ISO 37002:2021 pdf download – Whistleblowing management systems — Guidelines.
3.2 organization person or group of people that has its own functions with responsibilities, authorities and relationships to achieve its objectives (3.25) Note 1 to entry: The concept of organization includes, but is not limited to, sole-trader, company, corporation, firm, enterprise, authority, partnership, charity or institution, or part or combination thereof, whether incorporated or not, public or private. Note 2 to entry: If the organization is part of a larger entity, the term “organization ” refers only to the part of the larger entity that is within the scope of the whistleblowing ( 3.10) management system ( 3.1). Note 3 to entry: This constitutes one of the common terms and core definitions of the harmonized structure for ISO management system standards. 3.3 personnel organization’s (3.2) directors, officers, employees, temporary staff or workers, and volunteers [SOURCE: ISO 37001:2016, 3.25, modified — Notes 1 and 2 to entry have been deleted.] 3.4 interested party (preferred term) stakeholder (admitted term) person or organization (3.2) that can affect, be affected by, or perceive itself to be affected by a decision or activity Note 1 to entry: An interested party can be internal or external to the organization. Note 2 to entry: Interested parties can include, but are not limited to, those who make reports, any subjects of those reports, witnesses, personnel ( 3.3), worker representatives, suppliers, third parties, public, media, regulators and the organization as a whole. Note 3 to entry: This constitutes one of the common terms and core definitions of the harmonized structure for ISO management system standards. The original definition has been modified by adding Notes 1 and 2 to entry.
3.7 policy intentions and direction of an organization (3.2) as formally expressed by its top management (3.5) Note 1 to entry: This constitutes one of the common terms and core definitions of the harmonized structure for ISO management system standards. 3.8 wrongdoing action(s) or omission(s) that can cause harm Note 1 to entry: Wrongdoing can include, but is not limited to, the following: — — — — breach of law (national or international), such as fraud, corruption including bribery; breach of the organizati on’s ( 3.2) or other relevant code of conduct, breach of organization policies ( 3.7 ); gross negligence, bullying, harassment, discrimination, unauthorized use of funds or resources, abuse of authority, conflict of interest, gross waste or mismanagement; actions or omissions resulting in damage or risk of harm to human rights, the environment, public health and safety, safe work-practices or the public interest. Note 2 to entry: Wrongdoing or the resulting harm can have happened in the past, is currently happening or can happen in the future. Note 3 to entry: Potential harm can be determined by reference to a single event or series of events. 3.9 whistleblower person who reports suspected or actual wrongdoing (3.8), and has reasonable belief that the information is true at the time of reporting Note 1 to entry: Reasonable belief is a belief held by an individual based on observation, experience or information known to that individual, which would also be held by a person in the same circumstances.
3.13 detrimental conduct threatened, proposed or actual, direct or indirect act or omission that can result in harm to a whistleblower (3.9) or other relevant interested party (3.4), related to whistleblowing (3.10) Note 1 to entry: Harm includes any adverse consequence, whether work-related or personal, including, but not limited to, dismissal, suspension, demotion, transfer, change in duties, alteration of working conditions, adverse performance ( 3.26 ) ratings, disciplinary proceedings, reduced opportunity for advancement, denial of services, blacklisting, boycotting, damage to reputation, disclosing the whistleblower ’s identity, financial loss, prosecution or legal action, harassment, isolation, imposition of any form of physical or psychological harm. Note 2 to entry: Detrimental conduct includes retaliation, reprisal, retribution, deliberate action or omissions, done knowingly or recklessly to cause harm to a whistleblower or other relevant parties. Note 3 to entry: Detrimental conduct also includes the failure to prevent or to minimize harm by fulfilling a reasonable standard of care at any step of the whistleblowing process (3.27 ). Note 4 to entry: Action to deal with a whistleblower ’s own wrongdoing ( 3.8 ), performance or management, unrelated to their role in whistleblowing, is not detrimental conduct for the purposes of this document. Note 5 to entry: Other relevant interested parties can include prospective or perceived whistleblowers, relatives, associates of a whistleblower, persons who have provided support to a whistleblower, and any person involved in a whistleblowing process, including a legal entity. 3.14 investigation systematic, independent and documented process (3.27 ) for establishing facts and evaluating them objectively to determine if wrongdoing (3.8) has occurred, is occurring or is likely to occur, and its extent Note 1 to entry: An investigation can be an internal investigation or an external investigation. It can be a combined investigation.
