The ISO 37001 standard details the requirements for an Anti-Bribery Management System and the aim of this standard is to help organisations review and identify activities where there may be a risk of bribery and to ensure there is a formal system in place to monitor and review these activities to ensure any risk is mitigated.

The current version of the standard, ISO 37001:2016, is structured following Annex SL and therefore the clauses are very similar to the structure of ISO 9001 and other Annex SL standards. The standard requires a clearly defined organisational structure with roles and responsibilities defined with the involvement and commitment from top management. Other requirements of this standard are that documented information is controlled, risks and opportunities are considered and that actions to address risks and opportunities are identified and managed.

Meeting the requirements of this standard

To meet the needs of this standard there must be an Anti-Bribery Management System (ABMS) in place that details arrangements for the identification and evaluation of bribery risks and then measures to detect bribery and also arrangements for response when bribery has been detected. An anti-bribery compliance function must also be setup, this can take the form of a 3rd party or fully independent function within the organisation with authority to oversee and ensure conformance to anti bribery controls in place within the organisation. The employment process within an organisation needs to ensure that meeting the requirements of this standard including ensuring that all employees have agreed to comply with anti-bribery policy as a condition of their employment. Where a risk of bribery has been identified a process of due diligence is required to assess the risk on an ongoing basis.

Meeting the requirements of this standard requires that a Bribery Risk Assessment is completed to ensure bribery risks are firstly identified and then rated in terms or likelihood and with consideration of existing controls to mitigate bribery risk.

There are quite specific documentation requirements for this standard including the Bribery Risk Assessment, and anti bribery policy and a documented Anti-Bribery Management System including procedures for managing gifts, hospitality and other benefits.

isoassured can assist with preparation of management systems to meet the requirements of this standard – check our ISO Consultancy page for details of how we can help with onsite consultancy, remote consultancy or by using our alphaZ documents package to meet the requirements of this standard.

ISO 37001 Certification process

We offer a simple, smart, certification process to provide independent confirmation that your organisation meets the requirements of the ISO 37001 standard and once an audit has been completed with a satisfactory outcome we issue an ISO37001 registration certificate and authorise the organisation to display our ‘ISO 37001 Registered’ logo. Audits are completed by a qualified auditor and can be completed remotely or by site visit depending on the circumstances.

Further details on our certification service are available on the ISO Certification page.