top of page

ISO 37008 Internal Investigations

This should be read in conjunction with our services relating to Employee Investigations & Vetting. 

In addition to accreditation and certification for ISO 9001 and ISO 27001, Spotlight Investigations provides a new dedicated service relating to all aspects of Internal Investigations in compliance with ISO 37008. 

Conducting an investigation of potential or actual misconduct is a normal part of corporate life. The investigations could be related to GDPR/Data Protection, Anti-Money Laundering, Corporate Sustainability Reporting Directive (CSRD), bribery, employment issues or suppliers. The issues could be simple or very complex. They could be in one location or spread around the world. Either way, ISO 37008 helps build an investigations system that works and adds value to an organisation.

The more serious the allegation, the more thorough the investigation needs to be. Small businesses are not excused from proper investigations.

​​

You should consider: 

  • An independent investigation team.

  • The management of documents.

  • The conduct of interviews.

  • Utilisation of external experts.

  • Employment law.

  • GDPR/data protection law.

ISO TS 37008 is a unique and exclusive reference regarding internal investigations. The objective of this standard is to standardise the processes of internal investigations within organisations on a global scale.

Benefits:

  • Better investigations likely mean faster ones.

  • Increased transparency and accountability.

  • Improved compliance with laws and regulations.

  • Not only helps avoid potential sanctions and penalties but also reinforces the integrity of business practices.

  • Enhanced reputation through proving compliance.

  • Risk Management and Compliance: plays a crucial role in risk management and regulatory compliance.

  • Improves quality of investigations, with integrity and quality.

  • Strengthens organisational resilience against potential risks.

  • Reinforces internal and external trust but also strengthens the organisation’s position against potential legal and reputational challenges.

  • A solid framework ensuring consistency and quality throughout all phases of an investigation.

  • Enhance the effectiveness of the investigation process.

  • A guardian of ethics and integrity, establishing clear guidelines for conduct during investigations.

 

Example

 

The Corporate Sustainability Reporting Directive (CSRD)

The CSRD’s second major section is focused on due diligence; for this directive, ‘due diligence’ refers to information-gathering processes to determine adverse impacts caused by the organisation’s operations and supply chain. One of the key aspects of this section is actions taken by the organisation to prevent, mitigate, remediate or end adverse impacts caused by the organisation. By referencing ISO 37008, organisations can ensure their reporting and investigations processes are set up to field and manage inquiries related to sustainability.

ISO 37008 espouses traditional principles around which most corporate investigations programmes are built. These principles remind organisations to ensure that investigations are:

  • independent

  • confidential

  • conducted by skilled professionals

  • objective and impartial

  • conducted in accordance with applicable laws.

  • giving guidance on determining how and whether a company should disclose potential findings to authorities.

 

Spotlight Investigations can advise, provide consultancy services, represent, or conduct entirely ALL aspects of Internal Investigations in accordance with ISO 37008.

Spotlight Investigations' Internal Investigations service is headed by Martin Ryan, our In-House Solicitor who is the Head of Regulation & Compliance and Serious Fraud Investigations and is our Data Protection Officer. 

A copy of our ISO37008 Policy Manual is available to our clients on request. 

bottom of page