Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
ISO 37002:2021 Whistleblowing Management Systems
Role Play
Rating: 3.8 out of 5(8 ratings)
113 students

ISO 37002:2021 Whistleblowing Management Systems

Master the global standard for receiving, assessing, addressing, and concluding whistleblowing reports
Created byISO Horizon
Last updated 6/2026
English

What you'll learn

  • Apply the four guiding principles of ISO 37002:2021 — trust, impartiality, protection, and accessibility — to every design decision in your programme
  • Build a clause-aligned whistleblowing management system covering context, leadership, planning, support, operation, evaluation, and improvement
  • Design accessible reporting channels that satisfy confidentiality, anonymity, and data protection obligations under the EU General Data Protection Regulation
  • Run a disciplined four-stage report lifecycle covering receiving, assessing, addressing, and concluding reports of wrongdoing
  • Investigate concerns fairly while protecting both whistleblowers and persons mentioned in reports from detrimental conduct
  • Map your programme to the EU Whistleblowing Directive 2019/1937, Sarbanes-Oxley Section 806, and Dodd-Frank Section 922 in parallel
  • Set objectives, metrics, and KPIs that prove the programme works to top management, the board, and external auditors
  • Conduct internal audits and management reviews that drive corrective action and continual improvement of the system
  • Train workers, managers, and the whistleblowing function on their roles, rights, and obligations under the standard
  • Build a single multi-jurisdiction programme that integrates with ISO 37301 compliance and ISO 37001 anti-bribery management systems

Course content

33 sections28 lectures
  • Why Whistleblowing Management Matters Today7:20
    This lecture sets the stage by exploring why whistleblowing has moved from a reactive human resources problem to a strategic governance priority for boards, regulators, and investors. Examine how scandals at global corporations, accelerated regulation across the European Union and the United States, and rising public expectations around ethics have made organisations realise that a credible internal reporting channel is the single most effective early warning system available. Explore how unreported wrongdoing produces financial loss, reputational damage, regulatory fines, and shareholder litigation, and how a well-designed whistleblowing management system turns potential disasters into opportunities for early correction and learning. The lecture frames ISO 37002:2021 as the international response to this need — a single, authoritative set of guidelines that organisations of any size, sector, or jurisdiction can adopt to build trust and demonstrate good governance to every interested party.
  • Introducing ISO 37002:2021 — Scope and Status8:37
    This lecture introduces ISO 37002:2021 as a guidance standard rather than a requirements standard, meaning it cannot be certified against in the same way as ISO 9001 or ISO 37001 yet still provides authoritative best practice that auditors, regulators, and courts increasingly treat as the benchmark of reasonable conduct. Explore the publication date of July 2021, the work of ISO technical committee TC 309 on Governance of Organizations that produced the document, the scope that makes the standard applicable to organisations of any size, sector, and ownership type, and the Harmonized Structure that aligns its ten clauses with all other modern ISO management system standards. The learner will leave understanding precisely what ISO 37002 promises to deliver, what it deliberately leaves to each organisation to decide, and why even a non-certifiable standard has enormous influence on regulators, courts, and stakeholders.
  • The Four Guiding Principles of Whistleblowing9:32
    This lecture unpacks the four guiding principles that underpin every element of ISO 37002:2021 — trust, impartiality, protection, and accessibility. Examine how trust requires the organisation to demonstrate through visible leadership and consistent action that reporters will be taken seriously, how impartiality demands that conflicts of interest be identified and managed at every stage of report handling, how protection forbids any detrimental conduct against the whistleblower and extends in modified form to persons mentioned in reports, and how accessibility means reporting channels must be available, understandable, and usable by every potential reporter regardless of language, role, disability, or geography. The learner will see how these four principles serve as the constant test against which every policy choice, channel design, and investigative decision should be measured before it is approved.
  • Key Terms and Definitions8:04
    This lecture clarifies the precise vocabulary of ISO 37002:2021 so the learner can read the standard, draft internal policy, and brief stakeholders without ambiguity. Define the terms whistleblower, person mentioned in a report, wrongdoing, detrimental conduct, retaliation, report, reporting channel, and whistleblowing management system as the standard uses them, and contrast each with the looser everyday meaning the word carries in news media. Examine why ISO often prefers the neutral term reporter rather than the more loaded label whistleblower, why detrimental conduct is preferred over retaliation in formal documentation, and how the term wrongdoing is broader than illegality and covers conduct that is unethical, unsafe, or contrary to the organisation’s own policies and values. The learner will leave with a working glossary that prevents the most common drafting and training mistakes seen across compliance programmes.
  • ISO 37002 in the Management Systems Family9:18
    This lecture positions ISO 37002:2021 within the broader family of governance and compliance management system standards so the learner can integrate it efficiently rather than build an isolated silo. Examine the relationship with ISO 37301:2021 compliance management systems, ISO 37001:2016 anti-bribery management systems, ISO 37000:2021 governance of organisations, and ISO 31000:2018 risk management, showing where a whistleblowing channel feeds intelligence into each of them. Explore how an organisation that already operates an ISO 37301 compliance programme can extend it with ISO 37002 rather than duplicating documentation, and how the Harmonized Structure makes shared elements such as leadership commitment, internal audit, management review, and continual improvement reusable across all four standards. The learner will see how to position ISO 37002 in an integrated governance, risk, and compliance architecture.
  • Section 1 Quiz: Foundations of ISO 37002:2021
  • Roleplay: Foundations of ISO 37002:2021

Requirements

  • Basic familiarity with corporate governance, compliance, or human resources concepts
  • General awareness that whistleblowing or speak-up hotlines exist inside organisations
  • Comfort reading formal policy or regulatory text in English
  • No prior knowledge of ISO management system standards is required, as all relevant terms are explained from scratch
  • Access to your own organisation’s existing policies is helpful but not mandatory

Description

This course contains the use of artificial intelligence.

Whistleblowers detect the wrongdoing that audits, internal controls, and external regulators routinely miss, yet for decades they have been mistreated, ignored, or destroyed by the very organisations that should have thanked them. The arrival of ISO 37002:2021 changed that conversation by giving the world a single, authoritative guideline for building a whistleblowing management system that any organisation, in any sector, in any country, can adopt with confidence. Combined with the EU Whistleblowing Directive, Sarbanes-Oxley, and Dodd-Frank, it has become impossible to run a credible compliance function in the modern enterprise without mastering this standard from end to end.

This course delivers complete, clause-by-clause coverage of ISO 37002:2021 across twenty-eight focused lectures. You will study the four guiding principles of trust, impartiality, protection, and accessibility, design the policy and governance structure of a whistleblowing function, and work through the four-stage report lifecycle in depth — receiving reports through accessible and confidential channels, assessing them through disciplined triage and prioritisation, addressing them through fair and defensible investigation, and concluding them with proper communication, documentation, and lessons learned. You will examine the protection of whistleblowers and persons mentioned in reports, the measurement, internal audit, and management review of the system, and the corrective action cycle that drives continual improvement over time.

The course is built for ethics and compliance officers, whistleblowing programme managers, human resources professionals, internal auditors, risk managers, in-house counsel, board members, and consultants who must design, run, audit, or oversee a whistleblowing management system. By the end you will be able to draft a compliant policy, build a multi-channel reporting architecture, run a defensible investigation, and align your programme with the EU Whistleblowing Directive 2019/1937, Sarbanes-Oxley Section 806, Dodd-Frank Section 922, and other national frameworks at the same time without duplicating work.

What makes this course different is its uncompromising fidelity to the standard combined with practical depth and global regulatory context in every lecture. Every section is structured around official clauses, principles, and recognised legal frameworks, with no fluff and no guesswork left for the learner to fill in. Enrol today, and turn ISO 37002 from a document on your shelf into the working blueprint of an internal reporting programme that protects your people, your stakeholders, and your organisation for the long term.

Who this course is for:

  • Ethics and compliance officers responsible for whistleblowing or speak-up programmes
  • Whistleblowing programme managers and operators of internal reporting channels
  • Human resources professionals handling reports, investigations, or retaliation complaints
  • Internal auditors, risk managers, and consultants assessing or designing whistleblowing systems
  • In-house counsel, board members, and senior executives accountable for ethical conduct and regulatory compliance