Organizations should include the following elements in their ISO 37001 compliance program:
1 . A code of conduct:
Organizations should develop a code of conduct that outlines their commitment to preventing bribery and corruption. The code should include details on the organization’s stance on bribery, its anti-bribery management system, and any applicable laws and regulations.
2 . Policies and procedures:
Organizations should develop policies and procedures that outline the steps they will take to prevent bribery and corruption. These policies and procedures should be regularly reviewed and updated.
3 . Risk assessment:
Organizations should conduct a risk assessment to identify bribery and corruption risks. This will help them determine the scope of their anti-bribery management system and develop controls to mitigate identified risks.
4 . Training and awareness:
Organizations should provide awareness and training to employees to ensure that they are aware of the organization’s anti-bribery policy and procedures.
5 . Monitoring and review:
Organizations should monitor and review their anti-bribery management system to ensure that it is effective and compliant with applicable laws and regulations.
6 . Third-party risk management:
Organizations should implement due diligence processes for suppliers and customers to ensure that they are not associated with bribery and corruption.
For further information and resources on this issue, feel free to contact us Veraiso (Veraiso.com) for consultation, training and development customized to your organization.