This Standard sets out requirements and facilitates guidelines for adopting, implementing, maintaining and continuously improving criminal compliance policies and the rest of the elements of a criminal compliance management system in organizations. NOTE A criminal compliance policy (3.24) can be established independently, or integrated into a wider compliance policy, that is, not limited to criminal prevention. Similarly, a criminal compliance management system (3.31) can be established independently, or integrated into a more comprehensive compliance model, that is, not limited to criminal prevention. The standard is particularly applicable in the context of management and control systems on criminal risks (3.29), establishing requirements (3.27) and guidelines to have models aligned with what Spanish criminal law requires to control and management systems for the prevention and detection of crimes, both in form and substance. Notwithstanding the foregoing, this UNE Standard may also be useful for establishing control and management systems for the prevention and detection of crimes committed in the context of business activities, even if they do not involve the criminal liability of the legal person in Spain or are committed by Spanish organizations (3.20). This UNE Standard is applicable to: a) Any type of organization (3.20), regardless of its type, size, nature or activity. It is projected on criminal risks (3.29) in the following contexts: private sector, public sector, for or not for profit. b) Activities carried out by both the members of the organization (3.17) and by business partners (3.32), both acting on behalf of the organization (3.20), representing it or for its benefit. c) Behaviours developed directly or indirectly.