ISO 26000 - SUM: Sustainability Management Wiki

Author: Kristoffer Darsow, Jan-Hendrik Tittel

1 Definition and Relevance

ISO 26000 is a voluntary guideline that supports organizations in embracing social responsibility, developed by the International Organization for Standardization (ISO) and published in November 2010. In Germany, the ISO standard was published in January 2011 through the Deutsches Institut für Normung (DIN).¹

Since the importance of sustainability in general, and especially in the context of Social Responsibility and Corporate Social Responsibility (CSR), has grown, suitable actions are necessary. Through the ISO 26000 guideline, companies and organizations should be encouraged to contribute to sustainable environmental, social, and economic development. It focuses on a wide spectrum of sustainability issues.²

Unlike other ISO standards, ISO 26000 is not certifiable, meaning it does not include requirements for certification.^3,4 It can be seen as a standard with a soft impact, with an impact on the culture and attidues.³ Offering guidance rather than serving as a certifiable management systems standard, ISO 26000 emphasizes a primarily ethical approach to CSR instead a strictly strategic one.⁵

As a result, ISO 26000 has a universal and flexible application. This guideline is intended for organizations of all types, regardless of their field of activity, size, ownership structure, social context, culture, or religious background. Therefore, organizations can adapt this standard to their specific circumstances. As Hahn (2013) states ISO 26000 can be seen as a “starting points for implementing sustainability strategies” (p. 442).² ISO 26000 aims to achieve something unique among global standards on social responsibility by bringing together the core expectations for organizations in fulfilling their societal responsibilities into a single framework.⁶

The seven principles of social responsibility are fundamental to the ISO 26000 standard: Accountability, Transparency, Ethical behavior, Respect for stakeholder interests, Respect for the rule of law, Respect for international norms of behavior and Respect for human rights.⁷

The essence of ISO 26000 is encapsulated in its seven core subjects, each of which plays a vital role in addressing Social Responsibility: Organizational Governance (subclause 6.2), Human Rights (subclause 6.3), Labor Practices (subclause 6.4), Environment (subclause 6.5), Fair Operating Practices (subclause 6.6), Consumer Issues (subclause 6.7), and Community Involvement and Development (subclause 6.8).⁸

For effective implementation, it’s crucial to consider all seven of these subjects. Each subject encompasses specific issues that must be carefully evaluated, totaling 37 issues across the seven core subjects of ISO 26000.⁷ These issues form the foundation for understanding and applying the principles of Social Responsibility.

The complexity of ISO 26000 can be seen in Figure 1. It is important to note that social responsibility is a continuous process, and ISO 26000 should contribute to that process as a good starting point.²

*Figure 1: Schematic Overview of ISO 26000, Source: own image designed according to ISO (2018). ⁸*

2 Background

In this chapter we will explore the background of ISO 26000, starting with a general overview of ISO as an organization. We will then look at ISO’s contributions to global sustainability and examine the historical context that underlined the need for a social responsibility standard. Finally, we will show the development of ISO 26000 from its origin to its completion.

2.1 ISO Definition

ISO is the world’s largest developer of voluntary international standards. As an independent, non-governmental international organization, ISO creates advanced specifications for products, services and best practices.^7,9 These standards improve the efficiency and effectiveness of industry and facilitate global trade. A key feature of the standards is that they are developed by international consensus. Since its foundation in 1947, ISO has published about 25.489 standards in many areas such as food and agriculture, IT, health and also environmental sustainability. ISO works through a network of national standardization bodies from 172 countries, representing both developed and developing countries. Each national body participates in ISO to reflect its specific needs and expertise. The standards are developed by experts and national delegations who have in-depth knowledge of their sectors to ensure that the standards are practical and useful. In total, 840 Technical committees and subcommittees take care of the development of these standards.^7,10 The ISO standards promote sustainable development in the economic, social and environmental fields and are based on a wide range of stakeholder insights. Although these standards are voluntary, they are highly regarded and widely implemented by companies, governments and society. ISO standards are often translated by member countries and applied as national standards, which underlines their global relevance and usefulness. ⁷

2.2 ISO and Environmental Sustainability

In the strategy ISO 2030, the organization made an opportunity statement regarding environmental sustainability. It is stated that “Environmental sustainability is vital for people, planet and prosperity, both now and in the future” (p. 26).⁹ It is further emphasized that climate change, environmental pollution and the loss of biodiversity are reshaping our society, affecting our health and changing the framework conditions for companies and governments worldwide. By providing standards that prioritize environmental sustainability, ISO aims to contribute to a more sustainable world.⁹ Hereby they contribute to the sustainable development goals of the UN 2030 Agenda.¹¹ To take responsibility, ISO aims to be a role model in climate action and a leader in promoting sustainability, demonstrating how standards can turn environmental commitments into effective actions. This, by supporting national and international policy implementation. By collaborating with strategic partners, ISO and its members will address pressing global environmental challenges.⁹Furthermore, international standards for environmental sustainability have benefits for companies. Implementing these standards can help provide a straightforward and effective approach to achieving operational excellence, complying with legal requirements and meeting stakeholder expectations. ISO Standards in the field of environmental sustainability are for example in the sectors of Environmental management, Circular economy, Air quality, Climate change, Smart cities, Soil quality, Water quality and many more.¹²

2.3 Historical Background and the need for a standard

A few decades ago, corporate social responsibility (CSR) was not a top priority for most companies. Today, however, it has developed into a generally recognized principle and almost all large companies – and even a number of smaller ones – are involved in CSR.¹³

Creed (2014) quotes Thompson, who defines CSR as “the vaguely defined term for the broad concept of business conduct that aligns with social expectations of integrity, transparency, fairness, and generally accepted social values” (p.30).¹⁴

Employees want businesses to behave responsibly, just like customers do. This is leading companies to position themselves as attractive employers and to be committed to CSR. The expectation of having CSR is further driven by pressure from buyers, suppliers, and competitors, who may limit their sourcing to companies with strong CSR commitments or seek to avoid exclusion from contracts. In other words, through CSR companies gain legitimacy. ^13,14

The growing expectation for organizations to not only care for the social and environmental well-being of their members, but also to actively contribute to these goals, made a universal standard necessary.¹¹

In 2010, ISO created the ISO 26000 standard, which addresses social responsibility. It was initiated, after the Consumer Policy Committee responded to the growing number of consumers expressing concern about the social responsibility of companies and their activities in global markets. Today the standard can be used by companies to implement CSR.^13,15,16

It is important to note that the standard uses the term “social responsibility” rather than “corporate social responsibility” to emphasize that its guidelines apply to all types of organizations, not just companies. ISO 26000 defines social responsibility as an organization’s responsibility to consider how its decisions and activities may affect society and the environment. This responsibility includes ethical and transparent behavior that contributes to sustainable development. Also it considers the expectations of stakeholders, complies with laws and international standards and is integrated into the organization’s practices and relationships.⁷

The importance of this standard grew over the time. To help investors, consumers, policy makers and other stakeholders measure the non-financial performance of large companies and to promote a responsible business approach, the European Commission issued a policy on CSR reporting in 2014. This policy required public interest companies with more than 500 employees to disclose non-financial information and their approach to social and environmental challenges. It was noted that businesses might create their statements using national, international, or European norms like ISO 26000. ¹³

The Corporate Sustainability Reporting Directive (CSRD), which came into force on the 5th of January 2023, updates and strengthens the rules on the social and environmental information that companies must report. Regarding the assessment of financial risks and opportunities related to climate change and other sustainability challenges, the new regulations will ensure that investors and other stakeholders have access to the information they need. They will also provide the necessary insights into the impact of companies on people and the environment.¹⁷ In this way, companies create transparency and comparability.¹⁸

2.4 Development of ISO Standards on the example of 26000

The ISO standard took nearly six years to develop, which can be attributed the consensus principle. The consensus principle is one of the requirements that ISO has adopted. This implies that the outcome needs to meet all national requirements. The development began when the International Consumer Organization requested ISO to create a standard in 2001. The goals and substance of the standard were then outlined in a work order that was adopted in 2004. In the following, the ISO working group on “Social Responsibility” wrote four iterative working versions of ISO 26000 between April 2005 and the end of 2007. Experts and stakeholders from around the world commented on the current versions, which were then revised and republished to gather feedback. Finally, over 650 interested parties from 99 different countries were involved in the development of the guidelines and the standard was published on 1 November 2010.¹⁵

3 Practical Implementation

Implementing Social Responsibility into the organizations has several advantages. How an organization handles social responsibility can impact its overall success. It can give the company a competitive edge, improve its reputation, and make it easier to attract and keep employees, customers, and members. Strong social responsibility also helps boost employee morale, commitment, and productivity. It positively influences how investors, donors, and the financial community view the organization. Additionally, it strengthens relationships with key stakeholders, including other companies, governments, the media, suppliers, peers, and the local community.⁸ According to an ISO Survey, the first regions to adopt management standards in general are Europe, Asia (in particular Japan) and Australia. These countries also have the highest numbers of adoptions. For ISO 26000 Europe and Asia seem to be the biggest players.¹⁹

This chapter looks at the practical aspects of implementing ISO 26000 and provides tools and strategies to help organizations integrate social responsibility into their operations. It also outlines methods that can be used to effectively measure the impact and success of implementing ISO 26000 in an organization. Finally, we will compare ISO 26000 with the OECD Guidelines for Multinational Enterprises and provide insights into how these frameworks work together to promote responsible business practices.

3.1 Tools to implement ISO 26000

ISO itself refrains from making specific recommendations for implementation of ISO 26000. On the one hand, this makes implementation within organizations more difficult. On the other hand, they offer flexibility for individual adaptations in different contexts.²⁰ It must be emphasized, that there is not much literature on how it has been implemented by organizations, especially in comparison to other standards such as ISO 9001 and ISO 14001. In the literature, there was confusion about the purpose of the standard and its acceptance, which was increased by the lack of certification and the introduction of national standards that used ISO 26000 as a basis and then offered certification.¹⁹

Despite these difficulties, we will present a comprehensive overview of the different tools and methods that are available for implementing ISO 26000. This chapter will explore different approaches that organizations can take.

3.1.1 Supporting documents of ISO

ISO provides additional supporting documents for the ISO 26000 standard. These include among others a Communication Protocol.²¹ This document emphasizes that organizations should pay attention to their wording, in the context of not using the standard for certification. Hereby Sandberg (2012) provides examples such as stating that a company is “Using the ISO 26000 standard to integrate / implement social responsibility / socially responsible behaviour into the organization” and not using “…certified according to ISO 26000“ (p.1).²²

The communication protocol therefore only helps how to say that the organization applies ISO 26000, but it does not give any direct tips on how to apply ISO 26000. For this purpose, ISO provides training materials in the form of a PowerPoint presentation and a training protocol.²¹ In this PowerPoint presentation ISO offers information about ISO in general, ISO 26000, its core content and an overview how to use ISO 26000.²³

Therefore, to use ISO 26000 effectively, organizations should first set a clear direction from the top and integrate social responsibility into their management structures and procedures. It is important to determine the relevance and importance of the different areas of social responsibility by prioritizing them using tools such as matrix analysis, mapping and gap analysis. Organizations should also assess their responsibility within their sphere of influence and ensure that they conduct thorough due diligence. Finally, transparent communication with stakeholders through regular reporting and other forms of engagement is essential. The importance of due diligence is also emphasized in the context of investigating situations and avoiding SR risks. Therefore, organizations should consider the impact of their decisions within their sphere of influence, ensure compliance with legal requirements and consider the perspectives of those affected by their actions, i.e. their stakeholders.²³ The training protocol just explains how a good training should look like and introduces the PowerPoint presentation.²⁴

3.1.2 Implementation with the Clauses

To provide an overview of the standard, the ISO has created a graphic with each clause and their content. We will now explain these in the context of implementation (see Figure 1). The seven main principles of ISO 26000 provide direction for implementing social responsibility.¹¹ To effectively practice social responsibility, an organization should first understand these principles, which are outlined in Clause 4 and consider their relationship with sustainable development (Clause 3). Before addressing key topics and issues (clause 6), the organization should be aware of its social responsibility within its area of influence and hereby identify and engage with stakeholders (clause 5). When these principles and key issues are identified, they should be integrated into business decisions and activities in accordance with the guidance in Clause 7.⁸ This Clause is the most detailed one. It thematizes integrating social responsibility throughout an organization (see Figure 1). This includes embedding social responsibility into policies, culture, and operations, building relevant competencies, communicating internally and externally, and regularly reviewing these practices. The goal is to maximize the organization’s contribution to sustainable development, with additional guidance available from authoritative sources and voluntary initiatives.⁸

The ISO training materials also provide guidance on understanding the seventh clause. Therefore, including SR into the organization begins with leadership from owners and top management, who are essential in guiding the organization. The mission and vision statements should be used to define the organization’s core values, ensuring that these are clearly communicated and integrated into daily operations. It’s crucial to involve relevant stakeholders, including employees, in this process. Organizations should also set both short-term and long-term goals to ensure continuous progress in SR. Furthermore, organizations should embed transparency and accountability at every level, ensuring that SR is considered in decisions related to purchasing, investing, hiring, promoting, advertising, and community relations, among others.²³

3.1.3 Linkages

Companies often integrate the requirements of ISO 26000 with other existing standards, tools, guidelines, or international instruments. For instance, there are linkages with other ISO standards such as ISO 9000, which focuses on quality management systems, ISO 14000 for environmental management systems, ISO 14063 for environmental communication, ISO 37001 for Anti-bribery management systems, ISO 45001 for health and safety management systems and ISO 20400 for sustainable procurement. Additionally, ISO 26000 can be connected to external documents like the GRI Guidelines, UN Guidelines, and ILO Declarations.^8,23Also, ISO refers to link with the OECD Guidelines for Multinational Enterprises and the United Nations 2030 Agenda.^21,23 Although ISO 26000 was created before the UN 2030 Agenda, it provides over 450 recommendations aligned with its main principles and core topics of social responsibility, which assist organizations in contributing to the SDG goals.¹¹ In chapter 3.3 we will take a closer look at the comparison between ISO 26000 and the OECD Guidelines for Multinational Enterprises. Today there are many standards and certifications that overlap with ISO 26000 and compete to be effective tools to measure and implement social responsibility, such as eco-labels like FairTrade, RAN, and UTZ.¹⁹

3.1.4 Management systems

In order to implement ISO 26000, a defined and implemented basis of values is required. As an integral part of a company it guides behavior, structures the dialogue with stakeholders and enables the systematic adoption of social responsibility. This can take place by using integrity or value management systems. Josef Wieland’s value system, which defines four process stages for implementing values, can provide support here. Firstly, fundamental values are defined and recorded in the form of guiding principles. These codified values are then integrated into day-to-day business by incorporating them into behavioral standards, target agreements and decision-making processes. In the next step, the different instruments are linked together and systematized, either by integrating them into existing systems such as HR management or by institutionalizing and communicating them as independent systems, such as CSR management. Finally, the whole thing is embedded in the organization by creating corresponding positions, such as an ethics or sustainability officer, and swearing managers to their role as role models.²⁰

3.2 Measurements

Measuring the adoption of ISO 26000 is challenging since it is not a certifiable standard. Unlike ISO 14001, there is no inherent mechanism for recognizing its application through certification.³ However, organizations still have opportunities to assess their contribution to ISO 26000 and their commitment to social responsibility within the organization.

3.2.1 Measurement from external organizations

ISO 26000 recommends an external evaluation for the indicator collection and reporting phase. This to evaluate the effectiveness of the monitoring system and to ensure compliance with the principles of social responsibility. This independent review could also examine the organization’s CSR strategy and identifies opportunities to improve ESG performance.²⁵

The DEKRA Maturity Assessment, for example, is a tool that aims to evaluate an organization readiness and current social responsibility practices while providing guidance to help them on its way to ISO 26000 compliance. It is a system that measures a company’s level of improvement and performance based on its current social responsibility policies, protocols and systems.²⁶ Also the TÜV SÜD offers guidance as a third-party. TÜV SÜD evaluates the defined targets and prepares an internal or public report for stakeholder communication. This assessment approach is designed to determine the accuracy of the information reported by each company and its supply chain. Based on this, each process is expected to achieve the highest international standards and increase credibility with stakeholders. TÜV SÜD also offers public training, e-learning modules and awareness trainings.²⁵

3.2.2 CSR practices and ISO 26000 performance efforts

Following the introduction of a CSR-System, several authors suggest that a company should develop and measure CSR-related key performance indicators (KPI). These KPIs can indicate improvements in the company’s competitiveness due to CSR, while others consider them as measures of the impact on all stakeholders involved.²⁷

In a paper by Habidin et al. about the performance efforts in the Malaysian automotive industry, their study demonstrates that companies can connect their CSR practices with ISO 26000 performance efforts. Hereby there are CSR Measures such as the Employee Improvement, Customer Focus, Environment, Corporate Governance, Community and Society and Human Rights that can be used to measure and thus implement CSR into the company. The study delivers different items that describe the CSR Measures. For example, for Employee Improvement Quality employees, employees’ attitude, motivation and training, employees’ commitment, employee satisfaction, profit margin, employee stock, ownership, and information sharing need to be considered. According to the paper, a significant challenge in Malaysia is the lack of knowledge and experience with the tools needed to effectively implement social responsibility, particularly when it comes to engaging in widely recommended social responsibility initiatives. For these situations ISO 26000 comes in handy, by giving guidance for social responsibility. Measurement with ISO 26000 can be achieved by recognizing social responsibility efforts and identifying and involving stakeholders.²⁸

3.3 ISO 26000 and OECD Guidelines for Multinational Enterprises

As can be seen from the linkages, it is advisable to link the ISO 26000 standard with the OECD Guidelines for Multinational Enterprises. For this reason, we will show you a comparison of the two sets of guidelines.

The OECD Guidelines for Multinational Enterprises are recommendations from governments to multinational companies, outlining non-binding principles and standards for responsible business practices worldwide.⁷ They were first applied in 1976 and last revised for the sixth time in 2023.^29,30 The principles must be in line with the applicable laws and are intended to ensure that the activities of these companies are in line with government policy. This is intended to strengthen mutual trust between the companies and the societies in which they operate. It should also facilitate foreign investment and contribute to sustainable development. Its specialty is that it is the only recommendation that governments have agreed to promote. These guidelines are used by OECD member countries and countries that have agreed to the OECD Investment Declaration. These governments are committed to enforce the guidelines by setting up national contact points.^7,30

The 2023 update was carried out to reflect the experiences of the last decade since the last update in 2011 and responds to urgent social, environmental and technological priorities facing societies and businesses.³¹

Table 1: Core subjects OECD Guidelines and ISO 26000 ³¹

OECD Guidelines	ISO 26000
DisclosureHuman rightsEmployment & Industrial RelationsEnvironmentConsumer InterestsScience, Technology and InnovationCombating Bribery and other forms of Corruption TaxationCompetition	Organizational governanceHuman rightsLabor practicesThe environmentFair operating practicesConsumer issues Community involvement and development

Comparing the Core subjects of the OECD Guidelines and ISO 26000 both have human rights, the environment, consumer-related issues and labor as their main topics. Looking more closely at the Guidelines, the OECD Guidelines focus more on supporting of topics such as combating bribery, science and technology, and taxation. In comparison, ISO 26000 offers detailed guidance on its seven core topics and 37 themes, outlining specific “actions and expectations” for each. It also provides broader insights into issues such as child labor and climate change adaptation.^7,31 In general, both aim to promote responsible practices in organizations and encourage them to contribute to sustainable development. The ISO 26000 standard emphasizes that a main goal for organizations is to maximize their contribution to sustainable development. The OECD Guidelines encourage multinational enterprises to increase their positive impact on economic, environmental and social progress while minimizing negative impacts. As well both share a common foundation and refer for example to the Universal Declaration of Human Rights, the International Labour Organization’s Declaration on Fundamental Principles and Rights at Work, and the Rio Declaration on Environment and Development.^7,32

Due to these similarities, the OECD and ISO signed a Memorandum of Understanding (MoU) in 2008 in which they committed to exchanging information, publications and documents. It also mentions the development of a linking document that needs to be updated and should continue to inspire practitioners.⁷

In the following we will compare the two Guidelines under consideration of existing differences.

Table 2: Comparison between OECD Guidelines and ISO 26000

Comparative aspect	OECD-Guidelines	ISO 26000
Focus and application ^32,33	Specifically aimed at small and large multinational companies and recommended by governments.	For all types of enterprises and organizations. Based on voluntary application.
Commitment ^7,33	Non-binding but supported by the member states and have political backing.	Non-binding, serves more as a guide.
Consequences/Complaint procedure ³³	Have a tool to hold business companies accountable for adverse impacts. National Contact Points can deal with specific instances, if violation occurs.	Not possible to file complaints with ISO about e.g. environmental abuses of other organizations. ISO only observes if organizations falsely use the standard as certification.
Accessibility ³³	Can be downloaded from the OECD Website.	Is not for free, can be purchased from for about 162€.

To summarize, the two instruments differ in their practical implementation, their level of detail, their enforcement mechanisms and the way in which they address non-compliance. They also differ in terms of their legal status and government support. The OECD Guidelines provide for a dispute resolution process to hold companies accountable for negative impacts, while ISO 26000 relies on stakeholder involvement and public inspection to assess whether an organization is acting in a socially responsible manner.⁷

4 Drivers and barriers

The concept of sustainability has become increasingly central to business operations, driven by the complex interplay of external and internal factors. This section explores the various factors that drive and hinder sustainability within the context of ISO 26000, providing an overview of both the external environment and internal organizational dynamics. As well as some best-practice examples how firms have successfully overcome both external and internal challenges.

4.1 Drivers

This section examines the factors that drive sustainability in relation to ISO 26000, starting with external drivers, followed by an exploration of internal drivers.

4.1.1 Firm-external drivers

Several drivers can be identified for the implementation of ISO 26000 in the firm’s environment in the political, economic, social, and ecological spheres. These external factors are key drivers of sustainability, aligning with the seven core subjects of social responsibility as outlined in ISO 26000: Organizational Governance (subclause 6.2), Human Rights (subclause 6.3), Labor Practices (subclause 6.4), Environment (subclause 6.5), Fair Operating Practices (subclause 6.6), Consumer Issues (subclause 6.7), and Community Involvement and Development (subclause 6.8).⁸

One driving factor influencing organizations could be the political aspect. ISO 26000 was released by the ISO, the world’s largest developer of voluntary international standards, and adopted by the national standards bodies, for instance, the DIN in Germany.^3,34 The governmental regulations as well as international agreements on sustainability and CSR play a significant role. ^3,34 The most important example for that would be the Paris Climate Agreement, which drives firms to adopt sustainable practices to meet carbon reduction targets.³⁵ Another important aspect is the Corporate Sustainability Reporting Directive (CSRD) from the European Union (EU), which mandates sustainability reporting for companies operating within the EU.³⁶

Another aspect is the consideration of the economic drivers in relation to the ISO 26000. The demand for ethically produced goods and services drives businesses to adopt ISO 26000 to differentiate themselves and meet consumer expectations.^3,37 Increasingly, consumers are choosing products and services from companies that demonstrate ethical behavior and sustainability. Companies adopting ISO 26000 can differentiate themselves in the market by aligning with these consumer values, potentially increasing their market share and customer loyalty. This would also lead to competitive advantage towards competitors, gaining a better reputation.⁸

Going hand in hand with the previously stated points, the social aspect is also crucial in ISO 26000. A significant external driver for firms is the increasing trust from stakeholders that accompanies its implementation.³ On the other hand, pressure from stakeholder groups, such as NGOs, could damage a company’s reputation if these standards are not met. However, implementing ISO 26000 can enhance a company’s reputation, leading to higher stakeholder satisfaction.³ This is particularly important as it enables firms to meet rising consumer expectations.³⁸ If these expectations are not met, consumer boycotts may occur, leading to a bad social status in society.

Furthermore, firm-external drivers in the ecological spheres are important to consider. The growing awareness of environmental issues and the necessity for businesses to operate in a manner that minimizes their ecological footprint is crucial. Additionally, political factors, such as the Paris Climate Agreement, play a significant role in shaping corporate environmental responsibilities.³⁵ ISO 26000 should also help to recognize and overcome the ecological challenges in this case.

4.1.2 Firm-internal drivers

Additionally, firm-internal factors play a significant role in driving sustainability efforts in line with the ISO 26000 guideline on social responsibility.

One important firm-internal driver is the business case of organizations. Henriques (2012) states that the ISO 26000 “can be viewed as a specification of an organisation’s ‘licence to operate’” (p. 22). ³ As described in the previous chapter, external drivers, such as expectations from the firm’s environment, influence how firms act. Therefore, these external factors can also be considered as internal drivers within the firm, because the firm needs to act accordingly, to the stakeholders expectations.¹⁶

A clear commitment to sustainability from leadership is crucial. Leaders must set the tone for integrating sustainability into the core business, ensuring that the motivation to drive positive change is present. This top-down approach can be essential for embedding sustainability into the firm’s values and operations.^39,40

While a top-down approach is crucial for implementation, integrating a bottom-up strategy is equally important. Employees are vital drivers of a company’s success, and their engagement is essential for the organization’s smooth operation and overall performance. Without their active involvement, a firm is unlikely to achieve its goals.^40,41Therefore, the expectations of employees must also be met.³⁸

However, expectations from the firms environment can also cause organizations to feel pressured to implement the standard out of concern for a potential loss of legitimacy if they do not.³ This type of risk management can be also seen as a driver. The motivation to reduce risks, such as reputational damage or legal issues, can drive a company to adopt ISO 26000. Implementing social responsibility practices can help identify and resolve potential issues before they escalate into major problems.⁴²

Since the ISO 26000 is aimed as a guideline at organizations of all types, regardless of their field of activity, size, ownership structure, social context, culture, or religious background, the individually customization can also be seen as firm-internal driver. The firm or organization can customize the ISO 26000 individually to their needs.² This can facilitate the decision to incorporate ISO 26000 into the firm’s sustainability strategy, even if only partially.

4.2 Barriers

As drivers for sustainability emerge, potential barriers may also arise that hinder sustainability in relation to ISO 26000. These barriers can be categorized from both an external and internal firm perspectives.

4.2.1 Firm-external barriers

Implementing ISO 26000 can be challenging for firms due to various external factors that can inhibit their ability to fully embrace the standard’s guidelines.

A significant external barrier is the ISO 26000 guideline itself. Due to its complexity, ISO 26000 is rarely applied, and full implementation often proves too difficult (see Figure 1). The German version spans 149 pages in total. In contrast, the UN Global Compact addresses similar topics but is widely known and less complex. The ISO 26000 does not add value compared to other existing certifications.⁴³ Other CSR standards that make CSR more transparent and measurable are more effective compared to ISO 26000.⁵

Regarding certification, it’s important to note that, unlike other standards, ISO 26000 is not certifiable. This is one major disadvantage of ISO 26000. Moratis (2017) states that “…ISO 26000 standard only provides guidance rather than specifying requirements for a management system…” (p. 148).⁴⁴ Without a formal certification and the ability to demonstrate the successful implementation of ISO 26000 in the company’s sustainability strategy through a certificate, ISO 26000 is not an attractive option. A firm cannot prove that they have truly adopted ISO 26000.^3,5 The absence of real verification and enforcement mechanisms in ISO 26000 makes it difficult for stakeholders to differentiate between firms with varying levels of CSR quality.⁵ ISO 26000 is less favored by many organizations, possibly due to its complexity and the fact that it is not a certifiable standard. This is evident in the CSR-S Monitor findings, where only 75 out of 614 reports—just 12%—referenced ISO 26000.^44,45 Consequently, numerous initiatives have developed comparable standards with the intention of achieving certification.⁴⁴ Examples of this will be presented in the chapter: In addition to external challenges, firms face a range of internal barriers that impede their ability to achieve sustainability goals, particularly in alignment with ISO 26000. These internal obstacles can stem from organizational culture, resource limitations, or resistance to change, all of which must be addressed to successfully implement sustainable practices.

One of the first internal barriers to consider is the financial situation. Small and medium-sized enterprises (SMEs) are particularly vulnerable, as they may lack the necessary funds to implement sustainability initiatives in general, and certainly not to meet the standards of ISO 26000.³ Financial constraints are often the most significant barrier as they have a direct impact on the ability to implement sustainability initiatives such as ISO 26000. For many firms, the implementation of social responsibility appears to be just an additional cost factor, which discourages them.⁴⁷ However, they often focus on the short-term costs and overlook the long-term financial benefits that can come from integrating social responsibility into their core business. Laudal (2011) notes that for SMEs, the “cost/benefit ratio” is particularly concerning as it poses a significant barrier (p. 237). ⁴⁸

Related to this is often the lack of capacity. This includes conducting internal audits, providing training courses for employees, and establishing reporting mechanisms to successfully integrate sustainability through ISO 26000 into the firm’s core business.⁴⁹

Another barrier related to the lack of ISO 26000 certification is the reliance on other standards for social responsibility. The adoption of other existing and certifiable standards may lead to resistance against introducing new practices, particularly if the current standards are considered sufficient.⁴³

Additionally, a general lack of knowledge can be a significant internal barrier. It may prevent organizations from recognizing the importance of integrating sustainability into their operations or understanding how to do so effectively.^6,47,50 Without the relevant knowledge about sustainability itself and its importance, ISO 26000 holds little relevance for the concerned firms.

In general, it can be said that all internal barriers impact SMEs much more severely than larger firms when it comes to implementing sustainability, as larger firms typically have more resources.⁵¹ Therefore, it is crucial to support these SMEs in overcoming such obstacles. How this can be achieved will be explained in the following section.

4.3 Best-practice examples.

Consequently, the lack of clear verification that a firm adheres to ISO 26000 increases the risk of greenwashing. Greenwashing is already a significant concern in the area of social accountability.⁴⁶ Therefore ISO 26000 could potentially intensify this issue. Moratis (2018) points out that, “the low exigencies of ISO 26000 make [sic] it easy for companies to polish or even fake underlying qualities and may tempt or encourage firms spitefully wanting to claim an engagement in CSR to only partly implement changes for cosmetic purposes” (p. 9).⁵ In this way, a firm might use ISO 26000 to manipulate public perception and present themselves more favorably.⁴⁶ Only thorough verification can ensure that ISO 26000 does not exacerbate this problem.

Applying ISO 26000 can be particularly challenging for small and medium-sized enterprises (SMEs). For SME several barriers can occur. ISO 26000, contrary to some statements, is not designed to be equally accessible to all organizations, regardless of their field of activity, size, ownership structure, social context, culture, or religious background.³ For SMEs, the length and complexity of ISO 26000 also pose significant barriers.^3,43 More barriers for SMEs will be presented in the following chapter.

4.2.2 Firm-internal barriers

In addition to external challenges, firms face a range of internal barriers that impede their ability to achieve sustainability goals, particularly in alignment with ISO 26000. These internal obstacles can stem from organizational culture, resource limitations, or resistance to change, all of which must be addressed to successfully implement sustainable practices.

4.3 Best-practice examples

This section highlights best practice examples that illustrate how firms have successfully overcome both external and internal challenges. These examples provide practical insights into how organizations can leverage ISO 26000 to enhance their sustainability efforts, making this standard a powerful tool for driving positive change.

Due to the lack of certification and evidence of successful ISO 26000 implementation, as discussed in chapter 4.2.1 Firm-external barriers, it is challenging to identify concrete examples of firms that serve as best-practice models. The key to overcoming both external and internal barriers is to integrate sustainability as a fundamental aspect of the core business. This approach involves deeply embedding sustainability into the company’s core mission and values, ensuring it permeates every aspect of decision-making, operations, and strategic planning. By making sustainability central to the business, it becomes a powerful driver of innovation, competitiveness, and long-term resilience, enabling the company to navigate challenges and seize opportunities in an increasingly sustainability-driven market.³⁹ A lot of businesses have done just that, such as the outdoor brand Patagonia or the technology company Fairphone.^52,53 Because firms have the opportunity to demonstrate compliance through certification, most are using appropriate standards with verified proof.

Not a best-practice example in the form of a specific company, but it is definitely worth mentioning the work of various Non-Governmental Organizations (NGOs). Since SMEs often face numerous barriers when implementing the ISO 26000 guideline into their sustainability strategies, various organizations have made it their mission to assist them with its adoption.³ For instance, the two NGOs NORMAPME and ECOLOGIA, and the Royal Netherlands Standardization Institute (NEN)⁵⁴, which is equivalent to the German DIN.³

NORMAPME, an NGO supported by the European Commission, has released a special guide on ISO 26000 tailored for SMEs. The guide simplifies the identification of essential aspects, using user-friendly language. ECOLOGIA, a US-based NGO active in China, has also released a guide to the ISO 26000 standard for SMEs, emphasizing the business benefits.

The NEN plans to provide an online set of Q&As on the ISO 26000 standard and has also developed NPR 9026, a practical guideline designed to assist firms in implementing ISO 26000. ^3,44 Building on this, the Dutch national standards organization has created a self-declaration protocol, detailed in a guideline that now forms the basis for a proposal to officially recognize this strategy within the international ISO community. This self-declaration includes structured information about a company’s claim of operating in accordance with ISO 26000 and can be subjected to external audit. Furthermore, an online platform is available for companies to publish their ISO 26000 self-declarations.⁵

References

1 DIN. Guidance on social responsibility (ISO 26000:2010). (Beuth, Berlin, 2011).

2 Hahn, R. ISO 26000 and the Standardization of Strategic Management Processes for Sustainability and Corporate Social Responsibility. Business Strategy and the Environment 22, 442–455 (2013). https://doi.org/10.1002/bse.1751

3 Henriques, A. The potential impact of the ISO 26000 on sustainable development. 20-29 (International Institute for Environment and Development, 2012).

4 Moratis, L. T. W., Alice. Determinants of CSR standards adoption: exploring the case of ISO 26000 and the CSR performance ladder in The Netherlands. Social Responsibility Journal 10, 516-536 (2014). https://doi.org/10.1108/SRJ-01-2013-0005

5 Moratis, L. Signalling Responsibility? Applying Signalling Theory to the ISO 26000 Standard for Social Responsibility. Sustainability 10 (2018). https://doi.org/10.3390/su10114172

6 Valmohammadi, C. Impact of corporate social responsibility practices on organizational performance: an ISO 26000 perspective. Social Responsibility Journal 10, 455-479 (2013). https://doi.org/10.1108/SRJ-02-2013-0021

7 International Organization for Standardization. ISO 26000 and OECD Guidelines – Practical overview of the linkages. (ISO 26000 Post Publication Organization (PPO), CH – 1214 Vernier, Geneva Switzerland, 2017).

8 International Organization for Standardization. Discovering ISO 26000. (CH – 1214 Vernier, Genève Switzerland, 2018).

9 International Organization for Standardization. ISO Strategy 2030. (1214 Geneva, Switzerland, 2023).

10 International Organization for Standardization. About ISO. (2024).

11 International Organization for Standardization. ISO 26000 and the SDGs, 2018).

12 International Organization for Standardization. Environmental sustainability, <https://www.iso.org/sectors/environment> (2024).

13 Wickert, C. R., David. Corporate Social Responsibility. (Cambridge University Press, 2019).

14 Panwar , R., Paul, K., Nybakk, E., Hansen, E. & Thompson, D. The Legitimacy of CSR Actions of Publicly Traded Companies. J Bus Ethics 125, 481–496 (2014). https://doi.org/10.1007/s10551-013-1933-6

15 Vitt, J. Gesellschaftliche Verantwortung nach DIN ISO 26000 : eine Einführung mit Hinweisen für Anwender. Vol. 1. Aufl.. (Beuth, 2011).

16 Schmiedeknecht, M. H. Die Governance von Multistakeholder-Dialogen. Standardsetzung zur gesellschaftlichen Verantwortung von Organisationen: Der ISO 26000-Prozess. (Metropolis-Verlag, 2011).

17 Comission, E. Corporate sustainability reporting, <https://finance.ec.europa.eu/capital-markets-union-and-financial-markets/company-reporting-and-auditing/company-reporting/corporate-sustainability-reporting_en> (2024).

18 Binder, U. Nachhaltigkeitsberichterstattung in mittelständischen Unternehmen. Vorbereitungen, Umsetzung, Praxistipps. (Haufe Lexware, 2024).

19 Balzarova, M. C., Pavel. Social responsibility: Experts’ viewpoints on adoption of the ISO 26000 standard. Corp Soc Resp Env Ma (Corporate Social Responsibility and Environmental Management) 25, 819–824 (2018). https://doi.org/10.1002/csr.1497

20 Scholz, M. & Czuray, M. Die Normierung der gesellschaftlichen Verantwortung von Organisationen. (Springer Fachmedien Wiesbaden, 2016).

21 International Organization for Standardization. ISO 26000. Social responsibility, <https://www.iso.org/iso-26000-social-responsibility.html > (2024).

22 Sandberg, K. ISO 26000 Communication protocol. (ISO 26000 PPO SAG, 2012).

23 ISO 26000 Post Publication Organisation. ISO 26000 Basic training material. (ISO 26000 Post Publication Organisation (PPO), 2016).

24 Hubendick, L. Basic Training Material on ISO 26000. (ISO, 2014).

25 TÜV SÜD. ISO 26000 Social Responsibility Implementation Assessment. Achieve the benefits of building a sustainable business. (TÜV SÜD AG, Munich, Germany, 2022).

26 DEKRA. FAQ – ISO 2600 Maturity Assessment. (DEKRA Audit, 2023).

27 Andrea Chiarini, E. V. Differences in implementing corporate social responsibility through SA8000 and ISO 26000 standards Research from European manufacturing. Journal of Manufacturing Technology Management 28, 438-457 (2017). https://doi.org/10.1108/JMTM-12-2016-0170

28 Nurul Fadly Habidin, N. M. F., Auni Fatin Nadia Chiek Desa, & Siti Norhafizan Hibadullah, F. I. M. Z. Corporate Social Responsibility Practices (CSRP) and ISO 26000 Performance Efforts in Malaysian Automotive Industry. International Journal of Economics, Finance and Management 1, No. 1 (2012).

29 Ahn, K.-H. Main contents and implications of the 2023 revision of the OECD Guidelines for Multinational Enterprises. Journal of International Logistics and Trade 22 No. 2, 80-92 (2024). https://doi.org/10.1108/JILT-12-2023-0081

30 OECD. OECD Guidelines for Multinational Enterprises. (2008).

31 OECD. OECD Guidelines for Multinational Enterprises on Responsible Business Conduct. (2023).

32 Gradert, M. & Engel, P. A comparison of 4 international guidelines for CSR. (Danish Business Authority, 2015).

33 Theuws, M. & van Huijstee, M. Corporate Responsibility Instruments. A Comparison of the OECD Guidelines, ISO 26000 & the UN Global Compact. (Stichting Onderzoek Multinationale Ondernemingen, 2016).

34 Michaela A. Balzarova, P. C. Stakeholders’ Influence and Contribution to Social Standards Development: The Case of Multiple Stakeholder Approach to ISO 26000 Development. J Bus Ethics 111, 265-279 (2012). https://doi.org/DOI 10.1007/s 10551-012-1206-9

35 United Nations Framework Convention on Climate Change. The Paris Agreement, <https://unfccc.int/process-and-meetings/the-paris-agreement> (2024).

36 Bundesministerium für Arbeit und Soziales. Corporate Sustainability Reporting Directive (CSRD). Die neue EU-Richtlinie zur Unternehmens-Nachhaltigkeitsberichterstattung im Überblick, <https://www.csr-in-deutschland.de/DE/CSR-Allgemein/CSR-Politik/CSR-in-der-EU/Corporate-Sustainability-Reporting-Directive/corporate-sustainability-reporting-directive-art.html> (2024).

37 Schreck, P. The business case for corporate social responsibility : understanding and measuring economic impacts of corporate social performance. (Physica-Verlag, 2009).

38 Silva, S., Nuzum, A.-K. & Schaltegger, S. Stakeholder expectations on sustainability performance measurement and assessment. A systematic literature review. Journal of Cleaner Production 217, 204-215 (2019). https://doi.org/10.1016/j.jclepro.2019.01.203

39 Lüdeke-Freund, F. Business Model Concepts in Corporate Sustainability Contexts: From Rhetoric to a Generic Template for ‘Business Models for Sustainability’. (Centre for Sustainability Management (CSM), Leuphana Universität Lüneburg, 2009).

40 Magee, L. et al. Reframing social sustainability reporting: towards an engaged approach. Environment, Development and Sustainability 15, 225-243 (2013). https://doi.org/10.1007/s10668-012-9384-2

41 Lamm, E., Tosti-Kharas, J. & King, C. E. Empowering Employee Sustainability: Perceived Organizational Support Toward the Environment. Journal of Business Ethics 128, 207-220 (2015). https://doi.org/10.1007/s10551-014-2093-z

42 Giannakis, M. & Papadopoulos, T. Supply chain sustainability: A risk management approach. International Journal of Production Economics 171, 455–470 (2016). https://doi.org/10.1016/j.ijpe.2015.06.032

43 Jastram, Sarah M., Otto, Alkis H. & Minulla, T. Diverse Organizational Adoption of Institutions in the Field of Corporate Social Responsibility. Journal of Business Ethics 183, 1073–1088 (2023). https://doi.org/10.1007/s10551-022-05085-2

44 Moratis, L. The credibility of corporate CSR claims: a taxonomy based on ISO 26000 and a research agenda. Total Quality Management & Business Excellence 28, 147-158 (2017). https://doi.org/10.1080/14783363.2015.1050179

45 Sethi , S. P., Rovenpor, J. L. & Demir, M. Enhancing the Quality of Reporting in Corporate Social Responsibility Guidance Documents: The Roles of ISO 26000, Global Reporting Initiative and CSR-Sustainability Monitor. Business and Society Review 122 (2), 139–163 (2017). https://doi.org/10.1111/basr.12113

46 Laufer, W. S. Social Accountability and Corporate Greenwashing. Journal of Business Ethics 43, 253–261 (2003). https://doi.org/10.1023/A:1022962719299

47 Alotaibi, A., Edum-Fotwe, F. & Price, A. D. F. Critical Barriers to Social Responsibility Implementation within Mega-Construction Projects: The Case of the Kingdom of Saudi Arabia. Sustainability 11 (2019). https://doi.org/10.3390/su11061755

48 Laudal, T. Drivers and barriers of CSR and the size and internationalization of firms. Social Responsibility Journal7, 234-256 (2011). https://doi.org/10.1108/17471111111141512

49 Licandro, O. D., Ramírez García, A. G., Alvarado-Peña, L. J., Vega Osuna, L. A. & Correa, P. Implementation of the ISO 26000 Guidelines on Active Participation and Community Development. Social Sciences 8, 263 (2019). https://doi.org/10.3390/socsci8090263

50 Alizadeh, A. The Drivers and Barriers of Corporate Social Responsibility: A Comparison of the MENA Region and Western Countries. Sustainability 14 (2022). https://doi.org/10.3390/su14020909

51 Ullmann, A. A. Data in Search of a Theory: A Critical Examination of the Relationships among Social Performance, Social Disclosure, and Economic Performance of U. S. Firms. The Academy of Management Review10, 540-557 (1985). https://doi.org/10.2307/258135

52 Hoffman, A. Patagonia: Encouraging Customers to Buy Used Clothing (A). (The Erb Institute at the University of Michigan, WDI Publishing, 2012).

53 Onajomo Akemu, G. W., Tao Yue. Fairphone: Organising for Sustained Social Impact. (RSM Case Development Centre, 2016).

54 International Organization for Standardization. ISO members by country, <https://www.iso.org/member/2027.html> (2024).