ISO 37301 Lead Implementer

ISO 37301 Lead Implementer Course enables professionals to plan, implement and operationalise a Compliance Management System aligned with ISO 37301, ensuring consistency between normative requirements, governance and organisational culture. The training focuses on structured implementation and on the production of evidence to support assessment and certification.

Register
Companies: request a proposal

Quick Access:  Introduction· Why this course exists· What this course enables· Frameworks and standards· Value· Objectives· Target audience· Prerequisites· Programme· Exam & Certification· Other information· Benefits· Logistics· FAQs· Registration

Upcoming dates

Confirmed dates.
Synchronous, live training with interaction with the trainer and the group.

4 May 2026
Live Online • next edition
14 September 2026
Live Online • base price
Duration: 4 days / 40h
Language: available in Portuguese or English
Training: practical and case-study based
Exam: 3h
EXCELLENCE AND LEADERSHIP LEVEL — technical authority and leadership in governance.

Why this course exists

To transform ISO 37301 requirements into real, evidence-based and auditable implementation.

Many organisations recognise the criticality of compliance, but fail to move from intention to governance, processes, controls, evidence and continuous improvement. This course prepares professionals to lead the implementation of a Compliance Management System (CMS) with method, consistency and the ability to drive it through to the ISO 37301 certification audit.

What this course enables you to do

Plan

Define the CMS implementation approach and methodology, including drivers, context, interested parties, compliance obligations and scope.

Implement

Build compliance policy, processes, procedures and controls, including the assessment and treatment of risks and opportunities, documentation and integration with other management systems.

Evaluate

Establish monitoring, indicators, internal audits and management reviews, ensuring CMS performance, governance and effectiveness.

Improve

Manage findings, nonconformities and corrective actions, reinforcing continuous improvement and preparing the organisation for the ISO 37301 certification audit.

Frameworks, standards and best practices addressed throughout the course

ISO 37301 requirements
Governance & compliance culture
Context & scope
Compliance obligations
Risk & opportunities (criteria, assessment and treatment)
Policies, processes, controls & evidence
Whistleblowing, investigation & handling of concerns
Metrics, internal audit & management review
Continuous improvement & findings management
ISO 31000 / ISO 31022 and MSS integration
BEHAVIOUR Methodology (step-by-step)

Value for the organisation

  • Consistent and auditable implementation of a CMS, aligned with ISO 37301 and ready for certification.
  • Reduction of the risk of non-compliance and reinforcement of trust through governance, controls and sustained evidence.
  • Ability to integrate with other management systems and with applicable legal/regulatory requirements.
  • Accelerated execution through practice, case study and models that reduce rework and increase the quality of deliverables.

Introduction

The ISO 37301 Lead Implementer course was designed to turn the standard into practice. Supported by a case study adapted to a real context, the course challenges the learner to establish and maintain a Compliance Management System (CMS), based on the requirements of ISO 37301, correlated standards and a customised BEHAVIOUR methodology, developed by specialists in compliance management, ISO standards and related best practices.

In addition to mastering concepts, principles and requirements, participants in this ISO 37301 Lead Implementer course will learn how to put a Compliance Management Programme into practice, including: understanding drivers and compliance obligations; defining context and scope; interested parties, governance model and structure, and compliance culture; gap analysis; assessment and treatment of risks and opportunities; objectives and plans; planning changes; policies, processes, procedures and controls; documented information and evidence; reporting and escalation mechanisms; investigation and reporting; performance evaluation (metrics, internal audits and management reviews); and continuous improvement.

The fundamental knowledge of the Compliance Management 37301 Foundation course is included in this course and, for that reason, participation in or certification in the Foundation course is not a prerequisite.

This Training Plan and all associated documents are protected by Copyright and registered as a literary work with IGAC.

General Objectives

At the end of this course, participants will be able to:

  • Understand the fundamental concepts of compliance management and the main requirements of ISO 37301.
  • Know and understand the correlation between standards and best practices related to compliance management, including integration with ISO 31000/ISO 31022 and other management system standards.
  • Understand how ISO 37301 integrates with other MSS/NSG standards and structure an integrated approach.
  • Establish, implement, maintain and improve a Compliance Management System (CMS) in accordance with the requirements of the ISO 37301 International Standard.
  • Understand organisational governance principles and their relationship with compliance management and with the CMS.
  • Assess and treat risks and opportunities related to the CMS, aligning them with compliance objectives and organisational objectives.
  • Identify, develop and implement compliance requirements/obligations and controls to manage trends and respond to non-compliance risk scenarios.
  • Implement and maintain processes to manage concerns, including whistleblowing mechanisms, investigation, reporting and closure.
  • Understand and implement performance evaluation requirements (monitoring, metrics, internal audits and management review).
  • Identify and respond to continuous improvement requirements, ensuring resources, evidence and operational consistency of the CMS.
  • Acquire the knowledge required to successfully take the BEHAVIOUR Certified Compliance Management 37301 Lead Implementer exam and achieve a personal certification.

Target Audience

  • Business managers, consultants, auditors, professionals and risk managers who participate in an ISO 37301 CMS implementation and support activities subject to compliance requirements.
  • Executives and/or senior managers responsible for ensuring alignment and value delivery through a CMS and for ensuring the maintenance of a Compliance Management Programme.
  • Members of corporate governance bodies, ethics committees, compliance directors/managers and those responsible for the internal compliance function.
  • Internal specialists and external consultants who design and implement governance and/or compliance strategy.
  • Project managers who lead (or are preparing to lead) an ISO 37301 implementation programme.
  • Professionals who implement/manage other MSS/NSG systems and need to integrate requirements with an existing CMS.
  • Professionals responsible for CSR and related areas associated with ethical conduct and integrity.
  • IT, information security, continuity, risk or business professionals involved in the implementation, operation and continuous improvement of a CMS.
  • Anyone who wishes to acquire the knowledge required to implement an ISO 37301 CMS.

Prerequisites

There are no mandatory formal prerequisites. However, experience or exposure to compliance, governance, risk management, auditing and operations contexts is recommended, including familiarity with the structure of ISO standards and with compliance management practices.

In addition, other specific requirements may apply, where relevant, depending on the quotation/proposal presented (please consult the proposal).

Programme

Fundamentals and preparation (P – Plan)
  • Introduction to the course
  • Compliance management standards and common requirements for compliance with laws, regulations and ethical standards
  • Relationship between ISO 37301, ISO 31000 and ISO 31022, and integration with other MSS/NSG standards
  • Compliance management fundamentals
  • Presentation and overview of CMS requirements
  • Principles of organisational governance, compliance management and the CMS
  • Preparation for CMS implementation — approach and methodology
  • Understanding the organisation’s drivers and establishing the context (including compliance obligations)
Establish (Plan) the CMS
  • Definition of the CMS scope
  • Assess the current state and the desired state; prepare the Gap Analysis
  • Leadership and commitment; establish the Compliance Management Programme
  • Development of the Compliance Policy
  • CMS organisational structures (roles, responsibilities and authorities: Governing Body, Top Management, Compliance Function, management and employees)
  • Assessment and treatment of CMS risks and opportunities (including legal risks and emerging sources)
  • Compliance objectives, plans and planning of changes to the CMS
Implement and Operate (Do)
  • Support: resources, competence, awareness, communication and documented information
  • Documented information management; required models (policies, processes, procedures, plans)
  • Plan, implement and control controls to manage compliance obligations and respond to identified risks
  • Mechanisms to manage concerns and whistleblowing, escalation and reporting
  • Processes to assess, analyse, investigate and close suspected or actual non-compliance cases
  • Transition of the CMS into operation
Monitor, Review, Improve (Check/Act) & Certification
  • Monitoring, measurement, analysis and evaluation
  • Internal audit programme
  • Management review
  • Continuous improvement process
  • Management of findings, including nonconformities, and application of corrective actions
  • Moving forward to the ISO 37301 certification audit
  • Personal certification and training closure

Exam(s) and Certification

Exam “Certified Compliance Management 37301 Lead Implementer”

The exam covers the following competence domains:

  • Domain 1: Compliance management fundamentals and ISO 37301 requirements
  • Domain 2: Establish (Plan) a CMS based on ISO 37301
  • Domain 3: Implement and Operate (Do) a CMS based on ISO 37301
  • Domain 4: Monitor and Review (Check) a CMS based on ISO 37301
  • Domain 5: Maintain and Improve (Act) a CMS based on ISO 37301
  • Domain 6: Move forward to the ISO 37301 Certification Audit

 

Language(s): Portuguese and English (please consult BEHAVIOUR regarding availability in other languages).
Duration: 3 hours.
Format: 12 open questions based on a case study.
Results: Pass or Fail.
Issuing entity: Behaviour (legal entity), through its certification service Behaviour Certification Services.
Retake: 1 free retake within a maximum period of 2 months after the date the exam result is made available.

Certification (levels and requirements)

After successfully completing the exam and accepting/signing the applicable agreement and Code of Ethics, the candidate may apply for one of the three levels, according to experience:

  • Certified Compliance Management 37301 Associate Implementer: no previous experience is required
  • Certified Compliance Management 37301 Implementer: 2 years of experience in compliance management
  • Certified Compliance Management 37301 Lead Implementer: 5 years of experience in compliance management

 

A Certificate and a Digital Certification Badge (i.e., “badge”) will be issued to participants who successfully complete the certification exam and satisfy all the requirements of the certification to which they apply. Certification is issued by Behaviour (legal entity), through its certification service Behaviour Certification Services.

The personal certification programme Certified Compliance Management 37301 Lead Implementer is designed and maintained in accordance with ISO/IEC 17024.

Certification programmes are valid only for individuals (not organisations), and the award and maintenance of certification depend on the exam result, professional experience and compliance with the applicable agreement/Code of Ethics.

If the professional does not comply with the agreement/Code of Ethics, the certification is not granted or is revoked.

Other Information

General Information
  • Training in Portuguese or English
  • Training materials available online, in English, in accordance with the awarded conditions
  • Practical step-by-step implementation methodology
  • Behaviour digital Training Attendance Certificate with 40 CPD/CPE credits
  • Online Certification Exam, in Portuguese or English. The exam may be taken up to 2 months from the course start date
  • If the candidate does not pass the exam, they are entitled to one free retake within a maximum period of 2 months from the release date of the initial exam mark
  • Digital Certification Diploma and Digital Certification Badge, after successfully passing the exam and completing the application process. This process has no associated cost
Trainer(s)
A team of senior consultants and auditors with proven experience in compliance management, governance and risk, implementation and auditing of management systems (including ISO 37301 and integration with other MSS/NSG standards) and related best practices.

Benefits

View benefits
  • The ISO 37301 standard defines requirements for an auditable and certifiable Compliance Management System (CMS), recognised internationally.
  • It strengthens the ability to prevent, detect and respond to non-compliance risks, increasing trust among clients, partners, regulators and interested parties.
  • The ISO 37301 Lead Implementer course is based on the BEHAVIOUR pedagogical model, with a personal certification programme designed in accordance with the ISO/IEC 17024 standard.
  • ISO 37301 Lead Implementer course provides practical competences to establish, implement, operate, maintain and improve a Compliance Management System (CMS) in accordance with ISO 37301.
  • It enables participants to structure governance, compliance obligations, controls, evidence and integration with other management systems.
  • It makes it possible to consolidate evidence for internal/external audits, management reviews and continuous improvement.
  • Accelerated execution through templates, practical exercises and case study, reducing rework and the risk of non-compliance.
  • The certification exam is supervised by an official BEHAVIOUR administrator.
  • The exam takes place after the course and consists of open-ended/development questions, based on a case study.
  • After passing the exam and applying for certification, the professional reaches the applicable certification level. If the candidate does not pass, they are entitled to one free retake within the period defined in the applicable certification scheme.

Logistics

Useful information
  • Live Online (synchronous time): 9:30–17:30 (Lisbon, GMT 0), with lunch break and short breaks
  • Classroom (synchronous time): 9:30–17:30 (Lisbon, GMT 0), with lunch break and short breaks
  • 28 hours of synchronous training, distributed across 4 consecutive days
  • Estimated 12 hours of guided autonomous work, intended for content consolidation and exam preparation, carried out flexibly outside the synchronous sessions
  • Requirements: computer with stable internet, browser, PDF reader, audio/video
Hotels in Lisbon
Find out where you can stay in Lisbon, near Behaviour, for classroom training.

Frequently Asked Questions

Objective answers to additional questions about the scope and usefulness of the ISO 37301 Lead Implementer course.

Is this course suitable for someone who will lead an implementation project rather than simply participate in the team?

Yes. The course was designed to prepare professionals to plan, structure and drive the implementation of an ISO 37301 CMS, including method, governance, evidence and preparation for the certification audit.

Is the course useful even when the organisation does not yet have a formalised Compliance Management System?

Yes. The course is useful both for organisations that are starting and for evolving contexts, helping to structure scope, compliance obligations, controls, roles, evidence and continuous improvement.

Does the training address only normative requirements, or also operationalisation in practice?

It is not limited to reading the standard. The training combines ISO 37301 requirements with a case study, step-by-step methodology and work on processes, policies, controls, metrics and governance mechanisms.

Does this course help integrate ISO 37301 with other existing management systems?

Yes. The course addresses the integration of the CMS with other MSS/NSG standards and with related practices, making it possible to reduce redundancies and increase consistency between governance, risk, controls and evidence.

Is this course also useful for reviewing and improving an existing CMS?

Yes. In addition to supporting greenfield implementations, the course is useful in contexts where a compliance structure already exists and it is necessary to strengthen consistency, evidence, monitoring, management review and preparation for audit.

For general questions about registration, delivery modes, exams, certification and recertification, please consult the BEHAVIOUR® FAQs.

Registration

Complete the form to request your registration for the preferred edition. Check the upcoming dates.

Nome pessoa contacto
=

Request more information

If you would like help to frame the course within your professional or organisational context, contact us and we will indicate the most suitable path.

Request Information

Companies: request a proposal

For team registrations, we provide volume conditions and a proposal tailored to the organisational need.

Request Proposal