In my previous blog (Issue 222), it was noted that ISO clearly states – “There is no requirement to certify an ISO management system standard.[i]” This statement by ISO is unqualified. It means any ISO management system standard. ISO also states in the management system standards with the high-level structure – “This International Standard[ii] contains the requirements used to assess conformity.
An organization that wishes to demonstrate conformity with this International Standard can do so by:
- making a “self-determination and self-declaration,” or
- seeking confirmation of its conformance by parties having an interest in the organization, such as customers, or
- seeking confirmation of its self-declaration by a party external to the organization, or
- seeking certification/registration of its management system by an external organization.
Let’s see what is necessary for this to happen.
Self-Declaration is What It Says!
Here is a self-declaration published on a company website:
“Our company demonstrated conformity with ISO 14001 International Standard by making a self-determination and self-declaration or seeking confirmation of its conformance by parties having an interest in the organization, such as customers, or seeking confirmation of its self-declaration by a party external to the organization, or certification/registration of its environmental management system by an external organization[iii].”
Having the self-declaration on the company’s website will become the new normal.
Self-Determination May Need Some Additional Information
The detractors to “self-determination and self-declarations” state[iv] that if a “customer” requires that the company uses an international management system standard (e.g. ISO 9001:2015), the organization must be certified by a “Certification Body.” This information is not consistent with recent announcements made on the ISO website as documented in my previous blog[v].
The organization can retain a party external to the organization (i.e. a consultant) that has documented experience helping companies implement and/or auditing management systems with the high-level structure and risk management. The consultant can use ISO 17050-1[vi] to create a conformity statement that will satisfy the “customers” that the organization is addressing their interests in the “self-declaration and self-determination” of the management system (s). These customers will engage with the organization over time to make sure that the management system(s) will continue to meet their interests in the future.
One way to monitor the management system is to use ISO 9004:2018[vii] with its maturity grid for tracking each element in the management system and monitoring progress though a self-evaluation method. The consultant will make sure that the maturity matrix information from the self-evaluations are properly described and maintained. It is possible for the consultant to report on the maturity of the ISO management system(s) to the customers on an annual basis.
ISO’s Advice on Getting Started[viii]
If you are considering implementing an ISO management system using this approach, here is how ISO advised you to get started.
- Perform an analysis of your organization’s context (Clause 4.1) that is relevant to the ISO management system(s) selected as well as the internal and external factors that might impact the business. This analysis is looking for potential adverse effects (threats) and potential beneficial effects (opportunities).
- Gather information from the stakeholders, including the customers that require the use of an International standard, to determine how will the organization engage with the stakeholders with the management system (Clause 4.2).
- Establish the scope of the management system, considering what you would like your management system to achieve. (Clause 4.3)
- Conduct a risk assessment with this information to prioritize the efforts specified by the management system (Clause 6.1)
- Set your policy (Clause 5.2) and objectives (Clause 6.2)
- Use ISO 9004:2018 for the self-evaluation using a maturity grid.
- Determine the timeframe in which the organization will implement the management system(s) and plan how to achieve it.
- With the help of the consultant, determine any competence (Clause 7.2) or resources (Clause 7.1) that need addressing before you can implement the management system standard.
The remaining elements in the management system(s) will all fall in line once the implementation program begins. Identified stakeholders (i.e. interested parties) can be engaged with the organization throughout the process.
Closing Thoughts
For the organizations that have chosen to opt out of ISO certifications, this method of self-declaration and self-determination is gaining a great deal of interest. Many customers really like to have the suppliers engaged in discussions that make the products and services contribute to their sustainability programs. Following the information in this blog should help to lower the cost of using the ISO management system standard(s).
Bio:
Robert B. Pojasek, Ph.D.
Harvard University & Pojasek & Associates LLC
Risk Management & Organizational Sustainability
rpojasek@sprynet.com
(781) 777-1858 Office
(617) 401-5708 Mobile & Text
www.linkedin.com/in/bobpojasek
Organizational Risk Management and Sustainability:
A Practical Step-by-Step Guide
Now available as an e-book
http://tiny.cc/xz3fhy
Also available as an online action learning course
End Notes
[i] https://www.iso.org/news/ref2271.html
[ii] ISO 14001:2015 https://www.iso.org/obp/ui/#iso:std:iso:14001:ed-3:v1:en
[iii] http://www.sercontractor.co.uk/may-2013/ser-contractor-ltd-s-green-approach-to-refurbishment-has-earned-us-the-iso-14001-accreditation/
[iv] https://www.iaf.nu/articles/SelfCertification_Is_Not_a_Real_Thing/391
[v] https://insights.cermacademy.com/2018/11/222-ready-self-declare-iso-90012015-management-system-bob-pojasek/
[vi] ISO 17050-1 https://www.iso.org/obp/ui/#iso:std:iso-iec:17050:-1:ed-1:v2:en
[vii] ISO 9004:2018 https://www.iso.org/obp/ui/#iso:std:iso:9004:ed-4:v1:en
[viii] https://www.iso.org/files/live/sites/isoorg/files/store/en/PUB100427.pdf