ISO’s Annex SL Explained

  • Guides

“Not more jargon!” we hear you cry. Fear not, we are not introducing a layer of complexity to ISO standards! In fact, the advent of ISO’s Directive Annex SL will mean those who implement multiple ISO management standards will find it a far easier task in the future.

Recognising that many organisations are implementing the likes of ISO 9001 and ISO 14001 at the same time ISO realised that, despite sharing common requirements, their management standards differed when it came to definitions. Understandably, this led to confusion for users and consequent inconsistency when it came to implementing said standards.

The snappily titled ISO Technical Management Board’s (TMB) Joint Technical Coordination Group have remedied these issues with the alignment of management standards through the development of a common high-level structure, together with common definitions and common text.

The result is titled Annex SL and it gives ISO the framework to create any generic management system. More pertinently, the upcoming revisions for ISO 9001, ISO 14001 and ISO 27001 are to be changed with the Annex SL approach in mind.

Preparing for change

Those who have ISO 27001 in place will be the first to be affected as the upcoming ISO 27001:2013 revision was nicely timed to  come under the wing of Annex SL (along with 6 other ISO management standards).

Annex SL: High level structure clauses

  1. Scope
  2. Normative references
  3. Terms and definitions
  4. Context of the organisation
  5. Leadership
  6. Planning
  7. Support
  8. Operation
  9. Performance evaluation
  10. Improvement


ISO 27001 users needn’t panic however; the changes are subtle, not dramatic. The most major update will be the use of the broader concept of risk in context to the management system. There is also emphasis on preventive action as a broader concept than simply preventing an incident from reoccurring.

The popular ISO 9001 is also on the journey to revision, as revealed earlier in the year in our anticipated ISO 9001:2015 announcement story. The quality standard is arguably ISO’s most important. Consequently, ISO has gathered a huge amount of feedback from 122 countries in order to keep the standard relevant and useful to the millions who use it.

Users of ISO 14001 can sit back and relax as ISO only started gathering feedback on the environmental management standard earlier this year (so about 5 months behind ISO 9001:2015). As a result, we are not ready to announce the expected publication date just yet. However, rumours from technical committee meetings here in the UK include a move towards incorporating Corporate Social Responsibility and sustainable development, which will need to be driven by top level management. As with the other revisions, this is a reflection of where the world is heading rather than change for change’s sake.

Finally, although not an ISO standard, it’s worth mentioning OHSAS 18001 as it is also on the journey of being revised. There are even rumours that, at last, it will become an ISO standard. Seeing as it is often implemented alongside the likes of ISO 9001, it would make sense that the revisions follow along the same lines of the above.

In summary

Annex SL is good news for anyone involved in ISO management standards. The use of the same structure as well as commonly used terms and definitions will make it far easier, less time consuming and consequently cheaper to implement, integrate and maintain standards. With standards often being associated with terms such as ‘bureaucracy’ and ‘red tape’, it will in fact become even easier to demonstrate and benefit from having robust management systems in place.

As with revisions of all ISO standards, there is a generous transition period and we will incorporate the changes into the normal surveillance cycle for clients.

Keep up-to-date with the latest news by following @TheBABOfficial on Twitter. Alternatively, sign up to our newsletter at the bottom of the page.

profile image of Mark Nutburn
Written by Mark Nutburn

CTO - technology professional with over 20 years of IT experience building bespoke CRM systems and designing customised software solutions. A key part of the management team at The British Assessment Bureau for many years and a part of AMTIVO’s management team.