ISO 26000 Social Responsibility Standard - A Sneakpeek

I have had an opportunity to examine a draft of the not yet finalized Social Responsibility standard of the International Standards Organization ("ISO"), ISO 26000. If the standard could be summed up in a formula, it would be: social responsibility = compliance with international and domestic law + stakeholder engagement + effective monitoring, review and corporate governance.

The identification and engagement of stakeholders permeates the best practices developed in the standard. This means however that the concept of social responsibility contemplated by the standard is inherently context specific, and dependent upon the identification of stakeholder interests and concerns. Perhaps for this reason, the standard is unable to give much specific instruction on organizational practices (other than in a general sense) which if followed would make the organization "socially responsible". The guidance offered remains rather "high level", but nevertheless insightful in helping to define areas of interest for organizations implementing a "social responsibility" mandate.

The standard was developed through (what the ISO characterizes as) an unprecedented consultation process in terms of its inclusiveness and breadth. Representatives of business, government, civil society, organized labour and other non-governmental organizations participated in the drafting of the standard. The standard is not without its critics. The International Organization of Employers has expressed its view that social responsibility is too complex to be communicated in a standard, and that ultimately social responsibility should be enforced through national laws rather than employer self-regulation. Importantly, it should be understood that ISO 2600 is not a management system standard, and that no certification will be obtainable (as it is for other ISO  management system standards).

The standard states that it is not intended as a basis for legal actions, complaints, defences or other claims in any international, domestic or other proceeding, nor is it intended to be cited as evidence of the evolution of customary international law. However, such caveats cannot remove the possibility that its contents, if adopted by businesses or industries, could be used as evidence of social responsibility "best practice". It is also conceivable that the standard could be used by national governments in the drafting of legislation related to social responsibility (though this has not happened to date to my knowledge).

In terms of content, the standard provides definitions of key terms and an overview of the elements of social responsibility. "Social Responsibility" is defined as the responsibility of an organization for:

• the impacts of its decisions and activities on society and the environment;
• transparent and ethical behaviour that contributes to sustainable development including health and the welfare of society;
• taking account of the expectations of stakeholders;
• being in compliance with applicable law and consistent with international norms of behaviour;
• integrating social responsibility throughout the organization and practicing it in relationships with stakeholders.

The responsibility of an organization is said to extend to its "sphere of influence", which encompasses an area or political, contractual or economic relationships across which an organization has the ability to affect the decisions or activities of individuals or organizations. Most fundamentally, the standard emphasizes the role of stakeholder engagement in identifying social responsibility expectations. Stakeholder engagement is defined as an "...activity undertaken to create opportunities for dialogue between an organization and one or more of its stakeholders with the aim of providing an informed basis for the organization’s decisions."

Social responsibility entails "Accountability", which necessitates accountability for impacts on society and the environment of the organization, and an acceptance of "appropriate scrutiny", with a concomitant "duty to respond" to criticism of organizational practices. The "authority" of the scrutinizer is a relevant consideration in formulating an appropriate response. Where wrongdoing has occurred the organization should take action to prevent harm or a repeat event.

"Transparency" is also required for social responsibility. Transparency should be provided with respect to the purpose, nature and location of an organization's activity, the manner by which decisions are made, implemented and reviewed, as well as the roles responsibilities and accountability across the organization.

ISO 26000 encourages the identification of "standards and criteria" to evaluate performance. Organizations should also establish oversight mechanisms and controls to monitor and enforce such standards, and to facilitate reporting of unethical behaviour without reprisal.

Respect for rule of law is flagged as essentially important to the achievement of social responsibility. This means that no individual or organization should consider itself above law. Moreover, the supremacy of law as the rules and norms of society should be respected. "Law" is distinguished, rightly, from the mere arbitrary exercise of power. Laws include those that are written, publicly disclosed and fairly enforced according to established procedures. Laws also include international norms of behaviour, and custom. Where law does not provide for minimum environmental or social safeguards,conflicts with international norms, or is implemented in conflict with international norms, organizations should seek legitimate opportunities and channels to to influence relevant authorities to remedy such conflict. In so doing, organizations should avoid "complicity" with authorities that act in defiance of law or international norms. Complicity may occur by act or omission, when an organization benefits from or stays silent about, an illegal act that they knew or should have known would result in substantial negative impacts on the environment or society.

Organizations are also required by the standard to demonstrate "respect for human rights". This is said to involve recognition of the importance and universality of human rights, as embodied in the International Bill of Human Rights, national laws and international norms. Businesses should not, as a practice, take advantage of situations where such rights not protected.

As the foregoing reveals, the ISO 26000 provides a fairly high level overview of the relevant considerations for any social responsibility mandate. Organizations implementing such practices, through this standard or otherwise, should consider the following:

• Standards like the ISO 26000 are useful guidelines, but are not blueprints for social responsibility

• a social responsibility mandate is complicated and involves consideration of legal, customary and transnational norms of behaviour - to be effective and avoid unnecessary liability such norms must be adequately mapped and understood prior to making commitments and in the implementation of a social responsibility plan;

• Stakeholder engagement is an essential element of social responsibility and communication, transparency and accountability should be the focus of any such endeavour;

• However, enhanced engagement, transparency and accountability creates inherent risks (legal, political and business related) that should be fully understood in the implementation of a social responsibility program;

• Compliance with law and legal expectations affecting environmental and social issues will be the foundation of any social responsibility program;

• Voluntary commitments may give rise to real obligations and should not be made without proper understanding of how they will be implemented, and their associated risks and benefits.