hero-two-bg

ISO 26000

ISO 26000 is an international standard developed to provide guidance on social responsibility. It offers organizations a comprehensive framework for understanding and implementing socially responsible practices and principles, fostering sustainability, and contributing positively to society.

Request a demo of Secureframe Custom Frameworksangle-right

Definition and purpose

The purpose of ISO 26000 is to provide guidance to organizations on integrating social responsibility into their operations and strategies. It offers a framework for assessing and addressing social and environmental issues, promoting fair practices, and enhancing transparency in order to encourage businesses, governments, and other organizations to act ethically and contribute to the well-being of society and the environment. 

Governing Body

The ISO 26000 standard is governed by the International Organization for Standardization (ISO). ISO is a globally recognized body that develops and publishes international standards across various industries and disciplines. ISO 26000 was developed with the input of experts, stakeholders, and organizations worldwide and is continually maintained and updated by ISO committees.

Last updated

ISO 26000 was published in 2010 and has had no major updates. 

Applies to

ISO 26000 is applicable to all types of organizations regardless of their activity, size, or location.

Controls and requirements

ISO 26000:2010 provides guidance rather than requirements. It outlines seven core subjects of social responsibility:

  1. Organizational Governance
  2. Human Rights
  3. Labor Practices
  4. Environment
  5. Fair Operating Practices
  6. Consumer Issues
  7. Community Involvement and Development

Each core subject contains detailed guidance on relevant issues and actions organizations can take to demonstrate social responsibility.

Please refer to the official ISO 26000 publication for more details.

Audit type, frequency, and duration

Since ISO 26000 provides guidance rather than requirements, it cannot be certified to like ISO 27001. However, organizations may voluntarily choose to assess their social responsibility practices through self-assessments, third-party audits, or other evaluation methods. The frequency and duration of such assessments would depend on the organization's goals and resources. 

Get compliant using Secureframe Custom Frameworks

Request a demoangle-right
cta-bg