SlideShare a Scribd company logo

ISO 37001 – Preparing for Certification

PECB
PECB

This presentation has been delivered by Karl Schlagenhaufen at the PECB Insights Conference 2018 in Paris

Education
1 of 19
ISO 37001 – Preparing for Certification Karl Schlagenhaufen Associate Consultant at ENFINA Security
2 ISO 37001 Anti-bribery Management System  Bribery is one of the world’s most challenging issues  Over US$ 1 trillion paid in bribes each year (OECD)  Consequences: reducing quality of life, increasing poverty, eroding public trust  Despite efforts on national and international levels, bribery, remains a significant issue  Comprehensive standard on management system against bribery and corruption issued in 2016  Promoting ethical business culture  System approach, not forensic approach
3 Why get certified? Benefits to your organization  Helps fight bribery  Promotes ethical business culture  Improves performance of affected processes  Proves employees’ commitment to anti-bribery best practices  Monitors and manages risk throughout your business  Demonstrates that your organization implements, maintains and improves its anti-bribery compliance program  Protects the company, assets, shareholders and directors from bribery
4 Why get certified? Benefits to your organization  Gains the confidence of regulators  Helps to recognize and manage risks  Helps optimizing efficiency and costs  Contributes to defense for regulatory scrutiny  Provides opportunities for business growth  Your business partners can benefit as well  Helps in obtaining public sector contracts
5 Certification Process First Year Pre-Audit (gap analysis - optional) Audit Plan Audit Stage 1 Audit Stage 2 Initial Certification
6 Certification Process Following Two Years Audit Plan Surveillance Audit
7 To have in mind when considering certification: Initial Considerations  Best preparation: existing ISO 19600 certification  Full support of management  Knowledge of the ISO 37001 Standard
8 Structure of the Standard PDCA-Cycle 8. Operation9. Performance evaluation 10. Improvement 4. Context of the Organization 5. Leadership 6. Planning 7. Support
9 Plan 4. Context of the Organization 4.1 Understanding the organization and its context 4.2 Understanding the needs and expectations of stakeholders 4.3 Determining the scope of the anti-bribery management system 4.4 Anti-bribery management system (purpose) 4.5 Bribery risk assessment
10 Plan 5. Leadership 5.1 Leadership and commitment (tone on the top) 5.2 Anti-bribery policy (structure, responsibilities, …) 5.3 Organizational roles, responsibilities and authorities
11 Plan 6. Planning 6.1 Actions to address bribery risks and opportunities (how are risks identified and managed – roles and responsibilities) 6.2 Anti-bribery objectives and planning to achieve them
12 PLAN 7. Support 7.1 Resources (infrastructure, deployment and monitoring of resources) 7.2 Competence (training is appropriately calibrated and managed in set intervals) 7.3 Awareness and training (of the compliance policy, its objectives, everyone’s role, culture of the organization) 7.4 Communication (internal and external) 7.5 Documented information (accurate, valid, reliable, appropriately controlled)
13 Do 8. Operation 8.1 Operational planning and control (objectives and criteria defined, effective controls in place, requirements documented, plans and their implementation) 8.2 Due diligence (assessment of bribery risk in relation to specific transactions, projects, activities etc.) 8.3 Financial controls (e.g. budget restrains)
14 Do 8. Operation 8.4 Non-financial controls (management of sensitive areas like procurement, operations, sales, commercials, legal activities etc.) 8.5 Implementation of anti-bribery controls by controlled organizations and by business associates 8.6 Anti-bribery commitments (of business associates –termination clauses in case of violations)
15 Do 8. Operation 8.7 Gifts, hospitality, donations and similar benefits 8.8 Managing inadequacy of anti-bribery controls (define when you refuse deals or activities because you cannot manage the bribery risk) 8.9 Raising concerns (whistleblowing procedures) 8.10 Investigating and dealing with bribery
16 Check 9. Performance Evaluation 9.1 Monitoring, measurement, analysis and evaluation 9.2 Review by anti-bribery compliance function 9.3 Internal audit 9.4 Top management review 9.5 Governing body review
17 Act 10. Improvement 10.1 Nonconformity and corrective action 10.2 Continual improvement (including challenges of a difficult regulatory climate)
18 Documents Useful documents (examples) • Code of Ethics, Code of Conduct • Compliance manager or function (appointment, job description) • Anti-bribery training (records, participant lists) • Risk assessments and due diligence on projects and business associates • Operational risk matrix • Control documentation: financial, procurement, commercial and contractual • Reporting, monitoring, investigation, review records • Corrective action and continual improvement
19 Questions

Recommended

How to Fulfil Requirements of ISO 37001:2016 Documentation?
How to Fulfil Requirements of ISO 37001:2016 Documentation?How to Fulfil Requirements of ISO 37001:2016 Documentation?
How to Fulfil Requirements of ISO 37001:2016 Documentation?Global Manager Group
 
Anti-Bribery Management Systems: The Impact of Organizational Culture and its...
Anti-Bribery Management Systems: The Impact of Organizational Culture and its...Anti-Bribery Management Systems: The Impact of Organizational Culture and its...
Anti-Bribery Management Systems: The Impact of Organizational Culture and its...PECB
 
ISO 37001 Anti-Bribery Management System
ISO 37001 Anti-Bribery Management SystemISO 37001 Anti-Bribery Management System
ISO 37001 Anti-Bribery Management SystemThe Business Council of Mongolia
 
Anti bribery management system iso 37001 fauziah sulaiman lpktn 20022020 (1)
Anti bribery management system iso 37001 fauziah sulaiman lpktn 20022020 (1)Anti bribery management system iso 37001 fauziah sulaiman lpktn 20022020 (1)
Anti bribery management system iso 37001 fauziah sulaiman lpktn 20022020 (1)italpktn
 
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...Instansi
 
Iso 37000
Iso 37000Iso 37000
Iso 37000Mayada EL Moaaz
 
ISO 27001_2022 Standard_Presentation.pdf
ISO 27001_2022 Standard_Presentation.pdfISO 27001_2022 Standard_Presentation.pdf
ISO 27001_2022 Standard_Presentation.pdfSerkanRafetHalil1
 
New ISO 37301:2021
New ISO 37301:2021New ISO 37301:2021
New ISO 37301:2021Hernan Huwyler, MBA CPA
 

Recommended

How to Fulfil Requirements of ISO 37001:2016 Documentation?
How to Fulfil Requirements of ISO 37001:2016 Documentation?How to Fulfil Requirements of ISO 37001:2016 Documentation?
How to Fulfil Requirements of ISO 37001:2016 Documentation?Global Manager Group
 
Anti-Bribery Management Systems: The Impact of Organizational Culture and its...
Anti-Bribery Management Systems: The Impact of Organizational Culture and its...Anti-Bribery Management Systems: The Impact of Organizational Culture and its...
Anti-Bribery Management Systems: The Impact of Organizational Culture and its...PECB
 
ISO 37001 Anti-Bribery Management System
ISO 37001 Anti-Bribery Management SystemISO 37001 Anti-Bribery Management System
ISO 37001 Anti-Bribery Management SystemThe Business Council of Mongolia
 
Anti bribery management system iso 37001 fauziah sulaiman lpktn 20022020 (1)
Anti bribery management system iso 37001 fauziah sulaiman lpktn 20022020 (1)Anti bribery management system iso 37001 fauziah sulaiman lpktn 20022020 (1)
Anti bribery management system iso 37001 fauziah sulaiman lpktn 20022020 (1)italpktn
 
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...Instansi
 
Iso 37000
Iso 37000Iso 37000
Iso 37000Mayada EL Moaaz
 
ISO 27001_2022 Standard_Presentation.pdf
ISO 27001_2022 Standard_Presentation.pdfISO 27001_2022 Standard_Presentation.pdf
ISO 27001_2022 Standard_Presentation.pdfSerkanRafetHalil1
 
New ISO 37301:2021
New ISO 37301:2021New ISO 37301:2021
New ISO 37301:2021Hernan Huwyler, MBA CPA
 
ISO 37301 Compliance Management Systems
ISO 37301 Compliance Management SystemsISO 37301 Compliance Management Systems
ISO 37301 Compliance Management SystemsNimonik
 
GIACC Italy - ISO 37001
GIACC Italy - ISO 37001GIACC Italy - ISO 37001
GIACC Italy - ISO 37001Ciro Strazzeri
 
Investigating and dealing with bribery
Investigating and dealing with briberyInvestigating and dealing with bribery
Investigating and dealing with briberyPECB
 
Demo of ISO 37001:2016 documentation kit
Demo of ISO 37001:2016 documentation kitDemo of ISO 37001:2016 documentation kit
Demo of ISO 37001:2016 documentation kitGlobal Manager Group
 
ISO 14001 Leadership & Planning Elements
ISO 14001 Leadership & Planning ElementsISO 14001 Leadership & Planning Elements
ISO 14001 Leadership & Planning ElementsTeam Web Africa
 
What is ISO20000
What is ISO20000What is ISO20000
What is ISO20000Ben Kalland
 
ISO 37001 Implementation - The Key to Protecting Your Company’s Reputation
ISO 37001 Implementation - The Key to Protecting Your Company’s ReputationISO 37001 Implementation - The Key to Protecting Your Company’s Reputation
ISO 37001 Implementation - The Key to Protecting Your Company’s ReputationPECB
 
2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdfControlCase
 
ISO_37001_the_approach__1642776859.pdf
ISO_37001_the_approach__1642776859.pdfISO_37001_the_approach__1642776859.pdf
ISO_37001_the_approach__1642776859.pdfAbd Razak Misban
 
AWARENESS ISO 37001-2016
AWARENESS ISO 37001-2016 AWARENESS ISO 37001-2016
AWARENESS ISO 37001-2016 WQA APAC
 
Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018Goutama Bachtiar
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?PECB
 
Auditing Anti-Bribery
Auditing Anti-BriberyAuditing Anti-Bribery
Auditing Anti-BriberyPECB
 
ISO 14001 Managers Training
ISO 14001 Managers TrainingISO 14001 Managers Training
ISO 14001 Managers TrainingJames Charles
 
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?PECB
 
Infosec Audit Lecture_4
Infosec Audit Lecture_4Infosec Audit Lecture_4
Infosec Audit Lecture_4Obrina Candra, CISA, ISMS-LA
 
ISO 22301:2019 BCMS Awareness
ISO 22301:2019 BCMS AwarenessISO 22301:2019 BCMS Awareness
ISO 22301:2019 BCMS AwarenessAli Fuad R
 
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardQuick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardPECB
 
ISO 14001:2015/2004 GAP analysis tool
ISO 14001:2015/2004 GAP analysis toolISO 14001:2015/2004 GAP analysis tool
ISO 14001:2015/2004 GAP analysis toolTim Matthews
 
La nuova norma UNI ISO 45001:2018
La nuova norma UNI ISO 45001:2018La nuova norma UNI ISO 45001:2018
La nuova norma UNI ISO 45001:2018Geosolution Srl
 
Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk ConsultingPrashant Jain
 
2016 - IQPC - Understanding and Assessing Corruption Risk
2016 - IQPC - Understanding and Assessing Corruption Risk2016 - IQPC - Understanding and Assessing Corruption Risk
2016 - IQPC - Understanding and Assessing Corruption RiskDr Darren O'Connell AGIA
 

More Related Content

What's hot

ISO 37301 Compliance Management Systems
ISO 37301 Compliance Management SystemsISO 37301 Compliance Management Systems
ISO 37301 Compliance Management SystemsNimonik
 
GIACC Italy - ISO 37001
GIACC Italy - ISO 37001GIACC Italy - ISO 37001
GIACC Italy - ISO 37001Ciro Strazzeri
 
Investigating and dealing with bribery
Investigating and dealing with briberyInvestigating and dealing with bribery
Investigating and dealing with briberyPECB
 
Demo of ISO 37001:2016 documentation kit
Demo of ISO 37001:2016 documentation kitDemo of ISO 37001:2016 documentation kit
Demo of ISO 37001:2016 documentation kitGlobal Manager Group
 
ISO 14001 Leadership & Planning Elements
ISO 14001 Leadership & Planning ElementsISO 14001 Leadership & Planning Elements
ISO 14001 Leadership & Planning ElementsTeam Web Africa
 
What is ISO20000
What is ISO20000What is ISO20000
What is ISO20000Ben Kalland
 
ISO 37001 Implementation - The Key to Protecting Your Company’s Reputation
ISO 37001 Implementation - The Key to Protecting Your Company’s ReputationISO 37001 Implementation - The Key to Protecting Your Company’s Reputation
ISO 37001 Implementation - The Key to Protecting Your Company’s ReputationPECB
 
2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdfControlCase
 
ISO_37001_the_approach__1642776859.pdf
ISO_37001_the_approach__1642776859.pdfISO_37001_the_approach__1642776859.pdf
ISO_37001_the_approach__1642776859.pdfAbd Razak Misban
 
AWARENESS ISO 37001-2016
AWARENESS ISO 37001-2016 AWARENESS ISO 37001-2016
AWARENESS ISO 37001-2016 WQA APAC
 
Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018Goutama Bachtiar
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?PECB
 
Auditing Anti-Bribery
Auditing Anti-BriberyAuditing Anti-Bribery
Auditing Anti-BriberyPECB
 
ISO 14001 Managers Training
ISO 14001 Managers TrainingISO 14001 Managers Training
ISO 14001 Managers TrainingJames Charles
 
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?PECB
 
ISO 22301:2019 BCMS Awareness
ISO 22301:2019 BCMS AwarenessISO 22301:2019 BCMS Awareness
ISO 22301:2019 BCMS AwarenessAli Fuad R
 
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardQuick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardPECB
 
ISO 14001:2015/2004 GAP analysis tool
ISO 14001:2015/2004 GAP analysis toolISO 14001:2015/2004 GAP analysis tool
ISO 14001:2015/2004 GAP analysis toolTim Matthews
 
La nuova norma UNI ISO 45001:2018
La nuova norma UNI ISO 45001:2018La nuova norma UNI ISO 45001:2018
La nuova norma UNI ISO 45001:2018Geosolution Srl
 

What's hot (20)

ISO 37301 Compliance Management Systems
ISO 37301 Compliance Management SystemsISO 37301 Compliance Management Systems
ISO 37301 Compliance Management Systems
 
GIACC Italy - ISO 37001
GIACC Italy - ISO 37001GIACC Italy - ISO 37001
GIACC Italy - ISO 37001
 
Investigating and dealing with bribery
Investigating and dealing with briberyInvestigating and dealing with bribery
Investigating and dealing with bribery
 
Demo of ISO 37001:2016 documentation kit
Demo of ISO 37001:2016 documentation kitDemo of ISO 37001:2016 documentation kit
Demo of ISO 37001:2016 documentation kit
 
ISO 14001 Leadership & Planning Elements
ISO 14001 Leadership & Planning ElementsISO 14001 Leadership & Planning Elements
ISO 14001 Leadership & Planning Elements
 
What is ISO20000
What is ISO20000What is ISO20000
What is ISO20000
 
ISO 37001 Implementation - The Key to Protecting Your Company’s Reputation
ISO 37001 Implementation - The Key to Protecting Your Company’s ReputationISO 37001 Implementation - The Key to Protecting Your Company’s Reputation
ISO 37001 Implementation - The Key to Protecting Your Company’s Reputation
 
2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf
 
ISO_37001_the_approach__1642776859.pdf
ISO_37001_the_approach__1642776859.pdfISO_37001_the_approach__1642776859.pdf
ISO_37001_the_approach__1642776859.pdf
 
AWARENESS ISO 37001-2016
AWARENESS ISO 37001-2016 AWARENESS ISO 37001-2016
AWARENESS ISO 37001-2016
 
Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
 
Auditing Anti-Bribery
Auditing Anti-BriberyAuditing Anti-Bribery
Auditing Anti-Bribery
 
ISO 14001 Managers Training
ISO 14001 Managers TrainingISO 14001 Managers Training
ISO 14001 Managers Training
 
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
 
Infosec Audit Lecture_4
Infosec Audit Lecture_4Infosec Audit Lecture_4
Infosec Audit Lecture_4
 
ISO 22301:2019 BCMS Awareness
ISO 22301:2019 BCMS AwarenessISO 22301:2019 BCMS Awareness
ISO 22301:2019 BCMS Awareness
 
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardQuick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
 
ISO 14001:2015/2004 GAP analysis tool
ISO 14001:2015/2004 GAP analysis toolISO 14001:2015/2004 GAP analysis tool
ISO 14001:2015/2004 GAP analysis tool
 
La nuova norma UNI ISO 45001:2018
La nuova norma UNI ISO 45001:2018La nuova norma UNI ISO 45001:2018
La nuova norma UNI ISO 45001:2018
 

Similar to ISO 37001 – Preparing for Certification

Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk ConsultingPrashant Jain
 
2016 - IQPC - Understanding and Assessing Corruption Risk
2016 - IQPC - Understanding and Assessing Corruption Risk2016 - IQPC - Understanding and Assessing Corruption Risk
2016 - IQPC - Understanding and Assessing Corruption RiskDr Darren O'Connell AGIA
 
Implementing Internal Audit Governance
Implementing Internal Audit GovernanceImplementing Internal Audit Governance
Implementing Internal Audit GovernanceAswin Kumar
 
ISO 9000 & ISO 14000: pptx..............
ISO 9000 & ISO 14000: pptx..............ISO 9000 & ISO 14000: pptx..............
ISO 9000 & ISO 14000: pptx..............GayatriBahatkar1
 
IBM Maximo and ISO 55000
IBM Maximo and ISO 55000IBM Maximo and ISO 55000
IBM Maximo and ISO 55000Helen Fisher
 
Operational risk management (2)
Operational risk management (2)Operational risk management (2)
Operational risk management (2)Ujjwal 'Shanu'
 
#Contract Risk Audit# By SN panigrahi
#Contract Risk Audit# By SN panigrahi#Contract Risk Audit# By SN panigrahi
#Contract Risk Audit# By SN panigrahiSN Panigrahi, PMP
 
ISO 14001:2015 Awareness
ISO 14001:2015 AwarenessISO 14001:2015 Awareness
ISO 14001:2015 AwarenessRathin Biswas
 
ISO 37001 Certification Benefits Requirements and Key Elements.pdf
ISO 37001 Certification Benefits Requirements and Key Elements.pdfISO 37001 Certification Benefits Requirements and Key Elements.pdf
ISO 37001 Certification Benefits Requirements and Key Elements.pdfOFFICE
 
Audit _ Assurance - Internal Audit and Risk Advisory - SBC Credentials.pdf
Audit _ Assurance - Internal Audit and Risk Advisory - SBC Credentials.pdfAudit _ Assurance - Internal Audit and Risk Advisory - SBC Credentials.pdf
Audit _ Assurance - Internal Audit and Risk Advisory - SBC Credentials.pdfSteadfast Business Consulting
 
ISO9001 2015 Quality Manual template
ISO9001 2015 Quality Manual templateISO9001 2015 Quality Manual template
ISO9001 2015 Quality Manual templateRyan Chen
 
Bcu msc cg week 4 risk management
Bcu msc cg week 4 risk managementBcu msc cg week 4 risk management
Bcu msc cg week 4 risk managementStephen Ong
 
Audit methodology 2013
Audit methodology 2013Audit methodology 2013
Audit methodology 2013Nidhi Gupta
 
Audit methodology 2013
Audit methodology 2013Audit methodology 2013
Audit methodology 2013Nidhi Gupta
 
The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013
The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013
The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013Leonardo
 
Operational Risk: Solvency II and the external factors’ analysis
Operational Risk: Solvency II and the external factors’ analysisOperational Risk: Solvency II and the external factors’ analysis
Operational Risk: Solvency II and the external factors’ analysisIgnacio Reclusa
 
✅ WHY IS ISO 20000-1 CERTIFICATION A GOOD IDEA FOR YOUR ORGANIZATION GROWTH?
✅ WHY IS ISO 20000-1 CERTIFICATION A GOOD IDEA FOR YOUR ORGANIZATION GROWTH?✅ WHY IS ISO 20000-1 CERTIFICATION A GOOD IDEA FOR YOUR ORGANIZATION GROWTH?
✅ WHY IS ISO 20000-1 CERTIFICATION A GOOD IDEA FOR YOUR ORGANIZATION GROWTH?sistemaCertification
 

Similar to ISO 37001 – Preparing for Certification (20)

Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk Consulting
 
2016 - IQPC - Understanding and Assessing Corruption Risk
2016 - IQPC - Understanding and Assessing Corruption Risk2016 - IQPC - Understanding and Assessing Corruption Risk
2016 - IQPC - Understanding and Assessing Corruption Risk
 
Six sigma
Six sigmaSix sigma
Six sigma
 
Implementing Internal Audit Governance
Implementing Internal Audit GovernanceImplementing Internal Audit Governance
Implementing Internal Audit Governance
 
ISO 9000 & ISO 14000: pptx..............
ISO 9000 & ISO 14000: pptx..............ISO 9000 & ISO 14000: pptx..............
ISO 9000 & ISO 14000: pptx..............
 
IBM Maximo and ISO 55000
IBM Maximo and ISO 55000IBM Maximo and ISO 55000
IBM Maximo and ISO 55000
 
ISO 9000 & ISO 14000
ISO 9000 & ISO 14000ISO 9000 & ISO 14000
ISO 9000 & ISO 14000
 
Operational risk management (2)
Operational risk management (2)Operational risk management (2)
Operational risk management (2)
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9
 
#Contract Risk Audit# By SN panigrahi
#Contract Risk Audit# By SN panigrahi#Contract Risk Audit# By SN panigrahi
#Contract Risk Audit# By SN panigrahi
 
ISO 14001:2015 Awareness
ISO 14001:2015 AwarenessISO 14001:2015 Awareness
ISO 14001:2015 Awareness
 
ISO 37001 Certification Benefits Requirements and Key Elements.pdf
ISO 37001 Certification Benefits Requirements and Key Elements.pdfISO 37001 Certification Benefits Requirements and Key Elements.pdf
ISO 37001 Certification Benefits Requirements and Key Elements.pdf
 
Audit _ Assurance - Internal Audit and Risk Advisory - SBC Credentials.pdf
Audit _ Assurance - Internal Audit and Risk Advisory - SBC Credentials.pdfAudit _ Assurance - Internal Audit and Risk Advisory - SBC Credentials.pdf
Audit _ Assurance - Internal Audit and Risk Advisory - SBC Credentials.pdf
 
ISO9001 2015 Quality Manual template
ISO9001 2015 Quality Manual templateISO9001 2015 Quality Manual template
ISO9001 2015 Quality Manual template
 
Bcu msc cg week 4 risk management
Bcu msc cg week 4 risk managementBcu msc cg week 4 risk management
Bcu msc cg week 4 risk management
 
Audit methodology 2013
Audit methodology 2013Audit methodology 2013
Audit methodology 2013
 
Audit methodology 2013
Audit methodology 2013Audit methodology 2013
Audit methodology 2013
 
The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013
The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013
The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013
 
Operational Risk: Solvency II and the external factors’ analysis
Operational Risk: Solvency II and the external factors’ analysisOperational Risk: Solvency II and the external factors’ analysis
Operational Risk: Solvency II and the external factors’ analysis
 
✅ WHY IS ISO 20000-1 CERTIFICATION A GOOD IDEA FOR YOUR ORGANIZATION GROWTH?
✅ WHY IS ISO 20000-1 CERTIFICATION A GOOD IDEA FOR YOUR ORGANIZATION GROWTH?✅ WHY IS ISO 20000-1 CERTIFICATION A GOOD IDEA FOR YOUR ORGANIZATION GROWTH?
✅ WHY IS ISO 20000-1 CERTIFICATION A GOOD IDEA FOR YOUR ORGANIZATION GROWTH?
 

More from PECB

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityDORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityPECB
 
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernanceSecuring the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernancePECB
 
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...PECB
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...PECB
 
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyPECB
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...PECB
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationPECB
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsPECB
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?PECB
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...PECB
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...PECB
 
Student Information Session University KTMC
Student Information Session University KTMC Student Information Session University KTMC
Student Information Session University KTMC PECB
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...PECB
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...PECB
 
Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA PECB
 
IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?PECB
 
Information Session University Egybyte.pptx
Information Session University Egybyte.pptxInformation Session University Egybyte.pptx
Information Session University Egybyte.pptxPECB
 
Student Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxPECB
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023PECB
 

More from PECB (20)

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityDORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
 
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernanceSecuring the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
 
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
 
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
 
Student Information Session University KTMC
Student Information Session University KTMC Student Information Session University KTMC
Student Information Session University KTMC
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
 
Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA
 
IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?
 
Information Session University Egybyte.pptx
Information Session University Egybyte.pptxInformation Session University Egybyte.pptx
Information Session University Egybyte.pptx
 
Student Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptx
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
 

Recently uploaded

Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxUnboundStockton
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxAvyJaneVismanos
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptxENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptxAnaBeatriceAblay2
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 

Recently uploaded (20)

Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docx
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptx
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptxENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 

ISO 37001 – Preparing for Certification

  • 1. ISO 37001 – Preparing for Certification Karl Schlagenhaufen Associate Consultant at ENFINA Security
  • 2. 2 ISO 37001 Anti-bribery Management System  Bribery is one of the world’s most challenging issues  Over US$ 1 trillion paid in bribes each year (OECD)  Consequences: reducing quality of life, increasing poverty, eroding public trust  Despite efforts on national and international levels, bribery, remains a significant issue  Comprehensive standard on management system against bribery and corruption issued in 2016  Promoting ethical business culture  System approach, not forensic approach
  • 3. 3 Why get certified? Benefits to your organization  Helps fight bribery  Promotes ethical business culture  Improves performance of affected processes  Proves employees’ commitment to anti-bribery best practices  Monitors and manages risk throughout your business  Demonstrates that your organization implements, maintains and improves its anti-bribery compliance program  Protects the company, assets, shareholders and directors from bribery
  • 4. 4 Why get certified? Benefits to your organization  Gains the confidence of regulators  Helps to recognize and manage risks  Helps optimizing efficiency and costs  Contributes to defense for regulatory scrutiny  Provides opportunities for business growth  Your business partners can benefit as well  Helps in obtaining public sector contracts
  • 5. 5 Certification Process First Year Pre-Audit (gap analysis - optional) Audit Plan Audit Stage 1 Audit Stage 2 Initial Certification
  • 6. 6 Certification Process Following Two Years Audit Plan Surveillance Audit
  • 7. 7 To have in mind when considering certification: Initial Considerations  Best preparation: existing ISO 19600 certification  Full support of management  Knowledge of the ISO 37001 Standard
  • 8. 8 Structure of the Standard PDCA-Cycle 8. Operation9. Performance evaluation 10. Improvement 4. Context of the Organization 5. Leadership 6. Planning 7. Support
  • 9. 9 Plan 4. Context of the Organization 4.1 Understanding the organization and its context 4.2 Understanding the needs and expectations of stakeholders 4.3 Determining the scope of the anti-bribery management system 4.4 Anti-bribery management system (purpose) 4.5 Bribery risk assessment
  • 10. 10 Plan 5. Leadership 5.1 Leadership and commitment (tone on the top) 5.2 Anti-bribery policy (structure, responsibilities, …) 5.3 Organizational roles, responsibilities and authorities
  • 11. 11 Plan 6. Planning 6.1 Actions to address bribery risks and opportunities (how are risks identified and managed – roles and responsibilities) 6.2 Anti-bribery objectives and planning to achieve them
  • 12. 12 PLAN 7. Support 7.1 Resources (infrastructure, deployment and monitoring of resources) 7.2 Competence (training is appropriately calibrated and managed in set intervals) 7.3 Awareness and training (of the compliance policy, its objectives, everyone’s role, culture of the organization) 7.4 Communication (internal and external) 7.5 Documented information (accurate, valid, reliable, appropriately controlled)
  • 13. 13 Do 8. Operation 8.1 Operational planning and control (objectives and criteria defined, effective controls in place, requirements documented, plans and their implementation) 8.2 Due diligence (assessment of bribery risk in relation to specific transactions, projects, activities etc.) 8.3 Financial controls (e.g. budget restrains)
  • 14. 14 Do 8. Operation 8.4 Non-financial controls (management of sensitive areas like procurement, operations, sales, commercials, legal activities etc.) 8.5 Implementation of anti-bribery controls by controlled organizations and by business associates 8.6 Anti-bribery commitments (of business associates –termination clauses in case of violations)
  • 15. 15 Do 8. Operation 8.7 Gifts, hospitality, donations and similar benefits 8.8 Managing inadequacy of anti-bribery controls (define when you refuse deals or activities because you cannot manage the bribery risk) 8.9 Raising concerns (whistleblowing procedures) 8.10 Investigating and dealing with bribery
  • 16. 16 Check 9. Performance Evaluation 9.1 Monitoring, measurement, analysis and evaluation 9.2 Review by anti-bribery compliance function 9.3 Internal audit 9.4 Top management review 9.5 Governing body review
  • 17. 17 Act 10. Improvement 10.1 Nonconformity and corrective action 10.2 Continual improvement (including challenges of a difficult regulatory climate)
  • 18. 18 Documents Useful documents (examples) • Code of Ethics, Code of Conduct • Compliance manager or function (appointment, job description) • Anti-bribery training (records, participant lists) • Risk assessments and due diligence on projects and business associates • Operational risk matrix • Control documentation: financial, procurement, commercial and contractual • Reporting, monitoring, investigation, review records • Corrective action and continual improvement