ISO 37001 is a standard for anti-bribery management systems. To obtain ISO 37001 certification in Hyderabad, you will need to prepare and maintain various documents and records to demonstrate your organization's commitment to preventing bribery. Here are some of the key documents and requirements:
Anti-Bribery Policy: This is a fundamental document that outlines your organization's commitment to preventing bribery and complying with the ISO 37001 standard. It should be communicated to all employees and stakeholders.
Anti-Bribery Risk Assessment: Document the process for identifying, assessing, and prioritizing bribery risks specific to your organization. This helps in implementing appropriate anti-bribery controls.
Anti-Bribery Objectives and Action Plans: Define specific anti-bribery objectives, action plans, and programs aimed at reducing bribery risks and improving compliance.
Code of Conduct and Ethics: Ensure that your organization has a code of conduct and ethics that includes anti-bribery provisions. This document sets the tone for ethical behavior within the organization.
Anti-Bribery Controls and Procedures: Document the controls and procedures that are in place to prevent bribery. This includes due diligence procedures, financial controls, and processes for reporting and investigating bribery concerns. Know more about ISO 37001 certification in Hyderabad.
Training and Awareness Programs: Document the training and awareness programs provided to employees and relevant stakeholders to ensure they understand their roles and responsibilities in preventing bribery.
Communication Plans: Describe how your organization communicates its anti-bribery policies, expectations, and procedures to employees, suppliers, and other relevant parties.
Records of Training and Communication: Maintain records of who has received anti-bribery training and awareness materials and when.
Risk Assessment Reports: Document the results of your anti-bribery risk assessments, including identified risks, risk ratings, and risk mitigation strategies.
Due Diligence Records: Keep records of due diligence performed on employees, business partners, and third parties to ensure they do not pose a bribery risk.
Financial Records and Controls: Document financial controls and procedures in place to prevent bribery, such as approvals for expenses and financial transactions.
Whistleblowing Mechanism: Maintain records of whistleblower reports, investigations, and actions taken in response to reports of bribery or corrupt behavior.
Corrective Actions and Preventive Measures: Document corrective actions taken in response to identified non-conformities and preventive measures to avoid future issues.
Internal and External Audits: Keep records of internal audits and external assessments related to your anti-bribery management system.
Management Review Reports: Records of management review meetings and the outcomes, including decisions for improvements and actions to be taken.
Certification Audit Records: Records of the external certification audit performed by an accredited certification body.
Documentation Control: Establish and maintain a documented control system to manage all the above documents and ensure their version control, availability, and accessibility.
It's important to note that ISO 37001 certification requires a systematic and comprehensive approach to anti-bribery management. The certification body you choose will assess your documentation, processes, and the effectiveness of your anti-bribery management system to determine whether it meets the requirements of the ISO 37001 standard.