Annex SL is the biggest change that has come to ISO standards (management systems) in recent years. Annex SL is a high-level structure (HLS) described in ISO/IEC Directives, Part 1, which provides authors of standards with guidelines that include a generic structure of requirements, as well as common terms and definitions.
Annex SL provides a new high-level structure for ISO management system standards, replacing the historical ISO Guide 83 and expanding on the already applied common structure. The high-level structure offers a more consistent framework for popular management system standards and enables better integration of management systems using two or more ISO standards.
Many organizations aim to have a management system that covers the requirements of quality, environment, and information security based on ISO 9001, ISO 14001, and ISO/IEC 27001 standards. With each of these ISO standards based on Annex SL, it becomes easier to integrate different requirements into one integrated management system.
Therefore, the aim of defining the high-level structure is to introduce an identical core text and common terms for management systems, as it will:
- Simplify standards
- Encourage standardization
- Facilitate the integration of management systems
The new structure of high-level clauses (Annex SL) includes the following clauses (chapters):
1) Scope – defining the applicability boundaries of a specific standard (specifying which organizational parts the standard applies to).
2) Normative References – listing normative references from the latest edition of the reference document.
3) Terms and Definitions – providing specific terms and definitions used in the particular standard, aiming to clarify the requirements for better understanding by end users.
4) Context of the Organization – requiring an understanding of issues that can positively or negatively impact the organization and its ability to achieve planned results. It includes internal and external issues, needs and expectations of interested parties, and boundaries for determining the scope of the management system.
5) Leadership – emphasizing the role of top management, such as the executive director or other senior executives, and their ability to demonstrate leadership. It includes requirements such as establishing an organizational policy and defining clear roles, responsibilities, and authorities to achieve planned results.
6) Planning – encompassing organizational planning for implementing the management system and achieving planned outcomes, taking into account risks, opportunities, and actions to address them. Additionally, this clause involves the need to define organizational objectives and plan changes.
7) Support – providing all necessary support to implement the plan and carry out changes. This clause includes support in terms of resources, competence, awareness, communication, and documented information