ISO 9001: 2015 was intentionally developed to be compatible with ISO 14001 and ISO 45001 (the replacement for BS OHSAS 18001) standards for easier integration of quality, environmental and occupational health & safety management systems by organizations.
Environmental, social and governance (ESG) refers to the three main subject areas in measuring the performance of sustainability, business ethics and corporate governance of an organization. Increasingly, Governments, stock exchanges and regulators around the world are demanding mandatory or semi-mandatory requirements for ESG reporting. In addition, investors and shareholders are placing pressure on companies to address their ESG-related risks, and demanding ESG disclosures to be more transparent.
ESG reporting is only an outcome of the responsible management system. In practice, the difficulty in developing the responsible management system is partly due to the lack of a formal standard for recording responsible management and partly due to the different levels of system integration for different organizations.
There are three primary options which the organization can choose:
a) Maintaining three partial management systems (ISO 9001, ISO 14001, OHSAS 18001);
b) Partially integrated management systems;
c) Fully integrated management system
Since ISO 9001: 2015 and ISO 14001: 2015 are very similar in system structure, they can be effectively combined and integrated together. The OHSAS 18001 can take advantage of the common system structure to build a fully integrated management system. However, occupational health and safety is only part of the social criteria. Governance is the missing clause in the three standards. Therefore, even with the integrated management systems in place (ISO 9001, ISO 14001 and OHSAS 18001) it will be difficult for organizations to present a complete report on ESG performance.
In order to develop the responsible management and reporting system, the scope of ISO 9001 quality management system should be redefined to:
a) develop the strategic criteria that have significant impact on the quality and ESG objectives;
b) identify the core subject areas, aspects and key performance indicators based on the strategic criteria;
c) map the strategic criteria with the core business processes;
d) use the common system structure to integrate the common elements of ISO 14001 and OHSAS 18001 into the existing ISO 9001 management system;
e) determine the sequence and interaction of these processes and the applicability of integration of these processes;
f) develop the operational criteria and methods to ensure that the operational processes are effectively controlled;
g) ensure the availability of resources and knowledge necessary to support the responsible management system;
h) evaluate the risks, impacts and opportunities of the quality, environmental, social and governance aspects;
i) measure the impacts of subject areas and aspects on key value drivers, such as revenue, cost saving, cost of capital and productivity;
j) determine the valuation method to estimate financial performance, such as projected benefits, free cash flow or fair value;
k) monitor, measure, analyze and evaluate these processes, and implement actions necessary to achieve planned results and continual improvement of the responsible management system.
Making use of ISO 9001 to integrate with responsible management reporting is not an easy task. The ESG Management Standard developed by Social Enterprise Research Academy is the world’s first de facto standard that outlines the specific requirements for developing the responsible management system, auditing and reporting for any organization, regardless of the type, size and product or service provided.