ISO 26000 User Guide

Basis: ISO/DIS 26000,

as if it was the finally published ISO 26000

7 April 2010

Supported by: European Office of Crafts, Trades and Small and Medium-sized Enterprises for Standardisation
Bureau Européen de l'Artisanat et des Petites et Moyennes Entreprises pour la Normalisation
NORMAPME Europäisches Büro des Handwerks und der Klein- und Mittelbetriebe für die Normung

Guido Gürtler, NORMAPME expert, ICC observer to ISO/TMB/WG SR; guido.guertler@t-online.de

Claudia Graziani, SR practitioner; c.graziani@gmx.de

ISO 26000 User Guide (DIS level) page 1 of 15

Contents
Purpose................................................................................................................................................ 3

Step 1: It is necessary to purchase the ISO 26000 document ............................................................. 3

Step 2: There is no “ISO 26000 certificate” and no need for consultants or training ......................... 4

Step 3: You should study the ISO 26000 document carefully ............................................................. 5

Step 4: Decide whether ISO 26000 fits your needs and expectations ................................................ 5

Micro organizations, 92% of all organizations ................................................................................ 6

SMO – Small and medium sized organizations, 7% of all organizations ......................................... 6

Large organizations, 1% of all organizations ................................................................................... 6

Step 5: You can identify your possible activities and their impact, using the Check Tool .................. 7

What is the Check Tool for? ............................................................................................................ 7

How to apply the Check Tool? ......................................................................................................... 7

What are the results? ...................................................................................................................... 8

Step 6: You can communicate your responsible use of ISO 26000 ..................................................... 8

Attachment 1: DIS - Contents ............................................................................................................ 10

Attachment 2: Project history, features and achievements ............................................................. 11

Attachment 3: Estimation of main user groups ................................................................................ 13

Attachment 4: Understanding the relations between ISO 26000 and law and regulation............... 14

Attachment 5: “Stakeholders” and “Affected parties” ..................................................................... 14

Attachment 6: Proposal for communication ..................................................................................... 15

ISO 26000 User Guide (DIS level) page 2 of 15

Purpose
This ISO 26000 user guide aims at facilitating a correct and responsible use of the ISO 26000
guidance document “by all types of organizations, regardless of their size or location” (quote from
the ISO/DIS 26000 scope, line 212); also included is a Check Tool to make the ISO 26000 realistic and
easy to use, particularly for SMOs (small and medium organizations). The application of the Check
Tool does not require any services external to the organization like consultants, trainers or auditors.
At the end of this document, you will find a proposal on how to communicate the use of ISO 26000.

This user guide takes the ISO/DIS 26000 (Draft International Standard, for contents see Attachment
1) as though it were the final and published version. It will be updated as soon as the FDIS (Final Draft
International Standard) and later the IS (International Standard) are available. It is hoped that
difficulties identified within the guidance standard as of March 2010 will be eliminated by the time of
arrival to the publication of the IS.

Since ISO 26000 is a guidance document, it is essentially different to “normal” ISO standards. This
will require a huge amount of education, by all genuinely involved, particularly in the case of industry
as the main user group. This user guide intends to support such educational efforts and help avoid
aberrations and undesirable developments like unnecessary expenditures for “ISO 26000 training
courses”, “ISO 26000 consultants”, ISO 26000 audits” etc. or even for an “ISO 26000 certificate”
which would be an evident misuse of ISO 26000.

Knowing about ISO 26000 project history and its important features and achievements may be
useful before digging into details; please see Attachment 2. An estimation of main user groups is
given in Attachment 3.

Weblink: The DIS document (N172) and other “numbered documents” such as the Design Specification (N049)
can be downloaded from the ISO server at
http://isotc.iso.org/livelink/livelink?func=ll&objId=547513&objAction=RunReport&InputLabel1=26000.

Weblink: An identical version of the ISO26000 user guide as presented here can be downloaded from
http://www.26k-estimation.com/html/how_to_use_iso_26000.html.

Step 1: It is necessary to purchase the ISO 26000 document

The ISO 26000 document must be purchased like any other ISO publication, in spite of ISO having
been approached by the working group on social responsibility to provide it for free as part of ISO’s
contribution to global enhancement of social responsibility.

As an orientation: the estimated price may be around 200 Euros or 300 USD, however the price
depends on the pricing policy of the national standardization sales point.

If one compares the listed pricing available on the national standardisation bodies websites one will
notice great disparity in the pricing of standards by each national ISO member. This can be
demonstrated through searching the e-shop webpage of both Deutsches Institut für Normung (DIN)

ISO 26000 User Guide (DIS level) page 3 of 15

and Estonian Centre for Standardisation(EVS) taking as a sample the standard, CEN/TS 13001-3-
1:2004 Cranes – general design – Part 3-1: Limit states and proof of competence of steel structures.
In April 2010, a search for this standard in the English language found it available from DIN for
€234.20 while the same standard in English is available from EESTI for €18.85, a mere 8% of what
another ISO member charges.

It is important to note in this comparison that the documents being sold by each ISO member
organisation are exactly the same document. There is no element of inferiority on account of the
price difference.

ISO Standards are sold by the ISO member organizations and their publishing houses; their addresses
are available on the ISO website at http://www.iso.org/iso/about/iso_members.htm

Step 2: There is no “ISO 26000 certificate” and no need for consultants

or training
It is important to know that the ISO 26000 is

- …not for “audits” or “certifications” as it does not contain requirements that could be
certified

- …not a “management system standard” like ISO 9000 or ISO 14001, even if the chosen
number 26000 may be a temptation towards misguidance. Many service providers sense a
profitable business opportunity in making you believe the ISO 26000 was a management
system standard to sell related activities or to include ISO 26000 audits and certificates into
ongoing ISO 9000 or ISO 14001 certifications

- …neither a “guideline” nor a “standard” which you would have to “implement”. It is not for
any kind of contractual use, neither in business-to-business contracts, nor in procurement.

On the other hand the ISO 26000 is

- …voluntary in use

- …a “guidance document“ that offers orientation, advice, proposals, and recommendations;

from this “offer’' you may chose to avail of those parts which you consider most reasonable
to follow

- …an international “standard” only for one reason because ISO publishes international
standards: the publication form is an international standard but as regards type and
contents, it is a guidance document.

Weblink: On non-certification see http://www.26k-estimation.com/html/certfication__no_.html#certification-

a-word

Weblink: On most frequent misconceptions (errors) and misuse (willful abuse), see http://www.26k-
estimation.com/html/misconceptions_and_misuse.html

ISO 26000 User Guide (DIS level) page 4 of 15

Step 3: You should study the ISO 26000 document carefully
According to its Design Specification (N049) the ISO 26000 is supposed to be an easy to understand
and easy to use guidance document. Therefore, its use does not require any consultancy services,
audits or trainings even though such offers are mushrooming on the Internet.

Googling for ISO 26000 training in early March 2010 resulted in 550.000 hits, and three weeks later in
630.000 hits. Attendants of those trainings could easily be charged several hundred Dollars. So-called
“trainers” may be well acquainted with the text of ISO 26000. The problem is that they cannot have
deep knowledge of your organization’s internal particularities and external relations; furthermore,
trainers usually do not take any responsibility.

It is YOU who must study the document and it is worthwhile taking your time to learn what some 400
“experts” from all over the world have identified as “social responsibility”, and what has been agreed
on.

The ISO 26000 guidance document has a structure of core subjects and issues which you can find in
its main clause 6 “Guidance on social responsibility core subjects”:

- recommendations (“…an organization should…”) are subdivided into six core subjects
(organizational governance, human rights, labor practices, the environment, consumer
issues, and community involvement and development), and

- each core subject contains a number of issues.

ISO 26000 claims that “all core subjects are relevant for all organizations, but not all issues of a core
subject.” The Check Tool has been designed to help you find out their relevance for your
organization, find more details in Step 5.

Step 4: Decide whether ISO 26000 fits your needs and expectations
After you have studied the ISO 26000 guidance document you might be concerned as to whether it
fits your needs and expectations and whether your organization really falls within the scope.

A starting point for your considerations should be that ISO 26000 is directed to all types and sizes of
organizations, not at individuals. The definition of “organization” is, therefore, most important; it
reads in the ISO 26000 guidance document: “2.1.12 – organization, entity with identifiable objectives
and structure”.

More precisly, and according to general understanding, an organization is characterized by different

levels of responsibility and repartition of responsibility between these levels; here is a good
example of a definition:

“Social unit of people, systematically arranged and managed to meet a need or to pursue collective
goals on a continuing basis. All organizations have a management structure that determines
relationships between functions and positions, and subdivides and delegates roles, responsibilities,
and authority to carry out defined tasks. Organizations are open systems in that they affect and are
ISO 26000 User Guide (DIS level) page 5 of 15
 affected by the environment beyond their boundaries.”
(Source: http://www.businessdictionary.com/definition/organization.html (2010-03))

It must be said that the usefulness of ISO 26000 will differ depending on the size of the
organization. One generally could distinguish between three different kinds of ISO 26000 users:

Micro organizations, 92% of all organizations

92% or more of all “organizations” are micro organizations; they include e.g. all kinds of
craftsmen, smaller family owned and managed companies, or entities having qualified for
getting a micro credit. These supposed “organizations” are usually privately owned and
managed by their owner. These organizations operate in general only locally and do indeed
have objectives but they don’t need to have structures (as the ISO 26000 definition
requires).

Therefore, realistically speaking, ISO 26000 is hardly even applicable to micro and such
smaller organizations regardless of the DIS explicitly including micro organizations; see its
line 521 (“For the purpose of this International Standard, SMOs include those very small
organizations referred to as “micro” organizations.”). It is highly recommended to check
seriously whether your entity could be defined as an “organization” in the sense of ISO 26000
and to investigate its potential benefit for your entity.

SMO – Small and medium sized organizations, 7% of all organizations

7% of all organizations could be considered SMO’s. As per DIS lines 547 – 550 the SMO
helpdesk states that an SMO should …”where appropriate, act collectively with peer and
sector organizations rather than individually, to save resources and enhance capacity for
action. For instance, organizations operating in the same context and sector, identification of
and engagement with stakeholders can sometimes be more effective if done collectively.’’

It is recommended that SMOs should take the initiative to identify other SMOs in their
sector and region and approach their Chamber of Commerce or respective sectorial
association for assistance to propose that they use ISO 26000 collectively in a broader range
from

- identification of ISO 26000 benefits via

- sharing of experiences and resources to
- communication.

Large organizations, 1% of all organizations

Larger organizations usually run transnational businesses and normally have separate
corporate departments on social responsibility and communication with dedicated staff like
“Ethical Officers”. Most of those organizations have published their values and policies e.g. in
a code of conduct.
Large organizations may wish to investigate their code of conducts’ coverage of ISO 26000
core subjects and issues and decide on that basis about the usefulness of the guidance
document for the further development of their values and policies.

ISO 26000 User Guide (DIS level) page 6 of 15

Additionally you may well be aware that social responsibility guidance is also offered by the trade or
industry association you are member of. It is recommended to compare the contents of ISO 26000
with those codes of ethics or codes of conduct (often much shorter documents). It is worthwhile to
check them because they might better address specific issues of your specific field of activity. From
there you may make your choice as to which one is best to follow.

If ISO 26000 is your choice, please ensure that you won't have a problem in understanding the
relations between ISO 26000 as a voluntary guidance document and applicable law and regulation,
see Attachment 4.

Step 5: You can identify your possible activities and their impact, using
the Check Tool
Taking into account the structure and the scope of the ISO 26000 guidance document, you may be
irritated in attempting to decipher whether all or parts of the document are relevant for you. As you
wish to make a contribution to society, one immediate question arises: To which degree can you
really influence the status and the development of society if you engage in any issue?

What is the Check Tool for?

In this decision-making process, it is recommended to

- first decide on the relevance of the core subjects for your organization
(e.g. if you produce capital goods only, you may judge that the core subject on consumer
issues as not relevant; as a barber you may find the core subject on fair operating practices
not relevant;)

- then study the issues of the remaining core subjects and analyze possible actions that you
could readily and efficiently undertake because they may have a positive impact on the
society you are operating in.

The Check Tool is available at http://www.26k-

estimation.com/html/check_tool_iso_26000_download.html ; it has been designed to support this
decision-making process; it is a matrix of core subjects and related issues on the vertical and a few
questions on the horizontal. The answers to these questions help in reaching the goal of a
responsible, consistent, thought-through and self-dependent use of ISO 26000.

How to apply the Check Tool?

This Check Tool (Excel sheet) is an easy to use aid; it reproduces the core subjects and issues, and
allows a check of effectiveness per issue and an estimation of the impact of your possible actions by
seeking answers to these few short questions:

- Are the core subject and its issues deemed relevant to your organization?
- What leverage effect has your organization on this issue?
- What kind of activities can your organization undertake on this issue?

ISO 26000 User Guide (DIS level) page 7 of 15

 - Have you ensured that planned activities are not in conflict with applicable law?
- What impact will your activities have?
- Which stakeholders do you involve in this issue?
The Check Tool is to be processed line by line or “issue by issue”; and, if the answer in one box of a
line is not positive, the line is done and you can continue with the next line.

What are the results?

You have thoroughly analyzed what guidance your organization can reasonably follow and your
deliberations are filed, e.g. for use as an update after an appropriate period of time has passed, as
input for your stakeholder dialogue, or in liaisons with your external partners. You have identified
possible activities where ISO 26000 can be effectively applied to those issues where all questions
have received positive answers. Don’t be surprised if not all issues of a core subject are deemed
relevant for your organization. In this scenario the whole core subject is rendered irrelevant; this is a
plausible outcome.

But: Don’t be too happy with the analysis because an ISO document cannot cover all possibilities of
how to enhance socially responsible behavior; please feel encouraged to look for additional options
and measures which could be positively applied in your unique situation and actual demands.

Weblink: Be creative and find your optimal contribution to the betterment of society. Some good
examples are given at http://www.26k-estimation.com/html/good_examples.html.

Step 6: You can communicate your responsible use of ISO 26000

You as an organization certainly already have long-term relationships to your stakeholders or may
detect new possibilities to communicate with affected parties by following the Check Tool in Step 5
when you decide about a further enhancement of your social responsibility related activities. Find
further useful information on stakeholder definition in Attachment 5.

While communicating your responsible use of ISO 26000 is good practice, consideration for
proportionality is necessary. The demands on resources inherent to the reporting required of an
organization need to reflect the size of that organization. Therefore, for example, a one page report
should be acceptable in general, and particularly from SMOs, see Attachment 6.

You may wish to include the identified action items into your stakeholder dialogue and into your
communication. You can do this easily with a statement indicating that you have understood the
purpose of ISO 26000 and that you have identified specific actions.

The ISO WG SR Task Group 2 on “Communication” published the following note on the question how
an organization can refer to its use of ISO 26000, in its December 2009 Newsletter:

“ISO 26000 is a voluntary International Standard providing guidance on social

responsibility. Organizations of all types are encouraged to acknowledge their support
and use of ISO 26000 as follows:

ISO 26000 User Guide (DIS level) page 8 of 15

 “Organization” recognizes ISO 26000 as a reference document that
provides guidance on social responsibility.

and /or

“Organization” has used ISO 26000 as a guide to integrate social

responsibility into our values and practices.”

It is evident that by communicating in this way, and signing with your signature, that you take the
self-instilled responsibility seriously. Anyone interested, be it customers, authorities, stakeholders
or even the public at large can expect your communication to be well-founded and correct and will
highly appreciate this. It will be of a higher value than any statement by any party external to your
organization since they do not usually assume any responsibility in cases of differing interpretations
or other difficulties.

Weblink: The full Newsletter is available at http://www.26k-

estimation.com/html/how_to_use_iso_26000.html#down-docs. The proposed communication can be downloaded
from this link, too, as a Word document. Its wording may be changed e.g. by mentioning the parties being
engaged in your stakeholder dialogue or by special achievements.

ISO 26000 User Guide (DIS level) page 9 of 15

Attachment 1:
DIS - Contents

ISO 26000 User Guide (DIS level) page 10 of 15

Attachment 2:
Project history, features and achievements
It is worthwhile to acknowledge some crucial facts before studying the guidance document in detail because
this may be helpful in judging the value of the various recommendations (”issues”) and their usefulness for
your organization:

- ISO is renowned for its technical standards; in the field of technical standards one can assume a
mutual technical understanding and language of expert engineers towards standardizing dimensions,
quality of material, test methods, and limits etc.

- The ISO 26000 project is a significant experiment in the area of social or societal or society related
standards, where experts don’t necessarily see a good reason for harmonizing societal items or
viewpoints. On foot of different histories and cultures, existing societal differences tend to maintain
their relativity to one another rather than conform. Therefore, ISO was prudent in deciding that ISO
26000 shall be a guidance standard
that offers orientation, advice, proposals, and recommendations but does not contain requirements
for any testing of limits. Thus, the different character of societies is respected.

- ISO began this project following an initiative of the ISO COPOLCO COnsumer POLicy COmmittee, see
http://www.iso.org/iso/copolco_s_achievements.pdf.

- Size of the “working group” (400+ persons) and its proper management; project time: five years;
project cost estimation including September 2009: more than 72 million US Dollars

- Balance between users and

developers of the guidance
document:
It seems worthwhile to know
that the six stakeholder groups
are represented in the Working
Group in a fairly balanced
manner (left chart) and have a
rather equal say but that does
not match well with the
estimation of expected users
(right chart).

- Stakeholders involved
representing society are
industry, labor, government,
NGOs, consumers, and
Services/Support/ Research/Others; yet no representatives of culture, religion, public health, history
etc.

- Representativeness of stakeholder groups: particularly ISO member bodies of smaller countries could
not staff their delegation to the ISO 26000 Working Group with representatives of all six stakeholder
group see http://www.26k-estimation.com/html/iso_and_societal_standards.html#analysis

ISO 26000 User Guide (DIS level) page 11 of 15

 - Market orientation: A user survey for ensuring the greatest possible market acceptance of the
guidance document was not performed.

- No guidance to governments:
** lines 155 and 156 read: “Governmental organizations, like any other organization, may wish to
use this International Standard. However, it is not intended to replace, alter or in any way
change the obligations of the state.” This explains that an ISO standard may be used by
governments, but only by governmental administrative units, because
** line 303 on the definition of “organization” reads: “NOTE 1 For the purpose of this International
Standard organization does not include government executing duties that are exclusive to the
state.” This explains that ISO has no possibility to provide guidance to governments on their most
privileged duties like issuing a state constitution and a reliable (and properly enforced) system of laws
and regulations for protecting life, property and the environment.

This seems worthwhile to note because (a) one can observe that the greatest deficits in social
responsibility exist in countries of poor governmental systems, (b) it is well known that industry or any
other organization cannot substitute government action, and (c) a minimum level of reliable
governmental systems is a prerequisite for the success of non-governmental social responsibility
initiatives .

- Nomination of experts and observers by the ISO member bodies has been a trustful process because
to-date there are no qualification criteria for “social responsibility experts”, see http://www.26k-
estimation.com/html/iso_and_societal_standards.html#WhoAreTheExperts

- Involvement of consultants in the ISG (Industry Stakeholder Group): while consultants are one of the
many parties of the SSRO stakeholder group (Services/Support/ Research/Others), it is unusual that
consultants can be nominated as industry representatives by their ISO member body (see N048rev1;
“Excluded are enterprises and other organizations that offer services related to standardization,
including certification, registration, accreditation, and related consulting services (SRI services) that
pose an inherent conflict of interest. General consulting or advisory services are also excluded unless
they have been retained for the purpose of representing enterprises or employer organization in the
ISO/TMB/WG/SR process or nominated to represent industry by their national standard bodies”).
This happened in at least four cases while it is generally well known that consultants have here a
conflict of interest.

- Compromises were identified to have occurred among the six stakeholder groups, and between the
narrower votes according to the ISO Directives on CD (Committee Draft), see http://www.26k-
estimation.com/html/cd_voting_results.html#CD-Voting-results and DIS, see http://www.26k-
estimation.com/html/dis__vote__analysis.html#dis-voteanalysis-start,

- In addition to the nationally nominated experts and observers, there is also the involvement of some
40 D-Liaison organizations (like IOE International Organization of Employers, NORMAPME, or ICC
International Chamber of Commerce) in gathering input as broadly as possible from outside the
national ISO member bodies.

Taking the given circumstances into account, the resulting DIS (N172) is admirable.

ISO 26000 User Guide (DIS level) page 12 of 15

Attachment 3:
Estimation of main user groups
In the scope of the DIS it is stated that it, ISO 26000 provides guidance for all types and sizes of
organizations, everywhere, and micro organizations are explicitly included. This is a huge expectation
observing that a realistic estimation of the main user groups looks as follows:

ISO 26000 User Guide (DIS level) page 13 of 15

Attachment 4:
Understanding the relations between ISO 26000 and law and regulation
In the scope clause of the ISO 26000 document you find the sentence:

“This International Standard encourages an organization to undertake activities that go beyond

legal compliance, recognizing that compliance with law is a fundamental duty of any
organization and an essential part of its social responsibility.”

In clause 3.3.1 and on many other instances you will find a wording such as:

“…in compliance with applicable law and consistent with international norms of behaviour,…”

The intention of this wording is to infer that a regulated level of social behavior alone is not deemed sufficient
and an organization should endeavor to do better and go beyond the letter of the law and regulation. This
intent is good but the ISO 26000 leaves you on your own in terms of identifying the relevant international
norms of behavior and with the risk of violating applicable law e.g. in cases where the mentioned international
norms of behavior which you feel encouraged to apply, are not yet transposed into effective national law.

Furthermore, the term “International norms of behavior” is poorly defined (such “norms” cannot be defined as
“expectations”) and concrete examples of which are missing throughout:

2.1.10 international norms of behaviour

expectations of socially responsible organizational behaviour derived from customary
international law, generally accepted principles of international law, or intergovernmental
agreements that are universally or nearly universally recognized
NOTE 1 Intergovernmental agreements include treaties and conventions
NOTE 2 Although these expectations derived from customary international law, generally accepted
principles of international law or intergovernmental agreements are directed primarily at states, they
express goals and principles to which all organizations can aspire. International norms of behaviour
evolve over time.

Attachment 5: “Stakeholders” and “Affected parties”

ISO 26000 defines this term in an over-generalized manner:

“2.1.20 stakeholder
individual or group that has an interest in any decision or activity of an organization.”

As broad as the terms, “an interest” and “any” are, they are also so vague that almost anyone coming along the
road could claim to be your stakeholder. Normally a “stakeholder” is in one way another affected by the
decisions of your organization. Generally accepted stakeholders are your employees, customers and suppliers,
local authorities and the local society or public at large. Depending on your activities there may be additional
stakeholders such as NGOs or representatives of culture, religion, history, public health etc.

In any case, it is you who decides about whom to include into your stakeholder dialogue (i.e. “affected parties”
or “interested parties”) towards a potential further enhancement of your social responsibility related activities.

ISO 26000 User Guide (DIS level) page 14 of 15

Attachment 6:
Proposal for communication

The organization’s letter head

Communication on the application of ISO 26000,

the Guidance Standard on Social Responsibility

We have pleasure in communicating that our organization is well acquainted

with ISO 26000, its character and content, and the way to best prioritize and
follow its guidance.

We recognize ISO 26000 as a reference document that provides guidance on

social responsibility. We have used ISO 26000 as a guide to integrate social
responsibility into our values and practices.

More details are given on <our website> and/or in <our report>. For any
further information please contact the undersigned.

Date and place…..

Signature(s)…..

Address

ISO 26000 User Guide (DIS level) page 15 of 15