Module 10:  The benefits and requirements of ISO 37001

Requirements: (3) Compliance function; (4) Responsibility of personnel

3.  Compliance function

Appoint a person with responsibility for overseeing compliance by the organisation and its personnel with the ABMS (compliance function). 

In a large organisation, the compliance function may have a head of compliance, supported by numerous compliance personnel.

In a medium size organisation, the compliance function may be one full time person.

In a small organisation, the compliance function may be a manager who shares the role of compliance with another function.  If this is the case, the other function should as far as possible not conflict with the compliance function.  So, it would be appropriate to make the head of finance also head of compliance, but not the head of sales.

4.  Responsibility of personnel

Ensure that responsibility for ensuring compliance with the ABMS is effectively allocated and communicated throughout the organisation.  Therefore:

  • function, department or regional heads (e.g. Sales Director, Finance Director, Regional Managing Director) will be responsible for ensuring compliance by all personnel within their function, department or region
  • all personnel will be responsible for their personal compliance.

                            8 of 22

January 2025
© GIACC