Organizational transparency is no longer a peripheral compliance check; it is a definitive competitive differentiator. In an era where “mere words on paper” are scrutinized by sophisticated investors and a vocal public, the transition from a reactive hotline to a robust management system is the hallmark of ethical resilience. Whistleblowing, when properly integrated, functions as a foundational pillar of psychological safety, allowing an organization to self-correct before internal risks escalate into terminal reputational failures.
Trusted whistleblowing systems are an essential part of good governance, helping organisations respond to concerns early, strengthen accountability, and support ethical culture. During this event , we explored the practical application of SANS/ISO 37002 and how organisations can build whistleblowing management systems that are credible, effective, and fit for purpose.
Whistleblowing is a high-value ROI strategy and a primary risk-management tool. For senior leadership, the “carrot cake” analogy is instructive: compliance should not be the “vegetable” that employees are forced to eat; it should be the nutrients baked into the organization’s success. When ethics are integrated, the measurable outcomes are significant:
Harmonized standards level the playing field for organizations entering global markets. By utilizing a “Mirror Committee” process, national bodies like the South African Bureau of Standards (SABS) ensure that international best practices (ISO) are adapted to local contexts without “reinventing the wheel.”
ISO 37002 utilizes the “Plan-Do-Check-Act” (PDCA) methodology to operationalize reporting. The system is divided into four distinct phases:
The “crisis of trust” remains the primary obstacle to effective governance. In many contexts, such as South Africa, the fear of being labeled a “snitch” or “impimpi” is a powerful deterrent. This is often rooted in an “Interdependent Culture” (like Ubuntu, where collective identity is paramount) versus the “Independent Culture” prevalent in Western corporate models.
Board members, executives, ethics and compliance professionals, governance and risk practitioners, internal auditors, legal advisors, HR leaders, and anyone responsible for organisational integrity or reporting systems.
Dr Liezl Groenewald is a Certified Ethics Officer with more than two decades of experience in ethics, compliance, governance, and organisational culture. She is widely recognised for her work in ethics management, whistleblowing, and values-driven organisational practice, and has contributed to a range of publications, tools, and training programmes that strengthen accountability and integrity.
Sadhvir Bissoon is passionate about standards and their role in advancing economic growth, sustainability, and social progress. Through his involvement in regional and international standardisation bodies, he contributes to shaping the standards landscape and strengthening Africa’s voice in the development of quality, safety, and sustainability frameworks.
Andrew Samuels is a governance, risk, and compliance specialist focused on delivering practical, defensible GRC solutions that support trust, resilience, and growth. He has led programmes across a wide range of sectors and contributes to the development of ISO governance and compliance standards, helping organisations turn best practice into simple and effective frameworks.
Join the movement to build whistleblowing systems that people trust.
Term | Definition |
|---|---|
ARSO | The African Organization for Standardization, responsible for harmonizing standards across the African continent to support the African Continental Free Trade Area. |
Conformity Assessment | Quality assurance services provided by bodies like SABS to ensure that industry and regulators are correctly implementing established standards. |
Disgruntled Employee | A derogatory label often applied to whistleblowers to dismiss their concerns; the text argues whistleblowers are often the most loyal employees. |
Impimpi | A South African term for an informer or “snitch,” often used negatively to discourage whistleblowing. |
ISO 37002 | The international standard providing guidelines for whistleblowing management systems based on trust, impartiality, and protection. |
Management Information (MI) | Data generated by whistleblowing systems (e.g., trends in misconduct) used by leadership to make informed organizational decisions and improvements. |
Mirror Committee | A national-level committee that reflects the work of an international technical committee, ensuring local expert input in global standard-setting. |
Natural Justice | The legal principle that ensures a fair process, including the presumption of innocence for those accused of wrongdoing during a whistleblowing investigation. |
Psychological Safety | An environment where employees feel safe to raise concerns about misconduct without fear of being penalized or marginalized. |
Retaliation | Adverse actions taken against a whistleblower, such as job loss, harassment, or being passed over for promotion; in 2024, nearly half of South African whistleblowers reported experiencing this. |
SABS | The South African Bureau of Standards, the national body mandated to develop, promote, and maintain South African National Standards. |
Substantiated Report | A whistleblowing disclosure that, upon investigation, is proven to be accurate; approximately 42% of reports are substantiated globally. |
Triage | The initial process of assessing and prioritizing incoming whistleblowing reports to determine the appropriate next steps, such as escalation or investigation. |
Link to the policy: GGA Privacy Policy 2021
The Good Governance Academy (“GGA”) strives for transparency and trust when it comes to protecting your privacy and we aim to clearly explain how we collect and process your information.
It’s important to us that you should enjoy using our products, services and website(s) without compromising your privacy in any way. The policy outlines how we collect and use different types of personal and behavioural information, and the reasons for doing so. You have the right to access, change or delete your personal information at any time and you can find out more about this and your rights by contacting the GGA, clicking on the “CONTACT” menu item or using the details at the bottom of the page.
The policy applies to “users” (or “you”) of the GGA website(s) or any GGA product or service; that is anyone attending, registering or interacting with any product or service from the GGA. This includes event attendees, participants, registrants, website users, app users and the like.
Our policies are updated from time-to-time. Please refer back regularly to keep yourself updated.