Module 10:  The benefits and requirements of ISO 37001

Requirements: (5) Resources; (6) Controls over decisions

(5)  Resources

Ensure that resources (personnel, equipment and financial) are made available as necessary for the effective implementation of the ABMS.

The ABMS will not work effectively unless it is properly resourced.

(6)  Controls over decisions

Ensure that controls are in place over the making of decisions in relation to more than low bribery risk transactions. 

This involves:

  • determining which types of transaction carry more than a low bribery risk for the organisation. This will be determined as part of the organisation’s risk assessment process (see requirement 11), which should allocate types of transaction into bribery risk bands (e.g. low, medium and high)
  • ensuring that transactions which are determined to be medium or high bribery risk are approved in advance by managers of sufficient seniority and sufficient number to allow proper consideration and approval, and the application of appropriate risk reduction measures
  • ensuring that the decision makers involved in these transactions have no actual or potential conflicts of interest in relation to that transaction (see requirement 8).

                            9 of 22

January 2025
© GIACC