How to Prepare for ISO 27001:2022 Certification: A Complete Guide for Businesses
June 25, 2026
How to Prepare for ABMS Certification: A Business Guide to ISO 37001
June 25, 2026
Businesses pursuing CIDB projects, government tenders, or larger corporate contracts now face stronger compliance expectations. Many want ISO 37001 certification but are unsure about the cost and process.
Poor preparation can lead to delays, missing documents, repeated corrective actions, and extra costs. A clear plan helps your team move faster and avoid confusion.
Here, you will find the ISO 37001 certification cost, pricing factors, and key steps before certification, along with how ISO training provider, One Island supports businesses through ISO 37001 training and certification preparation.
What Is ISO 37001 and Why Does It Matter in Malaysia?
ISO 37001 helps businesses put proper anti bribery controls in place before problems happen. It gives your team a clear system for handling bribery risks, internal reporting, due diligence, approvals, and corrective actions.
In Malaysia, this matters because companies can be held responsible for bribery involving employees, agents, contractors, or business partners under Section 17A of the Malaysian Anti-Corruption Commission (MACC) Act 2018. A weak system can expose the business to legal, financial, and reputation risks.
ISO 37001 certification helps show that your company has taken serious steps to prevent bribery. For CIDB related businesses, it can also strengthen tender readiness, client confidence, and corporate compliance.
Contact One Island Consultancy to get your team ready for ISO 37001 certification through practical training, documentation support, and audit preparation.
ISO 37001 Certification Cost: What Are You Actually Paying For?
The ISO 37001 certification cost in Malaysia varies depending on the size of your organisation, the complexity of your operations, and how much internal capacity you have to support the process.
| Cost Component | Estimated Range (RM) | Notes |
| Gap Assessment & Consultancy | RM8,000 – RM30,000+ | Varies by org size and complexity |
| Certification Body Audit (Initial) | RM5,000 – RM15,000 | Depends on audit days required |
| Annual Surveillance Audit | RM3,000 – RM8,000 | Required to maintain certification |
| Staff Training & Awareness | RM2,000 – RM10,000 | ISO 37001 training for key staff |
| Total Estimated First-Year Cost | RM18,000 – RM60,000+ | Varies by organisation profile |
Note: These figures are indicative. One Island Consultancy provides a tailored cost assessment based on your specific organisational profile.
That said, it helps to understand the three main cost components.
1. Consultancy and Gap Assessment
Before certification, most organisations engage a consultant to conduct a gap assessment, develop or revise their anti-bribery policy framework, and prepare documentation that meets ISO 37001 requirements.
Consultancy fees in Malaysia typically range from RM8,000 to RM30,000 or more, depending on the scope of work, the size of the organisation, and the level of handholding required.
A smaller SME with straightforward operations will sit at the lower end. A larger company with multiple departments and third-party relationships will require a more extensive engagement.
2. Certification Body (CB) Audit Fees
Once your ABMS is in place, an accredited certification body will conduct a two-stage audit: a documentation review (Stage 1) and an on-site audit (Stage 2).
Certification body fees in Malaysia generally range from RM5,000 to RM15,000 for the initial certification, with annual surveillance audits and a three-year recertification cycle adding to the ongoing cost.
The exact fee depends on the certification body you choose and the number of audit days required based on your organisation size and scope.
3. Internal Implementation Costs
This is often the hidden cost that organisations underestimate. Internal implementation includes staff time spent on training, awareness programmes, policy reviews, and system updates.
Contact One Island Consultancy for a more accurate quote aligning to your business needs.
Your Roadmap to ISO 37001 Certification
A smooth ISO 37001 certification journey starts with knowing what comes next.
Clear steps help your team avoid delays, prepare the right documents, and move toward certification with fewer surprises.
- Gap Assessment: Your current anti-bribery policies, procedures, and controls are assessed against ISO 37001 requirements. This reveals what is already in place and what needs to be developed or strengthened.
- ABMS Development: Policies, risk assessments, due diligence procedures, reporting mechanisms, and training programmes are developed or revised to meet the standard.
- Implementation: The new or revised systems are rolled out across your organisation. Staff are trained and awareness is built at all levels, from leadership to operations.
- Internal Audit: Before the certification body audit, an internal audit is conducted to identify any remaining gaps and ensure readiness.
- Stage 1 Audit (Documentation Review): The certification body reviews your documentation to confirm the system design meets ISO 37001 requirements.
- Stage 2 Audit (On-Site Assessment): Auditors assess whether your ABMS is effectively implemented and operating as documented.
- Certification Issued: Upon successful completion, your organisation receives ISO 37001 certification, typically valid for three years with annual surveillance audits.
Proper training and preparation make ISO 37001 certification clearer, faster, and easier for your team to manage.
Learn more about how to prepare for ABMS certification in Malaysia through One Island Consultancy’s training
Build an Audit Ready ABMS With One Island Consultancy
One Island Consultancy specialises in management systems implementation and training, helping organisations build ABMS frameworks that are practical, audit-ready, and built to last.
- Experienced consultants familiar with CIDB ISO 37001 requirements and the Malaysian regulatory context
- Structured gap assessment that gives you a clear picture of where you stand from day one
- Full documentation support, including anti-bribery policy, risk register, and due diligence procedures
- ISO 37001 training programmes for your leadership team and key staff
- Audit readiness preparation and support throughout Stage 1 and Stage 2 audits
Our consultants have hands-on experience guiding Malaysian businesses through ISO 37001, including those in the construction sector working towards CIDB compliance.
We do not hand you a documentation template and leave you to figure it out. We work alongside your team from gap assessment through to certification.
Start Your ISO 37001 Certification With One Island
ISO 37001 certification helps Malaysian businesses strengthen anti-bribery controls, meet CIDB compliance expectations, and reduce exposure under the MACC Act.
The cost depends on your company size, readiness, and certification scope, but proper guidance helps you avoid delays, rework, and unnecessary expenses.
Speak to One Island Consultancy today to plan your ISO 37001 training and certification preparation with a team that can guide you from assessment to audit readiness.
Frequently Asked Questions About ISO 37001 Certification
Most businesses complete ISO 37001 certification within 6 to 12 months, depending on current documentation, team readiness, and audit preparation.
ISO 37001 certification cost depends on company size, number of sites, training needs, consultancy support, and certification body audit fees.
ISO 37001 is increasingly expected for CIDB G7 contractors, government tenders, and businesses working with large corporate or GLC clients.
Yes, SMEs can apply for ISO 37001 certification, and One Island helps simplify the process through training, documentation support, and audit preparation.
One Island supports businesses with ISO 37001 training, gap assessment, documentation, anti bribery risk controls, and audit readiness preparation.
