ISO 37001

From Wikipedia, the free encyclopedia
Jump to: navigation, search

ISO 37001 Anti-bribery management systems -- Requirements with guidance for use[1] identifies a management standard to help organizations in the fight against corruption, by establishing a culture of integrity, transparency and compliance. The anti-bribery management system can be a stand-alone system or integrated into an already implemented management system such as the Quality Management System ISO 9001. The organization can choose to implement the anti-bribery management system in conjunction with or as part of other systems, such as those relating to quality, environment and safety.

Background[edit]

The standard was developed by ISO technical committee ISO/TC 309, chaired by lawyer Neill Stansbury, and published for the first time on October 15, 2016. The standard was based upon existing guidance from the International Chamber of Commerce, Organization for Economic Co-operation and Development, Transparency International, and other organizations.[2] The standard also incorporated guidance issued by leading international regulators such as the US Department of Justice, US Securities and Exchange Commission, and UK Ministry of Justice.[3]

The standard was adopted by the governments of Singapore and Peru for their anti-bribery management systems, and formed the basis for the "Shenzhen Standard," an official anti-bribery standard published by the city of Shenzhen, China in June 2017.[3] Microsoft and Walmart have also announced intentions to obtain ISO 37001 certification.[4]

Law professor Mike Koehler described the standard's release as a "complete yawner" and "little more than an effort by an organization trying to sell and market a product," as the standard did not expand upon existing best practices and was not a comprehensive set of best practices in its own right.[5]

Main requirements of the standard[edit]

The ISO 37001:2016 adopts the "ISO High Level Structure (HSL)" in 10 chapters in the following breakdown:

  • 1 Purpose
  • 2 Reference standards
  • 3 Terms and definitions
  • 4 organization Context
  • 5 Leadership
  • 6 Planning
  • 7 Support
  • 8 Operating Activities
  • 9 Performance Evaluation
  • 10 Improvement

The standard only addresses management systems and is not a comprehensive anti-fraud or anti-corruption standard. It also contains a great deal of subjectivity as many requirements are qualified by terms such as "appropriate" and "reasonable." Therefore, the actual meaning and relevance of ISO 37001 certification is dependent largely upon the thoroughness of the certifying body.[6]

See also[edit]

References[edit]

External links[edit]