oSIST prEN ISO 37001:2026

SLOVENSKI STANDARD
01-junij-2026
Nadomešča:
SIST ISO 37001:2025
Sistemi vodenja za preprečevanje korupcije - Zahteve z napotki za uporabo (ISO
37001:2025)
Anti-bribery management systems - Requirements with guidance for use (ISO
37001:2025)
Managementsysteme zur Korruptionsbekämpfung - Anforderungen mit Leitlinien zur
Anwendung (ISO 37001:2025)
Systèmes de management anti-corruption - Exigences et recommandations de mise en
œuvre (ISO 37001:2025)
Ta slovenski standard je istoveten z: prEN ISO 37001
ICS:
03.100.02 Upravljanje in etika Governance and ethics
03.100.70 Sistemi vodenja Management systems
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

International
Standard
ISO 37001
Second edition
Anti-bribery management
2025-02
systems — Requirements with
guidance for use
Systèmes de management anti-corruption — Exigences et
recommandations de mise en œuvre
Reference number
ISO 37001:2025(en) © ISO 2025
ISO 37001:2025(en)
© ISO 2025
All rights reserved.
ISO publications, in their entirety or in fragments, are owned by ISO. They are licensed, not sold, and are subject to the terms and
conditions set forth in the ISO End Customer License Agreement, the License Agreement of the relevant ISO member body, or
those of authorized third-party distributors.
Unless otherwise specified or required for its implementation, no part of this ISO publication may be reproduced, distributed,
modified, or used in any form or by any means, electronic or mechanical, including photocopying, scanning, recording, or posting
on any intranet, internet, or other digital platforms, without the prior written permission of ISO, the relevant ISO member body
or an authorized third-party distributor.
This publication shall not be disclosed to third parties, and its use is strictly limited to the license type and purpose specified in
the applicable license grant. Unauthorized reproduction, distribution, or use beyond the granted license is prohibited and may
result in legal action.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
ISO 37001:2025(en)
Contents Page
Foreword .v
Introduction .viii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Context of the organization . 6
4.1 Understanding the organization and its context .6
4.2 Understanding the needs and expectations of interested parties .6
4.3 Determining the scope of the anti-bribery management system.7
4.4 Anti-bribery management system .7
4.5 Bribery risk assessment .7
5 Leadership . 8
5.1 Leadership and commitment .8
5.1.1 Governing body .8
5.1.2 Top management .8
5.1.3 Anti-bribery culture .9
5.2 Anti-bribery policy.9
5.3 Roles, responsibilities and authorities .10
5.3.1 General .10
5.3.2 Anti-bribery function .10
5.3.3 Delegated decision-making .10
6 Planning .11
6.1 Actions to address risks and opportunities .11
6.2 Anti-bribery objectives and planning to achieve them .11
6.3 Planning of changes . 12
7 Support .12
7.1 Resources . 12
7.2 Competence . 12
7.2.1 General . 12
7.2.2 Employment process. 12
7.3 Awareness . 13
7.3.1 Awareness of personnel . 13
7.3.2 Training for personnel . 13
7.3.3 Training for business associates .14
7.3.4 Awareness and training programmes . .14
7.4 Communication .14
7.5 Documented information . 15
7.5.1 General . 15
7.5.2 Creating and updating documented information . 15
7.5.3 Control of documented information . 15
8 Operation .16
8.1 Operational planning and control .16
8.2 Due diligence .16
8.3 Financial controls .16
8.4 Non-financial controls .16
8.5 Implementation of anti-bribery controls by controlled organizations and by business
associates .17
8.6 Anti-bribery commitments.17
8.7 Gifts, hospitality, donations and similar benefits .18
8.8 Managing inadequacy of anti-bribery controls .18
8.9 Raising concerns .18
8.10 Investigating and dealing with bribery .18

iii
ISO 37001:2025(en)
9 Performance evaluation . 19
9.1 Monitoring, measurement, analysis and evaluation . .19
9.2 Internal audit .19
9.2.1 General .19
9.2.2 Internal audit programme . 20
9.2.3 Audit procedures, controls and systems . 20
9.2.4 Objectivity and impartiality . 20
9.3 Management review . 20
9.3.1 General . 20
9.3.2 Management review inputs .21
9.3.3 Management review results .21
9.4 Review by anti-bribery function .21
10 Improvement .22
10.1 Continual improvement . 22
10.2 Nonconformity and corrective action . 22
Annex A (informative) Guidance on the use of this document .23
Bibliography .46

iv
ISO 37001:2025(en)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out through
ISO technical committees. Each member body interested in a subject for which a technical committee
has been established has the right to be represented on that committee. International organizations,
governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely
with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of ISO document should be noted. This document was drafted in accordance with the editorial rules of the
ISO/IEC Directives, Part 2 (see www.iso.org/directives).
ISO draws attention to the possibility that the implementation of this document may involve the use of (a)
patent(s). ISO takes no position concerning the evidence, validity or applicability of any claimed patent
rights in respect thereof. As of the date of publication of this document, ISO had not received notice of (a)
patent(s) which may be required to implement this document. However, implementers are cautioned that
this may not represent the latest information, which may be obtained from the patent database available at
www.iso.org/patents. ISO shall not be held responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 309, Governance of organizations.
This second edition cancels and replaces the first edition (ISO 37001:2016), which has been technically
revised. It also incorporates the Amendment ISO 37001:2016/Amd 1:2024.
The main changes are as follows:
— subclauses were added on climate change and stressing the importance of the compliance culture;
— conflicts of interest were addressed;
— the concept of the anti-bribery function was clarified;
— the wording was harmonized with other standards where appropriate and reasonable;
— the latest harmonized structure was introduced.
Licensing and use terms
The ISO publications, as well as any updates and/or corrections, and any intellectual property or other rights
pertaining thereto, are owned by ISO. ISO publications are licensed, not sold. Nothing in this document shall
operate to assign or transfer any intellectual property rights from ISO to the user. The ISO publications are
protected by copyright law, database law, trademark law, unfair competition law, trade secrecy law, or any
other applicable law, as the case may be. Users acknowledge and agree to respect ISO’s intellectual property
rights in the ISO publications.
The use of ISO publications is subject to the terms and conditions of the applicable licensing agreement.
ISO publications are provided under different licensing agreement types (“License Type”) allowing a non-
exclusive, non-transferable, limited, revocable right to use/access the ISO publications for one or more of the
following purposes described below (“Purpose”), which may be internal or external in scope. The applicable
Purpose(s) must be captured in the licensing agreement.

v
ISO 37001:2025(en)
a) License Type:
i. a single registered end-user license (watermarked in the user’s name) for the specified Purpose.
Under this license the user cannot share the ISO Publication with anyone, including on a network;
ii. a network license for the specified Purpose. The network license may be assigned to either unnamed
concurrent end-users or named concurrent end-users within the same organization.
b) Purpose:
i. Internal Purpose: internal use only within user’s organization, including but not limited to own
implementation (“Internal Purpose”).
The scope of permitted internal use is specified at the time of purchase or through subsequent
agreement with ISO, the ISO member body in the user’s country, any other ISO member body or an
authorized third-party distributor, including any applicable internal reproduction rights (such as
internal meetings, internal training programs, preparation of certification services, integration or
illustration in internal manuals, internal training materials, and internal guidance documents). Each
internal use must be explicitly specified in the purchase order, and specific fees and requirements will
apply to each permitted use.
ii. External Purpose: external use, including but not limited to certification services, consulting,
training, digital services by user/user’s organization to third parties, as well as for commercial and
non-commercial purposes (“External Purpose”).
The scope of permitted external use is specified at the time of purchase or through subsequent agreement
with ISO, the ISO member body in user’s country, any other ISO member body or an authorized third-
party distributor, including any applicable external reproduction rights (e.g. in publications, products, or
services marketed and sold by user/user’s organization). Each external use must be explicitly specified
in the purchase order, and specific fees and requirements will apply to each permitted use.
Unless users have been granted reproduction rights according to the above provisions, they are not granted
the right to share or sub-license the ISO publications in- or outside their organization for either Purpose. If
users wish to obtain additional reproduction rights for ISO publications or their content, users may contact
ISO or the ISO member body in their country to explore their options.
In case the user or the user’s organization is granted a license for the External Purpose of providing any
or all activities in the delivery of certification services, or for auditing for a customer, the user or user’s
organization agrees to verify that the organization operating under the management system subject to
certification or auditing has obtained a license for its own implementation of the ISO Standard used for the
certification or auditing from the ISO member body in their country, any other ISO member body, ISO or an
authorized third-party distributor. This verification obligation shall be included in the applicable license
agreement obtained by the user or user’s organization.
The ISO publications shall not be disclosed to third parties, and Users shall use them solely for the
purpose specified in the purchase order and/or applicable licensing agreement. Unauthorized disclosure or
use of ISO publications beyond the licensed purpose is prohibited and may result in legal action.
Use restrictions
Except as provided for in the applicable License Agreement and subject to a separate license by ISO, the ISO
member body in user’s country, any other ISO member body or an authorized third-party distributor, users
are not granted the right to:
— use the ISO Publications for any purpose other than the Purpose;
— grant use or access rights to the ISO Publications beyond the License Type;
— disclose the ISO Publications beyond the intended Purpose and/or License Type;

vi
ISO 37001:2025(en)
— sell, lend, lease, reproduce, distribute, import/export or otherwise commercially exploit ISO Publication(s).
In the case of joint standards (such as ISO/IEC standards), this clause shall apply to the respective joint
copyright ownership;
— assign or otherwise transfer ownership of the ISO Publications, in whole or in fragments, to any third party.
Regardless of the License Type or Purpose for which users are granted access and use rights for ISO
publications, users are not permitted to access or use any ISO publications, in whole or in fragments, for
any machine learning and/or artificial intelligence and/or similar purposes, including but not limited to
accessing or using them (i) as training data for large language or similar models, or (ii) for prompting or
otherwise enabling artificial intelligence or similar tools to generate responses. Such use is only permitted
if expressly authorized through a specific license agreement by the ISO member body in the requester’s
country, another ISO member body, or ISO. Requests for such authorization may be considered on a case-by-
case basis to ensure compliance with intellectual property rights.
If ISO, or the ISO member body in the user’s country, has reasonable doubt that users are not compliant with
these terms, it may request in writing to perform an audit, or have an audit performed by a third-party
auditor, during business hours at user’s premises or via remote access.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.

vii
ISO 37001:2025(en)
Introduction
Bribery is a widespread phenomenon. It raises serious social, moral, economic and political concerns,
undermines good governance, hinders development and distorts competition. It erodes justice, undermines
human rights and is an obstacle to the relief of poverty. It also increases the cost of doing business,
introduces uncertainties into commercial transactions, increases the cost of goods and services, diminishes
the quality of products and services, which can lead to loss of life and property, destroys trust in institutions
and interferes with the fair and efficient operation of markets.
Governments have made progress in addressing bribery through international agreements such as the
Organization for Economic Co-operation and Development Convention on Combating Bribery of Foreign
[19]
Public Officials in International Business Transactions and the United Nations Convention against
[18]
Corruption and through their national laws. In most jurisdictions, it is an offence for individuals to engage
in bribery and there is a growing trend to make organizations, as well as individuals, liable for bribery.
However, the law alone is not sufficient to solve this problem. Organizations have a responsibility to
proactively contribute to combating bribery. This can be achieved by an anti-bribery management system,
which this document is intended to provide, and through leadership commitment to establishing a culture of
integrity, transparency, openness and compliance. The nature of an organization's culture is critical to the
success or failure of an anti-bribery management system.
A well-managed organization is expected to have a compliance policy supported by appropriate management
systems to assist it in complying with its legal obligations and commitment to integrity. An anti-bribery
policy is a component of an overall compliance policy. The anti-bribery policy and supporting management
system help an organization to avoid or mitigate the costs, risks and damage of involvement in bribery, to
promote trust and confidence in business dealings and to enhance its reputation.
This document reflects international good practice and can be used in all jurisdictions. It is applicable to
small, medium and large organizations in all sectors, including public, private and not-for-profit sectors.
The bribery risks facing an organization vary according to factors such as the size of the organization,
the locations and sectors in which the organization operates, and the nature, scale and complexity of the
organization's activities. This document specifies the implementation by the organization of policies,
procedures and controls which are reasonable and proportionate according to the bribery risks the
organization faces. Annex A provides guidance on implementing the requirements of this document.
Conformity with this document cannot provide assurance that no bribery has occurred or will occur
in relation to the organization, as it is not possible to completely eliminate the risk of bribery. However,
this document can help the organization implement reasonable and proportionate measures designed to
prevent, detect and respond to bribery.
This document can be used in conjunction with other management system standards (e.g. ISO 9001,
ISO 14001, ISO/IEC 27001, ISO 37301 and ISO 37002) and management standards (e.g. ISO 26000 and
ISO 31000).
Guidance for the governance of organizations is specified in ISO 37000 and requirements for a general
compliance management system are specified in ISO 37301.

viii
International Standard ISO 37001:2025(en)
Anti-bribery management systems — Requirements with
guidance for use
1 Scope
This document specifies requirements and provides guidance for establishing, implementing, maintaining,
reviewing and improving an anti-bribery management system. The system can be stand-alone or can be
integrated into an overall management system. This document addresses the following in relation to the
organization's activities:
— bribery in the public, private and not-for-profit sectors;
— bribery by the organization;
— bribery by the organization's personnel acting on the organization's behalf or for its benefit;
— bribery by the organization's business associates acting on the organization's behalf or for its benefit;
— bribery of the organization;
— bribery of the organization's personnel in relation to the organization’s activities;
— bribery of the organization's business associates in relation to the organization’s activities;
— direct and indirect bribery (e.g. a bribe offered or accepted through or by a third party).
This document is applicable only to bribery. It sets out requirements and provides guidance for a management
system designed to help an organization to prevent, detect and respond to bribery and comply with anti-
bribery laws and voluntary commitments applicable to its activities.
The requirements of this document are generic and are intended to be applicable to all organizations (or
parts of an organization), regardless of type, size and nature of activity, and whether in the public, private
or not-for-profit sectors. The extent of application of these requirements depends on the factors specified in
4.1, 4.2 and 4.5.
NOTE 1 See Clause A.2 for guidance.
NOTE 2 The measures necessary to prevent, detect and mitigate the risk of bribery by the organization can be
different from the measures used to prevent, detect and respond to bribery of the organization (or its personnel or
business associates acting on the organization's behalf). See A.8 for guidance.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/

ISO 37001:2025(en)
3.1
bribery
offering, promising, giving, accepting or soliciting of an undue advantage of any value (which can be financial
or non-financial), directly or indirectly, and irrespective of location(s), in violation of applicable law, as an
inducement or reward for a person acting or refraining from acting in relation to the performance (3.16) of
that person's duties
Note 1 to entry: The above is a generic definition. The meaning of the term “bribery” is as defined by the anti-bribery
law applicable to the organization (3.2) and by the anti-bribery management system (3.5) designed by the organization.
3.2
organization
person or group of people that has its own functions with responsibilities, authorities and relationships to
achieve its objectives (3.11)
Note 1 to entry: The concept of organization includes, but is not limited to sole-trader, company, corporation, firm,
enterprise, authority, partnership, charity or institution, or part or combination thereof, whether incorporated or not,
public or private.
Note 2 to entry: If the organization is part of a larger entity, the term “organization” refers only to the part of the larger
entity that is within the scope of the anti-bribery management system (3.5).
3.3
interested party (preferred term)
stakeholder (admitted term)
person or organization (3.2) that can affect, be affected by, or perceive itself to be affected by a decision or
activity
Note 1 to entry: An interested party can be internal or external to the organization.
3.4
requirement
need that is stated and obligatory
Note 1 to entry: The core definition of “requirement” in ISO management system standards is “need or expectation
that is stated, generally implied or obligatory”. “Generally implied requirements” are not applicable in the context of
anti-bribery management.
Note 2 to entry: “Generally implied” means that it is custom or common practice for the organization (3.2) and
interested parties (3.3) that the need or expectation under consideration is implied.
Note 3 to entry: A specified requirement is one that is stated, e.g. in documented information (3.14).
3.5
management system
set of interrelated or interacting elements of an organization (3.2) to establish policies (3.10) and objectives
(3.11), as well as processes (3.15) to achieve those objectives
Note 1 to entry: A management system can address a single discipline or several disciplines.
Note 2 to entry: The management system elements include the organization’s structure, roles and responsibilities,
planning and operation.
Note 3 to entry: The scope of a management system may include the whole of the organization, specific and identified
functions of the organization, specific and identified sections of the organization, or one or more functions across a
group of organizations.
3.6
top management
person or group of people who directs and controls an organization (3.2) at the highest level
Note 1 to entry: Top management has the power to delegate authority and provide resources within the organization.

ISO 37001:2025(en)
Note 2 to entry: If the scope of the management system (3.5) covers only part of an organization, then top management
refers to those who direct and control that part of the organization.
Note 3 to entry: Organizations can be organized depending on which legal framework they are obliged to operate under
and also according to their size, sector, etc. Some organizations have both a governing body (3.7) and top management
(3.6), while some organizations do not have responsibilities divided into several bodies. These variations, both in
respect of organization and responsibilities, can be considered when applying the requirements in Clause 5.
3.7
governing body
person or group of people who have ultimate accountability for the whole organization (3.2)
Note 1 to entry: A governing body can be explicitly established in a number of formats including, but not limited to, a
board of directors, supervisory board, sole director, joint and several directors, or trustees.
Note 2 to entry: ISO management system standards make reference to the term “top management” to describe a role
that, depending on the standard and organizational context, reports to, and is held accountable by, the governing body.
Note 3 to entry: Not all organizations, particularly small and medium organizations, will have a governing body
separate from top management. In such cases, top management exercises the role of the governing body.
[SOURCE: ISO 37000:2021, 3.3.4, modified — The Notes to entry were reordered: Note 2 to entry is now Note
1 to entry; Note 3 to entry is now Note 2 to entry; and Note 3 to entry was added.]
3.8
anti-bribery function
person(s) with responsibility and authority for the operation of the anti-bribery management system (3.5)
3.9
effectiveness
extent to which planned activities are realized and planned results are achieved
3.10
policy
intentions and direction of an organization (3.2) as formally expressed by its top management (3.6) or its
governing body (3.7)
3.11
objective
result to be achieved
Note 1 to entry: An objective can be strategic, tactical, or operational.
Note 2 to entry: Objectives can relate to different disciplines (such as finance, sales and marketing, procurement,
health and safety, and environment). They can be, for example, organization-wide or specific to a project, product or
process (3.15).
Note 3 to entry: An objective can be expressed in other ways, e.g. as an intended result, as a purpose, as an operational
criterion, as an anti-bribery objective or by the use of other words with similar meaning (e.g. aim, goal, or target).
Note 4 to entry: In the context of anti-bribery management systems (3.5), anti-bribery objectives are set by the
organization (3.2), consistent with the anti-bribery policy (3.10), to achieve specific results.
3.12
risk
effect of uncertainty on objectives
Note 1 to entry: An effect is a deviation from the expected — positive or negative.
Note 2 to entry: Uncertainty is the state, even partial, of deficiency of information related to, understanding or
knowledge of, an event, its consequence, or likelihood.
Note 3 to entry: Risk is often characterized by reference to potential events and consequences, or a combination of these.

ISO 37001:2025(en)
Note 4 to entry: Risk is often expressed in terms of a combination of the consequences of an event (including changes
in circumstances) and the associated likelihood of occurrence.
3.13
competence
ability to apply knowledge and skills to achieve intended results
3.14
documented information
information required to be controlled and maintained by an organization (3.2) and the medium on which it
is contained
Note 1 to entry: Documented information can be in any format and media, and from any source.
Note 2 to entry: Documented information can refer to:
— the management system (3.5), including related processes (3.15);
— information created in order for the organization to operate (documentation);
— evidence of results achieved (records).
3.15
process
set of interrelated or interacting activities that uses or transforms inputs to deliver a result
Note 1 to entry: Whether the result of a process is called an output, a product or a service depends on the context of
the reference.
3.16
performance
measurable result
Note 1 to entry: Performance can relate either to quantitative or qualitative findings.
Note 2 to entry: Performance can relate to managing activities, processes (3.15), products, services, systems or
organizations (3.2).
3.17
monitoring
determining the status of a system, a process (3.15) or an activity
Note 1 to entry: To determine the status, there can be a need to check, supervise or critically observe.
3.18
measurement
process (3.15) to determine a value
3.19
audit
systematic and independent process (3.15) for obtaining evidence and evaluating it objectively to determine
the extent to which the audit criteria are fulfilled
Note 1 to entry: An audit can be an internal audit (first party) or an external audit (second party or third party), and it
can be a combined audit (combining two or more disciplines).
Note 2 to entry: An internal audit is conducted by the organization (3.2) itself, or by an external party on its behalf.
Note 3 to entry: “Audit evidence” and “audit criteria” are defined in ISO 19011.
3.20
conformity
fulfilment of a requirement (3.4)

ISO 37001:2025(en)
3.21
nonconformity
non-fulfilment of a requirement (3.4)
3.22
corrective action
action to eliminate the cause(s) of a nonconformity (3.21) and to prevent recurrence
3.23
continual improvement
recurring activity to enhance performance (3.16)
3.24
personnel
organization's (3.2) directors, officers, employees, temporary staff or workers, and volunteers
Note 1 to entry: Different types of personnel pose different types and degrees of bribery risk (3.12) and can be treated
differently by the organization's bribery risk assessment and bribery risk management procedures.
Note 2 to entry: See A.8 for guidance on temporary staff or workers.
3.25
business associate
external party with whom the organization (3.2) has, or plans to establish, some form of business relationship
Note 1 to entry: Business associate includes but is not limited to clients, customers, joint ventures, joint venture
partners, consortium partners, outsourcing providers, contractors, consultants, sub-contractors, suppliers, vendors,
advisors, agents, distributors, representatives, intermediaries and investors. This definition is deliberately broad and
should be interpreted in line with the bribery risk (3.12) profile of the organization to apply to business associates
which can reasonably expose the organization to bribery risks.
Note 2 to entry: Different types of business associate pose different types and degrees of bribery risk, and an
organization (3.2) will have differing degrees of ability to influence different types of business associate. Different
types of business associate can be treated differently by the organization's bribery risk assessment and bribery risk
management procedures.
Note 3 to entry: Reference to “business” in this document can be interpreted broadly to mean those activities that are
relevant to the purposes of the organization’s existence.
3.26
public official
person holding a legislative, administrative or judicial office, whether by appointment, election or succession,
or any person exercising a public function, including for a public agency or public enterprise, or any official
or agent of a public domestic or international organization, or any candidate for public office
Note 1 to entry: For examples of individuals who can be considered to be public officials, see Clause A.21.
3.27
third party
person or body that is independent of the organization (3.2)
Note 1 to entry: All business associates (3.25) are third parties, but not all third parties are business associates.
3.28
conflict of interest
situation in which an interested party has personal interest or organizational interest, directly or indirectly,
that can compromise, or interfere with, the ability to act impartially in carrying out their duties in the best
interest of the organization
Note 1 to entry: There can be different types of personal interests: business, financial, family, professional, religious
or political.
Note 2 to entry: Organizational interest relates to the interests of an organization or part of an organization (e.g. team
or department) rather than an individual.

ISO 37001:2025(en)
1)
[SOURCE: ISO 37009:— , 3.14]
3.29
due diligence
process (3.15) to further assess the nature and extent of the bribery risk (3.12) and help organizations
(3.2) make decisions in relation to specific transactions, projects, activities, business associates (3.25) and
personnel (3.24)
3.30
anti-bribery culture
values, ethics, beliefs
...