Module 10:  The benefits and requirements of ISO 37001

Miscellaneous points (1)

Will the organisation have to implement a totally new stand-alone management system to control bribery risk?

No.  The measures required by ISO 37001 are designed to be integrated into the organisation’s existing management structure and controls.  Many of the required measures will be those which the organisation has already implemented.  Where a new or enhanced measure is required, this can be integrated into the organisation’s existing structure and systems.

Will ISO 37001 impose an unnecessarily heavy bureaucracy on an organisation?

ISO 37001 should not impose an unnecessarily heavy bureaucracy on an organisation.  The standard specifically states that the required anti-bribery policies and procedures should be implemented in a manner which is reasonable and proportionate to a number of relevant factors, such as the size and structure of the organisation, the locations and sectors in which the organisation operates, the nature, scale and complexity of the organisation’s activities, and the bribery risks which the organisation faces.

Does ISO 37001 address all types of corruption?

No.  ISO 37001 only addresses bribery, and does not address fraud, cartels, money-laundering or other criminal activities (although an organisation may choose to extend the scope of its compliance management system to include such activities).

                            20 of 22

January 2025
© GIACC