scope:

Scope of the standard

The scope of ISO 37001 extends to the following in relation to an organization's activities:

▸ Bribery in the public, private and not-for-profit sectors

▸ Bribery by the organization

▸ Bribery by the organization's personnel acting on the organization's behalf or for its benefit

▸ Bribery by the organization's business associates acting on the organization's behalf or for its benefit

▸ Bribery of the organization

▸ Bribery of the organization's personnel in relation to the organization's activities

▸ Bribery of the organization's business associates in relation to the organization's activities

▸ Direct and indirect bribery (e.g. a bribe offered or accepted through or by a third party)

This covers all forms of bribery: active bribery (offering or paying a bribe) ; passive bribery (soliciting or receiving a bribe) ; bribery in the public sector (bribery of public officials) ; in the private sector (bribery of personnel of corporations or of other private organization or of private individuals) ; direct bribery (by the organization or its personnel), or ; indirect bribery (bribery through business associates such as agents, consultants or outsourcing partners).

ISO 37001, like most ISO standards , is voluntary. Therefore, should there be in any country a conflict between ISO 37001 and applicable law, then the law takes precedence. In such an instance, the organization should make a record of the legal provisions preventing the implementation of a specific requirement of the standard.

This applies, however, only where a requirement of ISO 37001 conflicts with the law. It does not apply to cases where ISO 37001's requirements are stricter than the applicable law.