Steps in achieving ISO 37001 certification

Preparation for certification by the implementation of the ISO 37001 standard requirements

  • Perform a gap analysis to identify existing policies and procedures and assess them against the ISO 37001 Anti-Bribery Management Systems requirements as well as applicable laws and regulations;
  • Determine the certification scope, identify the relevant stakeholders and review their inputs
  • Establish appropriate anti-bribery policies and procedures within a formal documented management system
  • Assign a compliance officer to oversee the implementation of the standard
  • Identify and evaluate corruption risks
  • Communicate internally and externally the anti-bribery program to all interested parties
  • Determine the duties and responsibilities of all staff posing corruption threats
  • Ensure competent human resources by adequate training and awareness of personnel
  • Perform due diligence and implement appropriate anti-bribery control measures to  prevent the risk of bribery
  • Ensure that controlled organizations and business associates have also implemented appropriate anti-bribery controls
  • Monitor activities and outcomes to ensure that the organization does not engage in corrupt practices
  • Implement whistle-blowing procedures and other reporting tools
  • Perform investigations and determine appropriate corrective and preventive actions related to any actual or suspected bribery
  • Verify by internal audits that the organization complies with the provisions of the anti-bribery management system
  • Perform reviews of the management system to determine its effectiveness and establish decisions and actions to improve the processes and their results
  • Determine the organization’s readiness for initial certification

Performing the audits for the ISO 37001 initial certification

  • Submit your application to Anti-Bribery Synergy
  • Exchange information with the certification body to support the application review process
  • Identification of areas of concern and exchange of additional information, if needed
  • Engage in formal arrangements for certification by concluding the certification agreement
  • Planning and performing the first stage audit
  • Resolve first stage audit areas of concern
  • Planning and performing the second stage audit
  • Resolve second stage audit nonconformities by implementing adequate corrections and corrective actions and consider opportunities for improvement
  • Obtain the initial certification, the issued certificate, and related certification marks and ISO 37001 logos


%d bloggers like this: