The ISO 37001 certification process has been a starting point to drive organizational change and redefine trust within the company, as well as a good opportunity to provide extensive anti-bribery training to employees.
Setting the goal to achieve ISO 37001 certification has been the trigger to implement a program meant to raise awareness and increase preventive measures. Since its beginning in 2015, this program has intensified each year and will continue indefinitely.
This certification acknowledges our model of responsible business conduct, based on full compliance with the rules and on zero-tolerance approach towards bribery. It also proves that UTI’s compliance program is mature and effective in preventing and detecting bribery-related misconduct and has the means to routinely assess the effectiveness of the anti-bribery regulations and continually improve them over time.
UTI is a multi-services group of companies, driven by a permanent state of innovation, ambitious approaches, and a flair for entrepreneurship that continually reinvents to seize market opportunities.
UTI brings together diversified capabilities reunited in 8 companies, offering cutting-edge technology. It combines the expertise of over 1,300 employees, as well as strategic partnerships with world renowned partners being uniquely well positioned to capture further growth. The companies deliver diversified services and products such as: physical, information and IT security, intelligent transport solutions (ITS), fare collection solutions, e-Government information systems, automation and facility management services that are uniquely customized to perfectly address customers’ needs.
UTI has an outstanding reputation for the quality and reliability of the integrated solutions and services it delivers, the innovation it incorporates in its solutions, and the technological excellence, setting industry’s best practices.
Why did you choose to get certified against ISO 37001?
The company’s commitment to integrity and ethical business practices have always been the grounds for UTI’s success. Our core values – Integrity, Trust, Responsibility and Excellence – are fundamental to who we are and what we do, and we have always conducted our activity in compliance with ethical principles and in observance of all national and international laws.
However, in October 2015, even though none of UTI’s companies was charged with any criminal action, the company’s trustworthiness came under scrutiny and its integrity was called into question. The company took prompt steps to start an extended compliance and business conduct audit, in order to identify the main risk factors and schemes, to improve the internal procedures and related compliance control policies, and to efficiently manage all of the above.
Consequently, the Compliance Department (with money laundry prevention attributes as well) was created. The Compliance and Ethics hotline was established and made available both to the employees and to external partners and clients. The Code of Business Conduct and Ethics, and the internal regulations were analyzed and modified to provide stronger and more efficient anti-bribery provisions which would prevent events that could affect the company’s reputation and business practices – this also included the compulsory approval of the Compliance Department.
As a result, the bribery and corruption prevention system has been integrated within the processes of the company which has complemented the ethics and compliance policy, the business conduct code, the internal business ethics-related regulations, the corruption prevention, and fair competition practices that the company had already implemented.
In 2018, 4 of UTI’s companies: UTI Grup, certSIGN, Trident Servicii si Mentenanta (formerly UTI Servicii Portuare), and UTI Facility Management, went through a comprehensive audit that focused on the adequacy of the bribery and corruption prevention system that UTI implemented in conformity with the ISO 37001 standard, and obtained the ISO 37001 certification for their anti-bribery management system. Since 2018, the companies have undergone annual surveillance audits and are about to be audited for the certification renewal in 2021. Moreover, in 2021, TIU Investments and Management – another UTI company – is getting audited to get the ISO 37001 certification.
What are the main benefits of your company after implementation and certification against ISO 37001?
Your auditing experience with MSECB
MSECB has been our certification audit provider since July 2018. Initial audit against ISO 37001 Anti-Bribery Management System was performed in our Bucharest sites. Our companies CERTSIGN S.A., UTI GRUP S.A., UTI FACILITY MANAGEMENT S.A., and TRIDENT SERVICII SI MENTENANTA S.A. were subject to annual professional and in-depth audits.
MSECB staff proved a professional, competent, and concise approach when it comes to auditing standard’s requirements and delivering customer service.
In addition to the knowledge and understanding we gained from ISO 37001, the audit and certification had a tremendous impact on the public perception of our well-established ethics system. We find ISO 37001 certification to be a very efficient tool in organizing the anti-bribery management system.
We are happy and grateful to be certified against ISO 37001 and we highly encourage other organizations to taste the feeling of premium services that MSECB offers.
“The high professionalism of the auditors and back-office employees, prompt assistance and excellent quality made our choice very simple. We are sure that when we chose MSECB we made the right choice.”
“The experience was rigorous and educating. The customer service is top notch.”
“Auditing by MSECB was a fantastic experience. The Auditor was very professional throughout the audit process and we are glad we chose MSECB as our certification body.”
“Our journey to ISO/IEC 27001 certification was surprisingly straightforward. Our auditors explained the process in advance, and we were able to meet the proposed schedule, which was much appreciated.”
“We had a great audit and are excited that we passed the assessment. The auditor was well experienced and MSECB
provided required support.”
“Everyone knows that an audit is not an easy process, and MSECB made it smooth. The MSECB team was very responsive, and all the answers to our questions were very clear and helpful.
We also felt that our company and our needs and ways of working were well understood. All the suggestions for improvement made perfect sense for us and were easy to put in place and get the buy-in of our employees”
“Protecting our customers and enhancing quality management has always been a priority for BIOS Middle East. Achieving ISO 9001, ISO/IEC 27001, ISO/IEC 27017, and ISO/IEC 27018 certifications provide independent assurance of our commitment to leverage the latest best practices and security controls around all our services.”
“It is important for an organization to get ISO 9001:2015 certification, to achieve efficiency in service delivery, and attain maximum customer satisfaction.”
“The ISO 9001:2015, ISO 45001:2018, and ISO 14001:2015 certifications are mostly a pre-requisite to participate in most major International EPC Tenders of large multi-national & government projects and very crucial in winning large clients. Following the decision to scale the business outside of Ghana, it was imperative that we get ISO certified.
The process has ultimately allowed us to boost the quality of our work/services, increase the satisfaction of our customers, and enhance the productivity and operational efficiency with the hope that it will set us apart from our competition.”
“By achieving ISO/IEC 27001 Tr3dent demonstrates commitment to provide our customers and partners with a level of information security conformity that meets the highest industry standards and secures our clients’ data accordingly.”
“Vision 2030 has been inspiring us to achieve an unprecedented step in the field of cybersecurity in line with the Kingdom’s aspirations to be one of the best cybersecurity leaders in the world.
Following our successful certification against ISO/IEC 27001:2013 and ISO 22301:2019, we consider ISO/IEC 27032:2012 certification as an additional step towards the achievement of our strategic goal to integrate the highest standards of cybersecurity and information security procedures.”
“Security within an organization belongs to everyone, and it requires the full effort of a team. Being audited and having conformity with the requirements for ISO/IEC 27001 and ISO/IEC 27701 certifications was and remains to be an opportunity to reinforce our commitment to data privacy and security not only for the customers and partners we serve, but in our company-wide culture.”
“Not only is ISO 13485 Certification a validation of the high standards that Sisu Global follows in our quality procedures to ensure a safe product, but it has also been critical in our expansion. ISO 13485 is recognized as a global standard and being certified with this standard, has opened up new global markets for our novel autotransfusion device, Hemafuse.”
“For us at Viseven, the ISO/IEC 27001 certification is a staple of corporate responsibility: it confirms our compliance with our customers’ information security requirements, as well as those of applicable legislation, all of which is engrained in our corporate DNA as part of the digital culture as a tech company.”
“The ISO 37001 certification process has been a starting point to drive organizational change and redefine trust within the company, as well as a good opportunity to provide extensive anti-bribery training to employees.”
“ISO/IEC 27001: To become more productive and ensure information security effectiveness.”
“By achieving ISO 9001 and ISO/IEC 27001 certifications, ELEKS has shown its commitment to quality and information security, ensuring that all the necessary controls are in place, and that its people, the technology, and their processes have met the requirements of these standards. The certifications assure clients and partners that ELEKS prioritizes robust quality, security and reliability in its delivery and management processes.”
“Being a leading pure cyber security company, we had to comply with high standards of information security and quality to strengthen our corporate responsibility and sustainability. The ISO/IEC 27001 and ISO 9001 certifications allowed us to raise our trustworthiness and reliability vis a vis our stakeholders as a cyber security service provider of reference in the region.”
“For Alter Domus, achieving ISO/IEC 27001 and ISO 22301 certification demonstrates to our customers and all interested parties that our information security and business continuity management systems operate to the highest industry standards.”
“Achieving ISO/IEC 27001:2013 certification further strengthens the deep trust we have built with our customers and partners, as well as further protecting our brand and enhancing our operations.”
“In one hand, MSECB customer service team proved their values by being really professional and keen on their approach. They were always ready and willing to support us with any clarity related to MSECB services. On the other hand, MSECB auditor/s showed a great maturity and competence at handling the entire certification audit process independently end-to-end. We highly recommend you to consider MSECB as your certification body so you can live a great experience”
“Certifications enable accountability by aligning technology, processes, and people to respond to imperatives regarding governance, risk, and compliance – or in other words, they demonstrate our trustworthiness through the lenses of an independent third party.”