ISO 37001. Anti-bribery management

ISO 37001 defines the requirements for an anti-bribery management system.

The standard can be used by public, private or not-for-profit organizations to detect, prevent and respond to bribery.


RIGCERT provides ISO 37001 (Anti-bribery management systems) certification to help you better tackle bribery risks and demonstrate the integrity of your organization.


Why an anti-bribery standard?

As we all know bribery hinders society development, erodes justice, distorts competition, increases the costs of doing business, destroys trust in institutions and may lead to loss of life and property.

Governments and state institutions made visible progress in fighting bribery through local measures and international agreements, but law alone is not sufficient to solve the problem.

In 2016 ISO published the standard ISO 37001 to be used by any organization, regardless of size and activity, that wishes to define reasonable measures to  address this sensible issue.

This is a voluntary commitment by the organization to fight bribery generated by its personnel and business partners that act on its behalf, but also bribery that the company itself can be subject to.

Certification to ISO 37001

Although conformity with ISO 37001 does not eliminate completely the bribery risks, such a certification confirms that there are risk assessments and controls (both financial and non-financial controls), a demonstrated commitment, available resources and systems to investigate and monitor bribery related issues.

Certification to ISO 37001 confirms the openness of the organization to be externally evaluated in this sensible aspect as well as its preoccupation to implement controls aimed for its partners and suppliers..

The anti-bribery management system can be implemented and certified as a stand alone system or integrated in an existing management system.


Interested in this certification? Want more information about ISO 37001? Contact us at!

Get in touch with us!

Which are the components of the P-D-C-A cycle?
What represents a requirement determined as not applicable to the QMS as per ISO 9001:2015?
Which of the following can be considered post-delivery activities according to ISO 9001:2015?
What is the frequency for internal audits required by ISO 9001:2015?
Which of the following statements is true?

1. What is the relation between environmental aspects and impacts?
2. Which statement is true according to ISO 14001:2015?
3. The corrective action is?
4. As per ISO 14001:2015 compliance obligations refer to:
5. For determining environmental aspects purposes, the life cycle of a product may include stages like:

1. The occupational health and safety policy
2. What represents a “near-miss”?
2. OHSAS 18001 requires:
4. Which of the following statements is false?
5. As per OHSAS 18001 the health and safety of visitors to the workplace represents the responsibility of the organization?

1. What represents the Statement of Applicability?
2. In case the same person is responsible for both initiating and approving specific transactions, what information security control is not respected?
3. In case the organization decides to outsource software development does it have any responsibility to monitor the activity of its subcontractor(s) in terms of information security?
4. The decision to accept a security risk represents an option for treatment?
5. What is the principle of independence related to internal audits referring to?