About ISO 37002 Assurance
Display the merits of your whistleblower program
ISO 37002 provides a global set of guidelines against which companies can implement and measure their whistleblower system (the ISO 37002 Whistleblower Guidelines).
Who can use ISO 37002 to build their whistleblower system?
Private organisations: the company at large, a business unit or a subsidiary
Public organisations: administrations, services, political parties
Not-for-profit organisations: NGOs, charities, foundations, associations
Why choose these guidelines as a framework for your whistleblower system?
Using a recognised set of guidelines like ISO 37002 demonstrates your organisation's commitment to managing your whistleblower program in a profession al way that meets or exceeds all legal and regulatory requirements. The Whistleblower Guidelines provide you with the framework that you can apply to make things quicker, more efficient and aligned to International best practices. Building your whistleblower system according to ISO 37002 helps:
- Build trust with stakeholders by following a recognised framework
- Establish credibility in the market by being seen to invest in managing whistleblowers effectively and without retaliation
- Gain a competitive advantage across your competitors by having a more compliant company and one that is seen to take whistleblowing and non-retaliation seriously
- Reduce the risk of failures of systems
Can we get certified if we use ISO 37002 to build our system?
There is no ISO certification available for ISO 37002 as it is not a certifiable Standard issued by ISO. It is only a set of guidelines and guidance on best practices. We offer an ETHIC Intelligence Assurance service instead of a 'certification' under the ISO standards.
ETHIC Intelligence has developed a host of solutions to help companies with the review, audit and assurance of their whistleblower programs. We don't help companies build their programs, but we help on the checking, auditing and a program assurance to make sure what you have built conforms to the guidelines. We also provide companies with training on understanding the guidelines and how to implement them.
The ideal solution for most companies is to get some initial training from ETHIC Intelligence and then go about building your whistleblower system according to the ISO 37002 whistleblower guidelines. Then, when your company is ready, have ETHIC Intelligence conduct a gap analysis to gauge your preparedness for the Assurance process and allow you to correct any systematic problems that might be present before you go forward to start the Assurance process.
What does the Assurance process actually cover?
- Assesses an organisation’s total whistleblower program: how it is designed, implemented, controlled and improved
- It does not review or have access to the content of any investigations, complaints or reports made through the system itself
- System design and implementation is audited:
- at the headquarters
- in a sample of locations where the operations are conducted
Is there a report and what does it cover?
- A detailed report of the organisation’s whistleblower program is issued as it applies to the ISO 37002 Whistleblower Guidelines
- A list of findings identifying non-conformities, opportunities for improvement, best practices, and observations.
Do we get a certificate detailing our Assurance?
- Yes. The Assurance Committee verifies that Assurance requirements are fulfilled and awards the assurance certificate for 3 years with annual surveillance audits.