4. ISO – International Organisation for Standardization
ISO is the world’s largest developer and publisher of voluntary International Standards. 1 It is a network of national standards institutes from 164 countries. Some of these institutes are government-based, whereas others have their roots in the private sector.
ISO has developed tens of thousands of standards on a variety of subjects, including risk management, quality management systems (ISO 9001), environmental management systems (ISO 14 001), and numerous technical issues.
ISO standards are voluntary, however a number of ISO standards – mainly those concerned with health, safety or the environment – have been adopted in some countries as part of their regulatory framework, or are referred to in legislation for which they serve as the technical basis. ISO standards may become a market requirement, as has happened in the case of ISO 9000 quality management systems. All ISO standards are reviewed every five years to establish if a revision is required. Organisations (including corporations) abiding by a standard will seek certification for their organisation or for a product by the various national and international certification or registration bodies operating around the world.
ISO 26 000: an attempt to standardize social responsibility
In 2005, ISO launched the development of an International Standard providing guidelines for social responsibility, ISO 26 000. 2 It was developed through various consultations led by a multi-stakeholder working group including industry, government, labour, consumer, NGO and SSRO (support, service, research and other related entities) representatives. It was adopted in November 2010. In contrast with most ISO standards, ISO 26 000 does not aim at certification.
The objective of ISO 26000 is to “assist organisations in contributing to sustainable development. It is intended to encourage them to go beyond legal compliance, recognizing that compliance with law is a fundamental duty of any organisation and an essential part of their social responsibility. It is intended to promote common understanding in the field of social responsibility, and to complement other instruments and initiatives for social responsibility, not to replace them”. 3
ISO 26 000 deals with a wide range of issues, and has identified seven “core subjects”: organisational governance; human rights; labour practices; the environment; fair operating practices; consumer issues; and, community involvement and development.
The human rights components of ISO 26 000
With regard to human rights, ISO 26 000 recognises that non-state organisations can affect individuals’ human rights, and hence have a responsibility to respect human rights, including in their sphere of influence. To respect human rights, organisations have a responsibility to exercise due diligence to identify, prevent and address actual or potential human rights impacts resulting from their activities or the activities of those with which they have relationships. Due diligence processes may also contribute to alert an organisation to a responsibility it has in influencing the behaviour of others, in particular when the organisation may be implicated in causing human rights violations.
- ISO 26 000 points out human rights risk situations (weak governance zone, etc.) where additional steps may be taken by organisations.
- Organisations should avoid complicity in human rights violations, be it direct, beneficial, or silent complicity.
- An organisation should establish remedy mechanisms.
- An organisation should pay attention to vulnerable groups and avoid any kind of discrimination.
- An organisation should respect fundamental principles and rights at work, as defined by the ILO, and engage in fair labour practices.
Content-wise, ISO 26 000 draws from existing initiatives, such as the Framework presented by the UN Special Representative on the issue of business and human rights. On the other hand, it goes further by including concepts and addressing issues such as the sphere of influence to determine companies’ complicity, the entire cycle life of products, sustainable purchasing and procurement practices, sustainable consumerism, responsible marketing, consumers’ right to privacy and access to information, respect for communities’ values and customs. A whole section is devoted to community involvement and development. The text nevertheless remains criticised for attempting to include various concepts – both judicial and non judicial – into the same document, thereby creating possible confusion.
ISO is a standard developing organisation and, as such, is not involved with the implementation of standards in the various countries. Complaints can only be made regarding standards that are subject to certification hence no complaints are possible under ISO 26 000.
Complaints can be submitted to ISO regarding the misuse of the ISO logo or false certification to ISO standards. Complaints can remain confidential if requested, and a response will be sent within 14 days. ISO does not “guarantee a resolution and cannot assume any liability, but it can help to facilitate dialogue between the parties involved and work towards a positive outcome”.
A complaint can be directly submitted to ISO only if the following steps have been fulfilled:
- You must have filed a complaint with the company in question first.
- If the outcome of this complaint is unsatisfactory, you must make an official complaint to the certification body which accepted the company in question.
- If this is unsuccessful, you must complain to the national accreditation body in charge.
To a certain extent, ISO 26 000 – and the lengthy process of its elaboration- reflects a wide range of issues which are being debated around the responsibility of businesses with regard to human rights and contributes to further acknowledgement that corporations cannot ignore human rights. To date, ISO 26 000 only provides guidance to organisations, and both its content and potential usage remain too vague and uncertain to assess its usefulness. No verification or complaint mechanisms are available. 5
Although it is not meant to become a certification standard nor to be used as a standard-setting document, nothing in the text prevents countries from adopting national standards based on ISO 26000 that could become certifiable. In October 2020, ISO 26000 was adopted as European CEN-standard. 6 Other countries, such as India or Mexico, have adopted it too. In the absence of a national norm incorporating ISO 26 000, nothing will prevent consulting firms (which actively participated in the drafting process) from proposing their services to businesses to evaluate, audit and establish ranking systems using the ISO 26 000 standards.