understanding of the organisation’s compliance policy, as well as operational compliance procedures and their application in the work environment. In other words, in the ever-changing world of legal regulations, the ISO 37301 standard can protect the organization itself and its top management against the possible consequences of non-compliance and the risk of fines. & Nbsp;

For both standards presented, CeCert offers a wide range of services related to open and closed training and certification of organizations against the requirements. It should be noted, however, that for the standard 37002 the suggested solution is to approach the certification together with another standard, eg ISO 37001. Please contact us by phone or by calling 721 721 527. & nbsp; & nbsp;

News