The document discusses ISO 37001, an anti-bribery management system standard published by the International Organization for Standardization (ISO). ISO 37001 provides guidance for organizations to establish, implement, maintain and improve anti-bribery compliance programs. It includes a series of measures and controls representing global anti-corruption good practice. Organizations of any size or sector can implement an anti-bribery management system consistent with ISO 37001 to help prevent, detect and address bribery risks. Certification to ISO 37001 is also possible through independent third parties.
ISO 37001 Implementation - The Key to Protecting Your Company’s ReputationPECB
No organization can afford to take the risk of bribery lightly. Investors need assurance that they have made every possible effort to prevent bribery at all levels of the organization. The webinar will list some of the measures, which must be implemented if an organization wants to prevent and detect bribery appropriately.
Presenter:
The presenter of this topic is Mr. Jacob Mc Clean, PECB Trainer and the Principal and Managing Director of Kaizen Training & Management Consultants Limited.
Organizer: Alba Keqa
Date: November 17, 2016
Link of the recorded session published on YouTube: https://youtu.be/Aa-yNO74HRY
Global Manager Group has prepared presentation to provide information regarding ISO 37001 documentation requirements for Anti-Bribery Management System Certification. It described all primary documents like manual, procedures, policy, audit checklist, etc in details.
For further information about ISO 37001:2016 documentation requirements visit @ https://www.globalmanagergroup.com/
ISO/IEC 27001 is the main standard that aims to enhance an organization’s information security.
Amongst others, the webinar covers:
• ISO/IEC 27001 & ISO/IEC 27002, catching up with history
• Quick recap on the ISO/IEC 27002:2022
• From ISO/IEC 27002 to the ISO/IEC 27001 updates
• Some considerations & consequences of the update
• What's up next with ISO/IEC 27001, in practice?
Presenters:
Peter Geelen
Peter Geelen is the director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more.
Stefan Mathuvis
Stefan Mathuvis, is owner & senior consultant at Quality Management & Auditing BV, Zonhoven, Belgium. With over 20 years of experience, Stefan built strong experience in quality management systems, Information Security management systems, GDPR, data privacy & data protection. Stefan is accredited ISO/IEC 27001 Lead Auditor and operates as a third party auditor for DQS Belgium. Dividing his time between consultancy, training & third party auditing on an international scale, Stefan remains in touch with the issues of today allowing him to assist clients in their needs for Information Security and Data Privacy.
Date: November 9, 2022
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/whitepaper/isoiec-270022022--information-security-cybersecurity-and-privacy-protection
https://pecb.com/article/isoiec-27001---what-are-the-main-changes-in-2022
https://pecb.com/article/investing-in-information-security-awareness
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
ISO 37001 Implementation - The Key to Protecting Your Company’s ReputationPECB
No organization can afford to take the risk of bribery lightly. Investors need assurance that they have made every possible effort to prevent bribery at all levels of the organization. The webinar will list some of the measures, which must be implemented if an organization wants to prevent and detect bribery appropriately.
Presenter:
The presenter of this topic is Mr. Jacob Mc Clean, PECB Trainer and the Principal and Managing Director of Kaizen Training & Management Consultants Limited.
Organizer: Alba Keqa
Date: November 17, 2016
Link of the recorded session published on YouTube: https://youtu.be/Aa-yNO74HRY
Global Manager Group has prepared presentation to provide information regarding ISO 37001 documentation requirements for Anti-Bribery Management System Certification. It described all primary documents like manual, procedures, policy, audit checklist, etc in details.
For further information about ISO 37001:2016 documentation requirements visit @ https://www.globalmanagergroup.com/
ISO/IEC 27001 is the main standard that aims to enhance an organization’s information security.
Amongst others, the webinar covers:
• ISO/IEC 27001 & ISO/IEC 27002, catching up with history
• Quick recap on the ISO/IEC 27002:2022
• From ISO/IEC 27002 to the ISO/IEC 27001 updates
• Some considerations & consequences of the update
• What's up next with ISO/IEC 27001, in practice?
Presenters:
Peter Geelen
Peter Geelen is the director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more.
Stefan Mathuvis
Stefan Mathuvis, is owner & senior consultant at Quality Management & Auditing BV, Zonhoven, Belgium. With over 20 years of experience, Stefan built strong experience in quality management systems, Information Security management systems, GDPR, data privacy & data protection. Stefan is accredited ISO/IEC 27001 Lead Auditor and operates as a third party auditor for DQS Belgium. Dividing his time between consultancy, training & third party auditing on an international scale, Stefan remains in touch with the issues of today allowing him to assist clients in their needs for Information Security and Data Privacy.
Date: November 9, 2022
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/whitepaper/isoiec-270022022--information-security-cybersecurity-and-privacy-protection
https://pecb.com/article/isoiec-27001---what-are-the-main-changes-in-2022
https://pecb.com/article/investing-in-information-security-awareness
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
Key Elements of an Effective Anti-Bribery Management System ImplementationPECB
As the Anti-Bribery is becoming the world's most challenges issues, it is very important for businesses to support their company with the best programs and enhanced protection. The webinar demonstrated that this is possible by implementing ISO 37001 standard, and by identifying the key elements of an effective ISO 37001 implementation.
Main points that have been covered are:
• Definition of ISO 37001
• Case Studies
• Culture, Training and Reinforcement program
Presenter:
Mr. Mohamad Khachab is PECB Partner & Trainer, with 30 years of professional experience in management consultancy, project management, teaching/training, IT Procurement, preparing proposals, information risk management, research, developing bidding documents, and business development activities.
Link of the recorded session published on YouTube: https://youtu.be/wKc-2aHDf5s
ISO 22301: The New Standard for Business Continuity Best PracticeMissionMode
ISO 22301 is the new international standard for Business Continuity Management best practice. It provides organizations with a framework to manage risk and ensure that they can continue operations in any type of event. In this webinar, ISO 22301 expert John McGill will help you understand the ISO standard, why it's important, and how to plan for certification.
2022 Webinar - ISO 27001 Certification.pdfControlCase
ControlCase Introduction
What is ISO 27001?
What is ISO 27002?
What is ISO 27701, ISO 27017, & ISO 27018?
What is an ISMS?
What is ISO 27001 Certification?
Who Needs ISO 27001?
What is Covered in ISO 27001?
How Many Controls in ISO 27001?
What is the ISO 27001 Certification Process?
How Often Do You Need ISO 27001 Certification?
What are the Challenges to ISO 27001 Compliance?
Why ControlCase?
ISO 37001:2016 is used for Anti-Bribery Management System. This publication is about readymade documentation kit which can be used as completed tool for documentation process and it defines requirements of various documents during ISO 37001:2016 Certification.
For more details visit our website: https://www.globalmanagergroup.com/
Due to the dramatic increase of threats worldwide, there is a need for the companies to find ways how to increase the information security. Therefore, one solution is to implement the ISO/IEC 27001 in order to protect information both internally and externally.
Main points that will be covered are:
• The scope of ISO 27001 & associated other standards references
• Information Security and ISIM Terminologies
• ISIM auditing principles
• Managing audit program & audit activities
Presenter:
Eng. Kefah El-Ghobbas is a specialist in ‘Business Process Excellence' through ‘Business Process Re-engineering' with over 20 years of experience.
Link of the recorded session published on YouTube: https://youtu.be/rTxA8PVULUs
Han van Thoor participated in the Certification Europe Information Security Breakfast Seminar in November 2011. Han van Thoor Managing Director of Jumper Consulting Ltd. The presentation discussed the current challenges within the security, in conjunction with the following topics:
Managing management and peers
Risk Assessment
Statement of Applicability
Post certification
Benefits
Further details on ISO 27001 Information Security Management System certification on our website http://www.certificationeurope.com/iso-27001-information-security.html
Perbandingan standar Sistem Manejemen Keamanan Informasi dgn Sistem Manajemen Anti Penyuapan dgn Sistem Manajemen Mutu dgn Sistem Manajemen Organisasi Pendidikan, Jika sudah menerapkan salah satu Sistem Manajemen maka untuk menerapkan yang lain sedikit sekali usaha tambahannya. Perubahan Manajemen Risiko adalah yang paling awal. Semoga bermanfaat.
Key Elements of an Effective Anti-Bribery Management System ImplementationPECB
As the Anti-Bribery is becoming the world's most challenges issues, it is very important for businesses to support their company with the best programs and enhanced protection. The webinar demonstrated that this is possible by implementing ISO 37001 standard, and by identifying the key elements of an effective ISO 37001 implementation.
Main points that have been covered are:
• Definition of ISO 37001
• Case Studies
• Culture, Training and Reinforcement program
Presenter:
Mr. Mohamad Khachab is PECB Partner & Trainer, with 30 years of professional experience in management consultancy, project management, teaching/training, IT Procurement, preparing proposals, information risk management, research, developing bidding documents, and business development activities.
Link of the recorded session published on YouTube: https://youtu.be/wKc-2aHDf5s
ISO 22301: The New Standard for Business Continuity Best PracticeMissionMode
ISO 22301 is the new international standard for Business Continuity Management best practice. It provides organizations with a framework to manage risk and ensure that they can continue operations in any type of event. In this webinar, ISO 22301 expert John McGill will help you understand the ISO standard, why it's important, and how to plan for certification.
2022 Webinar - ISO 27001 Certification.pdfControlCase
ControlCase Introduction
What is ISO 27001?
What is ISO 27002?
What is ISO 27701, ISO 27017, & ISO 27018?
What is an ISMS?
What is ISO 27001 Certification?
Who Needs ISO 27001?
What is Covered in ISO 27001?
How Many Controls in ISO 27001?
What is the ISO 27001 Certification Process?
How Often Do You Need ISO 27001 Certification?
What are the Challenges to ISO 27001 Compliance?
Why ControlCase?
ISO 37001:2016 is used for Anti-Bribery Management System. This publication is about readymade documentation kit which can be used as completed tool for documentation process and it defines requirements of various documents during ISO 37001:2016 Certification.
For more details visit our website: https://www.globalmanagergroup.com/
Due to the dramatic increase of threats worldwide, there is a need for the companies to find ways how to increase the information security. Therefore, one solution is to implement the ISO/IEC 27001 in order to protect information both internally and externally.
Main points that will be covered are:
• The scope of ISO 27001 & associated other standards references
• Information Security and ISIM Terminologies
• ISIM auditing principles
• Managing audit program & audit activities
Presenter:
Eng. Kefah El-Ghobbas is a specialist in ‘Business Process Excellence' through ‘Business Process Re-engineering' with over 20 years of experience.
Link of the recorded session published on YouTube: https://youtu.be/rTxA8PVULUs
Han van Thoor participated in the Certification Europe Information Security Breakfast Seminar in November 2011. Han van Thoor Managing Director of Jumper Consulting Ltd. The presentation discussed the current challenges within the security, in conjunction with the following topics:
Managing management and peers
Risk Assessment
Statement of Applicability
Post certification
Benefits
Further details on ISO 27001 Information Security Management System certification on our website http://www.certificationeurope.com/iso-27001-information-security.html
Perbandingan standar Sistem Manejemen Keamanan Informasi dgn Sistem Manajemen Anti Penyuapan dgn Sistem Manajemen Mutu dgn Sistem Manajemen Organisasi Pendidikan, Jika sudah menerapkan salah satu Sistem Manajemen maka untuk menerapkan yang lain sedikit sekali usaha tambahannya. Perubahan Manajemen Risiko adalah yang paling awal. Semoga bermanfaat.
How to Get ISO 37001 Certified and Why You Should.pdfOFFICE
ISO 37001 is defined as Anti-Bribery Management System. The purpose is to establish, implement, maintain and enhance an anti-bribery program that prevents, detects and addresses bribery risks in an organization or institution. 4C team has trained and experienced ISO 37001 consultants who help the organization to implement a customized anti bribery management system in line with regional anti bribery law and organization type and size.
Get an overview of what compliance management means, the common categories of compliance in businesses as well as how software solutions can support your Organisational and Regulatory compliance journey.
To know more, visit corporater.com/compliance
Challenges and Opportunities for Anti Corruption Images.pdfRankyMathew
To successfully navigate the challenges and leverage the opportunities presented by ISO 37001, organizations should take a systematic approach to implementing anti-corruption practices. This includes strong leadership commitment, employee training and awareness, third-party due diligence, effective reporting mechanisms, and ongoing monitoring and improvement.
ISO 37001 Certification Benefits Requirements and Key Elements.pdfOFFICE
ISO 37001 is defined as Anti-Bribery Management System. The purpose is to establish, implement, maintain and enhance an anti-bribery program that prevents, detects and addresses bribery risks in an organization or institution. 4C team has trained and experienced ISO 37001 consultants who help the organization to implement a customized anti bribery management system in line with regional anti bribery law and organization type and size.
The series of measures for ISO 37001 include: adopting an anti-bribery policy, appointing a person to oversee compliance, anti-bribery and corruption training, risk assessments and due diligence for ISO 37001 on projects and business associates, implementing financial and commercial controls, and instituting reporting and investigation procedures.
Transparency International Malaysia: Business Integrity ProgrammeEthical Sector
On 16 March, the Myanmar Centre for Responsible Business (MCRB) and ASEAN CSR Network (ACN) hosted a workshop in Yangon for senior managers of Myanmar companies on anti-corruption practices.
http://www.myanmar-responsiblebusiness.org/news/combatting-corruption-in-myanmar.html
Compliance with SEBI's Prohibition of Insider Trading Regulation with Ins...Atish Satbhai
Axar Digital offers insider trading compliance software and a structured digital database, which gives you a complete solution for tracking insider trading, compliance & control. It complies with the SEBI insider regulation 2015. Contact us to know more.
Internal Controls over Indian Financial ReportingBharath Rao
Corporate Accountability has been gaining its momentum in the Indian Scenario. The Companies Act 2013 has now benchmarked itself to regulations like the Sarbanes-Oxley Act and stresses on the fact the auditor has to give an opinion on the Internal controls that handle Financial Data and are operating effectively. Section 134 and Section 143 of the Companies Act 2013 highlights the requirements for documenting, implementing, enforcing and auditing those internal controls which handle Financial Data.
This article provides an introduction of Internal Controls over Financial Reporting in the Indian perspective.
Dr haluk f gursel fraud examination rises to distinction article grcj 2010 1_v3_Haluk Ferden Gursel
Global firms are recognizing that the
anti-fraud profession is an important
component of risk measurement and
avoidance. The analysis below
illustrates how recent risk-based
management control systems are
hastening the development of
specialized anti-fraud agents. It is
evident that the increased public
appetite for transparency and enhanced
accountability has also spurred rapid
developments in the anti-fraud
discipline.
At Techbox Square, in Singapore, we're not just creative web designers and developers, we're the driving force behind your brand identity. Contact us today.
buy old yahoo accounts buy yahoo accountsSusan Laney
As a business owner, I understand the importance of having a strong online presence and leveraging various digital platforms to reach and engage with your target audience. One often overlooked yet highly valuable asset in this regard is the humble Yahoo account. While many may perceive Yahoo as a relic of the past, the truth is that these accounts still hold immense potential for businesses of all sizes.
Premium MEAN Stack Development Solutions for Modern BusinessesSynapseIndia
Stay ahead of the curve with our premium MEAN Stack Development Solutions. Our expert developers utilize MongoDB, Express.js, AngularJS, and Node.js to create modern and responsive web applications. Trust us for cutting-edge solutions that drive your business growth and success.
Know more: https://www.synapseindia.com/technology/mean-stack-development-company.html
Top mailing list providers in the USA.pptxJeremyPeirce1
Discover the top mailing list providers in the USA, offering targeted lists, segmentation, and analytics to optimize your marketing campaigns and drive engagement.
B2B payments are rapidly changing. Find out the 5 key questions you need to be asking yourself to be sure you are mastering B2B payments today. Learn more at www.BlueSnap.com.
Implicitly or explicitly all competing businesses employ a strategy to select a mix
of marketing resources. Formulating such competitive strategies fundamentally
involves recognizing relationships between elements of the marketing mix (e.g.,
price and product quality), as well as assessing competitive and market conditions
(i.e., industry structure in the language of economics).
Understanding User Needs and Satisfying ThemAggregage
https://www.productmanagementtoday.com/frs/26903918/understanding-user-needs-and-satisfying-them
We know we want to create products which our customers find to be valuable. Whether we label it as customer-centric or product-led depends on how long we've been doing product management. There are three challenges we face when doing this. The obvious challenge is figuring out what our users need; the non-obvious challenges are in creating a shared understanding of those needs and in sensing if what we're doing is meeting those needs.
In this webinar, we won't focus on the research methods for discovering user-needs. We will focus on synthesis of the needs we discover, communication and alignment tools, and how we operationalize addressing those needs.
Industry expert Scott Sehlhorst will:
• Introduce a taxonomy for user goals with real world examples
• Present the Onion Diagram, a tool for contextualizing task-level goals
• Illustrate how customer journey maps capture activity-level and task-level goals
• Demonstrate the best approach to selection and prioritization of user-goals to address
• Highlight the crucial benchmarks, observable changes, in ensuring fulfillment of customer needs
Event Report - SAP Sapphire 2024 Orlando - lots of innovation and old challengesHolger Mueller
Holger Mueller of Constellation Research shares his key takeaways from SAP's Sapphire confernece, held in Orlando, June 3rd till 5th 2024, in the Orange Convention Center.
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s DholeraAvirahi City Dholera
The Tata Group, a titan of Indian industry, is making waves with its advanced talks with Taiwanese chipmakers Powerchip Semiconductor Manufacturing Corporation (PSMC) and UMC Group. The goal? Establishing a cutting-edge semiconductor fabrication unit (fab) in Dholera, Gujarat. This isn’t just any project; it’s a potential game changer for India’s chipmaking aspirations and a boon for investors seeking promising residential projects in dholera sir.
Visit : https://www.avirahi.com/blog/tata-group-dials-taiwan-for-its-chipmaking-ambition-in-gujarats-dholera/
3.0 Project 2_ Developing My Brand Identity Kit.pptxtanyjahb
A personal brand exploration presentation summarizes an individual's unique qualities and goals, covering strengths, values, passions, and target audience. It helps individuals understand what makes them stand out, their desired image, and how they aim to achieve it.
The 10 Most Influential Leaders Guiding Corporate Evolution, 2024.pdfthesiliconleaders
In the recent edition, The 10 Most Influential Leaders Guiding Corporate Evolution, 2024, The Silicon Leaders magazine gladly features Dejan Štancer, President of the Global Chamber of Business Leaders (GCBL), along with other leaders.
2. What is ISO?
1. The International Organization for Standardization
(ISO) develops and publishes International standards
ISO 37000.
2. It is compromised of the national standards bodies
from 163 member countries.
3. It has developed nearly twenty thousand voluntary
international standards
4. What is ISO 37001?
An anti-bribery management system standard, had
published successfully.
It is designed to help an organization establish,
implement, maintain, and improve an anti-bribery
compliance program or “management system.”
It includes a series of measures and controls that
represent global anti-corruption good practice.
6. Who can use this
Standard?
The standard is flexible and can be adapted to a
wide range of organizations, including:
• Large organizations
• Small & medium sized enterprises (SMEs)
• Public and private sector organizations
• Non-governmental organizations (NGOs)
The standard can be used by organizations in any
country.
7. Who can use this
Standard?
فى لتنفذ تعديلها يمكن و مرنه المواصفه:-
•الحجم كبيره المنظمات
•متوسطه و صغيره المنظمات
•خاصه و عامه منظمات
•حكوميه غير منظمات
8. Does the Standard require a stand-
alone Management System?
The measures required by ISO 37001
are designed to be integrated with
existing management processes and
controls.
Follows the common high-level
structure for management system
standards, for easy integration with,
for example, ISO 9001
New or enhanced measures can be
integrated into existing systems.
9. Does the Standard require a stand-
alone Management System?
األيزو مواصفه صممت37000مع تدمج لكى
المنظمه فى تطبيقها تم أخرى مواصفات.
األيزو مواصفه ع فى بسهوله دمجها يتم9001و
بالفعل الموضوعه اإلدارهنظم بجوده الخاصه.
10. What does ISO 37001
address?
Bribery by the organization, or by its
personnel or business associates acting on
the organization’s behalf or for its benefit
Bribery of the organization, or of its
personnel or business associates in relation
to the organization’s activities
12. Does the Standard define
bribery?
Bribery is defined by law which varies
between countries.
Therefore the Standard does not provide an
independent definition of bribery.
The Standard provides guidance on what is
meant by bribery to help users understand
the intention and scope of the Standard.
14. What does the standard
require?
A series of measures and controls to help prevent,
detect, and address bribery, among them:
An anti-bribery policy, procedures, and controls
Top management leadership, commitment and
responsibility
Senior level oversight
Anti-bribery training
Risk assessments
Due diligence on projects and business associates
Reporting, monitoring, investigation and review
Corrective action and continual improvement
15. What does the standard
require?
مجمةعهمناساليبالرقابهلمساعدهالمنظمهلمنعوإكتشافوتحديدالفساد
وهىكالتالى:-
السياسهواإلجراءاتوأساليبالرقابه.
القيادهواإللتزاموالمسئوليهمناإلدارهالعليا.
النظرهالشموليهلإلدارهالعليا.
التدريب
تقييمالمخاطر
العملبالنيابهفىالمشاريعوالنظم
كيفيهمتابعهومراقبهوالتحقيقوالمراجعه
اإلجراءؤاتالتصحيحيهوالتطويرالمستمر
16. What if a Standard provision is illegal
in a country?
ISO specifies measures and controls
globally regarded as anti-corruption good
practice.
If a requirement is prohibited by applicable
law, an organization will be required to
comply with that requirement, in accordance
with the standard.
17. What if a Standard provision is illegal
in a country?
كأس شمولى بشكل القياس و الرقابه تحدد األيزو مواصفهلوب
الفساد لمواجهه عام.
داخ المنظمه فى بالفساد يتعلق قانونى مطلب هناك كان إذال
ويت القانون مع بالتطابق المنظمه إلزام يتم سوف الدولهتطبيقه م
الفساد محاربه نظام داخل.
18. How will the Standard benefit
an organization?
By providing:
Minimum requirements and supporting
guidance for implementing or benchmarking
an anti-bribery management system
Assurance to management, investors,
employees, customers, and other stakeholders
that an organization is taking steps to prevent
bribery risk
Evidence that an organization has taken
reasonable steps to prevent bribery
19. How will the Standard benefit
an organization?
وذلكمنخاللتنفيذ:-
تنفيذالحداالدنىمنمتطلباتالمواصفهداخلنظاممحاربهالفساد
اإلدارى.
تأكيدللمساهمينفىالمنظمهوالعاملينوالعمالءوالجهاتاألخرى
بأنالمنظمهقادرهعلىإتخاذخطواتلمحاربهخطرالفساد.
دليلعلىأنالمنظمهتأخذخطواتمسئولهتجاهمحاربهالفسادبها.
20. Can my organization be ISO 37001
certified?
ISO 37001 is being developed as a
requirements standard, making it capable of
independent certification.
If approved as such, third parties will be able to
certify an organization’s compliance with the
Standard.
21. Can my organization be ISO 37001
certified?
االيزو37000تمتطويرهكمواصفهعالميهويتمأخذشهاده
معتمدهلها.
فىحالهالموافقهعلىنظاممحاربهالفسادالموضوعيتمتأهيل
المنظمهللحصولعلىالشهاده.
22. What is anti Bribery
Management system
Bribery is one of the most destructive and
complex problems of our times, and despite
national and international efforts to combat it, it
remains widespread.
An anti-bribery management system is
designed to enhance an anti-bribery culture
within an organization and implement
appropriate controls, which will in turn increase
the chance of detecting bribery and reduce its
incidence in the first place.
24. What is anti Bribery
Management system
ISO 37001, Anti-bribery management systems
– Requirements with guidance for use, gives
the requirements and guidance for
establishing, implementing, maintaining and
improving an anti-bribery management system.
The system can be independent of, or
integrated into, an overall management
system.
It covers bribery in the public, private and not-
for-profit sectors, including bribery by and
against an organization or its staff, and bribes
paid or received through or by a third party.
26. What is benefits
ISO 37001 is designed to help your
organization implement an anti-bribery
management system or enhance the controls
you currently have.
It requires implementing a series of measures
such as adopting an anti-bribery policy,
appointing someone to oversee compliance
with that policy, getting and training employees,
undertaking risk assessments on projects and
business associates, implementing financial
and commercial controls, and instituting
reporting and investigation procedures.
28. What is benefits
Implementing an anti-bribery management
system requires leadership and input from top
management, and the policy and programme
must be communicated to all staff and external
parties such as contractors, suppliers and
jointventure partners.
30. What is benefits
In this way, it helps to reduce the risk of
bribery occurring and can demonstrate to
your management, employees, owners,
funders, customers and other business
associates that you have put in place
internationally recognized good-practice
anti-bribery controls.
It can also provide evidence in the event of
a criminal investigation that you have taken
reasonable steps to prevent bribery.
32. Context of the organization
Understanding the organization and its
context
The organization will determine external
and internal factors that are relevant to its
purpose and that affect its ability to achieve
the objectives of its anti-bribery
management system. These factors will
include, without limitation, the following:
a) size and structure of the organization;
b) locations and sectors in which the
organization operates or anticipates
operating;
How to Implement ISO 37001 in your organization
33. c) nature, scale and complexity of the
organization's activities and operations;
d) entities over which the organization has
control;
e) organization's business associates;
f) the nature and extent of interactions with
public officials; and
g) applicable statutory, regulatory,
contractual and professional obligations
and duties.
35. Understanding the needs and
expectations of stakeholders
The organization will determine:
a) the stakeholders that are relevant to the
anti-bribery management system;
b) the relevant requirements of these
stakeholders
37. Determining the scope of the anti-bribery
management system
The organization shall determine the
boundaries and applicability of the anti-
bribery management system to establish its
scope.
When determining this scope, the
organization shall consider:
a) the external and internal factors
b) the requirements
c) the results of the bribery risk assessment
39. Anti-bribery management system
The organization shall establish, document,
implement, maintain and continually review
and, where necessary, improve an anti-
bribery management system, including the
processes needed and their interactions, in
accordance with the country regulation
The anti-bribery management system shall
contain measures designed to identify and
evaluate the risk of, and to prevent, detect
and address, bribery
41. Bribery risk assessment
The organization shall undertake bribery
risk assessment(s) which shall:
a) identify the bribery risks the organization
might reasonably anticipate given the
factors
b) assess and prioritize the identified
bribery risks;
c) evaluate the suitability and effectiveness
of the organization's existing controls to
mitigate the assessed bribery risks.
The organization shall establish criteria for
evaluating its level of bribery risk, which
shall take into account the organization's
42. Bribery risk assessment
The bribery risk assessment shall be
reviewed on a regular basis so that
changes and new information can be
properly assessed based on timing and
frequency defined by the organization;
b) in the event of a significant change to the
structure or activities of the organization.
The organization shall maintain
documented information that demonstrates
that the bribery risk assessment has been
conducted, and used to design the anti-
bribery management system
43. Leadership
Leadership and commitment
Governing body
When the organization has a governing
body, that body shall demonstrate
leadership and commitment with respect to
the anti-bribery management system by:
a) approving the organization’s anti-bribery
policy;
b) at planned intervals receiving and
reviewing information about the content and
operation of the organization’s anti-bribery
management system;
44. Leadership
Leadership and commitment
Governing body
c) ensuring that adequate and appropriate
resources needed for effective operation of
the anti-bribery management system are
allocated and assigned;
d) exercising reasonable oversight over the
implementation of the organization’s anti-
bribery management system by top
management and its effectiveness.
45. Top management
Top management shall demonstrate
leadership and commitment with respect to
the anti-bribery management
system by:
a) ensuring that the anti-bribery
management system, including policy and
objectives, is established, implemented,
maintained and reviewed to adequately
address the organization's bribery risks;
b) ensuring the integration of the anti-
bribery management system requirements
into the organization’s processes;
46. Top management
C) deploying adequate and appropriate
resources for the effective operation of the
anti-bribery management system;
d) communicating internally and externally
regarding the anti-bribery policy;
e) communicating internally the importance
of effective anti-bribery management and of
conforming to the anti-bribery management
system requirements;
47. Top management
f) ensuring that the anti-bribery
management system is appropriately
designed to achieve its objectives;
g) directing and supporting personnel to
contribute to the effectiveness of the anti-
bribery management system; promoting an
appropriate anti-bribery culture within the
organization;
i) promoting continual improvement
48. Top management
j) supporting other relevant management
roles to demonstrate their leadership in
preventing and detecting bribery as it
applies to their areas of responsibility;
k) encouraging the use of reporting
procedures for suspected and actual
bribery
49. Top management
l) ensuring that no personnel will suffer retaliation
or discriminatory or disciplinary action for reports
made in good faith or on the basis of a reasonable
belief of violations or suspected violations of the
organization’s anti-bribery policy, or for refusing to
engage in bribery, even if such refusal may result
in the organization losing business (except where
the individual participated in the breach);
m) at planned intervals, reporting to the governing
body (if one exists) on the content and operation of
the anti-bribery management system and of
allegations of serious and/or systematic bribery.
50. Anti-bribery policy
Top management shall establish, review and
maintain an anti-bribery policy that:
a) prohibits bribery;
b) requires compliance with anti-bribery laws that
are applicable to the organization;
c) is appropriate to the purpose of the organization;
d) provides a framework for setting, reviewing and
achieving anti-bribery objectives;
e) includes a commitment to satisfy anti-bribery
management system requirements;
f) encourages raising concerns in confidence
without fear of reprisal
51. Anti-bribery policy
includes a commitment to continual improvement
of the anti-bribery management system;
h) explains the authority and independence of the
anti-bribery compliance function; and
i) explains the consequences of not complying with
the anti-bribery policy.
The anti-bribery policy shall:
a) be available as documented information;
b) be communicated in appropriate languages
within the organization and to business associates
who pose more than a low risk of bribery;
c) be available to relevant stakeholders, as
appropriate
52. Organizational roles, responsibilities and
authorities
Roles and responsibilities
Top management shall have overall
responsibility for the implementation of and
compliance with the anti bribery
management system
Top management shall ensure that the
responsibilities and authorities for relevant
roles are assigned and communicated
within and throughout every level of the
organization.
Managers at every level shall be
responsible for ensuring that the anti-
53. Anti-bribery compliance function
Top management shall assign to an anti-
bribery compliance function the
responsibility and authority for:
a) overseeing the design and
implementation by the organization of the
anti-bribery management system;
b) providing advice and guidance to
personnel on the anti-bribery management
system and issues relating to bribery;
c) ensuring that the anti-bribery
management system conforms to the
requirements of country regulation
54. Anti-bribery compliance function
d) reporting on the performance of the anti-
bribery management system to the
governing body (if any) and top
management and other compliance
functions, as appropriate.
The anti-bribery compliance function shall
be adequately resourced and assigned to
person(s) who have the appropriate
competence, status, and independence.
55. Anti-bribery compliance function
The anti-bribery compliance function shall have
direct and prompt access to the governing body (if
any) and top management in the event that any
issue or concern needs to be raised in relation to
bribery or the anti-bribery management system.
Top management may assign some or all of the
anti-bribery compliance function to persons
external to the organization. If it does, top
management shall ensure that specific personnel
have responsibility for and authority over those
assigned parts of the function.
56. Anti-bribery compliance function
Where top management delegates to personnel
the responsibility or authority for the making of
decisions in relation to which there is more than a
low risk of bribery, the organization shall establish
and maintain a decision-making process or set of
controls that requires that the decision process and
the level of authority of the decision-maker(s) are
appropriate and free of actual or potential conflicts
of interest.
Top management shall ensure that these
processes are reviewed periodically as part of its
roles and responsibilities for implementation of and
compliance with the anti-bribery management
system.
57. Planning
Actions to address bribery risks and
opportunities
When planning for the anti-bribery management
system, the organization shall risks and
opportunities that need to be addressed to:
a) give reasonable assurance that the anti-bribery
management system can achieve its objectives;
b) prevent, or reduce, undesired effects relevant to
the anti-bribery policy and objectives;
C)monitor the effectiveness of the anti-bribery
management system
58. Planning
Actions to address bribery risks and
opportunities
The organization shall plan:
a) actions to address these bribery risks and
opportunities;
b) how to:
1) integrate and implement these actions into its anti-
bribery management system processes;
2) evaluate the effectiveness of these actions.
59. Anti-bribery objectives and planning to achieve
them
The organization shall establish anti-bribery
objectives at relevant functions and levels.
The anti-bribery objectives shall:
a) be consistent with the anti-bribery policy;
b) be measurable (if practicable);
c) be achievable;
d) be monitored;
e) be communicated;
f) be updated as appropriate
60. Anti-bribery objectives and planning to achieve
them
The organization shall establish anti-bribery
objectives at relevant functions and levels.
The anti-bribery objectives shall:
a) be consistent with the anti-bribery policy;
b) be measurable (if practicable);
c) be achievable;
d) be monitored;
e) be communicated;
f) be updated as appropriate
61. Anti-bribery objectives and planning to achieve
them
The organization shall retain documented
information on the anti-bribery objectives.
When planning how to achieve its anti-bribery
objectives, the organization shall determine:
what will be done;
what resources will be required;
who will be responsible;
when the objectives will be achieved;
how the results will be evaluated and reported.
62. Support
Resources
The organization shall determine and provide the
resources needed for the establishment,
implementation, maintenance and continual
improvement of the anti-bribery management
system.
Competence
General
The organization shall:
a) determine the necessary competence of person(s)
doing work under its control that affects its anti-
bribery performance;
b) ensure that these persons are competent on the
basis of appropriate education, training, or
experience;
63. Competence
c) where applicable, take actions to acquire and
maintain the necessary competence, and evaluate
the effectiveness of the actions taken;
d) retain appropriate documented information as
evidence of competence.
Employment procedures
In relation to all of its personnel, the organization
shall implement procedures such that:
a) conditions of employment require personnel to
comply with the anti-bribery policy and anti-bribery
management system, and give the organization the
right to discipline personnel in the event of non
compliance;
64. b) within a reasonable period of their employment
commencing, personnel receive a copy of, or are
provided with access to, the anti-bribery policy and
training in relation to that policy;
c) the organization has procedures which enable it
to take appropriate disciplinary action against
personnel who breach the anti-bribery policy and
anti-bribery management system; and
d) personnel are not penalized (e.g. by demotion,
preventing advancement, disciplinary action,
transfer, dismissal, bullying or victimization):
1) for refusing to participate in, or for turning down,
any activity in respect of which they have
reasonably judged there to be a more than low risk
of bribery which has not been mitigated by the
organization; or
65. 2) for concerns raised or reports made in good
faith or on the basis of a reasonable belief, of
attempted, actual or suspected bribery or breaches
of the anti-bribery policy or the anti-bribery
management system (except where the individual
participated in the breach).
In relation to all personnel in positions which are
exposed to more than a low bribery risk as
determined in the bribery risk assessment, and to
all personnel employed in the anti-bribery
compliance function the organization shall
implement procedures which provide that:
66. a) due diligence is conducted on persons before
they are employed, and on personnel before they
are transferred or promoted by the organization, to
ascertain as far as is reasonable that it is
appropriate to employ or redeploy them and that it
is reasonable to believe that they will comply with
the anti bribery policy and anti-bribery
management system requirements;
b) performance bonuses, performance targets and
other incentivizing elements of remuneration are
reviewed periodically to verify that there are
reasonable safeguards in place to prevent them
from encouraging bribery;
c) such personnel, top management, as well as
and the governing body (if any), file a declaration
at reasonable intervals proportionate with the
67. c) such personnel, top management, as well as
and the governing body (if any), file a declaration
at reasonable intervals proportionate with the
identified bribery risk, confirming their compliance
with the anti bribery policy.
Awareness and training
The organization shall provide adequate and
appropriate anti-bribery awareness and training to
personnel.
Such training shall address the following issues as
appropriate, taking into account the results of the
bribery risk assessment:
a) the organization’s anti-bribery policy and
procedures and anti-bribery management system
68. Awareness and training
b) the bribery risk and the damage to them and the
organization which can result from bribery;
c) the circumstances in which bribery can occur in
relation to their duties, and how to recognize these
circumstances;
d) how they can help prevent and avoid bribery
and recognize key bribery risk indicators;
e) their contribution to the effectiveness of the anti-
bribery management system, including the benefits
of improved anti-bribery performance and of
reporting suspected bribery;
f) the implications and potential consequences of
not conforming with the anti-bribery management
system requirements;
69. Awareness and training
g) how and to whom they should report any
concerns
h) information on available training and resources.
Personnel shall be provided with anti-bribery
awareness and training on a regular basis (at
planned intervals determined by the organization)
as appropriate to their roles, the risks of bribery to
which they are exposed, and any changing
circumstances. The awareness and training
programmes shall be periodically updated as
necessary to reflect relevant new information.
70. Awareness and training
Taking into account the bribery risks identified, the
organization shall also implement procedures
addressing anti-bribery awareness and training for
business associates acting on its behalf or for its
benefit and which could pose more than a low
bribery risk to the organization. These procedures
shall identify the business associates for which
such awareness and training is necessary, its
content, and the means by which the training shall
be provided.
The organization shall retain documented
information on the training procedures, the content
of the training, and to whom it was provided.
71. Communication
The organization shall determine the internal and
external communications relevant to the anti-bribery
management system including:
a) on what it will communicate;
b) when to communicate;
c) with whom to communicate;
d) how to communicate;
e) who will communicate;
f) the languages in which to communicate.
72. Due diligence
Where the organization's bribery risk assessment
conducted has assessed a more than low bribery
risk
in relation to:
a) specific categories of transactions, projects or
activities;
b) planned or on-going relationships with specific
categories of business associates; or c) specific
categories of personnel in certain positions the
organization shall assess the nature and extent of
the bribery risk in relation to specific transactions,
projects, activities, business associates and
personnel falling within those categories.
73. Financial controls
The organization shall implement financial controls
that manage bribery risk.
Non-financial controls
The organization shall implement procurement,
operational, sales, commercial and other non-
financial controls that manage bribery risk.
74. Implementation of anti-bribery controls by
controlled organizations and by business
associates
The organization shall implement procedures
which require that all other organizations over
which it has control either:
a) implement the organization’s anti-bribery
management system; or b) implement their own
anti-bribery controls, in each case only to the
extent that is reasonable and proportionate having
regard to the bribery risks which the controlled
organizations face, taking into account the bribery
risk assessment conducted pursuant.
75. Implementation of anti-bribery controls by
controlled organizations and by business
associates
In relation to business associates not controlled by
the organization for which the bribery risk
assessment or due diligence has identified a more
than low bribery risk, and where anti bribery
controls implemented by the business associates
would help mitigate the relevant bribery risk, the
organization shall implement procedures as
follows:
a) the organization shall determine whether the
business associate has in place anti-bribery
controls which manage the relevant bribery risk.
b) where a business associate does not have in
place anti-bribery controls, or it is not possible to
verify whether it has them in place:
76. Implementation of anti-bribery controls by
controlled organizations and by business
associates
1) the organization shall where practicable require
the business associate to implement anti-bribery
controls in relation to the relevant transaction,
project or activity, or
2) where it is not practicable to require the
business associate to implement anti-bribery
controls, the organization shall take this factor into
account when assessing the bribery risks that the
business associates pose, and the way in which
the organization manages such risks
77. Anti-bribery commitments
For business associates which pose more than a
low bribery risk, the organization shall implement
procedures which require that, as far as is
practicable:
a) business associates commit to prevent bribery
by or on behalf of or for the benefit of the business
associate in connection with the relevant
transaction, project, activity, or relationship;
b) the organization is able to terminate the
relationship with the business associate in the
event of bribery by or on behalf of or for the benefit
of the business associate in connection with the
relevant transaction, project, activity, or
relationship.
Where it is not practicable to meet the
requirements of a) or b) above, then this shall be a
78. Gifts, hospitality, donations and similar benefits
The organization shall implement procedures
which are designed to prevent the offer, provision
or acceptance of gifts, hospitality, donations and
similar benefits where the offer, provision or
acceptance is or could reasonably be perceived as
bribery.
Managing inadequacy of anti-bribery controls
Where the due diligence conducted on a specific
transaction, project, activity or relationship with a
business associate establishes that the bribery risks
cannot be managed by existing anti-bribery controls,
and the organization cannot or does not wish to
implement additional or enhanced anti-bribery
controls or take other appropriate steps,
79. Managing inadequacy of anti-bribery controls
to enable the organization to manage the relevant
bribery risks, the organization shall :-
a) in the case of an existing transaction, project,
activity or relationship, take steps appropriate to
the bribery risks and the nature of the transaction,
project, activity or relationship to terminate,
discontinue, suspend or withdraw from it as soon
as is practicable;
b) in the case of a proposed new transaction,
project, activity or relationship, postpone or decline
to continue with it.
80. Raising concerns
The organization shall implement procedures
which:
a) enable persons to report attempted, suspected
and actual bribery, or any breach of or weakness in
the anti-bribery management system, to the anti-
bribery compliance function or to appropriate
personnel (either directly or through an appropriate
third party);
b) except to the extent required to progress an
investigation or by law, require that the
organization treats reports confidentially so as to
protect the identity of the reporter and of others
involved or referenced in the report
81. Raising concerns
d) prohibit retaliation, and protect personnel from
retaliation, after such personnel have in good faith
or on the basis of a reasonable belief raised or
reported a concern about attempted, actual or
suspected bribery or breaches of the anti-bribery
policy or the anti-bribery management system;
e) enable personnel to receive advice from an
appropriate person on what to do if faced with a
concern or situation which could involve bribery;
f) encourage the use by personnel of the reporting
procedures.
The organization shall ensure that all personnel
are aware of the reporting procedures, and are
able to use them, and are aware of their rights and
protections under the procedures;
82. Investigating and dealing with bribery
The organization shall implement procedures
which:
a) require assessment and, where appropriate,
investigation of bribery, or breach of the anti-
bribery policy or the anti-bribery management
system , which is reported, detected or reasonably
suspected;
b) require appropriate action in the event that the
investigation reveals bribery, or breach of the anti-
bribery policy or the anti-bribery management
system; empower and enable investigators and
require co-operation in the investigation by relevant
personnel;
d) require that the status and results of the
investigation are reported to the anti-bribery
83. Investigating and dealing with bribery
The organization shall implement procedures
which:
a) require assessment and, where appropriate,
investigation of bribery, or breach of the anti-
bribery policy or the anti-bribery management
system , which is reported, detected or reasonably
suspected;
b) require appropriate action in the event that the
investigation reveals bribery, or breach of the anti-
bribery policy or the anti-bribery management
system; empower and enable investigators and
require co-operation in the investigation by relevant
personnel;
d) require that the status and results of the
investigation are reported to the anti-bribery