ISO 37001:2016规定了建立、实施、维护、审查和改进反贿赂管理体系的要求并提供了指导。该系统可以是独立的，也可以集成到整体管理系统中。ISO 37001:2016阐述了与组织活动相关的以下内容: ·公共、私营和非营利部门的贿赂； ·组织行贿； ·组织人员代表组织或为组织利益行贿； ·该组织的商业伙伴代表该组织或为其利益行贿； ·贿赂该组织； ·贿赂与组织活动有关的组织人员； ·贿赂与组织活动有关的组织商业伙伴； ·直接和间接贿赂（例如，通过或由第三方提供或接受的贿赂）。 ISO 37001:2016仅适用于贿赂。它为管理体系制定了要求并提供了指导，旨在帮助组织预防、发现和应对贿赂，并遵守适用于其活动的反贿赂法律和自愿承诺。 ISO 37001:2016并未专门针对欺诈、卡特尔和其他反垄断/竞争犯罪、洗钱或其他与腐败行为有关的活动，尽管组织可以选择扩大管理体系的范围，以包括此类活动。 ISO 37001:2016的要求是通用的，旨在适用于所有组织（或组织的一部分），无论活动的类型、规模和性质如何，也无论是在公共、私营或非营利部门。这些要求的适用范围取决于4.1、4.2和4.5中规定的因素。

ISO 37001:2016 specifies requirements and provides guidance for establishing, implementing, maintaining, reviewing and improving an anti-bribery management system. The system can be stand-alone or can be integrated into an overall management system. ISO 37001:2016 addresses the following in relation to the organization's activities: · bribery in the public, private and not-for-profit sectors; · bribery by the organization; · bribery by the organization's personnel acting on the organization's behalf or for its benefit; · bribery by the organization's business associates acting on the organization's behalf or for its benefit; · bribery of the organization; · bribery of the organization's personnel in relation to the organization's activities; · bribery of the organization's business associates in relation to the organization's activities; · direct and indirect bribery (e.g. a bribe offered or accepted through or by a third party). ISO 37001:2016 is applicable only to bribery. It sets out requirements and provides guidance for a management system designed to help an organization to prevent, detect and respond to bribery and comply with anti-bribery laws and voluntary commitments applicable to its activities. ISO 37001:2016 does not specifically address fraud, cartels and other anti-trust/competition offences, money-laundering or other activities related to corrupt practices, although an organization can choose to extend the scope of the management system to include such activities. The requirements of ISO 37001:2016 are generic and are intended to be applicable to all organizations (or parts of an organization), regardless of type, size and nature of activity, and whether in the public, private or not-for-profit sectors. The extent of application of these requirements depends on the factors specified in 4.1, 4.2 and 4.5.