awareness training ISO 37001:2016 danang suryo freelance auditor, trainer consultan ISO 37001:2016, 9001, 14001, 18001, 22000, 22301, 27001,37001,45001, 50001 and smk3 . per day 2,5 juta
081567796679
08112999715
Awareness ISO 37001:2016. Menyediakan jasa auditor trainer dan konsultan ISO 37001:2016 dan seri lainnya..per hari 2,5 juta wa saja 081567796679 dan 08112999715
The document discusses ISO 37001, an anti-bribery management system standard published by the International Organization for Standardization (ISO). ISO 37001 provides guidance for organizations to establish, implement, maintain and improve anti-bribery compliance programs. It includes a series of measures and controls representing global anti-corruption good practice. Organizations of any size or sector can implement an anti-bribery management system consistent with ISO 37001 to help prevent, detect and address bribery risks. Certification to ISO 37001 is also possible through independent third parties.
Anti bribery management system iso 37001 fauziah sulaiman lpktn 20022020 (1)italpktn
The document provides biographical information about the speaker, Fauziah Sulaiman, who has over 15 years of experience in auditing and developing management systems certification schemes at SIRIM Berhad. It also lists some of the conferences and workshops she has spoken at in 2019 related to ISO 37001 on anti-bribery management systems. The presentation outlines include introducing SIRIM QAS International's anti-bribery management system certification services and explaining the implication of corporate liability for anti-bribery from the perspective of conformity assessments. It will also cover the requirements of ISO 37001, how to conduct bribery risk assessments, and the implementation journey.
ISO 37001 standard as a tool for defence ministry and defence companiesMaciej Wnuk
ISO 37001 standard:
- contains best international practices on preventing bribery in organisations,
- helps reduce corruption risk,
- is applicable both in defence ministry and defence companies,
- would increase effectiveness of defence procurements and of defence acquisition in general.
Anti-Bribery Management Systems: The Impact of Organizational Culture and its...PECB
The document discusses anti-bribery management systems and the impact of organizational culture. It outlines that while legislation and standards like ISO 37001 exist, organizational culture is the key factor for successful implementation of an anti-bribery system. Without an anti-bribery culture established within an organization where values like integrity and transparency are lived out, corruption may persist despite other efforts. The document emphasizes that leadership must promote the right culture for an anti-bribery system to be effectively implemented.
ISO 37001 Implementation - The Key to Protecting Your Company’s ReputationPECB
No organization can afford to take the risk of bribery lightly. Investors need assurance that they have made every possible effort to prevent bribery at all levels of the organization. The webinar will list some of the measures, which must be implemented if an organization wants to prevent and detect bribery appropriately.
Presenter:
The presenter of this topic is Mr. Jacob Mc Clean, PECB Trainer and the Principal and Managing Director of Kaizen Training & Management Consultants Limited.
Organizer: Alba Keqa
Date: November 17, 2016
Link of the recorded session published on YouTube: https://youtu.be/Aa-yNO74HRY
ISO 37001 provides standards for anti-bribery management systems to help companies implement adequate procedures against corruption. It aims to provide assurance to companies and international certification for anti-corruption systems. Implementing the standard involves establishing top-level commitment, designating responsible roles, assessing risks, and creating procedures for issues like gifts, donations, whistleblowing and investigations. Training, communication, monitoring and reviews are also required to evaluate and improve the anti-bribery system over time.
Awareness ISO 37001:2016. Menyediakan jasa auditor trainer dan konsultan ISO 37001:2016 dan seri lainnya..per hari 2,5 juta wa saja 081567796679 dan 08112999715
The document discusses ISO 37001, an anti-bribery management system standard published by the International Organization for Standardization (ISO). ISO 37001 provides guidance for organizations to establish, implement, maintain and improve anti-bribery compliance programs. It includes a series of measures and controls representing global anti-corruption good practice. Organizations of any size or sector can implement an anti-bribery management system consistent with ISO 37001 to help prevent, detect and address bribery risks. Certification to ISO 37001 is also possible through independent third parties.
Anti bribery management system iso 37001 fauziah sulaiman lpktn 20022020 (1)italpktn
The document provides biographical information about the speaker, Fauziah Sulaiman, who has over 15 years of experience in auditing and developing management systems certification schemes at SIRIM Berhad. It also lists some of the conferences and workshops she has spoken at in 2019 related to ISO 37001 on anti-bribery management systems. The presentation outlines include introducing SIRIM QAS International's anti-bribery management system certification services and explaining the implication of corporate liability for anti-bribery from the perspective of conformity assessments. It will also cover the requirements of ISO 37001, how to conduct bribery risk assessments, and the implementation journey.
ISO 37001 standard as a tool for defence ministry and defence companiesMaciej Wnuk
ISO 37001 standard:
- contains best international practices on preventing bribery in organisations,
- helps reduce corruption risk,
- is applicable both in defence ministry and defence companies,
- would increase effectiveness of defence procurements and of defence acquisition in general.
Anti-Bribery Management Systems: The Impact of Organizational Culture and its...PECB
The document discusses anti-bribery management systems and the impact of organizational culture. It outlines that while legislation and standards like ISO 37001 exist, organizational culture is the key factor for successful implementation of an anti-bribery system. Without an anti-bribery culture established within an organization where values like integrity and transparency are lived out, corruption may persist despite other efforts. The document emphasizes that leadership must promote the right culture for an anti-bribery system to be effectively implemented.
ISO 37001 Implementation - The Key to Protecting Your Company’s ReputationPECB
No organization can afford to take the risk of bribery lightly. Investors need assurance that they have made every possible effort to prevent bribery at all levels of the organization. The webinar will list some of the measures, which must be implemented if an organization wants to prevent and detect bribery appropriately.
Presenter:
The presenter of this topic is Mr. Jacob Mc Clean, PECB Trainer and the Principal and Managing Director of Kaizen Training & Management Consultants Limited.
Organizer: Alba Keqa
Date: November 17, 2016
Link of the recorded session published on YouTube: https://youtu.be/Aa-yNO74HRY
ISO 37001 provides standards for anti-bribery management systems to help companies implement adequate procedures against corruption. It aims to provide assurance to companies and international certification for anti-corruption systems. Implementing the standard involves establishing top-level commitment, designating responsible roles, assessing risks, and creating procedures for issues like gifts, donations, whistleblowing and investigations. Training, communication, monitoring and reviews are also required to evaluate and improve the anti-bribery system over time.
ISO 37001 is the international standard for anti-bribery management systems. Included in the ISO are elements which can be used to improved procurement governance and prevent corruption. Other instruments including AI and blockchain are also mentioned briefly.
The Bribery Act updates the existing UK laws on bribery offences and also creates some new ones, including the strict liability corporate offence of ‘failing to prevent bribery’. Helpfully, however, the Government’s guidance published in support of the Act recommends certain risk-based procedures that commercial organisations should put in place to avoid being caught out by the new corporate offence.
Bribery occurs when someone offers, seeks or accepts a payment, gift or favour that influences a business outcome improperly. Designed to reform the criminal law of bribery, the 2010 Act covers the offences of bribing another person and accepting a bribe. It also expands the law to create a new offence for commercial organisations of failing to prevent bribery by associated persons acting on the organisation’s behalf anywhere in the world.
Get it wrong and the penalties are severe. Organisations prosecuted for the new corporate offence which have failed to implement a programme designed to prevent bribery could be hit with an unlimited fine and serious reputational damage. Directors, senior managers, the company secretary or other similar officers at these organisations can also face a 10-year prison sentence and/or an unlimited fine for offences under the Act. With the Act now in force, it is crucial for businesses to avoid falling foul of the new legislation.
Wragge & Co’s experts are on hand to guide organisations through the new rules and to advise on how best to mitigate the risks posed by them. In this guide they provide answers to the burning Bribery Act questions, plus useful points to consider when assessing risk. Finally, for those with an anti-bribery policy now in place, take a look at our handy checklist to identify any potential loopholes.
Transparency International Malaysia: Business Integrity ProgrammeEthical Sector
On 16 March, the Myanmar Centre for Responsible Business (MCRB) and ASEAN CSR Network (ACN) hosted a workshop in Yangon for senior managers of Myanmar companies on anti-corruption practices.
http://www.myanmar-responsiblebusiness.org/news/combatting-corruption-in-myanmar.html
Global Manager Group has prepared presentation to provide information regarding ISO 37001 documentation requirements for Anti-Bribery Management System Certification. It described all primary documents like manual, procedures, policy, audit checklist, etc in details.
For further information about ISO 37001:2016 documentation requirements visit @ https://www.globalmanagergroup.com/
Key Elements of an Effective Anti-Bribery Management System ImplementationPECB
This document discusses key elements of an effective anti-bribery management system according to ISO 37001. It defines ISO 37001 as an anti-bribery management standard to help organizations establish, implement, maintain, and improve anti-bribery compliance programs. It also provides examples of Morgan Stanley's anti-bribery best practices and discusses the role of education, training, culture, and technology in preventing bribery.
The document provides information about Danang Suryo Wardhono, who is a registered auditor trainer for various ISO standards including ISO 22301. It lists his qualifications, contact information, and areas of expertise. It then provides an introduction to awareness of ISO 22301:2019 on business continuity management systems. It discusses key terms, the purpose and benefits of having a BCMS, the family of BCMS standards, and key clauses in ISO 22301:2019.
Hernan Huwyler discusses corruption offenses and the value of ISO 37001. ISO 37001 provides a certifiable anti-bribery standard that organizations can implement to integrate existing management processes and controls. This allows for more effective decision making, benchmarking against other organizations, and a stronger corporate defense against corruption offenses. Corruption harms both individuals and companies by undermining ethics and losing control of business dealings.
This document provides summaries of the scopes and key terms defined in four ISO standards: ISO/IEC 27001:2013 on information security management systems, ISO 37001:2016 on anti-bribery management systems, ISO 9001:2015 on quality management systems, and ISO/IEC 20000-1:2018 on service management systems.
The summaries describe the purpose and focus of each standard, including establishing requirements for information security, anti-bribery practices, quality management, and service delivery management systems. Key terms defined in each standard are also summarized, such as those relating to audits, objectives, documentation, and organizational scope.
The missing parts of the governance puzzle : The 2000 tide and what to expect...PECB
This document summarizes a presentation on governance challenges and the need for bottom-up governance approaches. It notes that despite years of top-down governance regulations, corporate behavior has changed little and governance has had minimal impact on performance. It argues governance is missing a critical bottom-up component involving employees to improve strategy execution, risk management, and productivity. The presentation also highlights issues like poor board oversight of strategy, high CEO turnover, and the declining number of public companies listing on exchanges. It questions whether governance has reached a point of diminishing returns and if new bottom-up approaches are needed to make a true difference.
ISO Standards support for Anti-Bribery investigations and audits in the cyber...PECB
This presentation was delivered by Anders Carlstedt, CEO at Parabellum Cybersecurity Services at The ISO 27001 & Anti-Bribery PECB Insights Conference.
Perbandingan standar Sistem Manejemen Keamanan Informasi dgn Sistem Manajemen Anti Penyuapan dgn Sistem Manajemen Mutu dgn Sistem Manajemen Organisasi Pendidikan, Jika sudah menerapkan salah satu Sistem Manajemen maka untuk menerapkan yang lain sedikit sekali usaha tambahannya. Perubahan Manajemen Risiko adalah yang paling awal. Semoga bermanfaat.
Size, complexity and nature of the organisation – a key to effective auditPECB
The document discusses issues with auditors demanding compliance beyond what is required for an organization. It provides two case studies of companies facing unreasonable audit findings due to auditors not properly considering the size and nature of the organizations. The document argues auditors must understand the auditee's business and ensure findings add value rather than complexity. It calls on auditors to challenge their own decisions and understand requirements vary depending on an organization's characteristics.
This document discusses integrating ISO 37001, an anti-bribery management system, with other ISO management systems. It provides guidance on conducting a gap analysis, establishing an integration framework based on Annex SL, and following guiding principles like inclusiveness and continual improvement. Implementation strategies discussed include the PDCA cycle and forming cross-functional teams. Documentation requirements cover policies, objectives, processes, and standards-specific documents.
The significance of the Shift to Risk Management from Threat & Vulnerability ...PECB
The essence of the ISMS (ISO-27001) is the protection / security of information. This webinar attempts to show the shift in the focus of the standard between the two editions 2005 & 2013 and how the 2013 edition can be more effective in Information Security, where the management system prescribes a risk based approach. The approach in the risk management process can and would vary from implementer to implementer or organization to organization.
Main points covered:
• The erstwhile focus of the 2005 edition on Vulnerabilities
• The current focus of 2013 edition on risk management
• The significance of the shift for Security implementer's / Risk practitioners
Presenter:
This webinar was presented by Sesha Prakash. Ms. Prakash is Vice President of PromaSecure – consultants for Information Security & Risk management. She has an overall experience of 35 years with the past 8 years devoted to the domains of Information Assurance and Information Security.
Link of the recorded session published on YouTube: https://youtu.be/hZ94-oelnUE
Certified Risk and Compliance Management Professional (CRCMP) Prep Course Pa...Compliance LLC
Certified Risk and Compliance Management Professional (CRCMP) Prep Course – Part A
First Certified Course
Certified Risk and Compliance Management Professional (CRMCP)
This course has been designed to provide with the knowledge and skills needed to understand and support regulatory compliance and enterprise wide risk management, and to promote best practices and international standards that align with business and regulatory requirements.
The course provides with the skills needed to pass the Certified Risk and Compliance Management Professional (CRCMP) exam.
This course is intended for professionals that want to understand risk and compliance and to work as risk and compliance officers. They will prove that they are qualified, when they pass the Certified Risk and Compliance Management Professional (CRCMP) exam.
This course is intended for employers demanding qualified risk and compliance professionals. The course is recommended for senior executives involved in risk and compliance.
Fraud Risk Management | Fraud Risk Assessment - EY IndiaErnst & Young
Check out the edition of fraud risk management & fraud risk assessment understanding the client's organizational structure & business environment. For more details, visit http://bit.ly/1RtohKr.
Enterprise Risk Management - Aligning Risk with Strategy and PerformanceResolver Inc.
COSO, which has provided global thought leadership and guidance on internal control, enterprise risk management, and fraud deterrence for over three decades, recently released a draft update to the original COSO ERM Framework. This framework is widely used by organizations to enhance their ability to manage uncertainty, gauge risk, and increase stakeholder value. However, significant new risks have emerged since the Framework was released, demanding heightened board awareness and oversight of risk management, as well as improved risk reporting. For those organizations exploring ESRM – these themes will be strikingly familiar and the lessons learned, highly relevant.
Presentation by: Bob Hirth, Global Chairman of COSO.
The environment that enabled this situation to occur likely had weaknesses in some of the basic elements that help prevent corruption:
- Governance principles were likely weak - rules, monitoring and compliance may have been lax, allowing more discretion.
- Operational controls were probably not tight - goals may have been unclear, systems loose, process controls weak, information integrity and accountability lacking.
- Institutional basics may have been absent or weak - hierarchy and supervision unclear, management not based on written processes, staff possibly not well trained or working part-time/casually.
Societal foundations like democracy, free press, rule of law and property rights that help prevent corruption may have been nascent or absent in Revolutionary-era France.
The role of internal auditors in fraud risk management and the skill sets required in the current scenario...
The focus of audit has to change from transaction audit to value addition..
ISO 37001 is the international standard for anti-bribery management systems. Included in the ISO are elements which can be used to improved procurement governance and prevent corruption. Other instruments including AI and blockchain are also mentioned briefly.
The Bribery Act updates the existing UK laws on bribery offences and also creates some new ones, including the strict liability corporate offence of ‘failing to prevent bribery’. Helpfully, however, the Government’s guidance published in support of the Act recommends certain risk-based procedures that commercial organisations should put in place to avoid being caught out by the new corporate offence.
Bribery occurs when someone offers, seeks or accepts a payment, gift or favour that influences a business outcome improperly. Designed to reform the criminal law of bribery, the 2010 Act covers the offences of bribing another person and accepting a bribe. It also expands the law to create a new offence for commercial organisations of failing to prevent bribery by associated persons acting on the organisation’s behalf anywhere in the world.
Get it wrong and the penalties are severe. Organisations prosecuted for the new corporate offence which have failed to implement a programme designed to prevent bribery could be hit with an unlimited fine and serious reputational damage. Directors, senior managers, the company secretary or other similar officers at these organisations can also face a 10-year prison sentence and/or an unlimited fine for offences under the Act. With the Act now in force, it is crucial for businesses to avoid falling foul of the new legislation.
Wragge & Co’s experts are on hand to guide organisations through the new rules and to advise on how best to mitigate the risks posed by them. In this guide they provide answers to the burning Bribery Act questions, plus useful points to consider when assessing risk. Finally, for those with an anti-bribery policy now in place, take a look at our handy checklist to identify any potential loopholes.
Transparency International Malaysia: Business Integrity ProgrammeEthical Sector
On 16 March, the Myanmar Centre for Responsible Business (MCRB) and ASEAN CSR Network (ACN) hosted a workshop in Yangon for senior managers of Myanmar companies on anti-corruption practices.
http://www.myanmar-responsiblebusiness.org/news/combatting-corruption-in-myanmar.html
Global Manager Group has prepared presentation to provide information regarding ISO 37001 documentation requirements for Anti-Bribery Management System Certification. It described all primary documents like manual, procedures, policy, audit checklist, etc in details.
For further information about ISO 37001:2016 documentation requirements visit @ https://www.globalmanagergroup.com/
Key Elements of an Effective Anti-Bribery Management System ImplementationPECB
This document discusses key elements of an effective anti-bribery management system according to ISO 37001. It defines ISO 37001 as an anti-bribery management standard to help organizations establish, implement, maintain, and improve anti-bribery compliance programs. It also provides examples of Morgan Stanley's anti-bribery best practices and discusses the role of education, training, culture, and technology in preventing bribery.
The document provides information about Danang Suryo Wardhono, who is a registered auditor trainer for various ISO standards including ISO 22301. It lists his qualifications, contact information, and areas of expertise. It then provides an introduction to awareness of ISO 22301:2019 on business continuity management systems. It discusses key terms, the purpose and benefits of having a BCMS, the family of BCMS standards, and key clauses in ISO 22301:2019.
Hernan Huwyler discusses corruption offenses and the value of ISO 37001. ISO 37001 provides a certifiable anti-bribery standard that organizations can implement to integrate existing management processes and controls. This allows for more effective decision making, benchmarking against other organizations, and a stronger corporate defense against corruption offenses. Corruption harms both individuals and companies by undermining ethics and losing control of business dealings.
This document provides summaries of the scopes and key terms defined in four ISO standards: ISO/IEC 27001:2013 on information security management systems, ISO 37001:2016 on anti-bribery management systems, ISO 9001:2015 on quality management systems, and ISO/IEC 20000-1:2018 on service management systems.
The summaries describe the purpose and focus of each standard, including establishing requirements for information security, anti-bribery practices, quality management, and service delivery management systems. Key terms defined in each standard are also summarized, such as those relating to audits, objectives, documentation, and organizational scope.
The missing parts of the governance puzzle : The 2000 tide and what to expect...PECB
This document summarizes a presentation on governance challenges and the need for bottom-up governance approaches. It notes that despite years of top-down governance regulations, corporate behavior has changed little and governance has had minimal impact on performance. It argues governance is missing a critical bottom-up component involving employees to improve strategy execution, risk management, and productivity. The presentation also highlights issues like poor board oversight of strategy, high CEO turnover, and the declining number of public companies listing on exchanges. It questions whether governance has reached a point of diminishing returns and if new bottom-up approaches are needed to make a true difference.
ISO Standards support for Anti-Bribery investigations and audits in the cyber...PECB
This presentation was delivered by Anders Carlstedt, CEO at Parabellum Cybersecurity Services at The ISO 27001 & Anti-Bribery PECB Insights Conference.
Perbandingan standar Sistem Manejemen Keamanan Informasi dgn Sistem Manajemen Anti Penyuapan dgn Sistem Manajemen Mutu dgn Sistem Manajemen Organisasi Pendidikan, Jika sudah menerapkan salah satu Sistem Manajemen maka untuk menerapkan yang lain sedikit sekali usaha tambahannya. Perubahan Manajemen Risiko adalah yang paling awal. Semoga bermanfaat.
Size, complexity and nature of the organisation – a key to effective auditPECB
The document discusses issues with auditors demanding compliance beyond what is required for an organization. It provides two case studies of companies facing unreasonable audit findings due to auditors not properly considering the size and nature of the organizations. The document argues auditors must understand the auditee's business and ensure findings add value rather than complexity. It calls on auditors to challenge their own decisions and understand requirements vary depending on an organization's characteristics.
This document discusses integrating ISO 37001, an anti-bribery management system, with other ISO management systems. It provides guidance on conducting a gap analysis, establishing an integration framework based on Annex SL, and following guiding principles like inclusiveness and continual improvement. Implementation strategies discussed include the PDCA cycle and forming cross-functional teams. Documentation requirements cover policies, objectives, processes, and standards-specific documents.
The significance of the Shift to Risk Management from Threat & Vulnerability ...PECB
The essence of the ISMS (ISO-27001) is the protection / security of information. This webinar attempts to show the shift in the focus of the standard between the two editions 2005 & 2013 and how the 2013 edition can be more effective in Information Security, where the management system prescribes a risk based approach. The approach in the risk management process can and would vary from implementer to implementer or organization to organization.
Main points covered:
• The erstwhile focus of the 2005 edition on Vulnerabilities
• The current focus of 2013 edition on risk management
• The significance of the shift for Security implementer's / Risk practitioners
Presenter:
This webinar was presented by Sesha Prakash. Ms. Prakash is Vice President of PromaSecure – consultants for Information Security & Risk management. She has an overall experience of 35 years with the past 8 years devoted to the domains of Information Assurance and Information Security.
Link of the recorded session published on YouTube: https://youtu.be/hZ94-oelnUE
Certified Risk and Compliance Management Professional (CRCMP) Prep Course Pa...Compliance LLC
Certified Risk and Compliance Management Professional (CRCMP) Prep Course – Part A
First Certified Course
Certified Risk and Compliance Management Professional (CRMCP)
This course has been designed to provide with the knowledge and skills needed to understand and support regulatory compliance and enterprise wide risk management, and to promote best practices and international standards that align with business and regulatory requirements.
The course provides with the skills needed to pass the Certified Risk and Compliance Management Professional (CRCMP) exam.
This course is intended for professionals that want to understand risk and compliance and to work as risk and compliance officers. They will prove that they are qualified, when they pass the Certified Risk and Compliance Management Professional (CRCMP) exam.
This course is intended for employers demanding qualified risk and compliance professionals. The course is recommended for senior executives involved in risk and compliance.
Fraud Risk Management | Fraud Risk Assessment - EY IndiaErnst & Young
Check out the edition of fraud risk management & fraud risk assessment understanding the client's organizational structure & business environment. For more details, visit http://bit.ly/1RtohKr.
Enterprise Risk Management - Aligning Risk with Strategy and PerformanceResolver Inc.
COSO, which has provided global thought leadership and guidance on internal control, enterprise risk management, and fraud deterrence for over three decades, recently released a draft update to the original COSO ERM Framework. This framework is widely used by organizations to enhance their ability to manage uncertainty, gauge risk, and increase stakeholder value. However, significant new risks have emerged since the Framework was released, demanding heightened board awareness and oversight of risk management, as well as improved risk reporting. For those organizations exploring ESRM – these themes will be strikingly familiar and the lessons learned, highly relevant.
Presentation by: Bob Hirth, Global Chairman of COSO.
The environment that enabled this situation to occur likely had weaknesses in some of the basic elements that help prevent corruption:
- Governance principles were likely weak - rules, monitoring and compliance may have been lax, allowing more discretion.
- Operational controls were probably not tight - goals may have been unclear, systems loose, process controls weak, information integrity and accountability lacking.
- Institutional basics may have been absent or weak - hierarchy and supervision unclear, management not based on written processes, staff possibly not well trained or working part-time/casually.
Societal foundations like democracy, free press, rule of law and property rights that help prevent corruption may have been nascent or absent in Revolutionary-era France.
The role of internal auditors in fraud risk management and the skill sets required in the current scenario...
The focus of audit has to change from transaction audit to value addition..
This document discusses the integration of governance, risk management, and compliance (GRC) as an approach to meet growing stakeholder expectations. It defines the key terms and describes how GRC aims to synchronize these three areas for more efficient operation while avoiding duplication. The document cites factors like increasing regulations, business complexity, and stakeholder demands as driving forces behind integrated GRC. It outlines trends in both organizational practices and technology and notes benefits like higher quality information, optimized processes, better capital allocation, and protected reputation.
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksAronson LLC
Significant opportunities remain for organizations to continue to strengthen their approaches to identifying and assessing key risks. This program will provide an overview of Enterprise Risk Management (ERM) best practices and current emerging risks that should be on your radar for 2018.
Watch the complete webinar here: https://aronsonllc.com/c-suites-guide-to-enterprise-risk-management-and-emerging-risks/?sf_data=all&_sft_insight-type=on-demand-webinar
The role of audit committees continues to expand to keep pace with the modern business operating environment. In addition to responsibility for a company’s financial reporting and management, audit committees increasingly take an active role in an organization’s risk management strategy.
Audit committees can be instrumental in helping their organizations implement procedures to address the challenges they face. They can also assist with addressing internal and external audit findings or with exploring best practices for addressing areas of operations that may be vulnerable to disruption or extraordinary risks.
An industrial approach to risk and control self-assessmentsGrant Thornton LLP
Derive more value from your risk and control self-assessment process, and integrate your organization’s overall operational risk management process to comply with Dodd Frank and other legislation. We specialize in working with clients to help identify, remediate and resolve assessment gaps so they efficiently meet or exceed regulatory requirements.
The document discusses the Certified Information Security Manager (CISM) certification and provides information on information security governance. It covers topics such as establishing an information security program, developing a strategy and requirements, governance frameworks, roles and responsibilities, metrics, and legal/regulatory requirements. The CISM certification indicates expertise in information security governance, program development/management, incident management, and risk management.
This document discusses enterprise risk management (ERM) frameworks and best practices. It provides an overview of why ERM is important for organizations to deal with potential future uncertainties and support value creation. The document outlines the key components of the COSO ERM framework, including establishing risk management objectives, identifying risks, assessing risks, responding to risks, control activities, information/communication, and monitoring. It also discusses how to implement an effective ERM process through organizational design, risk assessments, determining risk appetite, identifying risk responses, and communication/oversight.
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...PECB
The webinar covers:
• The start of any Enterprise Risk Management Program
• The approach to developing a framework that will assist organizations to integrate RM into their enterprise-wide risk management systems
• The relationship between the foundations of the risk management framework and their objectives
Presenter:
This webinar was presented by M. Youssef K, an executive consultant & trainer with several qualifications. He is an accomplished expert with over 10 years’ experience in the field of risk management, project and program management, PRINCE 2, Agile, EVM, business process analysis and design, as well as operational and organizational excellence.
Link of the recorded session published on YouTube: https://youtu.be/9fO-JqENL0I
Third-Party Risk Management: Implementing a StrategyNICSA
Two Part Series: Part I of II
Third-Party Risk Management: Implementing a Strategy
Sleep Better at Night: Learn techniques to manage risks associated with third-party relationships.
1) The document discusses seven enablers for managing risk: principles, policies and frameworks; processes; organizational structures; culture, ethics and behavior; information; services, infrastructure and applications; and people, skills and competencies.
2) It provides examples of how each enabler contributes to governance and management of the risk function, such as defining risk processes or establishing an enterprise risk committee.
3) The seven enablers also apply to managing IT risk, with examples given for how each enabler supports risk governance and management over enterprise IT.
How to Create a Risk Profile for Your Organization: 10 Essential StepsCase IQ
Understanding your organization’s risks is the first step in developing an effective anti-corruption compliance program. But for many businesses, identifying and understanding their risks is a complex process, involving research, analysis and cooperation from all levels of the organization. Since every company needs a robust compliance program, an effective risk analysis is crucial. The consequences of getting this step wrong can be astronomical.
Join anti-corruption experts Marc Tassé and Patrice Poitevin, as they outline the steps and tools necessary to create a risk profile for your organization.
The webinar will cover:
Tools to help determine areas of risk
Factors to evaluate
The importance of due diligence once risks are identified
Continuous evaluation of your compliance program
How to achieve accountability and transparency
Fraud Control & the COSO 2013 Framework 20 - 23 February 2017 Kuala Lumpur, M...360 BSI
This 4 Day Program will help organizations to detect & control Fraud & utilize the COSO 2013 Framework to Improve Internal Controls and Organizational Effectiveness.
Part 1:
Fraud Control: Preventing & Detecting Fraud (Day 1 - Day 2)
Course participants will learn the fundamentals of fraud, identify troublesome conditions and be able to incorporate that knowledge into their process design, risk assessments and control activities.
Workshop Benefits:
-Identify Red Flags of Potential Fraud
-Key Tools for Fraud Detection
-Self Assessment of Existing Controls
-Fraud Auditing Procedures
-Proactive Techniques to Fraud Detection
-5 Key Pillars of Fraud Control
-Effective Ethics Training programs
-Develop Whistleblowing programs
-11 Key Steps to Fraud Prevention
Part 2:
The COSO 2013 Internal Control integrated Framework (Day 3 - Day 4)
Improving Internal Controls and Organizational Effectiveness
In this interactive two-day program, you will learn how this principles-based approach can be deployed successfully in your organization. Participants will examine the implications for business leaders, process owners, managers, and both internal and external auditors.
Workshop Benefits:
-Identify Control & Process weaknesses
-Key Tools to implement & evaluate COSO
-Improve Operational Efficiency
-Effective Corporate Governance
-4 Principles of Risk Assessment
-Design & Implement Internal Controls
-Improve Coordination & Communication
-3 Principles of Control Activities
-Develop Suitable Monitoring Activities
-Get handy reference checklists
WHO SHOULD ATTEND
-Company Chairman & Directors
-Business Directors
-Department heads
-Internal and external auditors
-Compliance officers
-Process Improvement specialists
-Government regulators
-Strategic planners
-Corporate Governance personnel
-Risk Managers
-HR Directors
-Legal Counsels & Advisors
-Fraud analysts
Contact kris@360bsi.com to register your seats.
Radius is a global advisory firm that provides services across many industries and business sectors. They have a broad range of expertise developed from working with clients on critical issues. Their team of consultants can assemble project teams with deep knowledge of specific client industries. Radius aims to offer customized solutions and strategies tailored to each client's needs. They have experience in areas like management consulting, due diligence, risk management, IT services, strategic planning, and more. Radius works to deliver measurable benefits to clients by developing and implementing processes and programs to improve their operations.
Failure deriving from underestimating risk managementPECB
What is risk? Why are organizations concerned with it?
Whether it is driving, taking a shower or just going at the grocery store, everyone exposes themselves to risk. Organizations face internal and external risks that endanger the possibility of achieving their goals and objectives. As the world becomes more unpredictable, the concept of risk has turned into a major concern to professionals of different industries. According to ISO 31000, risk is the effect of uncertainty on objectives. In addition, risk management is the process of identifying, analyzing, and prioritizing risks. The goal of risk management is to manage risks before they affect the organization.
This document discusses internal controls for an organization. It begins with definitions of internal control from COSO, including that internal control is a process designed to provide reasonable assurance of achieving objectives related to operations, reporting, and compliance. It then discusses key concepts of internal controls including the five components of the COSO framework: control environment, risk assessment, control activities, information and communication, and monitoring. Specific control activities discussed include separation of duties, documentation, authorization and approvals, and reconciliation and review. The document emphasizes that internal controls should be appropriate and cost-effective for an organization.
The document discusses internal controls, including their meaning, concepts, importance, principles, components, and limitations. Specifically, it defines internal controls as activities established within a company to monitor for errors, omissions, misstatements, or fraud. It describes the key components of internal control systems as the control environment, risk assessment, control activities, information and communication, and monitoring. Finally, it notes limitations of internal controls, such as collusion between employees, incorrect professional judgments, failure to train employees, and potential management overrides.
The document discusses risk-based auditing (RBIA) and its key concepts. RBIA requires internal audit to be strategically linked to an organization's risk management and assurance frameworks. It also discusses applying RBIA methodology to internal audit assignments and linking an organization's risk framework to the stages of RBIA. The document provides information on introducing RBIA to an organization and adapting it based on the organization's structures, processes and risk maturity.
Similar to Awareness iso 37001 danang implementation ver 2 (20)
Dokumen tersebut memberikan informasi tentang:
1. Pengenalan ISO 9001:2015, ISO 14001:2015, dan ISO 45001:2018 sebagai standar manajemen mutu, lingkungan, dan keselamatan kesehatan kerja.
2. Perbandingan antara ISO 9001:2015 dan ISO 14001:2015.
3. Dokumen wajib dan tidak wajib yang dipersyaratkan oleh masing-masing standar.
Dokumen tersebut merupakan profil seorang konsultan ISO bernama Danang Suryo Wardhono. Ia memiliki sertifikasi sebagai lead auditor untuk ISO 9001:2015, ISO 14001:2015, OHSAS 18001:2007, dan ISO 22000. Danang juga memiliki pengalaman sebagai trainer untuk berbagai standar terkait kualitas dan keamanan pangan. Dokumen ini memberikan informasi mengenai latar belakang pendidikan dan pengalaman kerja Danang serta keahlian yang dimilikinya
Wardhono has over 15 years of experience in quality management and auditing. He is currently a business owner and consultant providing ISO auditing, training, and certification services. Previously, he worked at an integrated security printing company where he was responsible for production planning, inventory control, and internal auditing. He also owns and manages a restaurant focusing on food safety and quality. Wardhono holds a Master's degree in management from Gadjah Mada University and has additional training in marketing, strategy, and supply chain management.
Ringkasan dokumen tersebut adalah: (1) dokumen tersebut merupakan standar operasional prosedur untuk restoran/warung makan yang mencakup pelatihan karyawan, (2) tujuan pelatihan adalah memahami peraturan yang berlaku dan konsep HACCP serta ISO 22000, (3) ringkasan SOP restoran harus sesuai dengan peraturan kesehatan dan mempertimbangkan prinsip-prinsip HACCP.
Ringkasan dokumen tersebut adalah sebagai berikut:
Dokumen tersebut merangkum standar operasional prosedur untuk restoran/warung makan yang meliputi tujuan pelatihan untuk memahami peraturan yang berlaku, konsep HACCP, dan ISO 22000 serta persyaratan sanitasi, fasilitas, pengolahan dan penyimpanan makanan sesuai peraturan kesehatan. Dokumen tersebut juga menjelaskan prinsip-prinsip HACCP dalam mengel
Dokumen tersebut merupakan proposal pelatihan usaha warung makan untuk karyawan yang akan berhenti kerja. Pelatihan ini memberikan pengetahuan mengenai standar operasional prosedur warung makan, manajemen bisnis kuliner, strategi pemasaran, dan kontak supplier bahan baku untuk memudahkan peserta memulai usaha warung makan sendiri. Tujuannya adalah agar peserta dapat mandiri dan membuka lapangan kerja baru.
The document outlines Danang Suryo Wardhono's background and experience in industrial engineering, business administration, and as the head of a large security printing company and restaurant owner. It then describes the structure and content of 1-day and 2-day strategic management and financial training courses. The remainder of the document discusses BP's strategic report, including its business model, strategy to transition to gas and low-carbon energy, financial framework, key performance indicators, and risk management approach.
This presentation was provided by Steph Pollock of The American Psychological Association’s Journals Program, and Damita Snow, of The American Society of Civil Engineers (ASCE), for the initial session of NISO's 2024 Training Series "DEIA in the Scholarly Landscape." Session One: 'Setting Expectations: a DEIA Primer,' was held June 6, 2024.
The simplified electron and muon model, Oscillating Spacetime: The Foundation...RitikBhardwaj56
Discover the Simplified Electron and Muon Model: A New Wave-Based Approach to Understanding Particles delves into a groundbreaking theory that presents electrons and muons as rotating soliton waves within oscillating spacetime. Geared towards students, researchers, and science buffs, this book breaks down complex ideas into simple explanations. It covers topics such as electron waves, temporal dynamics, and the implications of this model on particle physics. With clear illustrations and easy-to-follow explanations, readers will gain a new outlook on the universe's fundamental nature.
it describes the bony anatomy including the femoral head , acetabulum, labrum . also discusses the capsule , ligaments . muscle that act on the hip joint and the range of motion are outlined. factors affecting hip joint stability and weight transmission through the joint are summarized.
Main Java[All of the Base Concepts}.docxadhitya5119
This is part 1 of my Java Learning Journey. This Contains Custom methods, classes, constructors, packages, multithreading , try- catch block, finally block and more.
A review of the growth of the Israel Genealogy Research Association Database Collection for the last 12 months. Our collection is now passed the 3 million mark and still growing. See which archives have contributed the most. See the different types of records we have, and which years have had records added. You can also see what we have for the future.
This presentation includes basic of PCOS their pathology and treatment and also Ayurveda correlation of PCOS and Ayurvedic line of treatment mentioned in classics.
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
2. Perkenalan Diri
▪ Name: Danang SuryoWardhono ST MM
▪ Occupation:
▪ RegisteredTrainer /auditor PECB,Trainer/ auditor management system
for certification body LRQA, Mutu Certification International, RINA,
Afnor Indonesia, IAPMO,TUV rheinland, pusdiklat gadjahmada, Bina
Profesi Institute, mutu institute, NQA,WQA, ITSTeknosains, ISQ,
Sucofindo etc
▪ LA IRCA /PECB certified ISO 9K, 14K, 18K, 22K, 22301, 27K, 37k, 45, 50 k
(waiting result), smk3 auditor, halal, BRC versi 8 auditor conversion, PAK
KPK etc
▪ Telp/WA: 081567796679, 08112999715
▪ danangsuryowardhono@gmail.com
3. Purpose of this Course
▪Understanding basic concept of Anti
bribery Management System
▪High level structure
▪Clause ISO 37001:2016
▪Minimum documentation needed
4. Learning outcome
▪ Participant will understand:
1. Purposes and benefit of ABMS (anti bribery Management System) ISO 37001:2016
2. Structure of ISO 37001:2016
3. PDCA (clausal 4-10)
4. Operation control
5. Training outline of day 1
topic time
Welcome and introduction 8.30-09.00
Anti bribery management system introduction 09.00-10.00
Clausal 1-4, scope, normative reference, terms and definitions,
context organization
10.00-12.00
Lunch 12.00-13.00
Clausal 5-7 leadership, planning, support 13.00-15.00
Break 15.00-15.15
Clausal 8 operation 15.15-16.15
Clausal 9 -10 performance evaluation , improvement 16.15-16.45
Wrapping and Closing 16.45-17.00
6. Training outline of day 2
Topic time
Refreshment clausal 4-10 08.00-10.00
Workshop e.g. Bribery Risk Assesment 10.00-12.00
Lunch 12.00-13.00
Group presentation 13.00-15.00
Break 15.00-15.15
Wrapping and closing 15.15-16.00
55. • ISO 37001 is the new global standard for anti-bribery and corruption (ABC)
management systems. This means that, for the first time, there is an
internationally-recognized minimum set of measures for an organization to
have in place to prevent and detect bribery.
• It is designed for use in both the public and private sector, and we expect
to see international adoption by public sector organizations, that will, in
turn, require that organizations wanting to do business with them are
certified to the same standard.
• Source PECB white paper Navigant, ISO 37001: A GAME CHANGER FOR
BRIBERY COMPLIANCE
56.
57.
58. 1 Scope
• This document specifies requirements and provides guidance for
establishing, implementing, maintaining, reviewing and improving an anti-
bribery management system.
• This document is applicable only to bribery. It sets out requirements and
provides guidance for a management system designed to help an
organization to prevent, detect and respond to bribery and comply with
anti-bribery laws and voluntary commitments applicable to its activities.
• This document does not specifically address fraud, cartels and other anti-
trust/competition offences, money-laundering or other activities related to
corrupt practices, although an organization can choose to extend the scope
of the management system to include such activities.
59. 3 Terms and definitions
3.1 bribery
• offering, promising, giving, accepting or soliciting of an undue
advantage of any value (which could be financial or non-financial) ,
directly or indirectly, and irrespective of location(s) , in violation of
applicable law, as an inducement or reward for a person acting or
refraining from acting in relation to the performance (3.16) of that
person’s duties
• 3.5 management system
• set of interrelated or interacting elements of an organization (3.2) to
establish policies (3.10) and objectives (3.11) and processes (3.15) to
achieve those objectives
60. • 3.7 governing body
• group or body that has the ultimate responsibility and authority for
an organization’s (3.2) activities, governance and policies and to
which top management (3.6) reports and by which top management
is held accountable
• 3.8 anti-bribery compliance function
• person(s) with responsibility and authority for the operation of the
anti-bribery management system (3.5)
61. • 3.29conflict of interest
• situation where business, financial, family, political or personal
interests could interfere with the judgment of persons in carrying out
their duties for the organization (3.2)
• 3.30 due diligence
• process (3.15) to further assess the nature and extent of the bribery
risk (3.12) and help organizations (3.2) make decisions in relation to
specific transactions, projects, activities, business associates (3.26)
and personnel
62. • 3.26 business associate
• external party with whom the organization (3.2) has, or plans to
establish, some form of business relationship
• 3.27 public official
• person holding a legislative, administrative or judicial office, whether
by appointment, election or succession, or any person exercising a
public function, including for a public agency or public enterprise, or
any official or agent of a public domestic or international
organization, or any candidate for public office
63. 4. Context of the organization
• 4.1 Understanding the organization and its context
• 4.2 Understanding the needs and expectations of stakeholders
• 4.3 Determining the scope of the anti-bribery management system
• 4.4 Anti-bribery management system
• 4.5 Bribery risk assessment
• Intention: Building an understanding and documenting the organization, as
well as the needs and expectations of its stakeholders. It stresses the
crucial risk assessment step in which the bribery risks are identified,
assessed and prioritized. The risk assessment must be documented, and
reviewed on a regular basis, including in the event of a significant change
to the structure or activities of the organization
64. • The organization should be aware that external and internal issues
can change, and therefore, should be monitored and reviewed. An
organization might conduct reviews of its context at planned intervals
and through activities such as management review.
65. • In planning their anti-bribery system, organizations must take steps to
identify and assess their bribery risks. Organizations are encouraged
to categorize risks into different levels, from low to high. For example
“Agents or intermediaries who interact with the organization’s clients
or public officials on behalf of it are likely to pose a “medium” or
“high” bribery risk, particularly if they are paid on a commission or
success fee basis.”
66. • The organization can then determine the type and level of anti-
bribery controls which apply to each risk category, and assess
whether existing controls are adequate. If not, the controls can be
appropriately improved. The organization may change the nature of
the transaction, project, activity or relationship such that the nature
and extent of the bribery risk is reduced to a level that can be
adequately managed by existing, enhanced or additional anti-bribery
risk controls. It follows that activities that the organisation determines
to be high risk, but that it cannot manage, should not be undertaken.
67. 5. Leadership
• 5.1 Leadership and commitment
• 5.1.1 Governing body
• 5.1.2 Top management
• 5.2 Anti-bribery policy
• 5.3 Organizational roles, responsibilities and authorities
• 5.3.1 Roles and responsibilities
• 5.3.2 Anti-bribery compliance function
• 5.3.3 Delegated decision-making
68. • The intent of this subclause is to ensure that top management
demonstrate leadership and commitment by taking an active role in
engaging, promoting, and ensuring, communicating and monitoring
the performance and effectiveness of the Anti bribery management
system. The ways it can be applied are based on various factors, such
as the size and complexity of an organization, management style and
organizational culture
69. 6.Planning
• 6.1 Actions to address risks and opportunities
• 6.2 Anti-bribery objectives and planning to achieve them
• The intent of this subclause is to ensure that when planning the Anti
Bribery management system processes, the organization determines
its risks and opportunities and plans actions to address them. Its
purpose is to prevent nonconformities, including nonconforming
outputs, and to determine opportunities that might enhance Anti
bribery performance or achieve an organization’s Anti bribery
objectives
70. 7.Support
• 7.1 Resources
• 7.2 Competence
• 7.2.1 General
• 7.2.2 Employment process
• 7.3 Awareness and training
• 7.4 Communication
• 7.5 Documented information
• 7.5.1 General
• 7.5.2 Creating and updating
• 7.5.3 Control of documented information
71. • The intent of this subclause is to ensure that the organization
provides the resources necessary for the establishment,
implementation, maintenance and continual improvement of the Anti
Bribery management system, and for its effective operation.
• In determining the resources that need to be provided, the
organization should consider the current capabilities of its internal
resources (e.g. people, capability of equipment, organizational
knowledge) and any constraints (e.g. budget, number of resources,
schedule).
72. • There must be adequate and appropriate training and communication
of the anti-bribery management system and documentation of the
information provided.
73. Specific in employment process
• The second is the requirement for due diligence on all personnel in
positions which are exposed to more than a low bribery risk, and to
all personnel employed in the anti-bribery compliance function.
Specifically:
• due diligence is conducted on persons before they are employed, and
on personnel before they are transferred or promoted by the
organization, to ascertain as far as is reasonable that it is appropriate
to employ or redeploy them and that it is reasonable to believe that
they will comply with the anti-bribery policy and anti-bribery
management system requirements;
74. 8. Operation
• 8.1 Operational planning and control
• 8.2 Due diligence
• 8.3 Financial controls
• 8.4 Non-financial controls
• 8.5 Implementation of anti-bribery controls by controlled organizations and by
• business associates
• 8.6 Anti-bribery commitments
• 8.7 Gifts, hospitality, donations and similar benefits
• 8.8 Managing inadequacy of anti-bribery controls
• 8.9 Raising concerns
• 8.10 Investigating and dealing with bribery
75. • The operational planning and control of ISO 37001 includes due
diligence, financial controls and non-financial controls. It covers the
reporting of suspected and actual bribery, as well as investigating on
and dealing with such findings.
76. • Due Diligence: Conducting checks of on certain transactions, projects,
activities, business associates, or an organisation’s personnel is a key
component of the standard, as it informs the decision on whether to
postpone, discontinue, or revise those transactions, projects, or
relationships with business associates or personnel. As expected, and
in line with all its requirements, the standard does not adopt the
‘one-size-fits-all’ approach, and due diligence must be weighted
according to risk.
77. • In relation to non-controlled business associates, for which the
bribery risk assessment or due diligence has not identified as low, the
organiation should obtain anti-bribery commitments, and require the
business associate to implement anti-bribery controls in relation to
the relevant transaction, project or activity.
• This might be limited to training, and controls over key payments and
gifts/hospitality. In the case of a major high bribery risk business
associate with a large and complex scope of work, the organization
might require the business associate to have implemented controls
equivalent to those required by ISO 37001. The organization will
normally impose these requirements on the business associate as a
pre-condition to working it, and/or as part of the contract document.
78. 9. Performance evaluation
• 9.1 Monitoring, measurement, analysis and evaluation
• 9.2 Internal audit
• 9.3 Management review
• 9.3.1 Top management review
• 9.3.2 Governing body review
• 9.4 Review by anti-bribery compliance function
79. • Organizations are required to review periodically the organization
compliance system, either via an independent internal audit or a
competent and independent third party. Such audits consist of internal
audit processes or other procedures which review procedures, controls and
systems for:
a. bribery or suspected bribery;
b. non-compliance with the anti-bribery policy or anti-bribery management
system requirements;
c. failure of business associates to conform to the applicable requirements of
the organization; and
d. weaknesses in or opportunities for improvement to the anti-bribery
management system.
81. Mandatory procedures
• reporting procedures for suspected and actual bribery (5.1.2)
• procedures which enable it to take appropriate disciplinary action
against personnel who violate the anti-bribery policy or anti-bribery
management system (7.2.2.1)
• Employment process (7.2.2)
• Procedures in positions which are exposed to more than a low bribery
risk such as due diligence (7.2.2.2)
• The anti-bribery compliance declaration
• procedures addressing anti-bribery awareness and training for
business associates (7.3)
82. Mandatory procedures cont.
• Procedures controlling Implementation of anti-bribery controls by
controlled organizations and by business associates (8.5.2)
• Procedures addressing Anti-bribery commitments for business
associates which pose more than a low bribery risk (8.6)
• Procedures Raising concerns (8.9)
• Procedures Investigating and dealing with bribery (8.10)
• procedures which review procedures, controls and systems ABMS
83. • may also implement audit procedures to identify ways personnel may
exploit existing control weaknesses for personal gain A.8.4.4
• audit procedures for business associate (A13.3.6)
• Procedures to control the extent and frequency of gifts and
hospitality A.15.3
84. Mandatory documented
• Scope of the anti-bribery management system i.e. the certification scope (clause 4.3);
• identification, review and assessment of the bribery risks (clause 4.5);
• the anti-bribery policy, available in appropriate languages (clause 5.2);
• the measurable and achievable anti-bribery objectives (clause 6.2);
• competence of personnel (clause 7.2.1);
• awareness and training provided to employees and business associates (clause 7.3);
• evidence that processes have been carried out as planned (clause 8.1.);
• methods and result for monitoring, measurement, analysis and evaluation (clause 9.1.);
• the internal audit (clause 9.2);
• results of the top management reviews (clause 9.3.1);
• results of the governing body reviews (clause 9.3.2);
• control of nonconformities and corrective actions (clause 10.1).
85. A.17 Documented information
• The documented information under 7.5.1 may include:
• a) receipt of anti-bribery policy by personnel;
• b) provision of anti-bribery policy to business associates who pose more than a
low risk of bribery;
• c) the policies, procedures and controls of the anti-bribery management system;
• d) bribery risk assessment results (see 4.5);
• e) anti-bribery training provided (see 7.3);
• f) due diligence carried out (see 8.2);
• g) the measures taken to implement the anti-bribery management system;
• h) approvals and records of gifts, hospitality, donations and similar benefits given
and received(see 8.7) ;
86. • I)the actions and outcomes of concerns raised in relation to:
• 1) any weakness of the anti-bribery management system;
• 2) incidents of attempted, suspected or actual bribery;
• j) the results of monitoring, investigating or auditing carried out by
the organization or third parties.
87. Periodic review
❑periodic management review of significant financial transactions A 11
❑periodic and independent financial audits and changing, on a regular
basis, the person or the organization that carries out the audit.A 11
❑periodic summary report of any minor compliance function failure
indication
88. Peraturan terkait
• permenkeu 83 2015 pengendalian gratifikasi di lingkungan kementerian keuangan
• perpres 54 2018 tentang strategi nasional pencegahan korupsi
• permenpan rb 03 2013 tentang pedoman umum sistem penanganan pengaduan
(whistleblower system) tindak pidana korupsi di lingkungan kementerian
pendayagunaan aparatur negara dan reformasi birokrasi
• permenpan rb 10 tahun 2019 pedoman pembangunan zona integrase, perubahan
permenpan rb no 54 tahun 2012
• permenpan rb no 54 tahun 2012 pedoman pembangunan zona integritas menuju
wilayah bebas dari korupsi dan wilayah birokrasi bersih dan melayani di
lingkungan instansi pemerintah
• uu 20 2001
• per ma 13 2016
89.
90.
91. GRI 205:
Anti-corruption
• GRI 205 addresses the topic of anti-corruption. In this Standard,
corruption is understood to include practices such as bribery,
facilitation payments, fraud, extortion, collusion, and money
laundering; the offer or receipt of gifts, loans, fees, rewards, or other
advantages as an inducement to do something that is dishonest,
illegal, or represents a breach of trust. It can also include practices
such as embezzlement, trading in influence, abuse of function, illicit
enrichment, concealment, and obstructing justice.
92. GRI 205:
Anti-corruption
• The reporting organization should disclose the following information:
• 1.2.1 The organization’s risk assessment procedures for corruption, including the
criteria used in the risk assessment, such as location, activity, and sector;
• 1.2.2 How the organization identifies and manages conflicts of interest that
employees or persons linked to the organization’s activities, products, or services
may have. Conflicts of interest for the highest governance body are covered in
Disclosure 102-25 of GRI 102: General Disclosures;
• 1.2.3 How the organization ensures that charitable donations and sponsorships
(financial and in-kind) that are made to other organizations are not used as a
disguised form of bribery. Recipients of charitable donations and sponsorships
(financial and in-kind) can include not-for-profit organizations, religious
organizations, private organizations, and events;.
93. • 1.2.4 The extent to which communication and training on anti-
corruption is tailored to those governance body members,
employees, business partners, and other persons that have been
identified as having a high risk of incidents of corruption;
• 1.2.5 At which stage the training on anti-corruption for governance
body members, employees, business partners and other persons that
have been identified as having a high risk of incidents of corruption is
provided (e.g. when new employees join the organization or when
relationships with new business partners are established); and the
frequency of the training (e.g. annually or biannually);
94. • 1.2.6 Whether the organization participates in collective action to
combat corruption, including:
• 1.2.6.1 the strategy for the collective action activities;
• 1.2.6.2 a list of the collective action initiatives in which the
organization participates;
• 1.2.6.3 a description of the main commitments of these initiatives
95. Disclosure Operations assessed for risks
related to corruption
• The reporting organization shall report the following information:
• a. Total number and percentage of operations assessed for risks
related to corruption.
• b. Significant risks related to corruption identified through the risk
assessment.
96. Disclosure Communication and training about
anti-corruption policies and procedures
• a. Total number and percentage of governance body members that the
organization’s anti-corruption policies and procedures have been
communicated to, broken down by region.
• b. Total number and percentage of employees that the organization’s
anti-corruption policies and procedures have been communicated to,
broken down by employee category and region.
• c. Total number and percentage of business partners that the
organization’s anti-corruption policies and procedures have been
communicated to, broken down by type of business partner and region.
Describe if the organization’s anti-corruption policies and procedures
have been communicated to any other persons or organizations.
97. • d. Total number and percentage of governance body members that
have received training on anti-corruption, broken down by region.
• e. Total number and percentage of employees that have received
training on anti-corruption, broken down by employee category and
region.
98. Disclosure Confirmed incidents of corruption
and actions taken
• a. Total number and nature of confirmed incidents of corruption.
• b. Total number of confirmed incidents in which employees were
dismissed or disciplined for corruption.
• c. Total number of confirmed incidents when contracts with
business partners were terminated or not renewed due to violations
related to corruption.
• d. Public legal cases regarding corruption brought against the
organization or its employees during the reporting period and the
outcomes of such cases.
99. • collective action to combat corruption voluntary engagement with
initiatives and stakeholders to improve the broader operating
environment and culture, in order to combat corruption
• Note: Collective action to combat corruption can include proactive
collaboration with peers, governments and the wider public sector,
trade unions and civil society organizations.
• confirmed incident of corruption incident of corruption that has
been found to be substantiated
• Note: Confirmed incidents of corruption do not include incidents of
corruption that are still under investigation in the reporting period.
100. • conflict of interest situation where an individual is confronted with
choosing between the requirements of his or her function and his or her
own private interests
• corruption ‘abuse of entrusted power for private gain’,1 which can be
instigated by individuals or organizations
• Note: In the GRI Standards, corruption includes practices such as bribery,
facilitation payments, fraud, extortion, collusion, and money laundering. It
also includes an offer or receipt of any gift, loan, fee, reward, or other
advantage to or from any person as an inducement to do something that is
dishonest, illegal, or a breach of trust in the conduct of the enterprise’s
business.2 This can include cash or in-kind benefits, such as free goods,
gifts, and holidays, or special personal services provided for the purpose of
an improper advantage, or that can result in moral pressure to receive such
an advantage.