User Guide ISO 26000 _DIS Level_, 2010-04-07

ISO 26000 User Guide (DIS level) page 1 of 15

ISO 26000 User Guide

Basis: ISO/DIS 26000,

as if it was the finally published ISO 26000

7 April 2010

Supported by:

NORMAPME

Guido Gürtler, NORMAPME expert, ICC observer to ISO/TMB/WG SR; [email protected]

Claudia Graziani, SR practitioner; [email protected]

European Office of Crafts, Trades and Small and Medium-sized Enterprises for Standardisation

Bureau Européen de l'Artisanat et des Petites et Moyennes Entreprises pour la Normalisation

Europäisches Büro des Handwerks und der Klein- und Mittelbetriebe für die Normung


Contents

Purpose ................................................................................................................................................ 3

Step 1: It is necessary to purchase the ISO 26000 document ............................................................. 3

Step 2: There is no “ISO 26000 certificate” and no need for consultants or training ......................... 4

Step 3: You should study the ISO 26000 document carefully ............................................................. 5

Step 4: Decide whether ISO 26000 fits your needs and expectations ................................................ 5

Micro organizations, 92% of all organizations ................................................................................ 6

SMO – Small and medium sized organizations, 7% of all organizations ......................................... 6

Large organizations, 1% of all organizations ................................................................................... 6

Step 5: You can identify your possible activities and their impact, using the Check Tool .................. 7

What is the Check Tool for? ............................................................................................................ 7

How to apply the Check Tool? ......................................................................................................... 7

What are the results? ...................................................................................................................... 8

Step 6: You can communicate your responsible use of ISO 26000 ..................................................... 8

Attachment 1: DIS - Contents ............................................................................................................ 10

Attachment 2: Project history, features and achievements ............................................................. 11

Attachment 3: Estimation of main user groups ................................................................................ 13

Attachment 4: Understanding the relations between ISO 26000 and law and regulation ............... 14

Attachment 5: “Stakeholders” and “Affected parties” ..................................................................... 14

Attachment 6: Proposal for communication ..................................................................................... 15


Purpose

This ISO 26000 user guide aims at facilitating a correct and responsible use of the ISO 26000

guidance document “by all types of organizations, regardless of their size or location” (quote from

the ISO/DIS 26000 scope, line 212); also included is a Check Tool to make the ISO 26000 realistic and

easy to use, particularly for SMOs (small and medium organizations). The application of the Check

Tool does not require any services external to the organization like consultants, trainers or auditors.

At the end of this document, you will find a proposal on how to communicate the use of ISO 26000.

This user guide takes the ISO/DIS 26000 (Draft International Standard, for contents see Attachment

1) as though it were the final and published version. It will be updated as soon as the FDIS (Final Draft

International Standard) and later the IS (International Standard) are available. It is hoped that

difficulties identified within the guidance standard as of March 2010 will be eliminated by the time of

arrival to the publication of the IS.

Since ISO 26000 is a guidance document, it is essentially different to “normal” ISO standards. This

will require a huge amount of education, by all genuinely involved, particularly in the case of industry

as the main user group. This user guide intends to support such educational efforts and help avoid

aberrations and undesirable developments like unnecessary expenditures for “ISO 26000 training

courses”, “ISO 26000 consultants”, ISO 26000 audits” etc. or even for an “ISO 26000 certificate”

which would be an evident misuse of ISO 26000.

Knowing about ISO 26000 project history and its important features and achievements may be

useful before digging into details; please see Attachment 2. An estimation of main user groups is

given in Attachment 3.

Weblink: The DIS document (N172) and other “numbered documents” such as the Design Specification (N049)

can be downloaded from the ISO server at

http://isotc.iso.org/livelink/livelink?func=ll&objId=547513&objAction=RunReport&InputLabel1=26000.

Weblink: An identical version of the ISO26000 user guide as presented here can be downloaded from

http://www.26k-estimation.com/html/how_to_use_iso_26000.html.

Step 1: It is necessary to purchase the ISO 26000 document

The ISO 26000 document must be purchased like any other ISO publication, in spite of ISO having

been approached by the working group on social responsibility to provide it for free as part of ISO’s

contribution to global enhancement of social responsibility.

As an orientation: the estimated price may be around 200 Euros or 300 USD, however the price

depends on the pricing policy of the national standardization sales point.

If one compares the listed pricing available on the national standardisation bodies websites one will

notice great disparity in the pricing of standards by each national ISO member. This can be

demonstrated through searching the e-shop webpage of both Deutsches Institut für Normung (DIN)


and Estonian Centre for Standardisation(EVS) taking as a sample the standard, CEN/TS 13001-3-

1:2004 Cranes – general design – Part 3-1: Limit states and proof of competence of steel structures.

In April 2010, a search for this standard in the English language found it available from DIN for

€234.20 while the same standard in English is available from EESTI for €18.85, a mere 8% of what

another ISO member charges.

It is important to note in this comparison that the documents being sold by each ISO member

organisation are exactly the same document. There is no element of inferiority on account of the

price difference.

ISO Standards are sold by the ISO member organizations and their publishing houses; their addresses

are available on the ISO website at http://www.iso.org/iso/about/iso_members.htm

Step 2: There is no “ISO 26000 certificate” and no need for consultants

or training

It is important to know that the ISO 26000 is

- …not for “audits” or “certifications” as it does not contain requirements that could be

certified

- …not a “management system standard” like ISO 9000 or ISO 14001, even if the chosen

number 26000 may be a temptation towards misguidance. Many service providers sense a

profitable business opportunity in making you believe the ISO 26000 was a management

system standard to sell related activities or to include ISO 26000 audits and certificates into

ongoing ISO 9000 or ISO 14001 certifications

- …neither a “guideline” nor a “standard” which you would have to “implement”. It is not for

any kind of contractual use, neither in business-to-business contracts, nor in procurement.

On the other hand the ISO 26000 is

- …voluntary in use

- …a “guidance document“ that offers orientation, advice, proposals, and recommendations;

from this “offer’' you may chose to avail of those parts which you consider most reasonable

to follow

- …an international “standard” only for one reason because ISO publishes international

standards: the publication form is an international standard but as regards type and

contents, it is a guidance document.

Weblink: On non-certification see http://www.26k-estimation.com/html/certfication__no_.html#certification-

a-word

Weblink: On most frequent misconceptions (errors) and misuse (willful abuse), see http://www.26k-

estimation.com/html/misconceptions_and_misuse.html


Step 3: You should study the ISO 26000 document carefully

According to its Design Specification (N049) the ISO 26000 is supposed to be an easy to understand

and easy to use guidance document. Therefore, its use does not require any consultancy services,

audits or trainings even though such offers are mushrooming on the Internet.

Googling for ISO 26000 training in early March 2010 resulted in 550.000 hits, and three weeks later in

630.000 hits. Attendants of those trainings could easily be charged several hundred Dollars. So-called

“trainers” may be well acquainted with the text of ISO 26000. The problem is that they cannot have

deep knowledge of your organization’s internal particularities and external relations; furthermore,

trainers usually do not take any responsibility.

It is YOU who must study the document and it is worthwhile taking your time to learn what some 400

“experts” from all over the world have identified as “social responsibility”, and what has been agreed

on.

The ISO 26000 guidance document has a structure of core subjects and issues which you can find in

its main clause 6 “Guidance on social responsibility core subjects”:

- recommendations (“…an organization should…”) are subdivided into six core subjects

(organizational governance, human rights, labor practices, the environment, consumer

issues, and community involvement and development), and

- each core subject contains a number of issues.

ISO 26000 claims that “all core subjects are relevant for all organizations, but not all issues of a core

subject.” The Check Tool has been designed to help you find out their relevance for your

organization, find more details in Step 5.

Step 4: Decide whether ISO 26000 fits your needs and expectations

After you have studied the ISO 26000 guidance document you might be concerned as to whether it

fits your needs and expectations and whether your organization really falls within the scope.

A starting point for your considerations should be that ISO 26000 is directed to all types and sizes of

organizations, not at individuals. The definition of “organization” is, therefore, most important; it

reads in the ISO 26000 guidance document: “2.1.12 – organization, entity with identifiable objectives

and structure”.

More precisly, and according to general understanding, an organization is characterized by different

levels of responsibility and repartition of responsibility between these levels; here is a good

example of a definition:

“Social unit of people, systematically arranged and managed to meet a need or to pursue collective

goals on a continuing basis. All organizations have a management structure that determines

relationships between functions and positions, and subdivides and delegates roles, responsibilities,

and authority to carry out defined tasks. Organizations are open systems in that they affect and are


affected by the environment beyond their boundaries.”

(Source: http://www.businessdictionary.com/definition/organization.html (2010-03))

It must be said that the usefulness of ISO 26000 will differ depending on the size of the

organization. One generally could distinguish between three different kinds of ISO 26000 users:

Micro organizations, 92% of all organizations

92% or more of all “organizations” are micro organizations; they include e.g. all kinds of

craftsmen, smaller family owned and managed companies, or entities having qualified for

getting a micro credit. These supposed “organizations” are usually privately owned and

managed by their owner. These organizations operate in general only locally and do indeed

have objectives but they don’t need to have structures (as the ISO 26000 definition

requires).

Therefore, realistically speaking, ISO 26000 is hardly even applicable to micro and such

smaller organizations regardless of the DIS explicitly including micro organizations; see its

line 521 (“For the purpose of this International Standard, SMOs include those very small

organizations referred to as “micro” organizations.”). It is highly recommended to check

seriously whether your entity could be defined as an “organization” in the sense of ISO 26000

and to investigate its potential benefit for your entity.

SMO – Small and medium sized organizations, 7% of all organizations

7% of all organizations could be considered SMO’s. As per DIS lines 547 – 550 the SMO

helpdesk states that an SMO should …”where appropriate, act collectively with peer and

sector organizations rather than individually, to save resources and enhance capacity for

action. For instance, organizations operating in the same context and sector, identification of

and engagement with stakeholders can sometimes be more effective if done collectively.’’

It is recommended that SMOs should take the initiative to identify other SMOs in their

sector and region and approach their Chamber of Commerce or respective sectorial

association for assistance to propose that they use ISO 26000 collectively in a broader range

from

- identification of ISO 26000 benefits via

- sharing of experiences and resources to

- communication.

Large organizations, 1% of all organizations

Larger organizations usually run transnational businesses and normally have separate

corporate departments on social responsibility and communication with dedicated staff like

“Ethical Officers”. Most of those organizations have published their values and policies e.g. in

a code of conduct.

Large organizations may wish to investigate their code of conducts’ coverage of ISO 26000

core subjects and issues and decide on that basis about the usefulness of the guidance

document for the further development of their values and policies.


Additionally you may well be aware that social responsibility guidance is also offered by the trade or

industry association you are member of. It is recommended to compare the contents of ISO 26000

with those codes of ethics or codes of conduct (often much shorter documents). It is worthwhile to

check them because they might better address specific issues of your specific field of activity. From

there you may make your choice as to which one is best to follow.

If ISO 26000 is your choice, please ensure that you won't have a problem in understanding the

relations between ISO 26000 as a voluntary guidance document and applicable law and regulation,

see Attachment 4.

Step 5: You can identify your possible activities and their impact, using

the Check Tool

Taking into account the structure and the scope of the ISO 26000 guidance document, you may be

irritated in attempting to decipher whether all or parts of the document are relevant for you. As you

wish to make a contribution to society, one immediate question arises: To which degree can you

really influence the status and the development of society if you engage in any issue?

What is the Check Tool for?

In this decision-making process, it is recommended to

- first decide on the relevance of the core subjects for your organization

(e.g. if you produce capital goods only, you may judge that the core subject on consumer

issues as not relevant; as a barber you may find the core subject on fair operating practices

not relevant;)

- then study the issues of the remaining core subjects and analyze possible actions that you

could readily and efficiently undertake because they may have a positive impact on the

society you are operating in.

The Check Tool is available at http://www.26k-

estimation.com/html/check_tool_iso_26000_download.html ; it has been designed to support this

decision-making process; it is a matrix of core subjects and related issues on the vertical and a few

questions on the horizontal. The answers to these questions help in reaching the goal of a

responsible, consistent, thought-through and self-dependent use of ISO 26000.

How to apply the Check Tool?

This Check Tool (Excel sheet) is an easy to use aid; it reproduces the core subjects and issues, and

allows a check of effectiveness per issue and an estimation of the impact of your possible actions by

seeking answers to these few short questions:

- Are the core subject and its issues deemed relevant to your organization?

- What leverage effect has your organization on this issue?

- What kind of activities can your organization undertake on this issue?


- Have you ensured that planned activities are not in conflict with applicable law?

- What impact will your activities have?

- Which stakeholders do you involve in this issue?

The Check Tool is to be processed line by line or “issue by issue”; and, if the answer in one box of a

line is not positive, the line is done and you can continue with the next line.

What are the results?

You have thoroughly analyzed what guidance your organization can reasonably follow and your

deliberations are filed, e.g. for use as an update after an appropriate period of time has passed, as

input for your stakeholder dialogue, or in liaisons with your external partners. You have identified

possible activities where ISO 26000 can be effectively applied to those issues where all questions

have received positive answers. Don’t be surprised if not all issues of a core subject are deemed

relevant for your organization. In this scenario the whole core subject is rendered irrelevant; this is a

plausible outcome.

But: Don’t be too happy with the analysis because an ISO document cannot cover all possibilities of

how to enhance socially responsible behavior; please feel encouraged to look for additional options

and measures which could be positively applied in your unique situation and actual demands.

Weblink: Be creative and find your optimal contribution to the betterment of society. Some good

examples are given at http://www.26k-estimation.com/html/good_examples.html.

Step 6: You can communicate your responsible use of ISO 26000

You as an organization certainly already have long-term relationships to your stakeholders or may

detect new possibilities to communicate with affected parties by following the Check Tool in Step 5

when you decide about a further enhancement of your social responsibility related activities. Find

further useful information on stakeholder definition in Attachment 5.

While communicating your responsible use of ISO 26000 is good practice, consideration for

proportionality is necessary. The demands on resources inherent to the reporting required of an

organization need to reflect the size of that organization. Therefore, for example, a one page report

should be acceptable in general, and particularly from SMOs, see Attachment 6.

You may wish to include the identified action items into your stakeholder dialogue and into your

communication. You can do this easily with a statement indicating that you have understood the

purpose of ISO 26000 and that you have identified specific actions.

The ISO WG SR Task Group 2 on “Communication” published the following note on the question how

an organization can refer to its use of ISO 26000, in its December 2009 Newsletter:

“ISO 26000 is a voluntary International Standard providing guidance on social

responsibility. Organizations of all types are encouraged to acknowledge their support

and use of ISO 26000 as follows:


“Organization” recognizes ISO 26000 as a reference document that provides guidance on social responsibility. and /or “Organization” has used ISO 26000 as a guide to integrate social responsibility into our values and practices.”

It is evident that by communicating in this way, and signing with your signature, that you take the

self-instilled responsibility seriously. Anyone interested, be it customers, authorities, stakeholders

or even the public at large can expect your communication to be well-founded and correct and will

highly appreciate this. It will be of a higher value than any statement by any party external to your

organization since they do not usually assume any responsibility in cases of differing interpretations

or other difficulties.

Weblink: The full Newsletter is available at http://www.26k-

estimation.com/html/how_to_use_iso_26000.html#down-docs. The proposed communication can be downloaded

from this link, too, as a Word document. Its wording may be changed e.g. by mentioning the parties being

engaged in your stakeholder dialogue or by special achievements.


Attachment 1:

DIS - Contents


Attachment 2:

Project history, features and achievements

It is worthwhile to acknowledge some crucial facts before studying the guidance document in detail because

this may be helpful in judging the value of the various recommendations (”issues”) and their usefulness for

your organization:

- ISO is renowned for its technical standards; in the field of technical standards one can assume a

mutual technical understanding and language of expert engineers towards standardizing dimensions,

quality of material, test methods, and limits etc.

- The ISO 26000 project is a significant experiment in the area of social or societal or society related

standards, where experts don’t necessarily see a good reason for harmonizing societal items or

viewpoints. On foot of different histories and cultures, existing societal differences tend to maintain

their relativity to one another rather than conform. Therefore, ISO was prudent in deciding that ISO

26000 shall be a guidance standard

that offers orientation, advice, proposals, and recommendations but does not contain requirements

for any testing of limits. Thus, the different character of societies is respected.

- ISO began this project following an initiative of the ISO COPOLCO COnsumer POLicy COmmittee, see

http://www.iso.org/iso/copolco_s_achievements.pdf.

- Size of the “working group” (400+ persons) and its proper management; project time: five years;

project cost estimation including September 2009: more than 72 million US Dollars

- Balance between users and

developers of the guidance

document:

It seems worthwhile to know

that the six stakeholder groups

are represented in the Working

Group in a fairly balanced

manner (left chart) and have a

rather equal say but that does

not match well with the

estimation of expected users

(right chart).

- Stakeholders involved

representing society are

industry, labor, government,

NGOs, consumers, and

Services/Support/ Research/Others; yet no representatives of culture, religion, public health, history

etc.

- Representativeness of stakeholder groups: particularly ISO member bodies of smaller countries could

not staff their delegation to the ISO 26000 Working Group with representatives of all six stakeholder

group see http://www.26k-estimation.com/html/iso_and_societal_standards.html#analysis


- Market orientation: A user survey for ensuring the greatest possible market acceptance of the

guidance document was not performed.

- No guidance to governments:

** lines 155 and 156 read: “Governmental organizations, like any other organization, may wish to use this International Standard. However, it is not intended to replace, alter or in any way change the obligations of the state.” This explains that an ISO standard may be used by

governments, but only by governmental administrative units, because

** line 303 on the definition of “organization” reads: “NOTE 1 For the purpose of this International Standard organization does not include government executing duties that are exclusive to the state.” This explains that ISO has no possibility to provide guidance to governments on their most

privileged duties like issuing a state constitution and a reliable (and properly enforced) system of laws

and regulations for protecting life, property and the environment.

This seems worthwhile to note because (a) one can observe that the greatest deficits in social

responsibility exist in countries of poor governmental systems, (b) it is well known that industry or any

other organization cannot substitute government action, and (c) a minimum level of reliable

governmental systems is a prerequisite for the success of non-governmental social responsibility

initiatives .

- Nomination of experts and observers by the ISO member bodies has been a trustful process because

to-date there are no qualification criteria for “social responsibility experts”, see http://www.26k-

estimation.com/html/iso_and_societal_standards.html#WhoAreTheExperts

- Involvement of consultants in the ISG (Industry Stakeholder Group): while consultants are one of the

many parties of the SSRO stakeholder group (Services/Support/ Research/Others), it is unusual that

consultants can be nominated as industry representatives by their ISO member body (see N048rev1;

“Excluded are enterprises and other organizations that offer services related to standardization, including certification, registration, accreditation, and related consulting services (SRI services) that pose an inherent conflict of interest. General consulting or advisory services are also excluded unless they have been retained for the purpose of representing enterprises or employer organization in the ISO/TMB/WG/SR process or nominated to represent industry by their national standard bodies”).

This happened in at least four cases while it is generally well known that consultants have here a

conflict of interest.

- Compromises were identified to have occurred among the six stakeholder groups, and between the

narrower votes according to the ISO Directives on CD (Committee Draft), see http://www.26k-

estimation.com/html/cd_voting_results.html#CD-Voting-results and DIS, see http://www.26k-

estimation.com/html/dis__vote__analysis.html#dis-voteanalysis-start,

- In addition to the nationally nominated experts and observers, there is also the involvement of some

40 D-Liaison organizations (like IOE International Organization of Employers, NORMAPME, or ICC

International Chamber of Commerce) in gathering input as broadly as possible from outside the

national ISO member bodies.

Taking the given circumstances into account, the resulting DIS (N172) is admirable.


Attachment 3:

Estimation of main user groups

In the scope of the DIS it is stated that it, ISO 26000 provides guidance for all types and sizes of

organizations, everywhere, and micro organizations are explicitly included. This is a huge expectation

observing that a realistic estimation of the main user groups looks as follows:


Attachment 4:

Understanding the relations between ISO 26000 and law and regulation

In the scope clause of the ISO 26000 document you find the sentence:

“This International Standard encourages an organization to undertake activities that go beyond legal compliance, recognizing that compliance with law is a fundamental duty of any organization and an essential part of its social responsibility.”

In clause 3.3.1 and on many other instances you will find a wording such as:

“…in compliance with applicable law and consistent with international norms of behaviour,…”

The intention of this wording is to infer that a regulated level of social behavior alone is not deemed sufficient

and an organization should endeavor to do better and go beyond the letter of the law and regulation. This

intent is good but the ISO 26000 leaves you on your own in terms of identifying the relevant international

norms of behavior and with the risk of violating applicable law e.g. in cases where the mentioned international

norms of behavior which you feel encouraged to apply, are not yet transposed into effective national law.

Furthermore, the term “International norms of behavior” is poorly defined (such “norms” cannot be defined as

“expectations”) and concrete examples of which are missing throughout:

2.1.10 international norms of behaviour expectations of socially responsible organizational behaviour derived from customary international law, generally accepted principles of international law, or intergovernmental agreements that are universally or nearly universally recognized NOTE 1 Intergovernmental agreements include treaties and conventions NOTE 2 Although these expectations derived from customary international law, generally accepted principles of international law or intergovernmental agreements are directed primarily at states, they express goals and principles to which all organizations can aspire. International norms of behaviour evolve over time.

Attachment 5: “Stakeholders” and “Affected parties”

ISO 26000 defines this term in an over-generalized manner:

“2.1.20 stakeholder individual or group that has an interest in any decision or activity of an organization.”

As broad as the terms, “an interest” and “any” are, they are also so vague that almost anyone coming along the

road could claim to be your stakeholder. Normally a “stakeholder” is in one way another affected by the

decisions of your organization. Generally accepted stakeholders are your employees, customers and suppliers,

local authorities and the local society or public at large. Depending on your activities there may be additional

stakeholders such as NGOs or representatives of culture, religion, history, public health etc.

In any case, it is you who decides about whom to include into your stakeholder dialogue (i.e. “affected parties”

or “interested parties”) towards a potential further enhancement of your social responsibility related activities.


Attachment 6:

Proposal for communication

The organization’s letter head

Communication on the application of ISO 26000,

the Guidance Standard on Social Responsibility

We have pleasure in communicating that our organization is well acquainted

with ISO 26000, its character and content, and the way to best prioritize and

follow its guidance.

We recognize ISO 26000 as a reference document that provides guidance on

social responsibility. We have used ISO 26000 as a guide to integrate social

responsibility into our values and practices.

More details are given on <our website> and/or in <our report>. For any

further information please contact the undersigned.

Date and place…..

Signature(s)…..

Address

Documents

User Guide ISO 26000 _DIS Level_, 2010-04-07