8 technical questions about ISO 37001 Audit — Anti-bribery Management System. Timelines, methodology, deliverables and assessment criteria.
ISO 37001 is the international standard for anti-bribery management systems. It establishes requirements for preventing, detecting, and responding to bribery across all organizational activities and its value chain.
Public and private organizations operating in high bribery-risk sectors, companies with cross-border operations, government suppliers, and entities subject to anti-corruption legislation such as the FCPA or UK Bribery Act.
Between 5 and 20 business days, depending on the organizational structure, geographic presence, and complexity of relationships with third parties and public officials.
Anti-bribery due diligence, financial and non-financial controls, whistleblowing channels, staff training, and anti-corruption program effectiveness are evaluated per ISO 19011 guidelines.
Bribery risk assessment report, anti-bribery controls matrix, third-party due diligence review, and recommendations for strengthening the integrity program.
ISO 37001 complements ISO 37301 (compliance) to form a comprehensive integrity framework. It also articulates with ISO 31000 for managing corruption risks within the general risk framework.
Frequent findings include insufficient due diligence on intermediaries, absence of bribery risk assessment by country or sector, whistleblowing channels without anonymity guarantees, and training limited to management levels.
Document the anti-bribery policy, conduct a preliminary bribery risk assessment, review existing financial controls, and verify the existence of an operational whistleblowing channel.
Schedule a session to resolve technical questions about this service.
Request diagnosis