New features and what happens next
Aspects of climate change included in the standards for management systems
The International Organization for Standardization (ISO) and the International Accreditation Forum (IAF) recognized a while ago that the climate crisis and its effects present many major challenges. As a result, ISO and IAF published a joint communiqué on February 22, 2024.
This communiqué lists changes that are intended to ensure that companies and organizations address these issues. These changes are embedded in Chapters 4.1 - Understanding the organization and its context and 4.2 - Understanding the needs and expectations of stakeholders and are as follows
Chapter 4.1: "The organization shall determine whether climate change is a relevant issue."
Chapter 4.2: "NOTE: Relevant interested parties can have requirements related to climate change."
This affects, among others, the standards
ISO 27001:2022, ISO 22301:2019, ISO 20000-1:2018.
Effects on organizations
For certified companies, nothing will change except that the certificates will remain valid unchanged. The new requirements will be reviewed by auditors in the respective audits. However, certified companies must ensure that they address the topic of climate change and the resulting challenges by addressing the issues (as defined above) in context and taking into consideration the requirements of interested parties accordingly.
What is the next step?
These requirements will be included in all type A management system standards (certifiable standards) - this includes the standards ISO 27001:2022, ISO 22301:2019 and ISO 20000-1:2018 and will subsequently be included in the harmonized structure of Appendix 2 of Annex SL.
In addition, the Auditing Practices Group, an informal ISO group consisting of experts, auditors and users, has issued guidance on how these topics can be queried as examples in an ISO 9001 audit. This guidance can serve as a basis for organizations to query and anchor the above-mentioned topics for themselves.
