As with any system standard, ISO 37001 certification is awarded following a successful audit, showing compliance with the standard’s requirements. The audits are carried out on a sample basis and include the analysis of documents and interviews. In addition to issuing the certificate, the aim of the service is to identify possible areas of improvement that the organisation can pursue. The certificate is valid for three years and is subject to annual maintenance audits.
If the organisation implements a certified ISO 9001 management system, it is advisable to integrate the two systems (ISO 9001 and ISO 37001) and conduct joint certification audits to optimise time and resource.
Contact us for support, information or a quote request. We will contact you back as soon as possible.
Recent years have seen a change in policy/legislation regarding anti-corruption guidelines. The instruments introduced with Italian Law 190/2012 (Three-Year Corruption Prevention Plan) and Italian Legislative Decree 33/2013 (Transparency) reflect a different approach that recognises that it is more effective to prevent corruption than to repress it. This approach requires the same bodies and companies (in the public sector) to plan and prepare adequate measures to control and prevent the risks of corruption. At the same time, the dissemination and recognition of organisational models (in accordance with Italian Legislative Decree 231/2001) that comply with the OHSAS 18001 standard for health and safety and the ISO 14001 standard for the environment have confirmed that the standards of voluntary systems are a valid and effective criterion for auditing the prevention system of companies. Finally, the recent reform of the Public Procurement Code, which emphasises voluntary certification, should be seen as evidence of the criterion required by the contracting authority.
Service final users
The ISO 37001 standard:
- Applies to all organisations, both public and private
- Fully integrates with the latest edition of ISO 9001:2015
It allows better control of the risks of corruption (active and passive) arising from the organisation’s activities, ensuring the effectiveness and improvement of the anti-corruption system and the measures that form part of it (Anti-Corruption Plans pursuant to Italian Law 190/2012;
It facilitates dissemination, sharing and integration of anti-corruption systems into the organisation’s processes.
It improves reporting and communication of information about the organisation’s commitment to fighting corruption to all stakeholders (citizens, users, customers, employees, partners and shareholders, suppliers, institutions, public authorities, competitors...) in a manner consistent with the principles of social responsibility.
It is necessary for the organisation to have defined its ISO 37001 management system at a documentary level and to have reached a sufficient and necessary level of implementation to face the certification audit, which is divided into two phases.
In the first phase, the audit team appointed by the certification body audits the available documentation and the requirements for the surveillance and review of the system, andassesses whether the state of implementation of the anti-corruption management system allows it to proceed to the second phase, which is a more operational audit of the organisation’s activities.
In the second phase, in addition to verifying the resolution of any previously identified deficiencies, the operational management and control of corruption risks, monitoring and surveillance of the system and compliance with the requirements of ISO 37001 will be further explored through interviews and site visits to the organisation’s headquarters and offices. If the second phase audits are successful, the body will issue the ISO 37001 certificate.