In December 2011, the International Organization for Standardization (ISO) published two standards, an updated edition of ISO 19011, Guidelines for auditing management systems, and a new standard covering emergency management, ISO 22320, Societal security—Emergency management—Requirements for incident response.

ISO 19011:2011

ISO believes that the revision of ISO 19011 will save money, time, and resources by providing a uniform approach for auditing multiple management systems through a single audit rather than conducting several independent and partially overlapping audits. The standard provides guidance on the conduct of internal and external management system audits, as well as on the management of audit programs.

Alister Dalrymple, convener of the team that updated the guidelines, said, “Compared to the 2002 version, the standard adds the concept of risk and recognizes more explicitly the competence of the audit team and individual auditors. Also, the use of technology in remote auditing is acknowledged, for example, conducting remote interviews and reviewing records remotely.”

Another improvement is the clarification of the relationship between ISO 19011:2011 and ISO/IEC 17021:2011, Conformity assessment—Requirements for bodies providing audit and certification of management systems. While those involved in management system certification audits follow the requirements of ISO/IEC 17021:2011, they might also find the guidance in ISO 19011:2011 useful.

The International Register of Certified Auditors (IRCA) prepared a detailed analysis of changes in ISO 19011:2011. See IRCA Briefing note: ISO/FDIS 19011:2011 – Guidelines for auditing management systems.

ISO 22320:2011

ISO 22320:2011 is a new standard that seeks to minimize the impact of disasters, terrorist attacks, and other major incidents by mitigating harm, damage, and loss of life and ensuring continuity of basic services such as healthcare, rescue services, food and water supplies, electrical service, and fuel delivery.

According to Professor Ernst-Peter Döbbeling, convener of the working group that developed the standard, “Any response following an incident might include the participation of both public and private organizations working at international, regional or national levels. Harmonized international guidance is needed to coordinate efforts and ensure effective action. ISO 22320 is a valuable tool that all types of organizations can use to improve their capabilities in handling incident response in any crisis.”

The ISO website states that the standard

…outlines global best practice for establishing command and control organizational structures and procedures, decision support, traceability, and information management. It also establishes a foundation for coordination and cooperation, ensuring that all relevant parties are on the same page during a disaster, minimizing the risk of misunderstandings and ensuring a more effective use of the combined resources.

The standard encourages community participation in the development and implementation of incident response measures, to ensure a response that is appropriate to the needs of the affected population as well as culturally acceptable.

Purchase the ISO Standards

Both standards are available through the ISO Store or from ISO national member institutes.

About ISO

ISO is the world’s largest developer and publisher of international standards. ISO is a network of the national standards institutes of 163 countries with a Central Secretariat in Geneva, Switzerland that coordinates the system. ISO enables a consensus to be reached on solutions that meet both the requirements of business and the broader needs of society.

Because “International Organization for Standardization” would have different acronyms in different languages (“IOS” in English, “OIN” in French for Organisation internationale de normalisation), its founders decided to give it also a short, all-purpose name. They chose “ISO,” derived from the Greek isos, meaning “equal.” Whatever the country, whatever the language, the short form of the organization’s name is always ISO.

Photograph: Auf Schönburg, Oberwesel, Germany by Michael Bittner, Boston, U.S.A.

Return to the EHS Journal Home Page