中英文版2021合规管理体系要求及使用指南.docx

ISO37301:2021《合规管理体系要求及使用指南》中英文版ISO37301:2021Compliancemanagementsystems-RequirementswithguidanceforuseForewordISO(theInternationalOrganizationforStandardization)isaworldwidefederationofnationalstandardsbodies(ISOmemberbodies).TheworkofpreparingInternationalStandardsisnormallycaniedoutthroughISOtechnicalcommittees.Eachmemberbodyinterestedinasubjectforwhichatechnicalcommitteehasbeenestablishedhastherighttoberepresentedonthatcommittee.Internationalorganizations,governmentalandnon-governmental,inliaisonwithISO,alsotakepartinthework.ISOcollaboratescloselywiththeInternationalElectrotechnicalCommission(IEC)onallmattersofelectrotechnicalstandardization.TheproceduresusedtodevelopthisdocumentandthoseintendedforitsfurthermaintenancearedescribedintheISO/IECDirectives,Part1.Inparticular,thedifferentapprovalcriterianeededforthedifferenttypesofISOdocumentsshouldbenoted.ThisdocumentwasdraftedinaccordancewiththeeditorialrulesoftheISO/IECDirectives,Part2(seewww.iso.org/directives).Attentionisdrawntothepossibilitythatsomeoftheelementsofthisdocumentmaybethesubjectofpatentrights.ISOshallnotbeheldresponsibleforidentifyinganyorallsuchpatentrights.DetailsofanypatentrightsidentifiedduringthedevelopmentofthedocumentwillbeintheIntroductionand/orontheISOlistofpatentdeclarationsreceived(seewww.iso.org/patents).Anytradenameusedinthisdocumentisinformationgivenfortheconvenienceofusersanddoesnotconstituteanendorsement.Forane*planationofthevoluntarynatureofstandards,themeaningofISOspecifictermsande*pressionsrelatedtoconformityassessment,aswellasinformationaboutISO、sadherencetotheWorldTradeOrganization(WTO)principlesintheTechnicalBarrierstoTrade(TBT),seewww.iso.org/iso/foreword.html.ThisdocumentwaspreparedbyTechnicalCommitteeISO/TC309,Governanceoforganizations.ThisfirsteditionofISO37301cancelsandreplacesISO19600:202*,whichhasbeentechnicallyrevised.ThemainchangescomparedtoISO19600:202*areasfollows:一thisdocumentnowcontainsrequirementswithadditionalguidanceforusebasedonthoserequirements;—thisdocumentfollowsISO、srequirementsfbraharmonizedstructureformanagementsystemstandards.Anyfeedbackorquestionsonthisdocumentshouldbedirectedtotheuser、snationalstandardsbody.Acompletelistingofthesebodiescanbefoundatwww.iso.org/members.html.IntroductionOrganizationsthataimtobesuccessfulinthelongtermneedtoestablishandmaintainacultureofcompliance,consideringtheneedsande*pectationsofinterestedparties.Complianceisthereforenotonlythebasis,butalsoanopportunity,forasuccessfulandsustainableorganization.Complianceisanongoingprocessandtheoutcomeofanorganizationmeetingitsobligations.Complianceismadesustainablebyembeddingitinthecultureoftheorganizationandinthebehaviourandattitudeofpeopleworkingfbrit.Whilemaintainingitsindependence,itispreferablethatcompliancemanagementisintegratedwiththeorganization、sothermanagementprocessesanditsoperationalrequirementsandprocedures.Aneffective,organization-widecompliancemanagementsystemenablesanorganizationtodemonstrateitscommitmenttocomplywithrelevantlaws,regulatoryrequirements,industrycodesandorganizationalstandards,aswellasstandardsofgoodgovernance,generallyacceptedbestpractices,ethicsandcommunitye*pectations.Anorganization、sapproachtocomplianceisshapedbytheleadershipapplyingcorevaluesandgenerallyacceptedgoodgovernance,ethicalandcommunitystandards.Embeddingcomplianceinthebehaviourofthepeopleworkingforanorganizationdependsaboveallonleadershipatalllevelsandclearvaluesofanorganization,aswellasanacknowledgementandimplementationofmeasurestopromotecompliantbehaviour.Ifthisisnotthecaseatalllevelsofanorganization,thereisariskofnoncompliance.Inanumberofjurisdictions,courtshaveconsideredanorganization、scommitmenttocompliancethroughitscompliancemanagementsystemwhendeterminingtheappropriatepenaltytobeimposedforcontraventionsofrelevantlaws.Therefore,regulatoryandjudicialbodiescanalsobenefitfromthisdocumentasabenchmark.Organizationsareincreasinglyconvincedthat,byapplyingbindingvaluesandappropriatecompliancemanagement,theycansafeguardtheirintegrityandavoidorminimizenoncompliancewiththeorganization、scomplianceobligations.Integrityandeffectivecompliancearethereforekeyelementsofgoodanddiligentmanagement.Compliancealsocontributestothesociallyresponsiblebehaviouroforganizations.Oneoftheobjectivesofthisdocumentistoassistorganizationstodevelopandspreadapositivecultureofcompliance,consideringthataneffectiveandsoundmanagementofcompliance-relatedrisksshouldberegardedasanopportunitytopursueandtake,duetotheseveralbenefitsthatitprovidestotheorganizationsuchas:一improvingbusinessopportunitiesandsustainability;一protectingandenhancinganorganization、sreputationandcredibility;一takingintoaccounte*pectationsofinterestedparties;一demonstratinganorganization、scommitmenttomanagingitscomplianceriskseffectivelyandefficiently;一increasingtheconfidenceofthirdpartiesintheorganization、scapacitytoachievesustainedsuccess;一minimizingtheriskofacontraventionoccurringwiththeattendantcostsandreputationaldamage.Thisdocumentspecifiesr。