ISO/DIS 37003

This document will provide guidance for use for establishing, developing, implementing, evaluating, maintaining and improving an effective anti-fraud management system. The guidance will be generic and applicable to all organizations, regardless of type, size and nature of activity, and whether in the public, private or not-for-profit sectors. The guidance will include: • creation and maintenance of a fraud risk recognition, tracking and monitoring environment within an organisation including proactive control systems, protocols and procedures; • mitigation of internal and external fraud against, and by, the organization; • detection of fraud in the event that pre-emptive counter-fraud strategies, protocols and procedures fail to identify and trace incidents; • effective response to fraud events so that - lessons are learned that can be applied to the mitigation framework, - reputational harm to the organisation can be minimised and restored, - funds lost to fraud can be recovered. This is a Type B management system standard.