White paper

Selecting
Manufacturing ERP
for ISO 26000
Compliance
 content
Not just altruism..................................................................................................... 2

How can ERP technology help?.............................................................................. 3

General considerations......................................................................................... 8

Conclusion............................................................................................................... 9

About IFS................................................................................................................. 12
 Selecting Manufacturing ERP for ISO 26000 Compliance

Selecting Manufacturing ERP

for ISO 26000 Compliance
By Bill Leedale
S e n i o r A d vi s o r
I F S N o rth A m e ri c a

The UN Global Compact is an initiative, supported by heads of state of more than

190 countries, to encourage businesses worldwide to adopt sustainable and socially
responsible policies, and to report on their implementation. It has been in existence
since 2000. Since 2005, The International Organization for Standards (ISO) has been
working on a standard to provide guidelines for social responsibility. ISO 26000,
which is targeted for publication in September of 2010, concentrates on many of the
same areas of best practice outlined in the UN Global Compact. While ISO 26000
is not an actual extension of the UN Global Compact, ISO and the UN do have a
memorandum of understanding which states that the ISO standard will be consistent
with the compact, and that the UN Global Compact Office will have the opportunity
to review the standard as it moves towards completion.
In this whitepaper, we will discuss the compelling business reasons for industrial
companies to pay close attention to ISO 26000 and the UN Global Compact. We will
also explore the different ways that enterprise software like enterprise resources
planning (ERP) and enterprise asset management (EAM) can be leveraged to help
document compliance with the various requirements of the ISO standard.
There is a need for companies to be aware of and be able to manage their impact
and practices in the areas of social responsibility mutually seen as important by
ISO and the UN. Specifically, the standard and compact focus on four key domains:

• Human Rights

• Labor Relations

• The Environment

• Corruption

The importance of documenting and managing corporate social responsibility

practices becomes eminently clear when we consider the tragedy surrounding the
2010 explosion of the BP Deepwater Horizon offshore oil rig. BP’s reputation as a
good corporate citizen has certainly been diminished. Moreover, they may be held
liable for damages due to their actions, particularly if they cannot document that
they had been following accepted practices for two of the key areas dealt with
ISO 26000 … environmental protection and labor relations.

1
 Selecting Manufacturing ERP for ISO 26000 Compliance

Not just altruism

The current events in the Gulf are only the latest examples of how social responsi-
bility is of critical importance to an enterprise from not only the standpoint of
public perception, but from the standpoint of protecting the interests of investors
and other stakeholders. The incident currently involving BP is only the most recent
example of how environmental or other crisis situations stemming from corporate
social responsibility exposures impact the value of the company. Consider earlier
examples like Union Carbide and the disastrous chemical leak in Bhopal, India
—which not only claimed the lives of thousands and continues to affect the regional
ecosystem, but immediately led to a 12-point drop in Union Carbide Stock.
Other corporate liabilities can result not just from catastrophic events but from
day-to-day practices that have not been well-documented from a social responsibility
practice. Consider the situation faced by a number of Wisconsin paper mills saddled
with the cost of cleanup of polychlorinated biphenyls (PCBs) from carbonless copy
papers after depositing them in the Fox River between 1973 and 1997. The liability
incurred by these companies for this dredging and disposal of the carcinogenic
chemicals has saddled each of them with substantial financial obligations that impact
them to this day. The example of the paper industry in the Fox River Valley proves
that simply trying to do the right thing is not enough. PCB-laden carbonless copy
papers were phased out early on. It was recycling of these papers that, paradoxically,
lead to continuing discharge of PCBs into the river system, indicating that a very
high level of due diligence and management sophistication is necessary when it comes
to environmental matters.
Major US companies—including Wal-Mart—have found themselves pursued in
court and potentially held liable for substantial back wages and other costs due to
violations of labor and human rights standards, either within their own organization
or at vendors’ plants. Employers including Mohawk Industries have also been success-
fully sued under the Racketeer Influenced and Corrupt Organizations (RICO) Act
for knowingly employing and exploiting undocumented workers. Anti-discrimination
protections in the 1986 Immigration and Nationality Act, meanwhile, forbid employers
from targeting employees for undue documentation requirements based on their
ethnic background or country of origin. So the ability to document corporate social
responsibility initiatives in the area of employee relations and human rights offers
yet another real risk management benefit.
The fact that failure in the area of corporate social responsibility impacts every
measure of corporate performance and enterprise value is not lost on investors and
market insiders, and accounting practices are already changing to adopt many
principles of social responsibility.
Substantial rules are already in force, including several statements of position (SOP)
from the Accounting Standards Executive Committee of the American Institute of
Certified Public Accountants (CPAs). Because public companies must be audited by

2
 Selecting Manufacturing ERP for ISO 26000 Compliance

CPA firms, the following pieces of AIC positions ought to be of concern to manu-
facturers:

• Guidance on “Accounting for Contingencies” requires that liabilities be recognized

in the financial statements if a loss is probable and the amount is estimable. This
of course would include losses that would result from changing regulations that
would require refit of existing manufacturing processes or product designs, refit
of product in the field or reclamation or product at end of life. At the very least,
even if the loss is not estimable, the likely loss must be accounted for in footnotes
to financial reporting.

• These SOPs also require that environmental contamination costs be expensed as

incurred unless these costs extend the life or increase capacity of the property or
mitigate or prevent future environmental contamination that could occur other-
wise—or if these costs are realized while preparing the asset for sale.

• An SOP on Environmental Remediation Liabilities covers auditing and accounting

topics dealing with environmental issues. It details the responsibilities of corpo-
rations involved in mandated environmental cleanup, and responsibilities of
corporations to avoid environmental destruction.

Moreover, 3,700 of the world’s largest companies globally receive a survey from the
Carbon Disclosure Project, and most voluntarily submit their information to this
nonprofit, which shares data with institutional investors and the public.
More and more, investors are looking for corporate responsibility reports on
public companies, perhaps driven by a belief that companies that fail to offer this
information may be hiding conditions that could lead to substantial cost impacts in
the future. Due to these market pressures largely from the investor sector, public
companies will be under increasing pressure to document social responsibility
profiles of their own operations as well as their supply chain. Private companies that
comprise the supply chain need to prepare to satisfy the corporate responsibility
requirements of their customers.

How can ERP technology help?

EAM, ERP and other enterprise software can help industry comply with ISO 26000
by formalizing best management practices affecting the four key areas of human
rights, labor relations, the environment and corruption and centralizing related
information for streamlined reporting, investigation and preventive and detective
controls.

Labor and Human Rights: In the often-overlapping areas of labor relations and
human rights, enterprise software needs to at a bare minimum allow a company to

3
 Selecting Manufacturing ERP for ISO 26000 Compliance

ERP must allow a company to track the qualifications of applications to ensure that hiring is not in fact driven by race,
nationality, gender or other protected statuses.

document that they are not breaking local labor laws or regulations. ISO 26000,
however, also implores companies to exceed the requirements of local labor laws so
as to protect the human rights of employees. Enterprise software needs to, at a bare
minimum, document that employees are of the requisite age as child labor is one of
the main abuses that the compact and ISO 26000 are targeting. There are certain
allowances made in developing countries, and these allowances need to be accounted
for in the software environment. Age requirements can be documented internally in
the human resources component of an ERP package, but also have an impact on
supply chain management. Apart from ensuring age appropriateness of internal
employees, a company compliant with ISO 26000 must work to ensure that they are
not complicit in the human rights abuses of their suppliers. This means that it will
be important for companies to be able to collect information on the employment
practices of their suppliers and retain that information in a format that will allow it
to be tracked on an ongoing basis. One again, the human resources component of an
ERP package like IFS Applications can be employed, and you can simply set up the
employee records for your suppliers’ employees. Or, a document management tool
within an ERP environment could be employed to record and retain this data in a
workable format. While much of the data on suppliers’ employees comes second
hand as it is self-reported, it is still contingent on the ISO 26000-compliant company
to prove that they are performing appropriate due diligence.

4
 Selecting Manufacturing ERP for ISO 26000 Compliance

Tracking training of employees is one way to ensure that qualified people are performing work as well as proving that a
company is investing in their employees and helping them better their skill sets and prospects in the workforce.

While human rights in a general sense have to do with ensuring the dignity of those
in the workplace, there are other areas of labor management that have to do with
preventing unnecessary risk to employees, ensuring the right to work and granting
the right to a fair day’s pay for a fair day’s work. These are also dealt with in the
standard. In clause 6.4 of the ISO 26000 labor provision, however, additional
concepts are introduced, including:

• grievance processes and other elements of employer/employee relationships

• conditions of work

• social protections

• health and safety at work

The area where an ERP system can be most useful in ensuring proper labor practices
is in how it can document the training and skill sets of each employee to help ensure
that any differences in compensation stem from justifiable causes rather than race,
gender, nationality, etc.
Even prior to hiring, data must be captured on would-be employees. While most
companies will have hiring policies that forbid discrimination by the various catego-
ries of protected status, proving that those policies are followed is more difficult.

5
 Selecting Manufacturing ERP for ISO 26000 Compliance

That is why ERP software needs to include applicant tracking that allows comparison
of the qualifications of those applying for jobs with the qualifications of those who
are hired.

The Environment: In the standard, businesses are asked to take a precautionary

approach to protecting the environment, take on initiatives to promote greater
environmental responsibility and encourage the development and profusion of
environmentally-friendly technologies. Identifying and implementing enterprise
technology that will allow for efficient environmental management has been a
challenge for many industrial companies. This is in large part because a vanishingly
small number of ERP products offer environmental footprint management func-
tionality as a built-in module. Failing the availability of such functionality, it
becomes necessary to purchase various third party products that typically deal only
with carbon emissions rather than the full spectrum of air, water, landfill, product
lifecycles and end-of-life impacts. These third party products must then be either
integrated with an ERP package or run in stand-alone fashion—forcing an industrial
company to realize significant and perhaps unsustainable costs not only from the
software licensing but systems integration and/or duplicate administrative effort
resulting from maintaining information in two separate systems.
Ideally, an ERP package should support ISO 26000 by providing, within the
ERP suite itself, a configurable tool for capturing data on the entire spectrum of

ERP packages that offer embedded and comprehensive environmental footprint management tools will give industrial
companies a distinct advantage in documenting ISO 26000 requirements for environmental responsibility and stewardship.

6
 Selecting Manufacturing ERP for ISO 26000 Compliance

environmental impacts. This would allow, for instance, a company doing substantial
electronics business in Europe to focus on the substances covered in Registration,
Evaluation, Authorization and Restriction of Chemicals (REACH), Waste Electrical
and Electronic Equipment (WEEE) and Restriction of Hazardous Substances (RoHS)
regulations. A capital equipment manufacturer could focus on the lifecycle environ-
mental impact of their long-lived product, along with decommissioning costs.
A company with an extensive and far-flung supply chain could focus on decision
support for selecting vendors based on proximity.
Environmental footprint management built into ERP also streamlines reporting,
and provides for a more direct and credible source of information given that data
tampering is harder to accomplish given the preventive and detective controls within
a modern ERP system.

Corruption Prevention:
The mention of preven-
tive and detective controls
offers a convenient tran-
sition into the remaining
area of best practice dealt
with in the standard—the
prevention of corruption.
To a certain extent,
ERP products that
include functionality for
Sarbanes-Oxley compli-
ance can help mitigate
against certain corrupt
practices by executives
within the company.
Sarbanes-Oxley compli-
ance typically involves
rigid segregation of
duties so that no single
person can, for instance,
create a vendor in the
ERP system and then
approve checks to that
vendor. This would
prevent someone from
Access to processes and data within an enterprise application can be tightly
controlled. This allows for segregation of duties that can prevent a single either paying large sums
individual from engaging in corrupt practices. to themselves or to another

7
 Selecting Manufacturing ERP for ISO 26000 Compliance

individual inside or outside of the company for illicit purposes. At the very least,
these preventive controls would mean that non-authorized funds cannot be paid
without a good deal of collusion among various parties in the enterprise. Detective
controls can also be built into an ERP package to ensure that any illicit payments
that are made can be recognized after the fact and tracked to their source. Combined
with a formal corporate policy forbidding corruption through the bribery of govern-
ment or corporate officials, these preventive and detective controls can be remark-
ably effective in deterring corruption.

General considerations
Obviously, human rights, labor practices, environmental degradation and corruption
are bigger problems in some companies and parts of the world than they are in others.
That is why a company should really look for, in ERP or other enterprise software,
a way to assign and manage risk in its decision making. When, for instance, selecting
suppliers, a vendor’s documented history of poor labor practices or a spotty environ-
mental record can be taken into consideration. The risk of corporate exposure to
litigation, public opprobrium or other problems associated with a breach in the four
areas of corporate social responsibility can be monetized and dealt with in an
objective fashion.
Risk management functionality that is embedded directly in an enterprise applica-
tion instead of a stand-alone solution, will be preferable for one simple reason.

Risk management functionality can allow a company to quantify risk—including risk in the areas dealt with by ISO 26000
—and mitigate those risks proactively.

8
 Selecting Manufacturing erP for iSo 26000 coMPliance

When risks are identified and a risk mitigation plan created, risk management that
exists directly in an ERP system used widely throughout a company will allow
execution of that mitigation plan to be automated to a much greater degree. A separate
risk management tool will really leave executives guessing as to whether the risk
mitigation plan they created is being followed, and that could lead to some very
unpleasant surprises.

concluSion
We live in an age of heightened social awareness among corporate leaders, and this is
probably a good trend. We all want to do well by doing good, but the devil is always
in the details. And Corporate Social Responsibility management and reporting
involves many, many details. While there is no certification for ISO 26000, the right
enterprise software platform can streamline the practices outlined in ISO 26000 and
provide an authoritative, thorough view of actual environmental, human rights,
labor and ethics practices. Lacking an enterprise solution, it is hard to operationalize
a corporate social responsibility plan and even harder to prove to the satisfaction of
investors, customers and other stakeholders, that the plan is being followed.

Bill leedale is responsible for knowledge transfer in north america for the manufacturing product suite within
iFS applications. he has over 20 years of hands-on experience in the manufacturing arena from leading
large-scale implementation projects to managing business process reengineering engagements for global
companies. leedale holds a B.a. in Business and economics from Wittenberg University in Springfield,
ohio and an m.B.a. from ohio State University, columbus, ohio. he is an author of the current aPicS body
of knowledge and a contributor to aPicS’ current lean enterPriSe WorKShoP. his certifications include
certified Fellow in Production and inventory management (cFPim), and certification in integrated resource
management (cirm).

the 10 principleS of the un global coMpact

huMan rightS
principle 1: Businesses should support and respect the protection of internationally proclaimed human rights; and
principle 2: make sure that they are not complicit in human rights abuses.
labor
principle 3: Businesses should uphold the freedom of association and the effective recognition of the right to
collective bargaining;
principle 4: the elimination of all forms of forced and compulsory labor;
principle 5: the effective abolition of child labor; and
principle 6: the elimination of discrimination in respect of employment and occupation.
environMent
principle 7: Businesses should support a precautionary approach to environmental challenges;
principle 8: undertake initiatives to promote greater environmental responsibility; and
principle 9: encourage the development and diffusion of environmentally friendly technologies.
anti-corruption
principle 10: Businesses should work against corruption in all its forms, including extortion and bribery.

9
About IFS
IFS is a public company (OMX STO: IFS) founded in 1983 that
develops, supplies, and implements IFS Applications™, a component-
based extended ERP suite built on SOA technology. IFS focuses on
agile businesses where any of four core processes are strategic:
service & asset management, manufacturing, supply chain and
projects. The company has 2,000 customers and is present in more
than 50 countries with 2,700 employees in total. Net revenue in
2009 was SKr 2.6 billion.
More details can be found at www.IFSWORLD.com.
For further information, e-mail to info@ifsworld.com

Americas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . +1 888 437 4968

Argentina, Brazil, Canada, Mexico, United States

Asia Pacific . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . +65 63 33 33 00

Australia, Indonesia, Japan, Malaysia, new Zealand, Philippines,
PR China, Singapore, Thailand

Europe east and central asia . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . +48 22 577 45 00

BALKANS, Czech Republic, GEORGIA, Hungary, Israel, KAZAKHSTAN,
Poland, RUSSIA and cis, Slovakia, Turkey, UKRAINE

Europe Central . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . +49 9131 77 340

AUSTRIA, Belgium, GERMANY, ITALY, netherlands, SWITZERLAND

Europe West . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . +44 1494 428 900

France, Portugal, Spain, United Kingdom

Middle East and africa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .+971 4390 0888

India, South Africa, Sri Lanka, United Arab Emirates

Nordic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . +46 13 460 4000

Denmark, Norway, Sweden

Finland and the Baltic area . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . +358 102 17 9300

Estonia, Finland, Latvia, Lithuania

En11072-1 Production: IFS Corporate Marketing, August 2010.

www.ifsworld.com
T hi s d o c umen t m ay c o n ta in stat emen t s o f p o ssib l e fu t u re fun c t i o n a l i t y fo r IF S’ s o f t wa re pro d -
u c t s a n d t ec h n o l o gy. S u c h s tat e m e n t s o f fu t u r e fu n c t i o n a l i t y a r e f o r i n f o r m at i o n pu r p o s e s
o n ly a n d s h o u l d n o t b e i n t e r p r e t e d a s a n y c o m m i t m e n t o r r e p r e s e n tat i o n . I F S a n d a l l I F S p r o d -
u c t n a m e s a r e t r a d e m a r ks o f I F S . T h e n a m e s o f a c t u a l c o m pa n i e s a n d p r o d u c t s m e n t i o n e d
h e r e i n m ay b e t h e t r a d e m a r ks o f t h e i r r e sp ec t i v e o w n e r s .

IFS AB © 2010