User Guide ISO 26000 - DIS Level - , 2010-04-07
User Guide ISO 26000 - DIS Level - , 2010-04-07
User Guide ISO 26000 - DIS Level - , 2010-04-07
7 April 2010
Supported by: European Office of Crafts, Trades and Small and Medium-sized Enterprises for Standardisation
Bureau Européen de l'Artisanat et des Petites et Moyennes Entreprises pour la Normalisation
NORMAPME Europäisches Büro des Handwerks und der Klein- und Mittelbetriebe für die Normung
Step 2: There is no “ISO 26000 certificate” and no need for consultants or training ......................... 4
Step 3: You should study the ISO 26000 document carefully ............................................................. 5
Step 4: Decide whether ISO 26000 fits your needs and expectations ................................................ 5
Step 5: You can identify your possible activities and their impact, using the Check Tool .................. 7
Step 6: You can communicate your responsible use of ISO 26000 ..................................................... 8
Attachment 4: Understanding the relations between ISO 26000 and law and regulation............... 14
This user guide takes the ISO/DIS 26000 (Draft International Standard, for contents see Attachment
1) as though it were the final and published version. It will be updated as soon as the FDIS (Final Draft
International Standard) and later the IS (International Standard) are available. It is hoped that
difficulties identified within the guidance standard as of March 2010 will be eliminated by the time of
arrival to the publication of the IS.
Since ISO 26000 is a guidance document, it is essentially different to “normal” ISO standards. This
will require a huge amount of education, by all genuinely involved, particularly in the case of industry
as the main user group. This user guide intends to support such educational efforts and help avoid
aberrations and undesirable developments like unnecessary expenditures for “ISO 26000 training
courses”, “ISO 26000 consultants”, ISO 26000 audits” etc. or even for an “ISO 26000 certificate”
which would be an evident misuse of ISO 26000.
Knowing about ISO 26000 project history and its important features and achievements may be
useful before digging into details; please see Attachment 2. An estimation of main user groups is
given in Attachment 3.
Weblink: The DIS document (N172) and other “numbered documents” such as the Design Specification (N049)
can be downloaded from the ISO server at
http://isotc.iso.org/livelink/livelink?func=ll&objId=547513&objAction=RunReport&InputLabel1=26000.
Weblink: An identical version of the ISO26000 user guide as presented here can be downloaded from
http://www.26k-estimation.com/html/how_to_use_iso_26000.html.
As an orientation: the estimated price may be around 200 Euros or 300 USD, however the price
depends on the pricing policy of the national standardization sales point.
If one compares the listed pricing available on the national standardisation bodies websites one will
notice great disparity in the pricing of standards by each national ISO member. This can be
demonstrated through searching the e-shop webpage of both Deutsches Institut für Normung (DIN)
It is important to note in this comparison that the documents being sold by each ISO member
organisation are exactly the same document. There is no element of inferiority on account of the
price difference.
ISO Standards are sold by the ISO member organizations and their publishing houses; their addresses
are available on the ISO website at http://www.iso.org/iso/about/iso_members.htm
- …not for “audits” or “certifications” as it does not contain requirements that could be
certified
- …not a “management system standard” like ISO 9000 or ISO 14001, even if the chosen
number 26000 may be a temptation towards misguidance. Many service providers sense a
profitable business opportunity in making you believe the ISO 26000 was a management
system standard to sell related activities or to include ISO 26000 audits and certificates into
ongoing ISO 9000 or ISO 14001 certifications
- …neither a “guideline” nor a “standard” which you would have to “implement”. It is not for
any kind of contractual use, neither in business-to-business contracts, nor in procurement.
- …voluntary in use
- …an international “standard” only for one reason because ISO publishes international
standards: the publication form is an international standard but as regards type and
contents, it is a guidance document.
Weblink: On most frequent misconceptions (errors) and misuse (willful abuse), see http://www.26k-
estimation.com/html/misconceptions_and_misuse.html
Googling for ISO 26000 training in early March 2010 resulted in 550.000 hits, and three weeks later in
630.000 hits. Attendants of those trainings could easily be charged several hundred Dollars. So-called
“trainers” may be well acquainted with the text of ISO 26000. The problem is that they cannot have
deep knowledge of your organization’s internal particularities and external relations; furthermore,
trainers usually do not take any responsibility.
It is YOU who must study the document and it is worthwhile taking your time to learn what some 400
“experts” from all over the world have identified as “social responsibility”, and what has been agreed
on.
The ISO 26000 guidance document has a structure of core subjects and issues which you can find in
its main clause 6 “Guidance on social responsibility core subjects”:
- recommendations (“…an organization should…”) are subdivided into six core subjects
(organizational governance, human rights, labor practices, the environment, consumer
issues, and community involvement and development), and
ISO 26000 claims that “all core subjects are relevant for all organizations, but not all issues of a core
subject.” The Check Tool has been designed to help you find out their relevance for your
organization, find more details in Step 5.
Step 4: Decide whether ISO 26000 fits your needs and expectations
After you have studied the ISO 26000 guidance document you might be concerned as to whether it
fits your needs and expectations and whether your organization really falls within the scope.
A starting point for your considerations should be that ISO 26000 is directed to all types and sizes of
organizations, not at individuals. The definition of “organization” is, therefore, most important; it
reads in the ISO 26000 guidance document: “2.1.12 – organization, entity with identifiable objectives
and structure”.
“Social unit of people, systematically arranged and managed to meet a need or to pursue collective
goals on a continuing basis. All organizations have a management structure that determines
relationships between functions and positions, and subdivides and delegates roles, responsibilities,
and authority to carry out defined tasks. Organizations are open systems in that they affect and are
ISO 26000 User Guide (DIS level) page 5 of 15
affected by the environment beyond their boundaries.”
(Source: http://www.businessdictionary.com/definition/organization.html (2010-03))
It must be said that the usefulness of ISO 26000 will differ depending on the size of the
organization. One generally could distinguish between three different kinds of ISO 26000 users:
Therefore, realistically speaking, ISO 26000 is hardly even applicable to micro and such
smaller organizations regardless of the DIS explicitly including micro organizations; see its
line 521 (“For the purpose of this International Standard, SMOs include those very small
organizations referred to as “micro” organizations.”). It is highly recommended to check
seriously whether your entity could be defined as an “organization” in the sense of ISO 26000
and to investigate its potential benefit for your entity.
It is recommended that SMOs should take the initiative to identify other SMOs in their
sector and region and approach their Chamber of Commerce or respective sectorial
association for assistance to propose that they use ISO 26000 collectively in a broader range
from
If ISO 26000 is your choice, please ensure that you won't have a problem in understanding the
relations between ISO 26000 as a voluntary guidance document and applicable law and regulation,
see Attachment 4.
Step 5: You can identify your possible activities and their impact, using
the Check Tool
Taking into account the structure and the scope of the ISO 26000 guidance document, you may be
irritated in attempting to decipher whether all or parts of the document are relevant for you. As you
wish to make a contribution to society, one immediate question arises: To which degree can you
really influence the status and the development of society if you engage in any issue?
- first decide on the relevance of the core subjects for your organization
(e.g. if you produce capital goods only, you may judge that the core subject on consumer
issues as not relevant; as a barber you may find the core subject on fair operating practices
not relevant;)
- then study the issues of the remaining core subjects and analyze possible actions that you
could readily and efficiently undertake because they may have a positive impact on the
society you are operating in.
- Are the core subject and its issues deemed relevant to your organization?
- What leverage effect has your organization on this issue?
- What kind of activities can your organization undertake on this issue?
But: Don’t be too happy with the analysis because an ISO document cannot cover all possibilities of
how to enhance socially responsible behavior; please feel encouraged to look for additional options
and measures which could be positively applied in your unique situation and actual demands.
Weblink: Be creative and find your optimal contribution to the betterment of society. Some good
examples are given at http://www.26k-estimation.com/html/good_examples.html.
While communicating your responsible use of ISO 26000 is good practice, consideration for
proportionality is necessary. The demands on resources inherent to the reporting required of an
organization need to reflect the size of that organization. Therefore, for example, a one page report
should be acceptable in general, and particularly from SMOs, see Attachment 6.
You may wish to include the identified action items into your stakeholder dialogue and into your
communication. You can do this easily with a statement indicating that you have understood the
purpose of ISO 26000 and that you have identified specific actions.
The ISO WG SR Task Group 2 on “Communication” published the following note on the question how
an organization can refer to its use of ISO 26000, in its December 2009 Newsletter:
and /or
It is evident that by communicating in this way, and signing with your signature, that you take the
self-instilled responsibility seriously. Anyone interested, be it customers, authorities, stakeholders
or even the public at large can expect your communication to be well-founded and correct and will
highly appreciate this. It will be of a higher value than any statement by any party external to your
organization since they do not usually assume any responsibility in cases of differing interpretations
or other difficulties.
- ISO is renowned for its technical standards; in the field of technical standards one can assume a
mutual technical understanding and language of expert engineers towards standardizing dimensions,
quality of material, test methods, and limits etc.
- The ISO 26000 project is a significant experiment in the area of social or societal or society related
standards, where experts don’t necessarily see a good reason for harmonizing societal items or
viewpoints. On foot of different histories and cultures, existing societal differences tend to maintain
their relativity to one another rather than conform. Therefore, ISO was prudent in deciding that ISO
26000 shall be a guidance standard
that offers orientation, advice, proposals, and recommendations but does not contain requirements
for any testing of limits. Thus, the different character of societies is respected.
- ISO began this project following an initiative of the ISO COPOLCO COnsumer POLicy COmmittee, see
http://www.iso.org/iso/copolco_s_achievements.pdf.
- Size of the “working group” (400+ persons) and its proper management; project time: five years;
project cost estimation including September 2009: more than 72 million US Dollars
- Stakeholders involved
representing society are
industry, labor, government,
NGOs, consumers, and
Services/Support/ Research/Others; yet no representatives of culture, religion, public health, history
etc.
- Representativeness of stakeholder groups: particularly ISO member bodies of smaller countries could
not staff their delegation to the ISO 26000 Working Group with representatives of all six stakeholder
group see http://www.26k-estimation.com/html/iso_and_societal_standards.html#analysis
- No guidance to governments:
** lines 155 and 156 read: “Governmental organizations, like any other organization, may wish to
use this International Standard. However, it is not intended to replace, alter or in any way
change the obligations of the state.” This explains that an ISO standard may be used by
governments, but only by governmental administrative units, because
** line 303 on the definition of “organization” reads: “NOTE 1 For the purpose of this International
Standard organization does not include government executing duties that are exclusive to the
state.” This explains that ISO has no possibility to provide guidance to governments on their most
privileged duties like issuing a state constitution and a reliable (and properly enforced) system of laws
and regulations for protecting life, property and the environment.
This seems worthwhile to note because (a) one can observe that the greatest deficits in social
responsibility exist in countries of poor governmental systems, (b) it is well known that industry or any
other organization cannot substitute government action, and (c) a minimum level of reliable
governmental systems is a prerequisite for the success of non-governmental social responsibility
initiatives .
- Nomination of experts and observers by the ISO member bodies has been a trustful process because
to-date there are no qualification criteria for “social responsibility experts”, see http://www.26k-
estimation.com/html/iso_and_societal_standards.html#WhoAreTheExperts
- Involvement of consultants in the ISG (Industry Stakeholder Group): while consultants are one of the
many parties of the SSRO stakeholder group (Services/Support/ Research/Others), it is unusual that
consultants can be nominated as industry representatives by their ISO member body (see N048rev1;
“Excluded are enterprises and other organizations that offer services related to standardization,
including certification, registration, accreditation, and related consulting services (SRI services) that
pose an inherent conflict of interest. General consulting or advisory services are also excluded unless
they have been retained for the purpose of representing enterprises or employer organization in the
ISO/TMB/WG/SR process or nominated to represent industry by their national standard bodies”).
This happened in at least four cases while it is generally well known that consultants have here a
conflict of interest.
- Compromises were identified to have occurred among the six stakeholder groups, and between the
narrower votes according to the ISO Directives on CD (Committee Draft), see http://www.26k-
estimation.com/html/cd_voting_results.html#CD-Voting-results and DIS, see http://www.26k-
estimation.com/html/dis__vote__analysis.html#dis-voteanalysis-start,
- In addition to the nationally nominated experts and observers, there is also the involvement of some
40 D-Liaison organizations (like IOE International Organization of Employers, NORMAPME, or ICC
International Chamber of Commerce) in gathering input as broadly as possible from outside the
national ISO member bodies.
Taking the given circumstances into account, the resulting DIS (N172) is admirable.
In clause 3.3.1 and on many other instances you will find a wording such as:
“…in compliance with applicable law and consistent with international norms of behaviour,…”
The intention of this wording is to infer that a regulated level of social behavior alone is not deemed sufficient
and an organization should endeavor to do better and go beyond the letter of the law and regulation. This
intent is good but the ISO 26000 leaves you on your own in terms of identifying the relevant international
norms of behavior and with the risk of violating applicable law e.g. in cases where the mentioned international
norms of behavior which you feel encouraged to apply, are not yet transposed into effective national law.
Furthermore, the term “International norms of behavior” is poorly defined (such “norms” cannot be defined as
“expectations”) and concrete examples of which are missing throughout:
“2.1.20 stakeholder
individual or group that has an interest in any decision or activity of an organization.”
As broad as the terms, “an interest” and “any” are, they are also so vague that almost anyone coming along the
road could claim to be your stakeholder. Normally a “stakeholder” is in one way another affected by the
decisions of your organization. Generally accepted stakeholders are your employees, customers and suppliers,
local authorities and the local society or public at large. Depending on your activities there may be additional
stakeholders such as NGOs or representatives of culture, religion, history, public health etc.
In any case, it is you who decides about whom to include into your stakeholder dialogue (i.e. “affected parties”
or “interested parties”) towards a potential further enhancement of your social responsibility related activities.
More details are given on <our website> and/or in <our report>. For any
further information please contact the undersigned.
Signature(s)…..
Address