ISO_37001_the_approach__1642776859.pdf

STRICTLY PRIVATE & CONFIDENTIAL
Lembaga Tabung Haji reserves all propriety rights to this Presentation. No part of this Presentation may be used or reproduced without Lembaga Tabung Haji’s
prior written permission. This Presentation is provided for information purposes only. Neither Lembaga Tabung Haji nor the Presenter makes any warranty,
expressed or implied, nor assumes any legal liability or responsibility for the accuracy, completeness or currency of the contents of this Presentation.
ISO 37001:2016 ANTI-BRIBERY MANAGEMENT SYSTEMS (ABMS)
LEMBAGA TABUNG HAJI, MALAYSIA (TH) EXPERIENCE
Hajah Azwan binti Muhamad
4 MAY 2021

THE AGENDA
TH INTEGRITY COMMITMENT
INTRODUCTION
PLAN, DO, CHECK & ACTION
TH JOURNEY
IDENTIFYING LAW REGULATIONS, RULES,
POLICIES, STANDARDS & GUIDELINES
REQUIREMENT
GAP ANALYSIS
APPROACH
PERFORMANCE EVALUATION &
IMPROVEMENT
CONTINOUS
JOURNEY
A
B
C
D
E

INTRODUCTION
TH INTEGRITY COMMITMENT

Dasar Kualiti TH
Lembaga Tabung Haji, sebuah institusi PENGURUSAN HAJI DAN TABUNGAN
yang unggul, MENJUNJUNG NILAI-NILAI ISLAM untuk memberi perkhidmatan
berkualiti dan mengamalkan PENAMBAHBAIKAN BERTERUSAN yang
memenuhi keperluan pelanggan.
Pekeliling TH Bil 8/1995 bertarikh 28 April 1995

ISO Management Systems Certification In TH
Current Certification Programs In TH
MS ISO 9001:2015
Quality
Management
Systems (QMS)
Quality
Management
Standard
ISO 37001 :2016
Anti Bribery
Management
Systems (ABMS)
Prevent, detect and
address bribery.
ISO 45001:2018 –
Occupational
Health and Safety
Management
System (OHSMS)
Reduce risk in the
workplace and make
sure that everyone
gets home safely.
TH an outstanding HAJJ AND SAVINGS MANAGEMENT INSTITUTION which UPHOLDS ISLAMIC VALUES in
PROVIDING QUALITY SERVICES and CONTINUOUS IMPROVEMENTS to fulfil customer requirements.
TH’s Quality Policy
TH
Code of Ethics
W ORSHIP TO
ALLAH
SINCERITY
TRUST
PURSUE FOR
UMMAH
PROSPERITY
GRATITUDE TO
TH
MANAGE TIME
WISELY
RESTORE
WORKPLACE
HARMONY
JUSTICE AND
PRUDENT
TEAMWORK
DEDICATION
AND PATIENCE
DILIGENT AND
EFFICIENT

1997 2005 2012
ISO 9000
Haj Services at
TH
Headquarter
Office
30 Sept
Provision of TH
Customer
Service,
Depository &
Hospitality
ISO 9001
Procument
Management
Marketing &
Office Rental
Services
ISO 9001
Information
Security
Management
System
(ISMS)
ISO 27001
2004
Panduan
Pelaksanaan
MS ISO 9000
& Skim
Persijilan
Sistem Kualiti
oleh Agensi
Kerajaan
PKPA Bil
1/1997-2 Jan
Anti-Bribery
Mgmt
System
ISO 37001
2016
Finance
Management &
Services
Headquarter
Office
ISO 9001
Occupational
Health &
Safety Mgmt
System
MS1722
2017
9000:1994 Haj Services at TH Headquarter Office (1997)
9001:2000 Haj Registration at Haj Management Division, TH Headquarter Office (2001)
9001:2008 Management and Operation of Haj Services in Malaysia
9001:2015 and Saudi Arabia (2005 -2015)
9001:2000 Provision of TH Customer Service, Depository & Hospitality (2004)
9001:2008 Provision of TH Customer Service and Depository (2014 to-date)
9001:2015
Occupational
Health &
Safety Mgmt
System
ISO 45001
2019
1722:2011 Building Management and Facilities Maintenance (2016)
45001:2018 Building Management of TH Tower (2019)
CRONOLOGY MANAGEMENT SYSTEMS STANDARD @TH
ISO Certification Scope Transition @ TH

12 April 2017
• Briefing/ Engagement
• Application by pre-
selected organisation
.
INVITATION
No. PILOT PROGRAM CERTIFIED ISO 37001
1 Majlis Perbandaran Seberang Perai
2
Angkatan Koperasi Kebangsaan
Malaysia Berhad
3 Pihak Berkuasa TempatanPengerang
4 TopGlove Sdn. Bhd.
5 Petroliam Nasional Berhad
6 Lembaga Tabung Haji
7 Jabatan Pengangkutan Jalan
8 Agensi Kelayakan Malaysia (MQA)
9 Jabatan Imigresen Malaysia
10 Majlis Perbandaran Subang Jaya
11 Yayasan Pahang
ABMS IS0 37001:2016 MALAYSIA PILOT PROGRAM (2017)
21 April 2017
• Register into the pilot
program.
REGISTRATION
• 6 days session
• ISO 37001 Requirements
• Workshop Developing
ABMS Manual
• ISO Internal Audit
TRAINING & DEVELOPE
25 Apr – 11July
• Internal Audit ( 21-23Aug)
• SIRIM Pre Certification Audit
(28-29 Sept)
• TH Headquarter
PRE ASSESMENT
• Stage 1 on Readiness
Review (2-3 Oct)
• Stage 2 (18-25 Oct)
• TH HQ and Branches
STAGE AUDIT
• Due 5 Nov 2020
• Cert No.
ABMS 00106
ISO 37001
CERTIFIED
5 Nov 2017
Aug- Sept 2017 Oct 2017
10 Nov 2017

TH ABMS SCOPE
Anti-Bribery Management System of Lembaga Tabung Haji Including:
1) Management of Haj Operation Services at Malaysia and Saudi Arabia;
2) Management of Customer Services and Deposits;
3) Management of Investment; and
4) Support Services
The scope of ISO 37001: 2016 ABMS certification includes the entire main activities and processes in TH.

CERTIFIED ISO 37001:2016 ABMS
TH certified ISO 37001:2016
ABMS since 6th November
2017
Quality Assurance

WHY CERTIFIED ISO 37001:2016?
❑ Section 17A (1) of the MACC (Amendment) Act 2018 enforcement
➢ commercial organisation commits an offence if any person associated with it commits a
corrupt act or bribery in order to obtain or retain business or advantage for the
organisation. However, Section 17A (4) allows a defense for the organisation, by proving it
had in place “adequate procedures” designed to prevent person(s) associated with it from
undertaking such a conduct.
❑ Supports and fulfil the responsible to sustainable development goal on corruption Article
26 United Nation Convention Against Corruption (UNCAC) -Liability Of Legal Person.
❑ Implement strategy 2&6 in National Anti-Corruption Plan (NACP)

National Anti-Corruption Plan (NACP)
Strategic Objective 2.1: Redesigning of
Public Services towards Good Governance
2.1.3 To Introduce ABMS ISO 37001
certification in all Government agencies
Strategic Objective 6.2 : Greater Corporate
Entities Resilience against the Threat of
Corruption
6.2.4 To proposed ABMS ISO 37001
certification as a requirement for State-
Owned Enterprises (SOEs), Company
Limited By Guarantee (CLBG) and private
sector in order to bid for Government
contracts

TH JOURNEY
PLAN, DO, CHECK & ACTION

ISO 37001:2016 CERTIFICATION
3,4 & 5
Done
Concurrently

PLAN – CERTIFICATION MILESTONES
1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4
a) ABMS Manual
b) Corruption Management Risk
a) Taklimat Audit Dalam
b)
Penyediaan Pelan Audit dan
Senarai Semak Audit
Perancangan Pelaksanaan
5
Mesyuarat Kajian Semula Pengurusan
8
Majlis Pemberian Pensijilan ABMS pada
Majlis SIRIM Industri (10 Nov 2017)
6 Pre- Assessment by SQAS
a) Bahagian Integriti
7 Stage 1 & Stage 2 Audit by SQAS
2
Dokumentasi Anti-Bribery Management
System (ISO 37001) -
Tarikh kuatkuasa: 14 Julai 2017
No.
3
Program Pengukuhan ABMS
-Road Show & Ikrar Integriti
c) Badan Pentadbir
b) Pengurusan Atasan
4
Pelaksanaan Audit Dalam
Tarikh Audit: 21-23 Julai 2017
Aug-17
3 Bengkel Pembangunan ISO37001:2016
1
Jun-17
Apr-17 May-17 Jul-17 Dec-17
Sep-17 Oct-17 Nov-17
AKTIVITI
TEMPOH
3. Identify ABMS
Gaps
4. CRM Assessment
5. Develop ABMS
Documents
6. Conduct
Internal Audit
Team
7. Conduct
Management
Review
8. Certification
Audit
Clause 7.3 ISO 37001
Awareness & Training

TH CORPORATE INTEGRITY PLEDGE
02 03
Berganding bahu
untuk mewujudkan
persekitaran
perniagaan yang
bebas daripada
rasuah;
Mendukung Prinsip
Pencegahan Rasuah untuk
syarikat di Malaysia dalam
urusan perniagaan dan
interaksinya dengan rakan
perniagaan dan juga
Kerajaan.
Ikrar Integriti Korporat ialah dokumen yang membenarkan sesebuah organisasi
korporat untuk membuat komitmen untuk mendukung Prinsip Pencegahan
Rasuah bagi Syarikat Korporat di Malaysia. Ketua Pegawai Eksekutif dan
Pengarah Urusan Kumpulan TH telah menandatangani Ikrar Integriti Korporat
pada 13 April 2012.
Dengan menandatangani ikrar ini, Lembaga Tabung Haji berikrar bahawa:
TH tidak akan
terlibat dalam
jenayah rasuah;
01
TH Integrity Commitment

• Untuk tidak membenarkan sebarang perbuatan rasuah dalam apa jua bentuk, sama ada secara
langsung atau tidak langsung, di premis perkhidmatan dan dalam semua hubungan perkhidmatan
dan perniagaan, termasuk dengan pembekal, kontraktor, pendeposit dan pihak ketiga;
• Untuk memastikan pematuhan sepenuhnya terhadap Kod etika dan peraturan-peraturan yang
berkuatkuasa pada setiap masa;
• Untuk mewujudkan budaya kerja positif yang mengutamakan integriti bagi mewujudkan
persekitaran perkhidmatan dan perniagaan yang kondusif;
• Untuk mengiktiraf dan memberi ganjaran kepada mereka yang mempunyai integriti dan etika yang
tinggi; dan
• Untuk meningkatkan saluran aduan yang selamat dan boleh diakses oleh seluruh anggota serta
lain-lain pihak bagi tujuan melaporkan perbuatan rasuah dengan penuh keyakinan dan tanpa
sebarang risiko tekanan.
• Untuk membangunkan program pencegahan rasuah bagi menjelaskan nilai-nilai, dasar dan
prosedur yang akan digunakan bagi mencegah perbuatan rasuah daripada berlaku dalam semua
aktiviti perkhidmatan dan perniagaan ;
• Untuk memperbaiki sistem serta prosedur sedia ada bagi mengelakkan sebarang amalan rasuah;
• Untuk memasukkan program pencegahan rasuah, peningkatan nilai-nilai etika dan integriti dengan
memberi latihan kepada pihak pengurusan dan seluruh anggota; dan
• Untuk mengadakan audit Dalaman secara berterusan bagi mengelakkan penyalahgunaan
perkhidmatan, dana serta aset.
• Untuk memastikan semua undang-undang, dasar dan prosedur yang berkaitan dengan rasuah
dipatuhi; dan
• Untuk memastikan tadbir urus korporat yang baik dilaksanakan, dipantau dan diamalkan,
perkhidmatan dan perniagaan dijalankan secara telus serta bertanggungjawab bagi mengelakkan
konflik kepentingan, penyalahgunaan kuasa dan salah laku.
01
02
03
Mempromosikan
nilai-nilai
ketelusan,
integriti dan
tadbir urus
korporat yang
baik
Pengukuhan
sistem
dalaman yang
menyokong
pencegahan
rasuah
Pematuhan
undang-undang
serta peraturan-
peraturan yang
berkaitan dengan
memerangi rasuah
Lembaga Tabung Haji akan berusaha untuk mewujudkan persekitaran perkhidmatan
dan perniagaan di malaysia yang berintegriti dan bebas daripada rasuah melalui
tindakan-tindakan berikut:-

• tidak bertolak ansur terhadap mana-mana anggota atau mana-mana pihak lain yang terlibat
dalam rasuah yang berkaitan dengan perkhidmatan dan perniagaan, tanpa mengira kedudukan
serta status;dan
• Untuk melaporkan perlakuan rasuah yang berlaku di premis perkhidmatan dan perniagaan
• Untuk menyokong kempen pencegahan rasuah oleh Kerajaan dan SPRM;
• Untuk memberi kerjasama sepenuhnya kepada Pihak Berkuasa, agensi Kawal selia dan SPRM,
berhubung dengan pencegahan dan penguatkuasaan undang-undang bagi menentang rasuah;
• UntukmengaturprogrampencegahanrasuahsecaraberterusanmelaluipenubuhanJawatankuasa
Khas atau Jabatan Pematuhan dan integriti;
• Untuk mewujudkan hubungan erat dengan Pihak Berkuasa dan SPRM; dan
• Untuk memberikan informasi terkini dan mengadakan modul latihan secara berterusan bagi
pencegahan rasuah, etika dan integriti.
05
Membanteras
sebarang
bentuk amalan 0 4
rasuah
Sokongan kepada
inisiatif pencegahan
rasuah oleh
Kerajaan Malaysia
dan Suruhanjaya
Pencegahan rasuah
Malaysia (SPRM)

Ikrar Bebas Rasuah
Saya, (nama anggota) No. Kad Pengenalan : _______________ adalah dengan sesungguhnya dan suci hati berikrar bahawa
sepanjang perkhidmatan saya dengan Lembaga Tabung Haji :
i. Saya akan mematuhi sepenuhnya undang-undang, peraturan, prosedur serta dasar-dasar Negara yang berkaitan dengan
pencegahan jenayah rasuah dan salah guna kuasa;
ii. Saya akan membenci dan menolak sebarang bentuk jenayah rasuah dan salah guna kuasa, serta memberikan kerjasama
sepenuhnya kepada Suruhanjaya Pencegahan Rasuah Malaysia dalam mencegah sebarang perlakuan jenayah rasuah dan salah
guna kuasa;
iii. Saya tidak akan melibatkan diri dalam sebarang bentuk jenayah rasuah dan salah guna kuasa, sama ada secara langsung atau
tidak langsung, dengan mana-mana pihak yang berurusan dengan Lembaga Tabung Haji;
iv. Saya akan memastikan anggota-anggota di bawah seliaan saya tidak akan melibatkan diri dalam sebarang bentuk jenayah rasuah
dan salah guna kuasa dalam apa-apa jua urusan berkaitan dengan Lembaga Tabung Haji; dan
v. Saya akan melaporkan kepada Suruhanjaya Pencegahan Rasuah Malaysia, dengan seberapa segera, sebarang bentuk perlakuan
jenayah rasuah dan salah guna kuasa yang melibatkan saya atau anggota-anggota di bawah seliaan saya.
Anggota TH Integrity Commitment – Individually Signed

21 April 2017 established
ISO 37001:2016 ABMS Task Force :
1. Internal Complaint Senior Manager- Integrity
2. Internal Audit Senior Manager – Internal Audit
3. Quality Manager – TH ISO Secretariat
ISO 37001:2016 ABMS
Governing Body – JAR / RAG
Top Management – JITU / MRAG
ABMS Improvement Team
(ISO ABMS Compliance Function)
TH Integrity Department
GOVERNING BODY
Jawatankuasa Anti Rasuah (JAR)
TH Board
Chief Executive Officer
& Group Managing
Director
Chief Integrity Office
(MACC Officer)
Senior Manager
Internal Complaint
(MACC Officer)
Executive
Internal Complaint
Senior Manager
Integrity
Executive
Integrity
Executive
Governance
Secretary
TOP MANAGEMENT
Jawatankuasa Integriti & Tadbir Urus
(JITU)
1 Oct 2013 established
TH Integrity Department
based on Pekeliling Perkhidmatan Bil. 6
tahun 2013 enforced on 1 Aug 2013
1
2
2
1. Term of
Reference
2. Integrity Pact
3. Ikrar Bebas
Rasuah
1. Letter of
Appointment
2. Job Description
3. Ikrar Bebas Rasuah

ISO ABMS Compliance Function – Integrity Governance Unit (IGU) Function
Implementationof4CoreFunctions
ROLES OF IGU
C O M P L A I N T S
M A N A G E M E N T
Management of received
complaints/ information on
corruption and bribery, abuse of
power, malpractices, breach of
code of conducts and
organisation's ethics to ensure
actions are taken on every
complaints/ information received.
I N T E G R I T Y
E N H A N C E M E N T
To ensure cultivation of culture,
institutionalisation and
implementation of integrity in an
organisation can be achieved
D E T E C T I O N &
V E R I F I C A T I O N
To do detection and verification
on complaints/ information on
corruption and bribery, abuse of
power, malpractices, breach of
code of conducts and
organisation's ethics and thus
ensuring appropriate actions are
taken.
G O V E R N A N C E
Ensuring the best governance is
in place in order to strengthen
the integrity of employees and
staff as well as to address issues
related to integrity, particularly
corruption, malpractices and
abuse of power.
PRIME
MINISTER’S
DIRECTIVE
SERIES 1
NO. 1 OF 2018
The Directive sets out
that all Heads of
Government-Linked
Companies (GLCs),
companies owned by
the Ministry and
Government agencies
including under the
State Government to
establish an Integrity
and Governance Unit
(IGU) and
subsequently carried
out the four core
functions as stated in
this Directive. https://www.sprm.gov.my/admin/files/sprm/assets/pdf/pencegahan/GARIS-PANDUAN-PENGURUSAN-UNIT-INTEGRITI-DAN-
GOVERNANS.pdf

MODEL PROSES UTAMA
ISO 37001:2016 ANTI-BRIBERY MANAGEMENT SYSTEM TH
PELAN INTEGRITI TH
ANTI-BRIBERY MANAGEMENT SYSTEM TH
ANTI-BRIBERY POLISI
DAN PERATURAN
1. Polisi , Peraturan dan
Penguatkuasaan
ANGGOTA DAN
BUDAYA
2. Komunikasi dan
Pendidikan Integriti
PEMANTAUAN ANAK SYARIKAT /
SYARIKAT BERSEKUTU
3. Pemantauan Pematuhan Anak Syarikat/
Syarikat Bersekutu kepada Akta Liabiliti Korporat
SISTEM DAN PROSES
•Pemantauan kepada Pematuhan
Peraturan dan Prosedur Kerja
PELAN PENGURUSAN
RISIKO RASUAH TH
•Semakan Pelan Pengurusan
Risiko Rasuah TH
PENGURUSAN ADUAN, PENGESANAN DAN
PENGESAHAN
4. Pengendalian Maklumat Whistleblowing TH
PEMANTAUAN, PENGUKURAN DAN PENGAUDITAN
PENAMBAHBAIKAN DAN TINDAKAN PEMBETULAN
KOD ETIKA PERNIAGAAN TH
NILAI TERAS TH
INDEKS KEPUASAN PELANGGAN
Persekitaran perniagaan yang adil, telus, berintegriti bebas
daripada rasuah, penyelewengan dan salahguna kuasa.
Pematuhan amalan tadbir urus korporat terbaik, etika perniagaan,
undang-undang dan polisi berkuatkuasa.
INPUT Q
KEPERLUAN PELANGGAN
Anggota TH
KEPERLUAN PIHAK BERKEPENTINGAN
• Pendeposit & Jemaah Haji
• Ahli Lembaga Pengarah
• Jabatan Perdana Menteri
• Agensi Kerajaan
• Kementerian Haji
Arab Saudi
• Anak Syarikat dan
Syarikat Bersekutu
• External Provider
Penerapan dan pembudayaan integriti dalam
organisasi
.
INPUT Q
PERLAKSANAAN
PERUNDANGAN
•Melahirkan profesional mukmin
•Penerapan dan pembudayaan dasar & governans, nilai & etika TH.
.
•TH sebagai Institusi Islam yang dihormati atas pencapaian dan tadbir urus berintegriti
•Tahap pematuhan perundangan, peraturan dan polisi Anti-Bribery TH
• Sifar/pengurangan kes rasuah, penyelewengan, salah guna kuasa dan kelemahan tadbir urus.
.
PELAPORAN, ANALISIS DAN PENILAIAN
▪Pelaporan berkala RAG/MRAG(ALP & Pengurusan) , SPRM (tahunan)
▪Prestasi analisis dan penilaian ABMS
▪SLA dan KPI
OUTPUT Q

REQUIREMENT
IDENTIFYING LAW REGULATIONS, RULES, POLICIES,
STANDARDS & GUIDELINES

ISO 37001:2016 ANTI-BRIBERY MANAGEMENT SYSTEMS STANDARD

Adhered to the domestic law of the
country where it operates
offering, promising, giving, accepting or soliciting of an
undue advantage of any value (which could be
financial or non-financial), directly or indirectly, and
irrespective of location(s), in violation of applicable
law, as an inducement or reward for a person acting or
refraining from acting in relation to the performance of
that person’s duties.
Clause 3.1 -Bribery
The stated legal requirements of ISO 37001:2016 ABMS for organisation in Malaysia.
- must comply TO RELATED LAWS ON CORRUPTION PREVENTION as offences can be prosecuted in the
court of law.
The law as an integral aspect of its implementation.
ISO 37001:2016 ABMS

Election Offences Act 1954 (Act 5) – Part III
Penal Code – S. 161, 162, 163, 164, 165, 213,214 and 215
Customs Act 1967 (Act 235) – S.137
Malaysian Anti-Corruption Commission Act 2009
Criminal Matters Act
2002- Mutual Assistance
Anti-Money Laundering,
Terrorist Financing and
Proceeds of Unlawful
Activities Act 2001
Whistleblower Protection
Act 2010
Witness Protection Act
2009 (Act 696)
ISO 37001:2016 ABMS Malaysia’s Organisation Applicable Laws
RELATED LAWS ON CORRUPTION PREVENTION

ISO 37001:2016 REQUIREMENTS
4.1 Understanding
context
4.2 Stakeholders
4.3 ScopeABMS
4.4ABMS
4.5 BriberyRisk
Assessment
5.1 Leadership &
commitment –
GoverningBody,
Top Mgmt.
5.2 ABMSPolicy
(a-i)
5.3Organizational
roles,
responsibilities and
authorities-Anti-
BriberyCompliance
Function
6.1 Actions to
address risksand
opportunities
6.2 ABMS
objectivesand
planning
7.1 Resources
7.2 Competence
7.2.2 Employment
Process
7.3 Awareness&
training
7.4 Communication
7.5Documented
Information
8.1 Operational
Planning &Control
8.2 Due Diligence
8.3Financial
Control
8.4 Non Financial
Control
8.5 By Controlled
organization & by
business associate
8.6Anti-Bribery
Commitment
8.7 Gift,
hospitality,
donation
8.8 Managing
inadequate control
8.9 Raising Concern
8.10 Investigating
& dealing
9.1Monitoring,
measurement,
analysis &
evaluation
9.2 Internal Audit
9.3 Management
review –Top Mgmt.
Review, Governing
Body
9.4Anti-Bribery
Compliance
Function
Improvement
10.1
Nonconformity&
correctiveaction
10.3Continual
improvement
Guidance:
ISO 31000:2018 (Risk Management - Principles and Guidelines)
ISO 19600:2014 (Compliance Management)
ISO 19011:2018 (Guidelines for Auditing Management Systems)
4
Context of
Organization
5
Leadership
6
Planning
7 8
Support Operation
9
Performance&
Evaluation
10

CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) &
ISO 37001 DOCUMENTS REQUIREMENTS
• CODE OF ETHICS & ANTI-BRIBERY POLICY
1
• CONFLICT OF INTEREST DETERRENCE POLICY
2
• WHISTLEBLOWING POLICY
3
• REFERAL POLICY
4
• CORRUPTION RISK MANAGEMENT
5
• TRAINING ON ETHICS, EDUCATION &
COMMUNICATION
6
• COMPLIANCE PROGRAMME
7
• ANTI-CORRUPTION PREVENTION REPORTING
8
• LEADERSHIP
9
• CORPORATE SOCIAL RESPONSIBILITY
10
An anti-bribery policy, procedures, & controls
Top management leadership, commitment &
responsibility
Governing body Oversight
Anti-bribery training and awareness
Risk assessment
Due diligence on projects & business associates
Reporting, monitoring and investigation
Management review, corrective action &
continual improvement
CISM ISO 37001
https://cism.sprm.gov.my/en/tentang-kami/sejarah-cism

ADEQUATE PROCEDURE = ISO 37001 ABMS
TOP LEVEL
COMMITMENT
T
RISK
ASSESSMENT
R
UNDERTAKE
CONTROL
MEASURES
U SYSTEMATIC REVIEW,
MONITORING
AND ENFORCEMENT
S
TRAINING AND
COMMUNICATION
T
ISO 37001
1) Scope
2) Normative
References
3) Terms &
Definitions
4) Context of the
Organisation
5) Leadership
ISO 37001
4.1 - Determine external
& internal issues
4.2 - Stakeholders
expectation
4.5 - Bribery risk
assesment
6.1 – Actions to address
risk & opportunities
ISO 37001
8-Operation
ISO 37001
8-Operation
9-Performance
Evaluation
ISO 37001
7-Support
Guidelines on Adequate Procedures
PURSUANT TO SUBSECTION (5) OF SECTION 17A UNDER THE MALAYSIAN ANTI-CORRUPTION
COMMISSION ACT 2009
ISO 37001:2016 ABMS

Corruption Risk Assessment
Risk Profiling
Action Plan
Monitor
Dynamic
2. CORRUPTION RISK MANAGEMENT
Manual, SOP, Work Instruction & Supporting
Documents.
- e.g Manual Sistem Pengurusan AntiRasuah
1. ABMS MANUAL
Employee understand their
contributions to the effectiveness of
ABMS implementation.
3. AWARENESS & TRAINING
3.GAP ANALYSIS
CONTROLLED DOCUMENT

A. JENIS & HIRAKI DOKUMENTASI SISTEM PENGURUSAN ISO TH – CONTROL DOCUMENT
A
B
C
D
A
B
C
D
Dasar, objektif dan klausa Sistem Pengurusan
ISO dan polisi berkaitannya.
MANUAL ABMS,KUALITI & OSH
Prosedur mandatori dan/atau proses yang
dijalankan bagi pelaksanaan Sistem
Pengurusan ISO
PROSEDUR (SOP)- KLAUSA 8
Dokumen terpeinci tugas/aktiviti
-Senarai semak
ARAHAN KERJA (AK)
Dokumen lain yang menjadi sokongan –
Borang/Template
LAMPIRAN
SKOP Persijilan Sistem Pengurusan ISO TH
9001:2015 - Kualiti (Pengurusan Haji, Penyampaian Perkhidmatan Pelanggan Tabungan TH, Pengurusan Perolehan)
37001:2016 - Anti-Bribery (Kumpulan TH)
45001:2018 - Kesihatan dan Keselamatan Pekerjaan (Menara/ Bangunan Operasi TH)

B. CORRUPTION RISK MANAGEMENT
Operational
Procurement
Project management
Quality
IT Systems
HR/ Labour
Safety & environment
Strategic
Country
Regulatory
Tax
Political
Catastrophe
Currency Policy
Culture
Compliance
Regulatory
Internal policies
Laws
Liquidity Risk
Funding Risk
Market Lliquidity
Market Risk
Price Risk (interest rate,
equity, commodity)
Financial
Risk
Enterprise Risk Management
Enterprise Wide Business Unit
Credit Risk
Default risk
Business
Risk
Hazard
Risk
Physical
hazard
Property
Injury
Fire
Behavioral
hazard
Carelessness
Morale
Legal
hazard
Lawsuits
Litigations
Budget / Payment
Moral
hazard
Integrity
Corruption
Fraud
Misconduct

ISO 31000:2018 (Risk Management - Principles and Guidelines)
Integrated :
1) ISO 9001:2015
2) ISO 31000:2016
3) ISO 45001:2018

Identification
Measurement
Control
Monitor
Corruption
schemes
Root cause analysis
Impact
Likelihood
Risk rating
Entity-level controls
Scheme specific controls
Preventative controls
Detective controls
Reporting
Current risks, new emerging risks
Progress of risk action plans
KEY COMPONENTS OF CRMPROCESS
Establish TH CRM
2017
Organise:
TH CRM
WORKSHOP
June 2017
TH CRM 2017
endorsed by JAR

Management
Action Plans
Risk Treatment
Options
Terminate
Reduce
Accept
Pass on
7
Identify Risk
Define objectives
Determine
Consequences
Inherent Risk Rating
Existing
controls:
•Control 1
•Control 2
•Control 3
Controls Mechanism
Control
Effectiveness
• Satisfactory
• Some
weaknesses
• Weak
o High
o Significant
o Moderate
o Low
Residual Risk
Rating
• High
• Significant
• Moderate
• Low
Additional
controls:
•Control 1
•Control 2
•Control 3
1
3
4
5 6
Impact Likelihood Impact Likelihood
Scheme/ causes:
•Scheme/ Cause 1
•Scheme/ Cause 2
•Scheme/ Cause 3
Scheme/ causes
THE 7-STEP - CORRUPTION RISK ASSESSMENT PROCESS
2
A
B
Approach:
Form CRM 01-09 by SPRM version CRM 2.0
[Inherent risk – Control = Residual Risk]
RISK MATRIX
7
CRM
TOR

No 7 CRM TOR Root Cause Control Mechanism
1 Policy and
Legislative
Deficiency in management and
controls for prevention of offences.
• Ensure compliance to any policy and laws as
well as regulations enforced.
• Create and document strategic plans for
enhancing the best governance practices
within the organisation
2 Systems and Work
Procedures
Weaken administration, reduce
efficiency, non-accountability,
bureaucratic hassles, delays and
injustices.
Conduct structured mechanism to improve
continuously for complying the systems and work
procedures of departments.
3 Noble Values and
Code of Ethics
Behavioural deficiency among
employees by committing all forms
of negative conduct.
• Organise activities that encourages the
internalisation of noble values and ethics.
• Enhance integrity of employee with
consolidation and implementation of policies,
laws, regulations as well as systems and work
procedures in bringing abeyance the negative
temptation.
The control mechanism for CRM encompassed on these 7 terms of references(TOR) by MACC:
7 CRM TOR CONTROL MECHANISM

No 7 CRM TOR Root Cause Control Mechanism
4 Customer Management Failure to handle the needs of customer
or stakeholders would result in being seen
as slip-ups in the fulfilment of entrusted
duties and responsibilities.
A strategic and quality customer management would be
perceived as value-added and continuous improvements in
the delivery service system.
5 Internal Controls Ineffective internal controls decrease
operational efficiency and effectiveness
which results in poor financial
performance.
• Create organisational structure and delegation of power
that is comprehensive, transparent and accountability
workflows.
• Optimisation of resources.
• Develop efficient and effective information management
system.
6 Detection, Punitive
and Rehabilitative
Action
Poor enforcement in any contravention of
laws, regulations, systems and work
procedures or
Code of work ethics shall expose the
organisation on the risk of dangerous
scenarios or liability issues.
• Promptly detect and take remedial and prevention
measures based on Laws or disciplinary orders against
those involved.
• To cooperate and report to the relevant enforcement
agencies regarding any form of offences or crime
committed.
7 Recognition and
Appreciation
ignored and neglected employees in the
workplace bring negative impact on job
satisfaction as well as employee wellbeing
• Recognition and appreciation to employee who has
shown exemplary services, exhibiting noble values and
those who have reported cases of corruption,
malpractices and misconduct.
The control mechanism for CRM encompassed on these 7 terms of references(TOR) by MACC:
7 CRM TOR CONTROL MECHANISM

SANGAT
TINGGI
(Very High)
TINGGI
(High)
SEDERHANA
(M edium)
RENDAH
(Low)
MUNGKIN
TIDAK
(Unlikely)
TIDAK PENTING KECIL SEDERHANA UTAMA AMAT PENTING
(Insignificant) (M inor) (M oderate) (M ajor) (Very Significant)
Kerugian kew angan < xx%
daripada Nilai Aset Bersih
(NAB)
Kerugian kew angan xx%
sehingga xx% daripada NAB
Kerugian kew angan > xx%
daripada NAB
Kurang dari 1 hari 1 - 2 hari 3 hari - 1 minggu 1 - 2 minggu Lebih dari 2 minggu
Dapat dipulihkan dalam masa
seminggu
3 bulan
1 tahun
Dapat dipulihkan melebihi
setahun
Kerosakan reputasi yang
kekal
Pertanyaan dari pihak
berw ajib
Surat tunjuk sebab dari pihak
berw ajib
Amaran dari pihak berw ajib
Amaran keras dari pihak
berw ajib
Operasi diberhentikan
Tahap ketidakpuasan
Anggota yang tidak ketara
Tahap ketidakpuasan
Anggota rendah
Ketidakpuasan Anggota
berlaku setempat
(caw angan/ ibu pejabat) /
kadar berhenti mula
meningkat
Ketidapuasan Anggota
meningkat/ Kadar berhenti
semakin meningkat
Ketidakpuasan Anggota di
semua peringkat / kadar
berhenti yang tinggi
RENDAH SEDERHANA
TINGGI SANGAT TINGGI
Hilang keyakinan dari pihak
berkepentingan
KETIDAKPUASAN ANGGOTA
Sempadan Lingkungan
Toleransi Risiko
Beberapa pertanyaan dari
pihak berkepentinga
Keyakinan pihak
berkepentingan terhadap
menurun
TINDAKAN OLEH PIHAK BERWAJIB
KEYAKINAN PIHAK BERKEPENTINGAN
Tiada pertanyaan dari pihak
berkepentingan
Pertanyaan minima dari pihak
berkepentingan
KEROSAKAN REPUTASI
Tidak akan berlaku dalam tempoh
melebihi 5 tahun akan datang atau
kebarangkalian adalah kurang
daripada xx%.
ASAS IMPAK RISIKO
KERUGIAN KEWANGAN
GANGGUAN PERNIAGAAN
Sekali dalam 5 tahun akan datang
atau kebarangkalian adalah diantara
xx% kepada xx%.
Sekali dalam 1 - 2 tahun atau
kebarangkalian adalah diantara xx%
hingga xx%
ASAS
KEBARANGKALIAN
RISIKO
KAD SKOR RISIKO (RISK MATRIX)
Sekali dalam tempoh 6 bulan akan
datang atau kebarangkalian melebihi
xx%.
Sekali dalam tempoh 12 bulan akan
datang atau kebarangkalian adalah
di antara xx% hingga xx%.
Aras Risiko
Sederhana
IMPACT, LIKELYHOOD & RISK MATRIX

Klasifikasi keberkesanan kawalan
KEBERKESANAN
KAWALAN
KETERANGAN
Memuaskan
Kawalan sedia ada, mantap dan beroperasi dengan betul untuk memberikan tahap
yang munasabah bagi menjamin pencapaian objektif.
Ada Kelemahan
Sesetengah kawalan dikenal pasti mempunyai kelemahan / kurang efisyen. Walau
bagaimanapun, ianya tidak membawa kepada risiko yang serius. Penambahbaikan
diperlukan untuk menjamin pencapaian objektif.
Lemah
Kawalan yang ada tidak memenuhi standard yang boleh diterima kerana wujud banyak
kelemahan / tidak efisyen. Kawalan tidak dapat memberikan jaminan pencapaian.
CONTROL EFFECTIVENESS

KESAN
RISIKO
KETERANGAN
Strategik Risiko utama yang memberi kesan kepada Misi, Visi dan Objektif organisasi
Kewangan Risiko yang menjejaskan pembiayaan atau dana organisasi.
Operasi
Risiko yang menjejaskan perkhidmatan kepada pelanggan dan pemegang taruh
organisasi.
Peraturan Risiko yang memberi kesan kepada pematuhan undang-undang dan peraturan.
Klasifikasi 4 kesan utama risiko:
CONSEQUENCES

Berdasarkan penilaian tahap risiko, berikut merupakan pilihan rawatan risiko yang perlu dilaksanakan:
Tahap Risiko Pelan Tindakan
Sangat Tinggi Risiko perlu diuruskan dan dipantau pelaksanaan oleh Ketua Jabatan dengan pelan
tindakan risiko secara terperinci. Di samping itu juga, ia memerlukan perhatian daripada
Lembaga Pengarah dan Pengurusan.
Tinggi
Sederhana
Risiko boleh diuruskan dengan mengenalpasti Strategi Menangani Risiko. Ia memerlukan
perhatian daripada Pengurusan dan Ketua Jabatan berkaitan.
Rendah
Risiko boleh diuruskan secara minima dan pemantauan berterusan terhadap tindakan
kawalan yang dilaksanakan.
MANAGEMENT ACTION PLAN

Strategi Menangani Risiko Cadangan Tindakan
Terminate Hapus Dengan menghentikan aktiviti yang boleh menyebabkan risiko.
Reduce Kurangkan Mengurangkan kebarangkalian atau impak dengan:
➢ membangunkan polisi, arahan, garis panduan; dan/atau
➢ latihan dan pengawasan; dan/atau
➢ pengukuhan Integriti melalui penghayatan Nilai dan Etika TH; dan/atau
➢ penerapan Misi, Visi, Strategi, Objektif serta Pelan Perniagaan;
dan/atau
➢ membangunkan Pelan Kontigensi; dan/atau
➢ membangunkan Pelan Pemulihan Bencana; dan/atau
➢ tindakan Pengesanan dan Pengesahan; dan/atau
➢ mengurangkan skala aktiviti.
Accept Terima Menyediakan pelan tindakan dengan:
➢ Menentukan sasaran kerugian dan tahap toleransi; dan/atau
➢ Menentukan caj premium terhadap risiko; dan/atau
➢ Melibatkan belanja atau kos ke atas akibat yang akan berlaku.
RISK TREATMENT OPTIONS

BIL PROSES UTAMA DAN FUNGSI RISIKO RASUAH
1 JABATAN KHIDMAT PENDEPOSIT DAN OPERASI (JKPO)
• Tabungan
• Simpanan wang
• Pengeluaran wang
• Aktiviti Pemasaran
• Operasi di Pejabat TH Cawangan (sampling location
& frequency )
• Melaksanakan transaksi tidak sah.
• Kebocoran maklumat kepada pihak tidak berkenaan.
• Menyalahguna kedudukan untuk keuntungan secara
persendirian
2 JABATAN HAJI
• Mengawalselia Pengelola Jemaah Haji (PJH)
berlesen di bawah peruntukan-peruntukan seksyen
27-36, Akta TH 1995.
• Menyediakan infrastruktur pengurusan dan operasi
haji.
• Pengeluaran lesen PJH kepada agensi pelancongan yang
tidak layak.
• Bekalan kelengkapan operasi haji tidak mengikut
spesifikasi
3 JABATAN PELABURAN
• Analisa Instrumen pelaburan
• Cadangan pelaburan TH
• Urusniaga Pelaburan
• Pengurusan portfolio (strategi alokasi aset dalam
ekuiti, pendapatan tetap, pasaran wang dan lain-lain
instrumen kewangan)
• Cadangan pelaburan tidak optimakan pendapatan TH.
• Insider Trading (information leak to interested party).
CRM: example

C. AWARENESS & TRAINING PROGRAMME
❖ Ikrar Bebas Rasuah Anggota dan Kumpulan TH
❖ Bicara Integriti Anak-anak Syarikat TH
❖ Taklimat kepada Pengelola Jemaah Haji
❖ Sesi bersama Pembida dan Konsultan
❖ Perlantikan Duta Integriti TH.

POLISI ABMS TH YANG DIGUNAPAKAI DAN DIKUATKUASAKAN DI TH:-
• Garis Panduan berhubung penerimaan hadiah, Surat Pekeliling TH Bil. 10
Tahun 2005.
• Polisi Integrity Pact dalam perolehan TH, Surat Pekeliling TH Bil. 1 Tahun 2014.
• Polisi Whistleblowing TH.
• Polisi Pencegahan Pengubahan Wang Haram dan Pencegahan Pembiayaan
Keganasan (AML/CFT) tahun 2012.
• Kod Etika Perniagaan TH
• Kod Etika Pembekal TH
• Polisi Pemilikan dan pengisytiharan harta oleh anggota, Pekeliling TH bil. 9
Tahun 2003 dan Maklumat Sumber Manusia Bil. 10 tahun 2013.
• Peraturan-peraturan Tatatertib TH 2010
• Polisi Tanggungjawab Korporat TH
TRAINING MODULE ROADTOUR

MAJLIS IKRAR BEBAS RASUAH LEMBAGA PENGARAH DAN PENGURUSAN TH
30 MEI 2017

Policy, Legislative and
Regulation
System and
Process
Value, Ethics, Moral
and Culture
TH Code of Business Ethics (COBE)
TH Code of Ethics
Policy and Governance
Anti-Bribery Management System (ABMS)
TH Core Values
Legislative and
Regulation;
1. Malaysian Law in force
2. TH Act (Act 535)
3. Domestic Laws where
TH operates
TH Policies:
1. TH Approving Authority
Policy
2. TH Procurement
Manual
3. TH Investment Policy
Anti-Bribery Policies :
1. TH Code of Business
Ethics
2. Integrity Pact in TH’s
Procurement
3. TH Code of Supplier
Ethics
4. TH Whistleblowing
Policy
5. TH No Gift Policy
6. Deposits and
Withdrawals
Regulations 2002
7. TH Disciplinary
Regulations 2010
8. TH Asset Declaration
9. TH Anti-Money
Laundering and
Counter Financing of
Terrorism Policy
(2020)
10. TH Corporate Social
Responsibility
Internal reports,
complaint management
Detection and
Verification
Financial Controls TH
Internal Controls TH
Due diligence
Whistleblowing Policy
and complaint channel
through
whistle@lth.gov.my,
telephone,
correspondence to the
Integrity Division or
present in person to the
Integrity Division Office.
Guidelines on
Adequate Procedures,
Corporate Liability,
Section 17A, MACC
Act 2009 for TH and
Subsidiaries
Declarataion of Intereset
• Integrity Pact
(Internal & External
Customer)
• Asset Declaration
• No Gift Policy
TH Quality Delivery
System
Continuous
improvement of TH
Systems and
Procedures
Commitment and
Leadership of the
Independent Committee
and Top Management
Recruitment and evaluation
management of TH Staff
(KPI)
Corruption Risk
Management (CRM)
Recognition to TH
Members with integrity
and excellence
Protection to whistle-
blowers
Appointment of Integrity
Ambassador at TH and
Subsidiaries
Inventori Sahsiah of TH
Staff
Communication and
education on ABMS and
Integrity to Board
Members and TH Staffs
Punitive action for
violation of the Code of
Conduct.
Manual
Procedure
Work Instruction
Supporting Document
The framework- general quality of ABMS
practices of an organization. Defines the
responsibilities & authorities of key
function & personnel and references.
Documents setting out
responsibilities & authorities within
department, interface and general
procedures by function.
Documents in detail & precise the
individual task/ processes should
be performed and references as
guidelines.
Format, forms &
templates.
5. ESTABLISHED TH ISO 37001 DOCUMENTS
DOCUMENTS STRUCTURE
TH
INTEGRITY
PLAN
5 years
Organisation
Anticorruption Plan
(OACP)

CONTINOUS JOURNEY
PERFORMANCE EVALUATION & IMPROVEMENT

ISO 19011:2018 (Guidelines for Auditing Management Systems)
5.2 Establishing the audit programme objectives
5.3 Establishing the audit programme
5.3.1 Roles and responsibilities of the person managing the audit programme
5.3.2 Competence of the person managing the audit programme
5.3.3 Establishing the extent of the audit programme
5.3.4 Identifying and evaluating audit programme risks
5.3.5 Establishing procedures for the audit programme
5.3.6 Identifying audit programme resources
5.4 Implementing the audit programme
5.4.1 General
5.4.2 Defining the objectives, scope and criteria for an individual audit
5.4.3 Selecting the audit methods
5.4.4 Selecting the audit team members
5.4.5 Assigning responsibility for an individual audit to the audit team leader
5.4.6 Managing the audit programme outcome
5.4.7 Managing and maintaining audit programme records
5.5 Monitoring the audit programme
5.6 Reviewing and improving the audit programme
Competence and
evaluation of auditors
(Clause 7)
Performing an audit
(Clause 6)
Plan
Do
Check
Act

6.CONDUCT ISO INTERNAL AUDIT TEAM
PERKARA
Penerangan SOP Audit Dalam Sistem Pengurusan Kualiti
Peranan Ketua dan Pasukan Audit Dalam
• Tugas & tanggungjawab Ketua Audit Dalam
• Tugas & tanggungjawab Pasukan Audit Dalam
Sesi Persediaan Dokumen Audit (Bengkel)
• Perancangan Strategi Audit
• Penyediaan Pelan Audit Dalam
• Penyediaan Semak Pasti Audit Dalam
• Elemen-elemen wajib ABMS ISO 37001:2016
Sesi perbincangan gerak kerja Juruaudit Dalam (Bengkel)
• Perancangan dan Aktiviti Audit Dalam
• Penyediaan Borang Ketidakpatuhan Audit Dalam
• Penyediaan Laporan Audit Dalam (Konsep FLER)
TAKLIMAT AUDIT DALAM
ABMS
ISO 37001:2016
17-18 OGOS 2017
TEMPAT :
Bilik Mesyuarat Lantai 26,
Ibu Pejabat TH
PENCERAMAH :
Pengurus Kualiti

RISK & OPPORTUNITIES
PROCESS PROCESS PROCESS
CRM + ABMS
objectives and
planning
(Klausa 6)
SOP vs Operation–
clause 4, 5, 7, 8, 9
& 10
AUDIT STRATEGY

PROCESS
INPUT OUTPUT
With What Criteria
(Measurement)
With Who?
(Competence/Skills/
Training)
With What?
(Materials/
Equipment)
How (Methods/
Procedure/
Techniques)
Process Analysis Diagram (Turtle diagram)

Kaedah melaksanakan kawalan AB (Anti-bribery) :
• Pemerhatian/temuduga – semak pengurusan
penyelenggaraan mengikut prosedur - due diligence
dibuat ke atas lantikan kontraktor, kawalan pembayaran
serta selia kerja (8.1, 8.2, 8.3, 8.4)
• Apakah risiko proses yg telah dikenalpasti & diambil
tindakan? – Pelan Risiko (4.5, 6.1) termasuk (4.1) (4.2)
• Bagaimana kawalan AB ke atas proses – contoh hadiah
oleh kontraktor (8.5, 8.6, 8.7)
• Sekiranya ada kes, bagaimana jabatan/bahagian
menguruskan ketidakcukupan kawalan AB menyuarakan
isu & melaksanakan penyiasatan (8.8, 8.9, 8.10)
Pelaksana kawalan AB:
• Tanya soalan kesedaran & latihan AB
(7.3)
• Adakah staff pergi latihan &
kompeten AB?– (7.2)
• Carta organisasi, Fail meja fungsi AB
di jabatan (5.3)
• Kepimpinan Penyelia dalam AB (5.1)
Pengukuran keberkesanan AB:
• Objektif AB (6.2)
• Analisa & penilaian kes AB di jabatan /
bahagian Objektif kualiti (9.1)
• Ada kes AB serta tindakan
pembetulan? (10.1)
Bahan untuk kawalan AB:
• Kaedah Komunikasi (7.4)
• Dokumentasi – arahan kerja, senarai
semak, rekod (7.5)
PROSES:
PENYENGGARAAN
HARTANAH
OUTPUT
Pelaksanaan
Penyelenggaraan
dilaksanakan
INPUT
Perancangan
penyelenggaraan / jadual

7. CONDUCT MANAGEMENT REVIEW
CLAUSE 9.3
DRAFT THE
AGENDA
REFERENCES /
GUIDELINES
PAPERWORKS
INPUT
REPORT TO
TOP MGMT &
GOVERNING
BODIES

Conduct Management Review Planning
Klausa
ISO 37001
Agenda
-Manual ABMS
Garispanduan
Input
Kertas Kerja JITU/JAR
9.3.1 (a) Status tindakan
daripada kajian semula
pengurusan yang
terdahulu;
Memaklumkan semua tindakan susulan daripada JAR telah
diambil, dan dinilai berkesan. Tiada isu-isu berbangkit daripada
keputusan mesyuarat yang lalu.
Output of Management
Review Committee
Meeting for ISO
37001:2016 ABMS
Implementation
9.3.1 (b) perubahan isu-isu
luaran dan dalaman
yang relevan dengan
ABMS
Perubahan
Klausa 4.1-4.5
Annex A
A.20.3
mengambilkira faktor-faktor berkaitan dan impak perubahan
terhadap keberkesanan ABMS.
A.20.4
Merancang dirancang dan mengambilkira :
a) tujuan dan potensi impak perubahan
b) integriti ABMS
c) sumber mencukupi
d) menetapkan tanggungjawab dan kuasa pemantauan
e) sasaran dan tempoh pelaksanaan perubahan
Organisation Anti-
Corruption Plan (OACP)
Consist of:
• Effectiveness Impact
consideration
• Timeline,
Responsibility &
Authority
• Target Outcome
• Monitoring approach

Klausa ISO
37001
Agenda
-Manual ABMS
Garispanduan
Input
9.3.1 (b) perubahan isu-isu
luaran dan dalaman
yang relevan
dengan ABMS
-
CRM
• Nature & extend
• CRM details on responsibility & action
plan
• Monitoring implementation
9.3.1 (c) (1) ketakakuran dan
tindakan
pembetulan;
Kesimpulan analisis temuan audit dalam
& audit sirim ABMS pada tahun semasa.
Ishikawa
Statistik Punca Masalah
Proposal to Implement Corrective and
Preventive Action Based on Audit Finding
of ISO 37001:2016 ABMS consist of:
• Audit Result
• Analysis
• Corrective Action
• Continuous Improvement
9.3.1 (c) (2) hasil pemantauan
dan pengukuran;
• Status update implementation of OACP at 30
Jun
• CRM Implementation Status update
• Staff asset declaration
• ABMS Communication & Awareness
• Corporate Liability compliance status

Klausa ISO
37001
Agenda
-Manual ABMS
Garispanduan
Input
9.3.1 (c) (3) keputusan audit; ISO 19011:2018
(Guidelines for Auditing
Management Systems)
Proposal to Implement Corrective and
Preventive Action Based on Audit Finding of
ISO 37001:2016 ABMS
consist of:
• Audit Result
• Analysis
9.3.1 (c) (4) Laporan Kes; Laporan Perangkaan Kes
9.3.1 (c) (5) Laporan Siasatan; Laporan Siasatan kes whistleblowing

Klausa ISO
37001
Agenda
-Manual ABMS
Garispanduan
Input
9.3.1 (c) (6) Isu dan cabaran risiko rasuah
organisasi;
Status Report on Enterprise Risk
9.3.1 (d) keberkesanan tindakan yang
diambil bagi menangani
risiko rasuah
Status Report on AMLATPUAA
9.3.1 (e) peluang penambahbaikan
ABMS, rujuk dalam 10.2
10.2 Penambahbaikan
berterusan
Annex A
A.20
Perancangan & kaedah
pemantauan efektif ABMS
Proposal to Implement Corrective and Preventive
Action Based on Audit Finding of ISO 37001:2016
ABMS for year xxxx consist of:
• Audit Result
• Analysis

8. ISO 37001 ABMS CERTIFICATION AUDIT
No. Audit Purpose ABMS Internal Audit SIRIM Audit
1 Pre-Assessment 21– 23 Aug 2017 28 – 29 Sept 2017
2 Stage 1 (Readiness Review) 2 – 3 Oct 2017
3 Stage 2 (Certification Audit) 18 – 25 Oct 2017
4 Surveillance (12 Month) 24 Sept – 5 Oct 2018 29 Oct – 9 Nov 2018
5 Surveillance (24 Month) 26 Aug – 5 Sept 2019 13 – 25 Oct 2019

• Pemilikan dan
pengisytiharan harta oleh
anggota 2003
• Garis panduan berhubung
penerimaan hadiah 2005
• Dasar bagi Pendedahan
Maklumat tentang Salah
laku di Tempat Kerja
(Whistleblowing Policy)
2010
Program Pendidikan
untuk meningkatkan
Kesedaran,
Pengetahuan dan
Kemahiran Integriti
kepada Ahli
Lembaga Pengarah,
anggota TH dan
pembekal.
Mewujudkan
saluran integriti
(whistleblower)
kepada
Stakeholder
• Pelancaran Pelan Integriti
TH
• Kod Etika Perniagaan TH
• Kod Etika Pembekal TH
• Perlantikan Duta Integriti
TH
• Program Bicara Integriti
Anak-anak Syarikat TH
• Perlaksanaan Bulan
Integriti TH Nov 2015
• Lawatan Kerja Operasi
Haji Tanah Suci 1436H
• Penguatkuasaan Polisi-
polisi Integriti
• Pensijilan ISO 37001:2016 AntiBribery
Management System (ABMS) Lembaga
Tabung Haji
• Pengwujudan Jawatankuasa Integriti TH
• Ikrar Bebas Rasuah Kumpulan TH
• Program Pendidikan Integriti TH dan Anak
Syarikat
• Pelan tindakan CRM dan Pemantauan
pelaksanaan ABMS
• Pelan pembudayaan Integriti
• Pengwujudan integriti dan ABMS dalam Anak
Syarikat TH dan associate
• Bengkel CRM Anak Syarikat TH
• Polisi Integrity Pact Dalam Perolehan
TH
• Program Bicara Integriti TH
• Bengkel Corruption Risk Management
(CRM) TH
• Luncheon Talk bersama Ketua
Pesuruhjaya SPRM kepada ALP ,
Pengurusan TH dan Anak Syarikat.
• Pengendalian aduan dan tindakan
pengesanan dan pengesahan.
Penubuhan
Bahagian
Integriti TH
Oktober
2013
Corporate
Integrity
Pledge
(CIP)
13 April
2012
Polisi Pencegahan
Pengubahan Wang
Haram dan
Pencegahan
Pembiayaan
Keganasan
(AML/CFT) 2012
• Bengkel CRM Anak-anak
Syarikat TH
• Program Melestarikan Integriti
bersama Masyarakat Baling
• Pengiktirafan Pejabat Paling
Berintegriti
• Khidmat rundingan isu-isu
Pematuhan dan Tadbir Urus.
• Mekanisme kawalan
dalaman
Sebelum
2010
2012
April
2012
Bermula
Mei 2012
Okt
2013
Dis
2013 2014 2015 2016
2018 &
Moving Forward
Integriti
menjadi
budaya di TH
ZERO TOLERANCE TO CORRUPTION

ISO_37001_the_approach__1642776859.pdf

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to ISO_37001_the_approach__1642776859.pdf

Similar to ISO_37001_the_approach__1642776859.pdf (20)

Recently uploaded

Recently uploaded (20)

ISO_37001_the_approach__1642776859.pdf