If you are a senior legal or compliance officer at a financial services institution in New Zealand, this playbook was built for you.
As an in-house legal leader, you are under increasing pressure to demonstrate that your legal and governance functions are not only compliant but also strategically aligned with organizational objectives. You must navigate a complex web of regulatory expectations, internal stakeholder demands, and evolving standards for governance maturity. The burden of proving compliance with both formal frameworks and informal regulatory expectations falls directly on your team. Without a structured, auditable approach, this work becomes reactive, fragmented, and resource-intensive.
Traditional consulting routes involve engaging external firms that charge between EUR 80,000 and EUR 250,000 for similar scope and deliverables. Alternatively, building this capability internally requires dedicating 2 to 3 full-time legal or compliance professionals for 4 to 6 months, pulling them away from high-value advisory work. This playbook delivers the same rigor, structure, and audit-readiness at a fraction of the cost, just $395.
What you get
| Phase | File Type | Description | Quantity |
| Assessment | Domain Assessment Tool | 30-question diagnostic per domain, scored against ISO 37301 maturity levels (0 to 5), with scoring guide and commentary | 7 |
| Evidence Collection | Evidence Runbook | Step-by-step instructions for gathering, organizing, and validating evidence required for ISO 37301 compliance across all clauses | 1 |
| Implementation | Work Breakdown Structure (WBS) Template | Hierarchical task list for implementing ISO 37301 controls, including timelines, dependencies, and deliverables | 1 |
| Implementation | RACI Matrix Template | Pre-mapped responsibility assignment chart for legal, compliance, governance, and executive roles across ISO 37301 requirements | 1 |
| Audit Preparation | Audit Prep Playbook | Checklist-driven guide for internal and external audits, including mock audit scenarios, document submission protocols, and auditor Q&A preparation | 1 |
| Cross-Reference | Cross-Framework Mapping Matrix | Detailed alignment of ISO 37301 controls with NZX Corporate Governance Code and FMA Expectations for Governance | 1 |
| Guidance | Implementation Handbook | Comprehensive guide explaining how to use all tools, interpret assessment results, and execute improvement plans | 1 |
| Guidance | Maturity Roadmap Template | Customizable roadmap for progressing from current state to target maturity level across all seven domains | 1 |
| Guidance | Policy & Procedure Outlines | Draft templates for key governance policies required under ISO 37301, including legal function charter, compliance oversight, and escalation protocols | 5 |
| Guidance | Stakeholder Communication Kit | Presentation decks, email templates, and briefing notes for updating executives, board members, and auditors on compliance progress | 3 |
| Monitoring | KPI Dashboard Template | Excel-based dashboard for tracking legal function performance, compliance metrics, and audit findings over time | 1 |
| Monitoring | Internal Review Protocol | Standard operating procedure for conducting quarterly internal reviews of legal and governance controls | 1 |
| Training | Team Workshop Slides | Facilitator-ready presentation for training legal and compliance staff on ISO 37301 principles and implementation steps | 1 |
Domain assessments
Each of the seven domain assessments evaluates a core component of the legal and governance function using 30 targeted questions aligned with ISO 37301 clauses. The domains are:
- Leadership and Commitment: Assesses executive sponsorship, tone from the top, and integration of compliance into strategic decision-making.
- Organizational Structure and Roles: Evaluates clarity of legal function reporting lines, role definitions, and accountability mechanisms.
- Compliance Culture and Awareness: Measures employee understanding of legal obligations, training effectiveness, and psychological safety for raising concerns.
- Risk Assessment and Due Diligence: Reviews processes for identifying, analyzing, and responding to legal and regulatory risks.
- Controls and Procedures: Examines the design, documentation, and enforcement of legal and governance controls across the organization.
- Monitoring and Review: Assesses internal audit coverage, management review frequency, and responsiveness to findings.
- Continuous Improvement: Evaluates feedback loops, incident response, root cause analysis, and adaptation of policies based on lessons learned.
What this saves you
| Activity | Time Required Without Playbook | Time Required With Playbook | Estimated Time Saved |
| Conducting legal function maturity assessment | 60, 80 hours | 10, 15 hours | 50, 65 hours |
| Mapping ISO 37301 to local governance expectations | 40, 60 hours | 5, 8 hours | 35, 55 hours |
| Preparing for compliance audit | 80, 120 hours | 20, 30 hours | 60, 90 hours |
| Developing RACI and WBS documentation | 30, 50 hours | 8, 12 hours | 22, 42 hours |
| Creating evidence collection strategy | 50, 70 hours | 10, 15 hours | 40, 60 hours |
| Total estimated time saved | 260, 330 hours | 53, 80 hours | 207, 277 hours |
Who this is for
- General Counsel or Head of Legal at financial institutions regulated under New Zealand law
- Compliance Managers responsible for governance frameworks and regulatory reporting
- Company Secretaries overseeing board-level governance and disclosure obligations
- Legal Operations Leads tasked with improving efficiency and accountability in legal functions
- Chief Risk Officers integrating legal risk into enterprise risk management
- Internal Audit Managers reviewing legal and governance controls
- Regulatory Affairs Specialists preparing for supervisory reviews or audits
Cross-framework mappings
This playbook includes full cross-references between ISO 37301 and the following frameworks:
- ISO 37301:2021 Compliance Management Systems , Requirements with Guidance for Use
- NZX Corporate Governance Code (2023 Edition)
- Financial Markets Authority (FMA) Expectations for Governance in Regulated Entities
What is NOT in this product
- This is not a certification service or audit body endorsement
- It does not include legal advice or interpretation of New Zealand statutes
- No third-party software, platforms, or hosted tools are provided
- It does not cover non-legal compliance areas such as IT security or financial crime
- No ongoing consulting or support is included in the base price
- It is not tailored to individual organizational structures without customization
- It does not replace the need for professional judgment in decision-making
Lifetime access and satisfaction guarantee
You receive lifetime access to the playbook files with no subscription, no login portal, and no recurring fees. The files are yours to use, adapt, and distribute within your organization. If this playbook does not save your team at least 100 hours of manual compliance work, email us for a full refund. No questions, no friction.
About the seller: With 25 years of experience in regulatory frameworks, the creator has analyzed 692 compliance and governance standards and built 819,000+ cross-framework mappings. Their tools are used by 40,000+ practitioners across 160 countries, supporting legal, compliance, and risk teams in achieving auditable, sustainable governance outcomes.
Need this for your team? We offer site licenses starting at $2,500 for up to 25 users. Reply to this page or DM Gerard directly on LinkedIn.
