The anti-bribery management system shall contain measures designed to identify and evaluate the risk of, and to prevent, detect and respond to, bribery.
offering, promising, giving, accepting or soliciting of an undue advantage of any value (which could be financial or non-financial), directly or indirectly, and irrespective of location(s), in violation of applicable law, as an inducement or reward for a person acting or refraining from acting in relation to the performance (3.16) of that person’s duties
set of interrelated or interacting activities which transforms inputs into outputs
ISO 37001:2016(E) help organizations achieve Avoidance or mitigation of costs, risks, and damage of involvement in bribery
What does the organization need to evaluate when a nonconformity occurs?
Periodic reviews of the anti-bribery management system should be undertaken by the governing body, based on information provided by top management, the anti-bribery compliance function, and any other requested or obtained information.
person or group of people that has its own functions with responsibilities, authorities and relationships to achieve its objectives
ability to apply knowledge and skills to achieve intended results
intentions and direction of an organization (3.2), as formally expressed by its top management (3.6) or its governing body
When understanding the needs and expectations of stakeholders the organization shall determine:
The organization shall retain documented information as evidence of the nature of the nonconformities and any subsequent actions taken
Governing body shall review the organization’s anti-bribery management system, at planned intervals, to ensure its continuing suitability, adequacy and effectiveness.
Top management shall review the organization’s anti-bribery management system, at planned intervals, to ensure its continuing suitability, adequacy and effectiveness.
set of interrelated or interacting elements of an organization (3.2) to establish policies (3.10) and objectives (3.11) and processes (3.15) to achieve those objectives
The anti-bribery policy is A component of an overall compliance policy.
The organization shall determine external and internal issues that are relevant to its purpose and that affect its ability to achieve the objectives of its anti-bribery management system. These issues will include, without limitation, the following factors:
What should the organization do to conduct internal audits?
The organization shall implement procedures that are designed to prevent the offering, provision or acceptance of gifts, hospitality, donations and similar benefits where the offering, provision or acceptance is, or could reasonably be perceived as, bribery
The organization shall implement non-financial controls that manage bribery risk with respect to such areas as procurement, operational, sales, commercial, human resources, legal and regulatory activities
extent to which planned activities are realized and planned results achieved
person or group of people who directs and controls an organization (3.2) at the highest level
