ISO INTERNATIONAL STANDARD 37001 First edition 2016-10-15 Anti-bribery management systems Requirements with guidance for use Systemes de management anti-corruption - Exigences et recommandations de mise en oeuvre Reference number IS0 37001:2016(E) ISO @ ISO 2016 IS0 37001:2016(E) COPYRIGHT PROTECTED DOCUMENT @ IS0 2016, Published in Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISO's member body in the country of the requester. ISO copyright office Ch. de Blandonnet 8 . CP 401 CH-1214 Vernier, Geneva, Switzerland Tel. +41 22 749 01 11 Fax +4122 749 09 47 copyright@iso.org www.iso.org Copyright ihtermational Organization for Standardization @ IS0 2016 - All rights reserved IS0 37001:2016(E) Contents Page Foreword .. Introduction.. ..vi 1 Scope. ..1 2 Normative references ..1 3 Terms and definitions ..1 4 Context of the organization .6 4.1 Understanding the organization and its context 4.2 Understanding the needs and expectations of stakeholders .6 4.3 Determining the scope of the anti-bribery management system 4.4 Anti-bribery management system 7 4.5 Bribery risk assessment. 7 5 Leadership ..8 5.1 Leadership and commitment .8 5.1.1 Governing body. ..8 5.1.2 Top management .8 5.2 Anti-bribery policy .9 5.3 Organizational roles, responsibilities and authorities. .9 5.3.1 Roles and responsibilities .9 5.3.2 Anti-bribery compliance function. ..10 5.3.3 Delegated decision-making .10 6 Planning. ..10 6.1 Actions to address risks and opportunities ..10 6.2 Anti-bribery objectives and planning to achieve them .11 7 Support. ..11 7.1 Resources. ..11 7.2 Competence ..12 7.2.1 General. ..12 7.2.2 Employment process. ..12 7.3 Awareness and training. ..13 7.4 Communication ..13 7.5 Documented information. .14 7.5.1 General. ..14 7.5.2 Creating and updating. .14 7.5.3 Control of documented information 8 Operation ..15 8.1 Operational planning and control ..15 8.2 Due diligence ..15 8.3 Financial controls .16 8.4 Non-financial controls .16 8.5 Implementation of anti-bribery controls by controlled organizations and by business associates. ..16 8.6 Anti-bribery commitments.. .17. 8.7 Gifts, hospitality, donations and similar benefits ..17 8.8 Managing inadequacy of anti-bribery controls. .17 8.9 Raising concerns .17 8.10 Investigating and dealing with bribery. ..18. 9 Performance evaluation ..18 9.1 Monitoring, measurement, analysis and evaluation .18 9.2 Internal audit 9.3 Management review. .20 9.3.1 Top management review 20 CopyrihtIntermational OrgzISMiSaharaizAlh rights reserved iii