Module 10: The benefits and requirements of ISO 37001
The organisation should implement procedures which enable personnel, business associates, or members of the public to report suspected or actual bribery, or breach of the ABMS.
Anonymous and confidential reporting should be permitted.
The organisation should take all reasonable steps to protect the identity of the whistleblower.
Provided that the whistleblower is reporting in good faith, or based on a reasonable belief, retaliation against the whistleblower should be prohibited, and the organisation should take all reasonable steps to protect the whistleblower from retaliation.
In the event that any bribery, or any breach of the ABMS, is reported, detected or reasonably suspected, then the organisation should implement an investigation.
If the investigation establishes that any bribery or breach of the ABMS did occur, then the organisation should take effective action to deal with the situation. This could include, for example:
January 2025
© GIACC