iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty!
ISO

ISO/FDIS 37000

(Main)

Governance of organizations -- Guidance

Governance of organizations -- Guidance

Gouvernance des organismes -- Recommandations

General Information

Status
Published
ICS
03.100.02 - Governance and ethics
Technical Committee
ISO/TC 309 - Governance of organizations
Drafting Committee
ISO/TC 309/WG 1 - Guidance for the governance of organizations
Current Stage
5020 - FDIS ballot initiated: 2 months. Proof sent to secretariat
Start Date
09-Jun-2021
Completion Date
09-Jun-2021
Ref Project

Buy Standard

ISO/FDIS 37000 - Governance of organizations -- GuidanceISO/FDIS 37000 - Governance of organizations -- Guidance
PreviousNext
Draft
ISO/FDIS 37000 - Governance of organizations -- Guidance
English language
36 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (sample)

FINAL
INTERNATIONAL ISO/FDIS
DRAFT
STANDARD 37000
ISO/TC 309
Governance of organizations —
Secretariat: BSI
Guidance
Voting begins on:
2021­06­09
Voting terminates on:
2021­08­04
RECIPIENTS OF THIS DRAFT ARE INVITED TO
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
Reference number
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO­
ISO/FDIS 37000:2021(E)
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN­
DARDS TO WHICH REFERENCE MAY BE MADE IN
NATIONAL REGULATIONS. ISO 2021
---------------------- Page: 1 ----------------------
ISO/FDIS 37000:2021(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2021

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH­1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2021 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/FDIS 37000:2021(E)
Contents Page

Foreword ..........................................................................................................................................................................................................................................v

Introduction ................................................................................................................................................................................................................................vi

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

3.1 Governance and organization .................................................................................................................................................... 1

3.2 Principles and outcomes ................................................................................................................................................................ 3

3.3 Roles ................................................................................................................................................................................................................. 5

4 The governance of organizations ....................................................................................................................................................... 6

4.1 General ........................................................................................................................................................................................................... 6

4.2 Integrated governance ..................................................................................................................................................................... 7

4.2.1 General...................................................................................................................................................................................... 7

4.2.2 Governance and delegation .................................................................................................................................... 7

4.2.3 Governance and management .............................................................................................................................. 8

4.2.4 Governance and sustainability............................................................................................................................. 8

4.2.5 Governance and stakeholders .............................................................................................................................. 8

4.3 The governing body ............................................................................................................................................................................ 8

4.3.1 Composition and structure ..................................................................................................................................... 8

4.3.2 Competence .......................................................................................................................................................................... 9

5 Overview ....................................................................................................................................................................................................................... 9

6 Principles of governance ...........................................................................................................................................................................13

6.1 Purpose .......................................................................................................................................................................................................13

6.1.1 Principle ...............................................................................................................................................................................13

6.1.2 Rationale ..............................................................................................................................................................................13

6.1.3 Key aspects of practice ............................................................................................................................................13

6.2 Value generation .................................................................................................................................................................................15

6.2.1 Principle ...............................................................................................................................................................................15

6.2.2 Rationale ..............................................................................................................................................................................15

6.2.3 Key aspects of practice ............................................................................................................................................15

6.3 Strategy .......................................................................................................................................................................................................17

6.3.1 Principle ...............................................................................................................................................................................17

6.3.2 Rationale ..............................................................................................................................................................................17

6.3.3 Key aspects of practice ............................................................................................................................................17

6.4 Oversight ...................................................................................................................................................................................................19

6.4.1 Principle ...............................................................................................................................................................................19

6.4.2 Rationale ..............................................................................................................................................................................19

6.4.3 Key aspects of practice ............................................................................................................................................20

6.5 Accountability .......................................................................................................................................................................................22

6.5.1 Principle ...............................................................................................................................................................................22

6.5.2 Rationale ..............................................................................................................................................................................22

6.5.3 Key aspects of practice ............................................................................................................................................22

6.6 Stakeholder engagement .............................................................................................................................................................24

6.6.1 Principle ...............................................................................................................................................................................24

6.6.2 Rationale ..............................................................................................................................................................................24

6.6.3 Key aspects of practice ............................................................................................................................................24

6.7 Leadership ...............................................................................................................................................................................................25

6.7.1 Principle ...............................................................................................................................................................................25

6.7.2 Rationale ..............................................................................................................................................................................25

6.7.3 Key aspects of practice ............................................................................................................................................25

6.8 Data and decisions ............................................................................................................................................................................28

6.8.1 Principle ...............................................................................................................................................................................28

6.8.2 Rationale ..............................................................................................................................................................................28

© ISO 2021 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/FDIS 37000:2021(E)

6.8.3 Key aspects of practice ............................................................................................................................................28

6.9 Risk governance ..................................................................................................................................................................................30

6.9.1 Principle ...............................................................................................................................................................................30

6.9.2 Rationale ..............................................................................................................................................................................30

6.9.3 Key aspects of practice ............................................................................................................................................31

6.10 Social responsibility ........................................................................................................................................................................33

6.10.1 Principle ...............................................................................................................................................................................33

6.10.2 Rationale ..............................................................................................................................................................................33

6.10.3 Key aspects of practice ............................................................................................................................................33

6.11 Viability and performance over time ................................................................................................................................34

6.11.1 Principle ...............................................................................................................................................................................34

6.11.2 Rationale ..............................................................................................................................................................................34

6.11.3 Key aspects of practice ............................................................................................................................................34

Bibliography .............................................................................................................................................................................................................................36

iv © ISO 2021 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/FDIS 37000:2021(E)
Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is normally carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organizations, governmental and non­governmental, in liaison with ISO, also take part in the work.

ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of

electrotechnical standardization.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the

different types of ISO documents should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of

any patent rights identified during the development of the document will be in the Introduction and/or

on the ISO list of patent declarations received (see www .iso .org/ patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO’s adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/

iso/ foreword .html.

This document was prepared by Technical Committee ISO/TC 309, Governance of organizations.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/ members .html.
© ISO 2021 – All rights reserved v
---------------------- Page: 5 ----------------------
ISO/FDIS 37000:2021(E)
Introduction

The pursuit of purpose is at the centre of all organizations and is, therefore, of primary importance

for the governance of organizations. Good governance of organizations lays the foundation for the

fulfilment of the purpose of the organization in an ethical, effective and responsible manner in line with

stakeholder expectations. The organizational outcomes of this good governance are:

— effective performance;
— responsible stewardship;
— ethical behaviour.

Good governance means that decision­making within the organization is based on the organization’s

ethos, culture, norms, practices, behaviours, structures and processes. Good governance creates

and maintains an organization with a clear purpose that delivers long­term value consistent with the

expectations of its relevant stakeholders. The implementation of good governance of an organization

is based on leadership, values, and a framework of mechanisms, processes and structures that are

appropriate for the organization’s internal and external context.

This guidance is directed at governing bodies and governing groups but can also be useful to those that

support them in discharging their duties such as:
— personnel;
— governance practitioners;
— other interested stakeholders.

Organizations that use this guidance will be better equipped to understand the expectations of their

stakeholders and to apply the creativity, culture, principles and performance required to deliver the

objectives of the organization according to its purpose and values. Their governing bodies will hold

management to account and ensure that the culture, norms and practices in the organization align with

the organization’s purpose and organizational values.

This guidance sets out governance principles that will assist governing bodies in discharging their

duties effectively, prudently and efficiently, while enhancing trust, inclusion, accountability, legitimacy,

responsiveness, transparency and fairness. Governing bodies that apply this guidance can expect that

the organizations they govern will realize effective performance, responsible stewardship and ethical

behaviour.

When organizations use this document, stakeholders across countries and sectors can have increased

confidence that the governing bodies of these organizations are responsible, accountable, fair and

transparent, they act with probity and make decisions which are risk-based and informed by:

— credible information and reliable data;
— stakeholders’ expectations;
— compliance obligations;

— ethical and societal expectations, including those anticipated for future generations;

— impacts, and reliance, on the natural environment.
The benefits of good governance can apply to:
a) the organization itself;
b) member stakeholders;
c) other stakeholders.
vi © ISO 2021 – All rights reserved
---------------------- Page: 6 ----------------------
ISO/FDIS 37000:2021(E)
Examples of the value generated by good governance include the following.

— Improved long­term stakeholder value generation: Good governance promotes effective oversight

of the organization and thus helps to ensure alignment between the organizational purpose,

[15]

strategy, activities, and the United Nations Sustainable Development Goals (UN SDGs) . This

improves long­term stakeholder value generation.

— Effective resource stewardship: Effective stakeholder engagement, protected disclosures

(whistleblowing) and mediation, appropriate executive authority limits, consistent terminology,

transparent decision-making and accountability, all contribute to improved stakeholder

confidence that the organization is stewarding resources in a responsible manner.

— Improved organizational resilience and performance: The organization is able to remain

resilient when negatively impacted by its changing context and realize valuable opportunities

as a result of these changes via good governance practices. These practices include adapting

strategy, ethical leadership, effective succession planning, clear delegation of authority and

responsibilities, and oversight of risk management and internal controls.

— Improved decision-making effectiveness: With the increasing rate of change and complexity

within which organizations operate, good governance promotes holistic consideration of the

organization, its purpose, and the context within which it operates, resulting in improved

decision-making. Clarity of accountability, responsibilities and delegated authority are good

governance practices, which increase the speed of organizational decision­making, action and

outcomes.

— Improved personnel composition and retention: People who are motivated not only by financial

interests, but also by the organizational purpose and by intangible organizational values such

as fairness and transparency, are attracted to organizations demonstrating good governance

practices, such as effective and ethical leadership.

— Increased investor and creditor confidence: Effective leadership and oversight, holistic decision-

making, transparency and effective stakeholder relations, sustainability considerations and

certainty of compliance management all contribute to increased confidence in the organization.

In turn, this can improve access to capital and reduce the cost of capital.

— Increased value of intangible assets: Transparency with stakeholders and responsible

organizational behaviour (corporate citizenship) contribute to the value of the organization’s

intangible assets such as reputation, public image, public confidence and goodwill.

Finally, good governance includes actions by the governing body (e.g. creating governance policies)

to direct their organizations to provide stakeholders with transparent, clear and concise reports and

access to information. This allows regulators and society, through their duly appointed representa­

tives, to evaluate the organization’s positive and negative natural environmental, social and economic

impacts. Good governance further affords stakeholders the opportunity to hold organizations to

account, benchmark their results, highlight inappropriate practices, and reduce harm to society, the

economy and the natural environment.

The governance of organizations is enabled by the application of principles that help the organization

fulfil its organizational purpose and, in doing so, generate value for the organization and its stakeholders.

Figure 1 provides an overview of the governance of organizations and the principles and governance

outcomes outlined in this document. These components can already exist in full or in part within

the organization. However, at times they need to be adapted or improved so that the governance of

the organization remains effective, efficient, and appropriate for its unique and dynamic nature and

context.
© ISO 2021 – All rights reserved vii
---------------------- Page: 7 ----------------------
ISO/FDIS 37000:2021(E)
Key
governance outcomes
primary governance principle
foundational governance principles
enabling governance principles
Figure 1 — Governance of organizations — Overview
viii © ISO 2021 – All rights reserved
---------------------- Page: 8 ----------------------
FINAL DRAFT INTERNATIONAL STANDARD ISO/FDIS 37000:2021(E)
Governance of organizations — Guidance
1 Scope

This document gives guidance on the governance of organizations. It provides principles and key aspects

of practices to guide governing bodies and governing groups on how to meet their responsibilities so

that the organizations they govern can fulfil their purpose. It is also intended for stakeholders involved

in, or impacted by, the organization and its governance.

It is applicable to all organizations regardless of type, size, location, structure or purpose.

2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.1 Governance and organization
3.1.1
governance of organizations

human-based system by which an organization (3.1.3) is directed, overseen and held accountable for

achieving its defined purpose
3.1.2
organizational governance framework

strategies, governance policies (3.2.9), decision­making structures and accountabilities (3.2.2) through

which the organization’s (3.1.3) governance arrangements operate
3.1.3
organization

person or group of people that has its own functions with responsibilities (3.2.3), authorities and

relationships to achieve its objectives

Note 1 to entry: The concept of organization includes, but is not limited to, sole-trader, company, corporation, firm,

enterprise, authority, partnership, charity or institution, or part or combination thereof, whether incorporated

or not, public or private.
[SOURCE: ISO 37301:2021, 3.1, modified — Note 2 to entry has been deleted.]
3.1.4
organizational entity
organization (3.1.3) that has a distinct and independent existence
Note 1 to entry: In some cases, an organizational entity can be a legal entity.
© ISO 2021 – All rights reserved 1
---------------------- Page: 9 ----------------------
ISO/FDIS 37000:2021(E)
3.1.5
constituting documents

authoritative and unique set or collection of documents that establishes the organization’s (3.1.3)

existence and accountability (3.2.2) as amended from time to time

Note 1 to entry: Documents vary depending on the type and location of the organization, and can include a deed

of incorporation, articles of association or charter.
3.1.6
risk
effect of uncertainty on objectives

Note 1 to entry: An effect is a deviation from the expected. It can be positive, negative or both, and can address,

create or result in opportunities and threats.

Note 2 to entry: Objectives can have different aspects and categories, and can be applied at different levels.

Note 3 to entry: An objective can be expressed in other ways, e.g. as an intended outcome.

[SOURCE: ISO 31000:2018, 3.1, modified — Note 3 to entry has been replaced.]
3.1.7
risk appetite

amount and type of risk (3.1.6) that an organization (3.1.3) is willing to pursue or retain

[SOURCE: ISO Guide 73:2009, 3.7.1.2]
3.1.8
risk criteria
terms of reference against which the significance of a risk (3.1.6) is evaluated

Note 1 to entry: Risk criteria are based on organizational objectives, and external and internal context.

Note 2 to entry: Risk criteria can be derived from standards, laws, policies and other requirements.

[SOURCE: ISO Guide 73:2009, 3.3.1.3]
3.1.9
risk tolerance

organization’s (3.1.3) or stakeholder’s (3.3.1) readiness to bear the risk (3.1.6) after risk treatment

(3.1.11) in order to achieve its objectives

Note 1 to entry: Risk tolerance can be influenced by legal or regulatory requirements.

[SOURCE: ISO Guide 73:2009, 3.7.1.3]
3.1.10
level of risk

magnitude of a risk (3.1.6) or combination of risks, expressed in terms of the combination of

consequences and their likelihood
[SOURCE: ISO Guide 73:2009, 3.6.1.8]
3.1.11
risk treatment
process to modify risk (3.1.6)
Note 1 to entry: Risk treatment can involve:

— avoiding the risk by deciding not to start or continue with the activity that gives rise to the risk;

— taking or increasing risk in order to pursue an opportunity;
— removing the risk source;
2 © ISO 2021 – All rights reserved
---------------------- Page: 10 ----------------------
ISO/FDIS 37000:2021(E)
— changing the likelihood;
— changing the consequences;

— sharing the risk with another party or parties (including contracts and risk financing); and

— retaining the risk by informed decision.

Note 2 to entry: Risk treatments that deal with negative consequences are sometimes referred to as “risk

mitigation”, “risk elimination”, “risk prevention” and “risk reduction”.
Note 3 to entry: Risk treatment can create new risks or modify existing risks.
[SOURCE: ISO Guide 73:2009, 3.8.1]
3.2 Principles and outcomes
3.2.1
principle

fundamental truth, proposition or assumption that serves as foundation for a set of beliefs or behaviours

or for a chain of reasoning
[SOURCE: BS 13500:2013, 2.14, modified — The singular form has been used.]
3.2.2
accountability
obligation to another for the fulfilment of a responsibility (3.2.3)

Note 1 to entry: The obligation includes the duty to inform and to explain the manner in which the responsibility

was fulfilled.

Note 2 to entry: The non-fulfilment of a responsibility has consequences that can be enforced on the accountable

party.
3.2.3
responsibility
obligation to act and take decisions to achieve required outcomes
[SOURCE: ISO/IEC 38500:2015 2.22]
3.2.4
delegation

assignment of authority and responsibility (3.2.3) from one that holds them to another

3.2.5
compliance
meeting all the organization’s (3.1.3) compliance obligations (3.2.6)
[SOURCE: ISO 37301:2021, 3.26]
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO 37002:2021(Main)
Whistleblowing management systems -- Guidelines
  • Standard
    33 pages
    English language
    sale 15% off
  • Standard
    35 pages
    French language
    sale 15% off
  • Draft
    32 pages
    English language
    sale 15% off
ISO
ISO 37301:2021(Main)
Compliance management systems -- Requirements with guidance for use
SIST ISO 37301:2021

This document specifies requirements and provides guidelines for establishing, developing, implementing, evaluating, maintaining and improving an effective compliance management system within an organization. This document is applicable to all types of organizations regardless of the type, size and nature of the activity, as well as whether the organization is from the public, private or non-profit sector. All requirements specified in this document that refer to a governing body apply to top management in cases where an organization does not have a governing body as a separate function.

  • Standard
    48 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    40 pages
    English language
    sale 15% off
  • Standard
    44 pages
    French language
    sale 15% off
  • Standard
    44 pages
    Spanish language
    sale 15% off
  • Draft
    40 pages
    English language
    sale 15% off
ISO
ISO 37001:2016(Main)
Anti-bribery management systems -- Requirements with guidance for use
SIST ISO 37001:2016

ISO 37001:2016 specifies requirements and provides guidance for establishing, implementing, maintaining, reviewing and improving an anti-bribery management system. The system can be stand-alone or can be integrated into an overall management system. ISO 37001:2016 addresses the following in relation to the organization's activities: · bribery in the public, private and not-for-profit sectors; · bribery by the organization; · bribery by the organization's personnel acting on the organization's behalf or for its benefit; · bribery by the organization's business associates acting on the organization's behalf or for its benefit; · bribery of the organization; · bribery of the organization's personnel in relation to the organization's activities; · bribery of the organization's business associates in relation to the organization's activities; · direct and indirect bribery (e.g. a bribe offered or accepted through or by a third party). ISO 37001:2016 is applicable only to bribery. It sets out requirements and provides guidance for a management system designed to help an organization to prevent, detect and respond to bribery and comply with anti-bribery laws and voluntary commitments applicable to its activities. ISO 37001:2016 does not specifically address fraud, cartels and other anti-trust/competition offences, money-laundering or other activities related to corrupt practices, although an organization can choose to extend the scope of the management system to include such activities. The requirements of ISO 37001:2016 are generic and are intended to be applicable to all organizations (or parts of an organization), regardless of type, size and nature of activity, and whether in the public, private or not-for-profit sectors. The extent of application of these requirements depends on the factors specified in 4.1, 4.2 and 4.5.

  • Standard
    47 pages
    English language
    sale 15% off
  • Standard
    53 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    51 pages
    French language
    sale 15% off
  • Standard
    51 pages
    Spanish language
    sale 15% off
ISO
ISO 37002:2021(Main)
Whistleblowing management systems -- Guidelines
  • Standard
    33 pages
    English language
    sale 15% off
  • Standard
    35 pages
    French language
    sale 15% off
  • Draft
    32 pages
    English language
    sale 15% off
ISO
ISO 37301:2021(Main)
Compliance management systems -- Requirements with guidance for use
SIST ISO 37301:2021

This document specifies requirements and provides guidelines for establishing, developing, implementing, evaluating, maintaining and improving an effective compliance management system within an organization. This document is applicable to all types of organizations regardless of the type, size and nature of the activity, as well as whether the organization is from the public, private or non-profit sector. All requirements specified in this document that refer to a governing body apply to top management in cases where an organization does not have a governing body as a separate function.

  • Standard
    48 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    40 pages
    English language
    sale 15% off
  • Standard
    44 pages
    French language
    sale 15% off
  • Standard
    44 pages
    Spanish language
    sale 15% off
  • Draft
    40 pages
    English language
    sale 15% off
ISO
ISO/TS 26030:2019(Main)
Social responsibility and sustainable development -- Guidance on using ISO 26000:2010 in the food chain

This document provides guidance on using ISO 26000:2010 in the food chain by focusing on the major aspects from its seven core subjects, namely organizational governance, human rights, labour practices, environment, fair operating practices, consumer issues and community involvement and development The main objective is to help organizations in the food chain, regardless of their size or location, to draw up a list of recommendations and move towards a more socially responsible behaviour.

  • Technical specification
    40 pages
    English language
    sale 15% off
  • Technical specification
    42 pages
    French language
    sale 15% off
ISO
IWA 26:2017(Main)
Using ISO 26000:2010 in management systems

IWA 26:2017 provides guidance on using ISO 26000:2010 to organizations that have implemented one or more ISO management system standards (MSS). It also provides guidance on how to apply a management system approach when using ISO 26000:2010. It can be used in full or in part by an organization that has implemented a management system and/or that is using ISO 26000:2010.

  • Standard
    21 pages
    English language
    sale 15% off
ISO
ISO 37001:2016(Main)
Anti-bribery management systems -- Requirements with guidance for use
SIST ISO 37001:2016

ISO 37001:2016 specifies requirements and provides guidance for establishing, implementing, maintaining, reviewing and improving an anti-bribery management system. The system can be stand-alone or can be integrated into an overall management system. ISO 37001:2016 addresses the following in relation to the organization's activities: · bribery in the public, private and not-for-profit sectors; · bribery by the organization; · bribery by the organization's personnel acting on the organization's behalf or for its benefit; · bribery by the organization's business associates acting on the organization's behalf or for its benefit; · bribery of the organization; · bribery of the organization's personnel in relation to the organization's activities; · bribery of the organization's business associates in relation to the organization's activities; · direct and indirect bribery (e.g. a bribe offered or accepted through or by a third party). ISO 37001:2016 is applicable only to bribery. It sets out requirements and provides guidance for a management system designed to help an organization to prevent, detect and respond to bribery and comply with anti-bribery laws and voluntary commitments applicable to its activities. ISO 37001:2016 does not specifically address fraud, cartels and other anti-trust/competition offences, money-laundering or other activities related to corrupt practices, although an organization can choose to extend the scope of the management system to include such activities. The requirements of ISO 37001:2016 are generic and are intended to be applicable to all organizations (or parts of an organization), regardless of type, size and nature of activity, and whether in the public, private or not-for-profit sectors. The extent of application of these requirements depends on the factors specified in 4.1, 4.2 and 4.5.

  • Standard
    47 pages
    English language
    sale 15% off
  • Standard
    53 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    51 pages
    French language
    sale 15% off
  • Standard
    51 pages
    Spanish language
    sale 15% off
ISO
ISO 26000:2010(Main)
Guidance on social responsibility
SIST ISO 26000:2010

ISO 26000:2010 provides guidance to all types of organizations, regardless of their size or location, on: concepts, terms and definitions related to social responsibility; the background, trends and characteristics of social responsibility; principles and practices relating to social responsibility; the core subjects and issues of social responsibility; integrating, implementing and promoting socially responsible behaviour throughout the organization and, through its policies and practices, within its sphere of influence; identifying and engaging with stakeholders; and communicating commitments, performance and other information related to social responsibility. ISO 26000:2010 is intended to assist organizations in contributing to sustainable development. It is intended to encourage them to go beyond legal compliance, recognizing that compliance with law is a fundamental duty of any organization and an essential part of their social responsibility. It is intended to promote common understanding in the field of social responsibility, and to complement other instruments and initiatives for social responsibility, not to replace them. In applying ISO 26000:2010, it is advisable that an organization take into consideration societal, environmental, legal, cultural, political and organizational diversity, as well as differences in economic conditions, while being consistent with international norms of behaviour. ISO 26000:2010 is not a management system standard. It is not intended or appropriate for certification purposes or regulatory or contractual use. Any offer to certify, or claims to be certified, to ISO 26000 would be a misrepresentation of the intent and purpose and a misuse of ISO 26000:2010. As ISO 26000:2010 does not contain requirements, any such certification would not be a demonstration of conformity with ISO 26000:2010. ISO 26000:2010 is intended to provide organizations with guidance concerning social responsibility and can be used as part of public policy activities. However, for the purposes of the Marrakech Agreement establishing the World Trade Organization (WTO), it is not intended to be interpreted as an “international standard”, “guideline” or “recommendation”, nor is it intended to provide a basis for any presumption or finding that a measure is consistent with WTO obligations. Further, it is not intended to provide a basis for legal actions, complaints, defences or other claims in any international, domestic or other proceeding, nor is it intended to be cited as evidence of the evolution of customary international law. ISO 26000:2010 is not intended to prevent the development of national standards that are more specific, more demanding, or of a different type.

  • Standard
    106 pages
    English language
    sale 15% off
  • Standard
    116 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    127 pages
    French language
    sale 15% off
  • Standard
    127 pages
    Spanish language
    sale 15% off
  • Standard – translation
    224 pages
    Slovenian and English language
    sale 10% off
    e-Library read for
    1 day
ISO
ISO/IEC TR 30117:2021(Main)
Information technology -- Standards and applications for the integration of biometrics and integrated circuit cards (ICCs)

This document summarizes how some of the main international standards and recommendations approach personal identification and its related information security, with regard to the integration of biometrics and integrated circuit cards (ICCs). It also provides examples of how biometrics and ICCs are integrated in applications.

  • Technical report
    22 pages
    English language
    sale 15% off
  • Draft
    22 pages
    English language
    sale 15% off