The Certification Process

The ISO 37001 Certification Process

The Certification Process is straightforward and designed to be efficient and reliable

Step 1: The Application Review

To ensure that organisations only engage in certification processes which have a reasonable chance of success, ETHIC Intelligence® carries out a remote preliminary analysis that defines an audit perimeter and/or selects an appropriate certification program based on the elements you have provided in your application. This review is designed to make sure that everything is in place to start the next step, and that you are not entering a certification process with no chance to succeed. Due to this step being done offline and remotely, it is quick and easy to implement.

ETHIC Intelligence® might also suggest that you complete a preliminary ETHIC Intelligence® Readiness Assessment® or a conduct an ETHIC Intelligence® Pre-Audit® to maximize your readiness for the full certification. While these steps may add time and cost to your certification process, they will add value to its effectiveness overall.

Step 2: The Kick-Off

We will hold a call at least three weeks prior to the on-site audit to go over the audit plan and to make sure that all of the general documented information is available for the Lead Auditor.

We will also make sure that all the staff identified for an interview are available, and that all audit logistics are locked down and agreed.

    Step 3: Document Review (Stage 1 audit)

    The formal audit process starts with a full review of all your documented procedures that form your anti-bribery management system. This review can either be done off-site or on-site, and will allow the auditor to confirm whether the level of implementation of your management system substantiates you being ready for the next stage of the certification process.

    Step 4: In-Site Audit (Stage 2)

    The audit starts with a certification opening meeting to validate the audit plan and sort out organisational issues. This is followed by on-site interviews, a document review, and a closing meeting where auditors summarize their findings and respond to queries. During the audit, the auditor will also constantly informed you of any concerns which could end-up being raised as a non-conformance.

    With respect to certification audits, ETHIC Intelligence® uses a publicly available table which indicates the average amount of days that should be devoted to the process. If your scope of certification is covering several sites, we will audit your central functions in the head office while also selecting a sample of sites to be audited according to accreditation rules.

    Step 5: Report and Certification

    The auditor describes and analyses the anti-bribery management system in a report that is in turn examined by the certification committee. The result and findings of the certification process are then communicated to the organisation.

    In the event of major non-conformities, the certificate is awarded only if such major non-conformities are remediated. In the event of minor non-conformities, a corrective action plan must be accepted by the certification committee before awarding certification.

    ETHIC Intelligence® abides by the rules of ISO 17021-1 applicable to certification bodies for the issue of a certificate. The Certificate is awarded by the certification committee upon review of the recommendation formulated by the audit team.

    Step 6: Surveillance Audit and Monitoring

    For a three-year certification process, a surveillance audit is organised every year. These are on-site audits, which are shorter than the initial audit and therefore are not necessarily full system audits. They do however cover enough elements for us to maintain confidence your system continues to fulfill the management system requirements. Surveillance audits will also address any findings identified in the initial certification report and check that they have been closed effectively.

    Step 7: Re-Certification

    After three years a certificate can be renewed. It requires a new certification cycle: re-certification audit and two surveillance audits.

    The re-certification audit is a full system audit, similar to the initial certification audit.

    Contact Us