ISO 37002:2021

The ISO Whistleblower Guidelines use the ‘harmonised structure’ (i.e. clause sequence, common text and common terminology) developed by ISO to improve alignment among international standards for management systems. So, if you are familiar with the anti-bribery management standard (ISO 37001), these guidelines will be very easy to understand. The similar format, sections, definitions and layout make it easier for those familiar with the ISO structure.

The ISO Whistleblower Guidelines give principles for establishing, implementing and maintaining an effective whistleblowing management system based on the principles of trust, impartiality and protection in the following four steps:

• receiving reports of wrongdoing
• assessing reports of wrongdoing
• addressing reports of wrongdoing
• concluding whistleblowing cases.

The ISO Whistleblower Guidelines are generic and intended to apply to all organisations, regardless of type, size and nature of activities, and whether in the public, private or not-for-profit sector. You can easily adjust the programme you are building based on your organisation’s needs.

ISO 37002 can be used by any organisation, regardless of its size, sector, or organisation. Organisations will be able to solve many more problems that otherwise might escalate, avoiding harm to the organisation and its stakeholders. It’s also a new way to look at your organisation’s culture.

The proposed ISO 37002 Management Systems Standard will serve the purpose of:

• Guiding organisations establish coherent whistleblowing frameworks that create protective environments, confidently report wrongdoing, and address concerns swiftly and appropriately.
• Helping build trust between an organisation and its stakeholders, including staff.
• Responding to concerns about reporting and dealing with wrongdoing in view of the increasing number of cases reported publicly.
• Supporting good governance and transparency. The intention is that ISO 37002 will be used as a stand-alone document. Equally, the proposed standard could be used with other standards, such as organisational governance and anti-bribery, compliance and other management systems.
• Guiding organisations to foster a culture of transparency, in which people are confident to report concerns of wrongdoing.

ISO 37002 will provide practical guidance to organisations on a broad array of whistleblowing management aspects. It doesn’t specify requirements but provides guidance on whistleblowing management systems and recommended practices. ISO 37002 is intended to be adaptable. Its use can differ depending on the size, nature and complexity of an organisation’s activities.

ISO 37002 will be written as a “High-Level Structure” (HLS). The HLS is a set of 10 clauses that all ISO management system standards must use to ensure consistency and greater integration among systems of different disciplines. The HLS approach involves precise drafting. For example, discussion about the wording of ISO 37002 is ongoing because the guidelines will include generic management system terms and definitions and discipline-specific terms.

There’s no known overlap of ISO 37002 with existing or planned standards. WG3 provides an overview of ISO standards that relate to the proposed standard on whistleblowing management systems:

• ISO 37001:2016 anti-bribery management systems. Requirements with guidance for use.
• ISO 37301 Compliance management systems.
• ISO 18788:2015 Management system for private security operations.
• ISO 28007-1:2015 Ships and marine technology — Guidelines for Private Maritime Security.
• Private Maritime Security Companies (PMSC) provide privately contracted armed security personnel (PCASP) on board ships (and pro forma contract).
• ISO/TR 31004:2013 Risk management — Guidance for the implementation of ISO 31000.
• ISO/IEC 27002:2013 Information technology — Security techniques — Code of practice for information security controls.
• ISO 27500:2016 The human-centred organisation — Rationale and general principles.

These standards don’t include specific guidance regarding processes involved in whistleblowing arrangements, nor do they offer any guidance on implementing processes. Organisations that haven’t adopted management system standards will be able to adopt ISO 37002 as stand-alone guidance. Organisations will be able to choose to extend the scope of the whistleblowing management system to include reporting from outside their organisations.

According to ISO/TC 309’s description, ISO 37002 will provide “guidelines for implementing, managing, evaluating, maintaining and improving a robust and effective management system within an organisation for whistleblowing.”

The international standard won’t be specific to any sector and will be suitable for organisations of all sizes, from small- and medium-sized enterprises (SMEs) to multinational companies. Based on the principles of trust, impartiality and protection, ISO 37002 is aimed to guide organisations in managing the full cycle of whistleblowing:

• Identification and reporting of concerns of wrongdoing.
• Assessment of concerns of wrongdoing.
• Means of addressing concerns of wrongdoing.
• Closing of whistleblowing cases.

This standard intends to provide a framework for establishing a clear and robust organisational whistleblowing system. Creating a protective environment where people can confidently report concerns is crucial to effectively preventing and dealing with wrongdoing in your organisation.

ISO 37002 addresses the need for organisations to protect whistleblowers and other people who might be affected by reporting wrongdoing. Retaliation is mentioned as a specific risk of whistleblowing. At ABAC® Group, we understand the complex issue of establishing and managing an effective organisational whistleblowing infrastructure and not limiting itself to an employer’s point of view but also recognising a whistleblower’s perspective.

ABAC® is now offering training on ISO 37002. The course aims to improve the culture in every organisation so that employees feel comfortable whistleblowing where necessary. Our whistleblowing training will engage you with thought-provoking activities and assessments. The course helps users learn everything about whistleblowing and provides a comprehensive overview of whistleblower rights and how organisations should apply whistleblowing management systems.

To enhance the learning experience, the course contains real-life scenarios where whistleblowing has helped prevent disaster and examples where whistleblowing could have helped prevent disasters.

What’s covered in the course?

• What is whistleblowing?
• Why should you whistleblow?
• Whistleblowers of the past
• Legal protection from whistleblowing
• Protected whistleblowing categories
• Whistleblowing disclosures
• Gagging clauses in employment contracts
• How should you report whistleblowing?

It’s simple to transfer your certification to ABAC®:

Step 1: Contact us. We’ll discuss your current certification and transfer requirements. Provide us your current certificate and your latest audit report.

Step 2: Once the transfer criteria have been met, a transfer quotation shall be produced.

Step 3: Once the quotation is accepted a Transfer Audit will take place either remotely or onsite.

Step 4: Once the transfer audit is successfully conducted and reviewed by our technical team, we’ll issue you a new ABAC® certificate.

• Address: 7th Floor, South Quay Building, 77 Marsh Wall, London E14 9SH
• Phone: +44 203 874 4521
• Mobile: +44 7776 524355
• Email: info@abacgroup.com
• Book a call!

• Address: Office 711-712, Liberty House, DIFC P.O. Box 111794, Dubai, U.A.E.
• Phone: +971 4 3589884 | +971 4 3588577 | Toll Free: +971 800 274552
• Mobile: +971 50 903 8184
• Email: info@abacgroup.com
• Book a meeting!

• Address: Level 12, 1210, 1211, 55-B, Islamabad Stock Exchange Towers, Jinnah Avenue, Blue Area, Pakistan
• Phone: +92 51 111 888 400
• Email: info@abacgroup.com
• Book a meeting!

• Address: ABAC Center of Excellence Sdn. Bhd. Level 28, GTower, Jalan Tun Razak, 50450 Kuala Lumpur, WP Kuala Lumpur, Malaysia
• Phone: +603 2280 6282 | +6018 2184931
• Mobile: +6014 9611 262 
• Book a meeting!
• Email: info@abacgroup.com
• Get A Quote