ISC Technical Committee 309 - Governance of Organizations

ISO Technical Committee 309 (TC 309) is responsible for the governance and compliance standards for organizations published by ISO. A listing of the relevant standards can be found here. Important publications include:

• ISO 37300 Governance of Organizations - Guidelines

• ISO 37301 Anti-Bribery Management Systems — Requirements with Guidance for Use

• ISO 37302 Whistleblowing Management Systems — Guidelines

• ISO 37308 Internal Investigations of Organizations — Guidance

• ISO 37309 Conflict of Interest in Organizations — Guidance

The ISO standards specific to a compliance management system (CMS) include the following:

• ISO 37301 Compliance Management Systems — Requirements with Guidance for Use

  Amd 1:2024 Climate Action Changes

• ISO 37302 Compliance Management Systems — Guidance for the Evaluation of Effectiveness

• ISO 37303 Compliance Management Systems — Guidance for Competence Management

NOTE: ISO 37304 Compliance Management Systems — Requirements for Bodies Providing Audit and Certification of Compliance Management Systems is currently under development, and in the Draft International Standard (DIS) stage. ISO 37304 is an extension to the ISO 17021, Part 1: Requirements. This standard is the foundation for the audit and certification of all ISO management systems.

NOTE: The ISO 38500-series of ISO standards are maintained by ISO Steering Committee 40 (SC 40), which includes the standards on IT governance (ISO 38501), data governance (ISO 38505-series), and AI governance (ISO 38507) . Those standards can be found here.