Tagged: ISO 37001

Third Party Risk Management: Require ISO 37001 Certification from Your Third Parties

Lauren Connell, Managing Associate at The Volkov Law Group, rejoins us for a posting about ISO 37001 certification for your third parties.  Lauren can be reached at lconnell@volkovlaw.com. A lot of the focus on ISO 37001 so far has been on its value for companies considering certification as evidence of the quality of their own compliance program. With the SEC and DOJ both providing ample...

ISO 37001: Training, Employee Concerns, and Internal Investigations (Part V of V)

In my final posting on ISO 37001, I review requirements for training, raising concerns and internal investigations as part of a company’s anti-bribery risk management system. I could certainly write more on ISO 37001 because there are other issues that I have not addressed, including audits, assessments and reviews of the anti-bribery risk management system. In this posting, it is important to identify and tailor...

ISO 37001: Risk Assessments, Employees, and Due Diligence Requirements (Part IV of V)

In Part IV of my series on ISO 37001, I examine requirements relating to risk assessments, design of policies and procedures, and due diligence requirements. Section 4.5 sets out requirements for conducting risk assessments. ISO 37001 requires companies to conduct regular risk assessments in order to identify the bribery risks the company might reasonably anticipate; analyze, assess and prioritize the identified bribery risks; and evaluate...

ISO 37001: Board, Top Management and Anti-Bribery Compliance Responsibilities (Part III of V)

In Part III of my continuing series on ISO 37001, today I examine the board and top management’s respective responsibilities in the implementation and oversight of an anti-bribery management system. ISO 37001 defines a “governing body” to include a supervisory board or board committee as having the ultimate responsibility for company activities, governance and policies of its anti-bribery management system. “Top management” is responsible for...

ISO 37001: The Good, The Bad and the Ugly (Part II of V)

In Part II of my continuing series, I identify in broad strokes some of the more significant positive and negative aspects of ISO 37001. While it is easy to second-guess the ISO 37001 authors, there are some interesting issues that are addressed and some missed opportunities to advance ethics and compliance systems. On the positive side, ISO 37001 is keyed to a valuable concept of...

A Closer Look at ISO37001 – Something Old or Something New? (Part I of V)

The release of ISO 37001 has triggered an important discussion among legal and compliance professionals. In a five-part series, I plan to address the value of ISO 37001, provide a substantive analysis, and to evaluate the contribution ISO 37001 has made (or will make) in the compliance field. First, I recommend that everyone spend time studying ISO 37001. It is a mistake to write off...

Podcast Episode 6 — ISO 37001 — Anti-Bribery Risk Management System: Something Old or Something New?

Podcast Episode 6 examines ISO 37001 — Anti-Bribery Risk Management System.  Please sign up HERE for our free webinar on ISO 37001 scheduled for October 24, 2017 at 12 Noon EST. The ISO 37001anti-bribery risk management system was issued in 2016.  The standard provides additional guidance on anti-bribery risk management systems and creates a certification process for organizations. Even after one year, there are still...

Webinar: ISO 37001 — A Review of the Anti-Bribery Risk Management System

Webinar: ISO 37001 — A Review of the Anti-bribery Risk Management System October 24, 2017, 12 Noon EST SIGN UP HERE The new ISO 37001 anti-bribery risk management system was issued almost one year ago. The standard provides additional guidance on anti-bribery risk management systems and creates a certification process for organizations. Even after one year, there are still questions surrounding the value of ISO...