In time for Earth Day 2024, 31 ISO standards were amended to address the issues of climate change in all areas of business today. The main 3 core standards that have been impacted are ISO 9001:2015 – Quality Management Systems, ISO 14001:2015 – Environmental Management Systems and ISO 45001:2018 – Occupational Health and Safety Management Systems.
The Changes
The changes affect all the standards in the same way.
Change #1 – The following sentence is added to the end of clause 4.1:
The organization shall determine whether climate change is a relevant issue.
Change #2 – The following note is added to the end of clause 4.2:
NOTE Relevant interested parties can have requirements related to climate change
Timeline for adoption
This is a minor amendment, therefore, registrars typically expect implementation within the next year from publication. The amendments were published on February 23, 2024, therefore implementation should be completed by February 2025. If your external audit is prior to Feb. 2025 you will likely only receive an opportunity for improvement if you cannot demonstrate implementation of the new requirements. After that, be prepared for a nonconformity. However, the specific interpretation and expectations should be requested from your registrar or auditor.
What is the goal of the amendment?
The objective with this change is to consider how climate change has an impact on your business. Additionally, how does climate change impact your interested parties and is this a relevant requirement for your organization.
Some examples of climate change impacting your organization:
Example #1 – One of your main raw materials is aggregate which is supplied from quarries in the mountains. As a result of increased forest fire activities in the summer, transportation routes from the quarry to your operations are more frequently disrupted. As a result, top management has chosen to increase the storage capacity on site for the aggregate to allow for increased shipments avoiding the forest fire season.
Example #2 – Increased extreme temperatures for longer periods of time. Meaning that winter freezes and summer heat waves are longer and more severe. With the main operations affected by the weather, top management decides to increase the capacities and efficiencies of the cooling towers and the boilers that are both used to moderate the operations’ temperature settings.
Example #3 – One of the key customers’ board of directors has established a commitment to the UN Sustainable Development Goals and has set a number of new environmental goals. One of the goals is to reduce the production of Greenhouse Gases, of which, 30% of the reduction will come from the supply chain. Top management has decided that this is a valued client and will set their own organizational objectives in the reduction of GHGs.
Example #4 – Changes in our weather are another key point. To read more about this check out our blogs on Climate Action. Climate Action 1: Greenhouse Gases and Climate Action II: Significant Aspects
How to demonstrate implementation
Both of the amendments affect elements that are not required specifically to be documented. However, we all know the adage “If its not written down, it didn’t happen”. The key is to demonstrate that climate change as an issue and climate change impacting your interested parties have been considered. The first step is to have a meeting and discuss the impact climate change has and can have and the associated risks and keep minutes from that meeting. After that, there may be additional changes, such as policies, actions to address risks, or new objectives.
All of the standards impacted:
ISO 9001:2015 – Quality Management Systems
ISO 14001:2015 – Environmental Management Systems
ISO 45001:2018 – Occupational Health and Safety Management Systems
ISO 50001:2018 – Energy Management Systems
ISO 22000:2018 – Food safety management systems – requirements for any organization in the food chain
ISO 14298:2021 – Graphic technology – management of security printing processes
ISO 15378:2017 – Primary packaging materials for medicinal products – particular requirements for the application of ISO 9001:2015, with reference to good manufacturing practice (GMP)
ISO 16000-40:2019 – Indoor air – Part 40: Indoor air quality management systems
ISO 18788:2015 – Management system for private security operations
ISO 19443:2018 – Quality Management systems – specific requirements for the application of ISO 9001:2015 by organizations in the supply chain of the nuclear energy section supplying products and services important to nuclear safety (ITNS)
ISO 21001:2018 – Educational organizations – management systems for educational organizations
ISO 21101:2014 – Adventure tourism – safety management systems
ISO 21401:2018 – Tourism and related services – Sustainability management system for accommodation establishments
ISO 22163:2023 – railway applications – Railway quality management system – ISO 9001:2015 and specific requirements for application in the railway sector
ISO 22301:2019 – Security and resilience – Business continuity management systems
ISO 28000:2022 – Security and resilience – Security management systems
ISO 29001:2020 – Petroleum, petrochemical and natural gas industries – sector-specific quality management systems – requirements for product and service supply organizations
ISO 30301:2019 – Information and documentation – management systems for records
ISO 30401:2018 – Knowledge management systems
ISO 34101-1:2019 – Sustainable and traceable cocoa – Part 1: Requirements for cocoa sustainability management systems
ISO 35001:2019 – Biorisk management for laboratories and other related organizations
ISO 37001:2016 – Anti-bribery management systems
ISO 37101:2016 – Sustainable development in communities – management system for sustainable development
ISO 37301:2021 – Compliance management systems
ISO 39001:2012 – Road Traffic Safety (RTS) management systems
ISO 41001:2018 – Facility management – management systems
ISO 44001:2017 – Collaborative business relationship management systems
ISO 46001:2019 – Water efficiency management systems
ISO/IEC 19770-1:2017 – Information technology – IT asset management – Part 1:IT asset management systems
ISO/IEC 20000-1:2018 – Information technology – service management – part 1: service management system requirements
ISO/IEC 27001:2022 – Information security, cybersecurity and privacy protection – Information security management systems