IWA 26:2017
(Main)Using ISO 26000:2010 in management systems
Using ISO 26000:2010 in management systems
IWA 26:2017 provides guidance on using ISO 26000:2010 to organizations that have implemented one or more ISO management system standards (MSS). It also provides guidance on how to apply a management system approach when using ISO 26000:2010. It can be used in full or in part by an organization that has implemented a management system and/or that is using ISO 26000:2010.
Utilisation de la norme ISO 26000:2010 dans les systèmes de management
General Information
Standards Content (Sample)
INTERNATIONAL IWA
WORKSHOP 26
AGREEMENT
First edition
2017-08
Using ISO 26000:2010 in
management systems
Utilisation de la norme ISO 26000:2010 dans les systèmes de
management
Reference number
©
ISO 2017
© ISO 2017, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2017 – All rights reserved
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Guidance on MSS for users of ISO 26000:2010 . 4
5 Guidance on ISO 26000:2010 for users of MSS . 7
6 Integrated management systems and ISO 26000:2010 . 9
Annex A (informative) Main linkages between ISO 26000:2010 and the HLS for MSS .11
Annex B (informative) Main linkages between the HLS for MSS and ISO 26000:2010 .15
Annex C (informative) Workshop contributors .19
Bibliography .21
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO’s adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: w w w . i s o .org/ iso/ foreword .html.
International Workshop Agreement IWA 26 was approved at two workshops hosted by the Swedish
Standards Institute (SIS), in association with the Tanzania Bureau of Standards (TBS), held in
Stockholm, Sweden, in March 2017, and in London, UK, in May 2017.
In the development of this document, ISO Guide 82 has been taken into account in addressing
sustainability issues.
iv © ISO 2017 – All rights reserved
Introduction
This document is intended to help organizations apply ISO 26000:2010 in management systems based
1)
on ISO management system standards (MSS) , which are drafted in accordance with the High Level
2)
Structure (HLS) for MSS. It is also intended to help users of ISO 26000 to better understand the MSS
approach in their work on social responsibility.
The intended benefits to an organization of using this document are:
a) to improve the performance of a management system by incorporating social responsibility
guidance;
b) to improve social responsibility performance by using a structured management system approach.
The value of using this document is that it enhances an organization’s contribution to sustainable
development through the synergies of applying social responsibility guidance with a management
system approach.
Many organizations around the world have chosen an MSS to manage areas such as anti-bribery, energy,
environment, food safety, information security and quality. MSS have many common core elements, e.g.
understanding the organization and its context, stakeholder engagement and continual improvement.
There are believed to be more than 1,5 million management systems in place that are certified to an MSS.
An organization’s management system can be supported by standards that specify requirements (e.g.
ISO 9001 on quality management; ISO 22000 on food safety management) and by standards providing
guidance (e.g. ISO 26000 on social responsibility; ISO 19011 on auditing).
In contrast to MSS, ISO 26000:2010 does not specify any requirements, but provides practical
guidance on integrating social responsibility into an organization, thereby contributing to sustainable
development. It offers guidance on how to build an organizational culture of social responsibility and
this benefits the use of management systems. The guidance given in ISO 26000:2010, Clause 7, on
integrating social responsibility throughout the organization is structured around the fundamentals of
an MSS and continual improvement.
In this document, the following guidance is given:
— Clause 4 is aimed primarily at users who are more familiar with ISO 26000: it focuses on the HLS for
MSS and how this relates to ISO 26000;
— Clause 5 is aimed primarily at users who are more familiar with the MSS: it focuses on the guidance
given in ISO 26000 and how this relates to the HLS for MSS;
— Clause 6 describes how integrated management systems and ISO 26000 can be used together;
— Annex A shows the main linkages between the clauses of ISO 26000:2010 and the HLS for MSS, and
is intended to help users of ISO 26000:2010 to use the HLS;
— Annex B shows the main linkages between the HLS for MSS and the clauses of ISO 26000:2010, and
is intended to help users of MSS to use the guidance in ISO 26000:2010.
1) A list of ISO MSS is available at: https:// www .iso .org/ management -system -standards -list .html
2) The ISO/IEC Directives, Part 1, Consolidated ISO Supplement, 2017, Annex SL, Appendix 2, (see www .iso
.org/ directives) specifies the high level structure (HLS), identical core text, common terms and core definitions for
all ISO MSS. The purpose of the HLS is to help users of MSS in a particular discipline to use additional MSS in other
disciplines, and to support the integration between the MSS.
International Workshop Agreement IWA 26:2017(E)
Using ISO 26000:2010 in management systems
1 Scope
This document provides guidance on using ISO 26000:2010 to organizations that have implemented
one or more ISO management system standards (MSS).
It also provides guidance on how to apply a management system approach when using ISO 26000:2010.
It can be used in full or in part by an organization that has implemented a management system and/or
that is using ISO 26000:2010.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 26000:2010, Guidance on social responsibility
3 Terms and definitions
For the purpose of this document, the terms and definitions given in ISO 26000:2010 and the
following apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at http:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.1
organization
person or group of people that has its own functions with responsibilities, authorities and relationships
to achieve its objectives (3.7)
Note 1 to entry: The concept of organization includes, but is not limited to sole-trader, company, corporation, firm,
enterprise, authority, partnership, charity or institution, or part or combination thereof, whether incorporated
or not, public or private.
Note 2 to entry: In ISO 26000:2010, 2.12, “organization” is defined as an “entity or group of people and facilities
with an arrangement of responsibilities, authorities and relationships and identifiable objectives” which “does not
include government acting in its sovereign role to create and enforce law, exercise judicial authority, carry out its
duty to establish policy in the public interest or honour the international obligations of the state”. ISO 26000:2010,
3.3, describes how ISO 26000:2010 covers the activities of small and medium-sized organizations (SMOs).
3.2
interested party
stakeholder
person or organization (3.1) that can affect, be affected by, or perceive itself to be affected by a decision
or activity
Note 1 to entry: In ISO 26000:2010, 2.20, “stakeholder” is defined as an “individual or group that has an interest
in any decision or activity of an organization”.
3.3
requirement
need or expectation that is stated, generally implied or obligatory
Note 1 to entry: “Generally implied” means that it is custom or common practice for the organization and
interested parties that the need or expectation under consideration is implied.
Note 2 to entry: A specified requirement is one that is stated, for example in documented information.
3.4
management system
set of interrelated or interacting elements of an organization (3.1) to establish policies (3.6) and
objectives (3.7) and processes (3.11) to achieve those objectives
Note 1 to entry: A management system can address a single discipline or several disciplines.
Note 2 to entry: The system elements include the organization’s structure, roles and responsibilities, planning
and operation.
Note 3 to entry: The scope of a management system may include the whole of the organization, specific and
identified functions of the organization, specific and identified sections of the organization, or one or more
functions across a group of organizations.
3.5
top management
person or group of people who directs and controls an organization (3.1) at the highest level
Note 1 to entry: Top management has the power to delegate authority and provide resources within the
organization.
Note 2 to entry: If the scope of the management system (3.4) covers only part of an organization, then top
management refers to those who direct and control that part of the organization.
3.6
policy
intentions and direction of an organization (3.1), as formally expressed by its top management (3.5)
3.7
objective
result to be achieved
Note 1 to entry: An objective can be strategic, tactical, or operational.
Note 2 to entry: Objectives can relate to different disciplines (such as financial, health and safety, and
environmental goals) and can apply at different levels (such as strategic, organization-wide, project, product and
process (3.11)).
Note 3 to entry: An objective can be expressed in other ways, e.g. as an intended outcome, a purpose, an
operational criterion, as an XXX objective, or by the use of other words with similar meaning (e.g. aim, goal, or
target).
Note 4 to entry: In the context of XXX management systems, XXX objectives are set by the organization, consistent
with the XXX policy, to achieve specific results.
3.8
risk
effect of uncertainty
Note 1 to entry: An effect is a deviation from the expected — positive or negative.
Note 2 to entry: Uncertainty is the state, even partial, of deficiency of information related to, understanding or
knowledge of, an event, its consequence, or likelihood.
2 © ISO 2017 – All rights reserved
Note 3 to entry: Risk is often characterized by reference to potential “events” (as defined in ISO Guide 73:2009,
3.5.1.3) and “consequences” (as defined in ISO Guide 73:2009, 3.6.1.3), or a combination of these.
Note 4 to entry: Risk is often expressed in terms of a combination of the consequences of an event (including
changes in circumstances) and the associated “li
...
INTERNATIONAL IWA
WORKSHOP 26
AGREEMENT
First edition
2017-08
Using ISO 26000:2010 in
management systems
Utilisation de la norme ISO 26000:2010 dans les systèmes de
management
Reference number
©
ISO 2017
© ISO 2017, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2017 – All rights reserved
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Guidance on MSS for users of ISO 26000:2010 . 4
5 Guidance on ISO 26000:2010 for users of MSS . 7
6 Integrated management systems and ISO 26000:2010 . 9
Annex A (informative) Main linkages between ISO 26000:2010 and the HLS for MSS .11
Annex B (informative) Main linkages between the HLS for MSS and ISO 26000:2010 .15
Annex C (informative) Workshop contributors .19
Bibliography .21
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO’s adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: w w w . i s o .org/ iso/ foreword .html.
International Workshop Agreement IWA 26 was approved at two workshops hosted by the Swedish
Standards Institute (SIS), in association with the Tanzania Bureau of Standards (TBS), held in
Stockholm, Sweden, in March 2017, and in London, UK, in May 2017.
In the development of this document, ISO Guide 82 has been taken into account in addressing
sustainability issues.
iv © ISO 2017 – All rights reserved
Introduction
This document is intended to help organizations apply ISO 26000:2010 in management systems based
1)
on ISO management system standards (MSS) , which are drafted in accordance with the High Level
2)
Structure (HLS) for MSS. It is also intended to help users of ISO 26000 to better understand the MSS
approach in their work on social responsibility.
The intended benefits to an organization of using this document are:
a) to improve the performance of a management system by incorporating social responsibility
guidance;
b) to improve social responsibility performance by using a structured management system approach.
The value of using this document is that it enhances an organization’s contribution to sustainable
development through the synergies of applying social responsibility guidance with a management
system approach.
Many organizations around the world have chosen an MSS to manage areas such as anti-bribery, energy,
environment, food safety, information security and quality. MSS have many common core elements, e.g.
understanding the organization and its context, stakeholder engagement and continual improvement.
There are believed to be more than 1,5 million management systems in place that are certified to an MSS.
An organization’s management system can be supported by standards that specify requirements (e.g.
ISO 9001 on quality management; ISO 22000 on food safety management) and by standards providing
guidance (e.g. ISO 26000 on social responsibility; ISO 19011 on auditing).
In contrast to MSS, ISO 26000:2010 does not specify any requirements, but provides practical
guidance on integrating social responsibility into an organization, thereby contributing to sustainable
development. It offers guidance on how to build an organizational culture of social responsibility and
this benefits the use of management systems. The guidance given in ISO 26000:2010, Clause 7, on
integrating social responsibility throughout the organization is structured around the fundamentals of
an MSS and continual improvement.
In this document, the following guidance is given:
— Clause 4 is aimed primarily at users who are more familiar with ISO 26000: it focuses on the HLS for
MSS and how this relates to ISO 26000;
— Clause 5 is aimed primarily at users who are more familiar with the MSS: it focuses on the guidance
given in ISO 26000 and how this relates to the HLS for MSS;
— Clause 6 describes how integrated management systems and ISO 26000 can be used together;
— Annex A shows the main linkages between the clauses of ISO 26000:2010 and the HLS for MSS, and
is intended to help users of ISO 26000:2010 to use the HLS;
— Annex B shows the main linkages between the HLS for MSS and the clauses of ISO 26000:2010, and
is intended to help users of MSS to use the guidance in ISO 26000:2010.
1) A list of ISO MSS is available at: https:// www .iso .org/ management -system -standards -list .html
2) The ISO/IEC Directives, Part 1, Consolidated ISO Supplement, 2017, Annex SL, Appendix 2, (see www .iso
.org/ directives) specifies the high level structure (HLS), identical core text, common terms and core definitions for
all ISO MSS. The purpose of the HLS is to help users of MSS in a particular discipline to use additional MSS in other
disciplines, and to support the integration between the MSS.
International Workshop Agreement IWA 26:2017(E)
Using ISO 26000:2010 in management systems
1 Scope
This document provides guidance on using ISO 26000:2010 to organizations that have implemented
one or more ISO management system standards (MSS).
It also provides guidance on how to apply a management system approach when using ISO 26000:2010.
It can be used in full or in part by an organization that has implemented a management system and/or
that is using ISO 26000:2010.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 26000:2010, Guidance on social responsibility
3 Terms and definitions
For the purpose of this document, the terms and definitions given in ISO 26000:2010 and the
following apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at http:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.1
organization
person or group of people that has its own functions with responsibilities, authorities and relationships
to achieve its objectives (3.7)
Note 1 to entry: The concept of organization includes, but is not limited to sole-trader, company, corporation, firm,
enterprise, authority, partnership, charity or institution, or part or combination thereof, whether incorporated
or not, public or private.
Note 2 to entry: In ISO 26000:2010, 2.12, “organization” is defined as an “entity or group of people and facilities
with an arrangement of responsibilities, authorities and relationships and identifiable objectives” which “does not
include government acting in its sovereign role to create and enforce law, exercise judicial authority, carry out its
duty to establish policy in the public interest or honour the international obligations of the state”. ISO 26000:2010,
3.3, describes how ISO 26000:2010 covers the activities of small and medium-sized organizations (SMOs).
3.2
interested party
stakeholder
person or organization (3.1) that can affect, be affected by, or perceive itself to be affected by a decision
or activity
Note 1 to entry: In ISO 26000:2010, 2.20, “stakeholder” is defined as an “individual or group that has an interest
in any decision or activity of an organization”.
3.3
requirement
need or expectation that is stated, generally implied or obligatory
Note 1 to entry: “Generally implied” means that it is custom or common practice for the organization and
interested parties that the need or expectation under consideration is implied.
Note 2 to entry: A specified requirement is one that is stated, for example in documented information.
3.4
management system
set of interrelated or interacting elements of an organization (3.1) to establish policies (3.6) and
objectives (3.7) and processes (3.11) to achieve those objectives
Note 1 to entry: A management system can address a single discipline or several disciplines.
Note 2 to entry: The system elements include the organization’s structure, roles and responsibilities, planning
and operation.
Note 3 to entry: The scope of a management system may include the whole of the organization, specific and
identified functions of the organization, specific and identified sections of the organization, or one or more
functions across a group of organizations.
3.5
top management
person or group of people who directs and controls an organization (3.1) at the highest level
Note 1 to entry: Top management has the power to delegate authority and provide resources within the
organization.
Note 2 to entry: If the scope of the management system (3.4) covers only part of an organization, then top
management refers to those who direct and control that part of the organization.
3.6
policy
intentions and direction of an organization (3.1), as formally expressed by its top management (3.5)
3.7
objective
result to be achieved
Note 1 to entry: An objective can be strategic, tactical, or operational.
Note 2 to entry: Objectives can relate to different disciplines (such as financial, health and safety, and
environmental goals) and can apply at different levels (such as strategic, organization-wide, project, product and
process (3.11)).
Note 3 to entry: An objective can be expressed in other ways, e.g. as an intended outcome, a purpose, an
operational criterion, as an XXX objective, or by the use of other words with similar meaning (e.g. aim, goal, or
target).
Note 4 to entry: In the context of XXX management systems, XXX objectives are set by the organization, consistent
with the XXX policy, to achieve specific results.
3.8
risk
effect of uncertainty
Note 1 to entry: An effect is a deviation from the expected — positive or negative.
Note 2 to entry: Uncertainty is the state, even partial, of deficiency of information related to, understanding or
knowledge of, an event, its consequence, or likelihood.
2 © ISO 2017 – All rights reserved
Note 3 to entry: Risk is often characterized by reference to potential “events” (as defined in ISO Guide 73:2009,
3.5.1.3) and “consequences” (as defined in ISO Guide 73:2009, 3.6.1.3), or a combination of these.
Note 4 to entry: Risk is often expressed in terms of a combination of the consequences of an event (including
changes in circumstances) and the associated “li
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.