Selecting Manufacturing ERP for ISO 26000 Compliance

  • Written By: Bill Leedale
  • Published: August 13 2010

The UN Global Compact is an initiative supported by heads of state of more than 190 countries to encourage businesses worldwide to adopt sustainable and socially responsible policies, and to report on their implementation. It has been in existence since 2000.  Since 2005, The International Organization for Standards (ISO) has been working on a standard to provide guidelines for social responsibility. ISO 26000, which is targeted for publication in September 2010, concentrates on many of the same areas of best practice outlined in the UN Global Compact. While ISO 26000 is not an actual extension of the UN Global Compact, ISO and the UN Global Compact do have a memorandum of understanding which states that the ISO standard will be consistent with the compact, and that the UN Global Compact Office will have the opportunity to review the standard as it moves towards completion.

In this research article, I will discuss the compelling business reasons for industrial companies to pay close attention to ISO 26000 and the UN Global Compact. I will also explore the different ways that enterprise software like enterprise resources planning (ERP) and enterprise asset management (EAM) can be leveraged to help document compliance with the various requirements of the ISO standard.

There is a need for companies to be aware of and be able to manage their impact and practices in the areas of social responsibility mutually seen as important by ISO and the UN. Specifically, the standard and compact focus on four key domains:
• Human Rights
• Labor Relations
• Environment
• Corruption
The importance of documenting and managing corporate social responsibility practices becomes eminently clear when we consider the tragedy surrounding the 2010 explosion of the BP Deepwater Horizon offshore oil rig. BP Deepwater’s reputation, as a good corporate citizen, has certainly been diminished. Moreover, it may be held liable for damages due to its actions, particularly if it cannot document that it had been following accepted practices for two of the key areas dealt with ISO 26000 (environmental protection and labor relations).

Not Just Altruism
The current events in the Gulf are only the latest examples of how social responsibility is of critical importance to an enterprise from not only a public perception standpoint but from the standpoint of protecting the interests of investors and other stakeholders. The incident currently involving BP Deepwater is only the most recent example of how environmental or other crises situations stemming from corporate social responsibility exposures impact the value of the company. Consider earlier examples like Union Carbide and the disastrous chemical leak in Bhopal, India—which not only claimed the lives of thousands and continues to affect the regional ecosystem, but immediately led to a 12-point drop in Union Carbide Stock.

Other corporate liabilities can result not just from catastrophic events but from day-to-day practices that have not been well-documented from a social responsibility practice. Consider the situation faced by a number of Wisconsin paper mills saddled with the cost of cleanup of polychlorinated biphenyls (PCBs) from carbonless copy paper after depositing them in the Fox River between 1973 and 1997. The liability incurred by these companies for this dredging and disposal of the carcinogenic chemicals has saddled each of them with substantial financial obligations that impact them to this day. The example of the paper industry in the Fox River proves that simply trying to do the right thing is not enough. PCB-laden carbonless copy papers were phased out early on, it was recycling of these papers that, paradoxically, lead to continuing discharge of PCBs into the river system, indicating that a very high level of due diligence and management sophistication is necessary when it comes to environmental matters.

Major US companies—including Wal-Mart—have found themselves pursued in court and potentially held liable for substantial back wages and other costs due to violations of labor and human rights standards, either within their own organization or at vendors’ plants.  Employers including Mohawk Industries have also been successfully sued under the Racketeer Influenced and Corrupt Organizations (RICO) Act for knowingly employing and exploiting undocumented workers. In the meantime, anti-discrimination protections in the 1986 Immigration and Nationality Act forbade employers from targeting employees for undue documentation requirements based on their ethnic background or country of origin. Therefore, the ability to document corporate social responsibility initiatives in the area of employee relations and human rights offers yet another real risk management benefit.

The fact that failure in the area of corporate social responsibility impacts every measure of corporate performance and enterprise value is not lost on investors and market insiders, and accounting practices are already changing to adopt many principles of social responsibility.
Substantial rules are already in force, including several statements of position (SOP) from the Accounting Standards Executive Committee of the American Institute (AcSEC) of Certified Public Accountants (CPAs). Because public companies must be audited by CPA firms, the following pieces of AIC positions ought to be of concern to manufacturers:

• Guidance on "Accounting for Contingencies" requires that liabilities be recognized in the financial statements if a loss is probable and the amount is estimable. This of course would include losses that would result from changing regulations that would require refit of existing manufacturing processes or product designs, refit of product in the field or reclamation or product at end of life. At the very least, even if the loss is not estimable, the likely loss must be accounted for in footnotes to financial reporting.

• These SOPs also require that environmental contamination costs be expensed as incurred unless these costs extend the life or increase capacity of the property or mitigate or prevent future environmental contamination that could occur otherwise—or if these costs are realized while preparing the asset for sale.

• An SOP on Environmental Remediation Liabilities covers auditing and accounting topics dealing with environmental issues. It details the responsibilities of corporations involved in mandated environmental cleanup, and responsibilities of corporations to avoid environmental destruction.
Moreover, 3,700 of the world’s largest companies globally receive a survey from the Carbon Disclosure Project, and most voluntarily submit their information to this non-profit organization, which shares data with institutional investors and the public.

More and more, investors are looking for corporate responsibility reports on public companies, perhaps driven by a belief that companies that fail to offer this information may be hiding conditions that could lead to substantial cost impacts in the future. Due to these market pressures—largely from the investor sector—public companies will be under increasing pressure to document social responsibility profiles of their own operations as well as their supply chain. Private companies that comprise the supply chain need to prepare to satisfy the corporate responsibility requirements of their customers.

How Can ERP Technology Help?
EAM, ERP, and other enterprise software can help industries comply with ISO 26000 by formalizing best management practices affecting the four key areas of human rights, labor relations, the environment and corruption, and centralizing related information for streamlined reporting, investigation, and preventive and detective controls.

Labor and Human Rights: In the often overlapping areas of labor relations and human rights, enterprise software needs to at a bare minimum allow a company to document that they are not breaking local labor laws or regulations. ISO 26000, however, also implores companies to exceed the requirements of local labor laws so as to protect the human rights of employees. Enterprise software needs to, at a bare minimum, document that employees are of the requisite age as child labor is one of the main abuses that the compact and ISO 26000 are targeting. There are certain allowances made in developing countries, and these allowances need to be accounted for in the software environment. Age requirements can be documented internally in the human resources component of an ERP package, but also have an impact on supply chain management.

ERP must allow a company to track the qualifications of applications to ensure that hiring is not in fact driven by race, nationality, gender, or other protected statuses.

Apart from ensuring age appropriateness of internal employees, a company compliant with ISO 26000 must work to ensure that they are not complicit in the human rights abuses of their suppliers. This means that it will be important for companies to be able to collect information on the employment practices of their suppliers and retain that information in a format that will allow it to be tracked on an ongoing basis. One again, the human resources component of an ERP package like IFS Applications can be employed, and you can simply set up the employee records for your suppliers’ employees. Or, a document management tool within an ERP environment could be employed to record and retain this data in a workable format. While much of the data on suppliers’ employees comes second hand as it is self-reported, it is still contingent on the ISO 26000-compliant company to prove that they are performing appropriate due diligence.

Tracking training of employees is one way to ensure that qualified people are performing work as well as proving that a company is investing in their employees and helping them better their skill sets and prospects in the workforce.

While human rights in a general sense have to do with ensuring the dignity of those in the workplace, there are other areas of labor management that have to do with preventing unnecessary risk to employees, ensuring the right to work and the granting right to a fair day’s pay for a fair day’s work. These are also dealt with in the standard. In clause 6.4 of the ISO 26000 labor provision, however, additional concepts are introduced, including

• grievance processes and other elements of employer/employee relationships,
• conditions of work,
• social protections, and
• health and safety at work.

The area where an ERP system can be most useful in ensuring proper labor practices is in how it can document the training and skill sets of each employee to help ensure that any differences in compensation stem from justifiable causes rather than race, gender, nationality, etc.

Even prior to hiring, data must be captured on would-be employees. While most companies will have hiring policies that forbid discrimination by the various categories of protected status, proving that those policies are followed is more difficult. This is why ERP software needs to include applicant tracking that allows comparison of the qualifications of those applying for jobs with the qualifications of those who are hired.

The Environment: In the ISO 26000 standard, businesses are asked to take a precautionary approach to protecting the environment, take on initiatives to promote greater environmental responsibility and encourage the development and profusion of environmentally-friendly technologies. Identifying and implementing enterprise technology that will allow for efficient environmental management has been a challenge for many industrial companies. This is in large part because a vanishingly small number of ERP products offer environmental footprint management functionality as a built-in module. Failing the availability of such functionality, it becomes necessary to purchase various third-party products that typically deal only with carbon emissions rather than the full spectrum of air, water, landfill, product life cycles and end-of-life impacts. These third-party products must then be either integrated with an ERP package or run in stand-alone fashion—forcing an industrial company to realize significant and perhaps unsustainable costs not only from the software licensing but systems integration and/or duplicate administrative effort resulting from maintaining information in two separate systems.

Ideally, an ERP package should support ISO 26000 by providing, within the ERP suite itself, a configurable tool for capturing data on the entire spectrum of environmental impacts. This would allow, for instance, a company doing substantial electronics business in Europe to focus on the substances covered in Registration, Evaluation, Authorization and Restriction of Chemicals (REACH), Waste Electrical and Electronic Equipment (WEEE) and Restriction of Hazardous Substances (RoHS) regulations. A capital equipment manufacturer could focus on the life cycle environmental impact of their long-lived product, along with decommissioning costs. A company with an extensive and far-flung supply chain could focus on decision support for selecting vendors based on proximity.

Environmental footprint management built into ERP also streamlines reporting, and provides for a more direct and credible source of information given that data tampering is harder to accomplish given the preventive and detective controls within a modern ERP system.

Enterprise software can feature embedded functionality to allow environmental cost to be measured just like financial cost. This lets a company go well beyond local laws and regulation regarding specific discharges like carbon emissions and intelligently manage their overall environmental impact including discharges to air, water, landfills, and their total product lifecycle costs including disposal, decommissioning, or recycling.

Corruption Prevention: The mention of preventive and detective controls offers a convenient transition into the remaining area of best practice dealt with in the standard the prevention of corruption.

To a certain extent, ERP products that include functionality for Sarbanes-Oxley compliance can help mitigate against certain corrupt practices by executives within the company. Sarbanes-Oxleycompliance typically involves rigid segregation of duties so that no single person can, for instance, create a vendor in the ERP system and then approve checks to that vendor. This would prevent someone from either paying large sums to themselves or to another individual inside or outside of the company for illicit purposes. At the very least, these preventive controls would mean that non-authorized funds cannot be paid without a good deal of collusion among various parties in the enterprise. Detective controls can also be built into an ERP package to ensure that any illicit payments that are made can be recognized after the fact and tracked to their source. Combined with a formal corporate policy forbidding corruption through the bribery of government or corporate officials, these preventive and detective controls can be remarkably effective in deterring corruption.

Access to processes and data within an enterprise application can be tightly controlled. This allows for segregation of duties that can prevent a single individual from engaging in corrupt practices.

General Considerations
Obviously, human rights, labor practices, environmental degradation and corruption are bigger problems in some companies and parts of the world than they are in others. That is why a company should really look for, in ERP or other enterprise software, a way to assign and manage risk in its decision making. When, for instance, selecting suppliers, a vendor’s documented history of poor labor practices or a spotty environmental record can be taken into consideration. The risk of corporate exposure to litigation, public opprobrium or other problems associated with a breach in the four areas of corporate social responsibility can be monetized and dealt with in an objective fashion.

Risk management functionality that is embedded directly in an enterprise application rather, instead of a stand-alone solution will be preferable for one simple reason. When risks are identified and a risk mitigation plan created, risk management that exists directly in an ERP system used widely throughout a company will allow execution of that mitigation plan to be automated to a much greater degree. A separate risk management tool will really leave executives guessing as to whether the risk mitigation plan they created is being followed, and that could lead to some very unpleasant surprises.

We live in an age of heightened social awareness among corporate leaders, and this is probably a good trend. We all want to do well by doing good, but the devil is always in the details. And corporate Social Responsibility management and reporting involves many, many details. While there is no certification for ISO26000, the right enterprise software platform can streamline the practices outlined in ISO 26000 and provide an authoritative, thorough view of actual environmental, human rights, labor and ethics practices. Lacking an enterprise solution, it is hard to operationalize a corporate social responsibility plan and even harder to prove to the satisfaction of investors, customers, and other stakeholders that the plan is being followed.

The 10 Principles of the UN Global Compact
Human Rights
• Principle 1: businesses should support and respect the protection of internationally proclaimed human rights
• Principle 2: make sure that they are not complicit in human rights abuses

• Principle 3: businesses should uphold the freedom of association and the effective recognition of the right to collective bargaining
• Principle 4: the elimination of all forms of forced and compulsory labor
• Principle 5: the effective abolition of child labor
• Principle 6: the elimination of discrimination in respect of employment and occupation
• Principle 7: businesses should support a precautionary approach to environmental challenges;
• Principle 8: undertake initiatives to promote greater environmental responsibility
• Principle 9: encourage the development and diffusion of environmentally friendly technologies 

• Principle 10: businesses should work against corruption in all its forms, including extortion and bribery


About the Author

Bill Leedale is responsible for knowledge transfer in North America for the manufacturing product suite within IFS Applications. He has over 20 years of hands-on experience in the manufacturing arena from leading large-scale implementation projects to managing business process reengineering engagements for global companies. Leedale holds a B.A. in Business and Economics from Wittenberg University in Springfield, Ohio and an M.B.A. from Ohio State University, Columbus, Ohio. He is an author of the current APICS body of knowledge and a contributor to APICS’ current Lean Enterprise Workshop. His certifications include Certified Fellow in Production and Inventory Management (CFPIM), and Certification in Integrated Resource Management (CIRM).


To start your own custom ERP solution comparison, please visit

TEC's Enterprise Resource Planning Evaluation Center





comments powered by Disqus