“We’re ISO 26000 Certified.”  Say What?!

“We’re ISO 26000 Certified.” Say What?!

 By Nazareth Seferian*, for Responsible Business – Armenia

In early 2013, the media in Armenia reported that one of the country’s large mobile operators had successfully received an ISO 26000 certificate. The CEO of the company beamed in front of the cameras as he received the certificate with the word “Confirmation” in large print across it, handed to him by a consultant from a CSR agency based in Vienna. “We have passed the ISO 26000 test successfully,” the CEO was quoted as saying, while the consultant confirmed that the company was one of the few in the world – and the only one in the former Soviet Union – to receive a certificate of confirmation for ISO 26000.

It all sounded very impressive – recognition validated by none other than the reputed International Organization for Standardization (ISO). Even if you’ve never heard of ISO 26000 – which is true of many people in Armenia before this news story – ISO is quite well known in most circles. Worthy of a round of applause? Perhaps… except, that there is no such thing as ISO 26000 certification, or confirmation, or verification… as most CSR professionals around the world know (or, at the very least, should know). The standard is pretty straightforward about this and has the following to say:  “ISO 26000 is not a management system standard. It is not intended or appropriate for certification purposes or regulatory or contractual use. Any offer to certify, or claims to be certified, to ISO 26000 would be a misrepresentation of the intent and purpose and a misuse of this International Standard. As ISO 26000 does not contain requirements, any such certification would not be a demonstration of conformity with this International Standard.”

Question of Certifiability

In his book, Understanding ISO 26000: A Practical Approach to Social Responsibility, published by the British Standards Institution in 2011, Adrian Henriques says that when developing the standard, the question of its certifiability was “possibly the most contentious issue of all.” He goes on to outline the case for and against certifiability that was debated by the professionals that developed the standard: “The arguments for including requirements were that it would give the standard ‘teeth’. If it contains no requirements, then it is difficult for an organization to know how well it is performing and there may be little incentive to improve performance. In the end, the phrase ‘implementing ISO 26000’ would have little meaning. The arguments against including requirements were partly that this would simply create an enormous market for those wishing to provide certification services, without delivering any real value. More significantly, perhaps, was the fear of many organizations that they would simply fail to make the grade. Social responsibility is a difficult area in which to demonstrate real achievement.”

Eventually, those arguing against certifiability won. One of the people arguing against certifiability was Guido Guertler, the ISO 26000 representative of the International Federation of Standards Users (IFAN). “I fought a lot for this and I am happy to see that certification was excluded. The simple argument is that 98% of companies in the world are SMEs. If they are faced with an obligation to get certified for ISO 26000 in order to get some kind of competitive edge and this costs, say, 10,000 Euros, then how many work hours is this equivalent to? How much additional turnover does this equal? And what is the net benefit in the end – close to zero,” Guertler says.

Standard Misuse

In fact, after the standard was developed, the ISO 26000 Post Publication Organization followed up a year and a half later with a special communication protocol, saying that organizations using the ISO 26000 guidelines should be “careful in their choice of wording”. It was considered inappropriate to use wording such as “certified/verified according to”, “conformance with”, “assessed against”, “meets the requirements of” and other options when it comes to ISO 26000. Even the phrase “implementing ISO 26000” was discouraged by the protocol. It is rare for a communication protocol of this kind to be issued for a specific standard and this is evidence that there have been a number of cases of ISO 26000 misuse.

So what’s the story? Why do consultants offer ISO 26000 “certificates” and why do companies try to get them?

“In my view, it’s really astonishing that such misuse exists at all. I think we all have to endeavor very much to use terms correctly, particularly when the public is involved. Human beings by their nature are tempted to play along with words and to gain advantages from that. But in the standardization business, the exact use of terminology is key,” said Guertler.

Adrian Henriques feels that this might be a case of lack of knowledge, “I suspect that most of the companies that claim certification just have not read the standard properly and assumed that all standards were like ISO 14001. And then, given pressure to prove their social credentials, were easily led by consultants,” he said.

Guido Guertler does not mince words when it comes to the companies that are involved in giving or receiving such certificates. He said, “This is not only unethical, it is ignorant and arrogant. Ignorant because one thinks that one can certify against ISO 26000 even though it is clear that one cannot, and arrogant because there is a whole community of CSR professionals who have developed the standard to be non-certifiable and you think you can just come in and change that. The procedure is socially irresponsible because it puts the voluntary guidance upside down and transposes it into requirements.”

And yet, there are a number of such cases, most of which Guertler has documented in a separate section of his website, www.26k-estimation.com. Perhaps one of the most globally recognizable names there is that of Air France Industries KLM Engineering and Maintenance, who issued a press release on 10 January 2011 saying that Bureau Veritas Certification had renewed the Single and Global Certification for the company, including the ISO 26000 standard, making the company the world’s first Maintenance, Repair and Overhaul (MRO) provider to adopt ISO 26000. This sparked a huge debate on a LinkedIn Group dedicated to ISO 26000, which included comments on the one hand like “we should not easily dilute ISO 26000 to corporate prop speech and to another sexy marketing slogan”, while other professionals felt that the CSR community should stop “fighting the inevitable” and that “if 70% of the market wants to think of ISO 26000 in this way, they should not be discouraged because anything they do in this situation is a step in the right direction, no matter the terminology.”

A Corporate Need?

In their book, ISO 26000: The Business Guide to the New Standard on Social Responsibility, published by Greenleaf Publishing in 2011, Lars Moratis and TimoCochius say that “Despite the often-heard complaint that organizations suffer from a certain certification fatigue, there appears to be a need, especially among enterprises to develop a certifiable version of ISO 26000.” Adrian Henriques agrees that there is a big demand for a certifiable standard and says, “The best way to express that would be to press for a revision of the standard to permit certification - or the development of a sister, certifiable standard. Since the standard is now currently up for review, the time is right. But then, there is also a lot of resistance to the idea of a certifiable standard.”

Moratis cites a standard that appeared in the Netherlands at the same time around ISO 26000, offering a certifiable management systems standard inspired by ISO 26000. “There are several certifiable standards that are based on or inspired by ISO 26000, including a couple from national standardization bodies from the ISO network. That adds to the confusion,” Moratis says.

Guido Guertler embodies the resistance that Henriques mentioned. “We should always keep in mind that we are dealing with societal standards. Societies develop continuously and you should be able to act on that changing demand. Any need for verification or certification would have to specify requirements - such a project would be a totally different standard, it should not be part of the ISO 26000 family. I think that societies are different and want to maintain their differences – the cultures, value propositions, religions are different – so you cannot standardize a societal phenomenon.” Regarding the ongoing practice of “certification”, he adds, “As Air France Industries did, there is something wrong in playing around with words because this misleads others to do the same wrong practice. If Air France Industries did this and was not accused of doing anything wrong, we can also do it. This leads to a proliferation of bad practices.”

In theory, ISO members must report any cases of ISO 26000 misuse to the Post Publication Organization and the ISO Central Secretariat. ISO members must contact the misuser and convince them that this should not be repeated. But the amount of feedback on the national level is poorly organized and the most that usually gets done is that PPO registers the cases in its meeting protocols for its own records.

While the jury is still out on the need for a certifiable social responsibility standard, the fact remains that ISO 26000 is not one. So the next time you hear about a company offering or receiving ISO 26000 certification or verification, remember to focus more on the company’s real actions in social responsibility and less on the specific “certificate” being flaunted.

*Nazareth Seferian is responsible for CSR and Philanthropy projects at Orange Armenia and is also the author of CSR Armenia (www.csrarmenia.com), the first blog dedicated to CSR issues in Armenia. A special thanks to Guido Guertler, Adrian Henriques, Lars Moratis and StaffanSoderberg for their support in writing this article.



SourceResponsible Business Magazine




All, 2013