Get certified against recognised standards with Speeki.
Your partner in ISO certifications.
ISO standards reflect global best practice in management systems, providing internationally recognised and auditable criteria for managing risk and responsibility. Their real strategic value emerges when they are treated as an integrated framework rather than separate compliance exercises.
ISO 14001, ISO 45001, ISO 37001, ISO 37301 and ISO 42001 share common foundations – leadership commitment, risk assessment, operational control and continual improvement. Instead of running parallel systems with duplicated documentation and audits, leading organisations integrate them into a unified governance framework, reducing administrative burden and strengthening organisational maturity.
Build your enterprise-wide ESG and sustainability ISO certification strategy with Speeki
Environmental
-
ISO 14001 is the world’s most widely adopted environmental management standard, providing a systematic framework for managing environmental responsibilities and reducing environmental impacts. It applies to:
air emissions and greenhouse gases
water use and discharge
waste generation and disposal
energy consumption
raw material use
land use and biodiversity
noise and other material environmental aspects.
-
The standard requires organisations to implement an environmental management system that includes:
identification of environmental aspects and impacts
compliance with applicable legal and environmental requirements
measurable environmental objectives and targets
operational controls for significant environmental impacts
emergency preparedness and response
monitoring and measurement of environmental performance
regular compliance evaluations
continual improvement through management review and corrective actions.
-
Certification to ISO 14001 demonstrates independently verified environmental management aligned with internationally recognised best practice and delivers:
reduced regulatory non-compliance risk and associated fines
lower environmental liability exposure
improved operational efficiency through better resource management
reduced waste disposal costs
meeting customer and procurement requirements.
support for sustainability reporting through verified environmental performance management
Anti-bribery
-
ISO 37001 establishes a framework for preventing, detecting and responding to bribery, and includes:
bribery risk assessments across jurisdictions
due diligence for personnel, business partners and transactions
controls in high-risk areas such as intermediaries and public procurement
oversight of facilitation payments, political and charitable contributions and sponsorships.
-
The standard requires organisations to implement a systematic, risk-based anti-bribery management system that includes:
anti-bribery policies and procedures
role-specific training
financial and operational controls
confidential reporting mechanisms
monitoring and periodic review
documented evidence of control effectiveness
top-level commitment and adequate resourcing
continual improvement.
-
Certification to ISO 37001 provides independently verified evidence of internationally recognised anti-bribery controls and delivers:
assurance to regulators, investors and business partners
support in enforcement proceedings and reduced penalties
satisfaction of due diligence requirements in partnerships
differentiation in competitive bids
credible demonstration of anti-bribery management in high-risk jurisdictions.
Health and safety
-
ISO 45001 provides an international framework for managing occupational health and safety risks and applies to organisations of all sizes and sectors, covering:
physical hazards
chemical and biological exposures
ergonomic risks
psychosocial risks including stress and violence
contractor and visitor safety.
-
The standard requires organisations to implement a systematic occupational health and safety management system that includes:
hazard identification and risk assessment
risk controls
safe working conditions and equipment
worker competence and training
emergency preparedness
incident and near-miss investigation
worker participation and consultation
leadership commitment
continual improvement.
-
Certification to ISO 45001 demonstrates third-party verified health and safety management aligned with international best practice and delivers:
assurance to workers, regulators, insurers and clients
reduced workplace injuries and illnesses
lower compensation costs and insurance premiums
reduced enforcement actions and fines
protection of organisational reputation
meeting procurement requirements
evidence of safety management maturity in high-risk sectors
alignment with other ISO management system standards.
Energy management
-
ISO 50001 provides an international framework for systematic energy management and applies to energy uses under organisational control, covering:
electricity
natural gas
fuel oils
renewable energy
process energy
transportation energy
facilities energy
significant energy uses.
-
The standard requires organisations to implement a structured energy management system that includes:
energy reviews and significant energy uses
energy baselines and performance indicators
energy objectives and targets
action plans for energy improvement
procurement of energy-efficient products and services
personnel competence
monitoring and measurement of energy performance
continual improvement.
-
Certification to ISO 50001 demonstrates third-party verified energy management aligned with international standards and delivers:
assurance to stakeholders, investors, customers and regulators
reduced energy costs and measurable savings
support for climate commitments and carbon reduction targets
meeting customer and procurement requirements
strengthened sustainability reporting
energy efficiency in energy-intensive sectors
integration with ISO 14001 and ISO 14064.
Compliance
-
ISO 37301 provides an international framework for establishing and maintaining an effective compliance management system and applies across organisational obligations including:
legal requirements
regulatory requirements
contractual obligations
industry codes
organisational commitments.
-
The standard requires organisations to implement a systematic, risk-based compliance management system that includes:
identification of applicable compliance obligations
assessment of compliance risks
implementation of compliance controls
clear accountability structures
competent personnel
effective communication
monitoring and measurement
leadership commitment and governance oversight
integration into business processes
continual improvement.
-
Certification to ISO 37301 provides independent third-party verification of compliance management aligned with international best practice and delivers:
assurance to regulators, investors and business partners
support in enforcement actions or regulatory reviews
reduced insurance premiums or bond requirements
differentiation in competitive bids
scalable application for organisations of all sizes
measurable evaluation of compliance programme effectiveness
credible demonstration of compliance system maturity.
Artificial intelligence
-
ISO 42001 provides an international framework for managing artificial intelligence systems responsibly throughout their lifecycle and applies to organisations developing, deploying or using AI systems, covering:
data governance for training and operational datasets
model development and validation
performance monitoring and unintended behaviours
human oversight mechanisms
incident response procedures
documentation for explainability and auditability
technical risks including accuracy, security and robustness
ethical risks including fairness and human rights impacts.
-
The standard requires organisations to implement a structured AI management system that includes:
risk management across the AI lifecycle
AI impact assessments
clear roles and responsibilities
controls for data privacy and bias
transparency and accountability
monitoring of AI system performance
evidence of responsible AI practices.
-
Certification to ISO 42001 provides third-party verified evidence of AI governance aligned with emerging global expectations and delivers:
AI governance maturity ahead of regulation
support for emerging AI regulations
differentiation for high-risk AI applications
assurance to investors, customers and regulators
management of legal and reputational risks
alignment with procurement and disclosure requirements
systematic AI governance beyond ad-hoc policies.
Carbon emissions verification
-
ISO 14064 provides an international framework for the quantification, monitoring, reporting and verification of greenhouse gas (GHG) emissions and removals. It applies across:
direct GHG emissions (Scope 1)
indirect emissions from purchased energy (Scope 2)
other indirect emissions across the value chain (Scope 3)
GHG removals and sinks
emission reduction and removal enhancement projects
organisational and project-level GHG inventories.
-
The standard (across its three parts — 14064-1 organisations, 14064-2 projects, 14064-3 verification) requires organisations to:
define organisational and operational boundaries
quantify GHG emissions and removals using consistent methodologies
identify and document emission factors and data sources
manage data quality and uncertainty
maintain a GHG information management system
document base years and recalculation policies
prepare a GHG report suitable for verification
support independent validation and verification.
-
Verification to ISO 14064 provides independently assured GHG data aligned with internationally recognised methodology and delivers:
credible, third-party verified emissions data
assurance to investors, customers and regulators
a robust basis for climate targets and net zero commitments
support for mandatory and voluntary carbon disclosure (CSRD, ISSB, CDP)
reduced risk of greenwashing allegations
comparability and consistency in carbon reporting
integration with ISO 14001 and ISO 50001 for coherent climate governance.
Biodiversity management
-
ISO 17298 provides an international framework for biodiversity management systems, helping organisations identify, manage and reduce their impacts on nature and ecosystems. It applies to:
direct impacts on habitats and species
land and resource use
dependencies on ecosystem services
value chain and supply chain biodiversity impacts
pollution affecting ecosystems
restoration and conservation activities
nature-related risks and opportunities.
-
The standard requires organisations to implement a systematic biodiversity management system that includes:
assessment of biodiversity impacts and dependencies
identification of applicable legal and other requirements
biodiversity objectives and measurable targets
operational controls to avoid, minimise and restore impacts
application of the mitigation hierarchy
stakeholder and community engagement
monitoring and measurement of biodiversity performance
continual improvement through management review.
-
Certification to ISO 17298 demonstrates independently verified biodiversity management aligned with emerging global expectations and delivers:
structured response to nature-related risk
alignment with TNFD and biodiversity disclosure frameworks
assurance to investors, regulators and communities
support for sustainability and nature reporting
credible evidence beyond voluntary commitments
reduced ecological and reputational risk
integration with ISO 14001 for coherent environmental governance.
Social responsibility
-
ISO 26000 provides international guidance on social responsibility, helping organisations operate in an ethical and transparent way that contributes to sustainable development. It addresses seven core subjects:
organisational governance
human rights
labour practices
the environment
fair operating practices
consumer issues
community involvement and development.
-
As a guidance standard (not a certifiable management system), ISO 26000 sets out principles and practices for organisations to:
recognise their social responsibility and sphere of influence
identify and engage stakeholders
integrate socially responsible behaviour across the organisation
act ethically, transparently and accountably
respect human rights and the rule of law
respect international norms of behaviour
review and improve social responsibility performance.
-
Although ISO 26000 is a guidance standard rather than a certification standard, alignment with it provides a structured approach to social responsibility and delivers:
a recognised framework for responsible business conduct
support for human rights and labour due diligence
credibility with stakeholders, communities and customers
a foundation for ESG and sustainability reporting
improved stakeholder trust and reputation
alignment with broader ESG and supply chain expectations.
Whistleblowing
-
ISO 37002 provides international guidance for establishing, implementing and maintaining an effective whistleblowing management system based on trust, impartiality and protection. It applies across:
receiving reports of wrongdoing
assessing reports
addressing and investigating reports
concluding whistleblowing cases
protection of whistleblowers and others involved
reports across all forms of misconduct and concern.
-
The standard sets out principles and practices for organisations to implement a whistleblowing management system that includes:
secure and accessible reporting channels
protection of whistleblowers from detriment and retaliation
impartial and timely handling of reports
confidentiality of those involved
clear roles, responsibilities and competence
a culture that encourages speaking up
monitoring, review and continual improvement.
-
Alignment with ISO 37002 demonstrates a credible, internationally recognised whistleblowing system and delivers:
early detection of misconduct and risk
protection and confidence for whistleblowers
compliance with whistleblowing legislation (such as the EU Whistleblowing Directive)
reduced legal, financial and reputational risk
evidence of a strong speak-up culture
assurance to regulators, boards and stakeholders
integration with ISO 37001 and ISO 37301.
Fraud Controls
-
ISO 37003 provides international guidance for establishing, implementing and maintaining a fraud control system to prevent, detect and respond to fraud. It applies across:
internal and external fraud risks
fraud risk assessment across activities and jurisdictions
prevention controls
detection mechanisms
response and remediation
third-party and business partner fraud exposure.
-
The standard sets out principles and practices for organisations to implement a fraud control system that includes:
fraud risk assessment and treatment
anti-fraud policies and procedures
preventive and detective controls
reporting mechanisms for suspected fraud
investigation and response procedures
role-specific training and awareness
leadership commitment and governance oversight
monitoring, review and continual improvement.
-
Alignment with ISO 37003 demonstrates a systematic, internationally recognised approach to fraud risk and delivers:
reduced exposure to fraud losses
credible, risk-based fraud controls
assurance to boards, investors and regulators
support in enforcement and regulatory contexts
evidence of proactive fraud risk management
protection of financial and reputational interests
integration with ISO 37001 and ISO 37301.
Investigations
-
ISO 37008 provides international guidance for conducting internal investigations within organisations, supporting consistent, fair and credible handling of allegations of misconduct. It applies across:
allegations of fraud, bribery and corruption
whistleblowing and grievance reports
workplace misconduct and policy breaches
compliance and regulatory breaches
planning and conduct of investigations
reporting of investigation findings.
-
The standard sets out principles and practices for organisations to conduct internal investigations that include:
a structured and proportionate investigation process
impartiality, objectivity and fairness
confidentiality and data protection
competence of investigators
preservation and management of evidence
protection of those involved, including whistleblowers
clear documentation and reporting of findings
follow-up and corrective action.
-
Alignment with ISO 37008 demonstrates a credible, internationally recognised approach to internal investigations and delivers:
consistent and defensible investigation practice
fair treatment of all parties
stronger evidence for enforcement or disciplinary action
reduced legal and reputational risk
assurance to regulators, boards and stakeholders
support for whistleblowing and compliance systems
integration with ISO 37001, ISO 37002 and ISO 37301.
Information security
-
ISO 27001 is the world's leading standard for information security management systems, providing a systematic framework for protecting information assets against security threats. It applies to:
confidentiality, integrity and availability of information
cyber and information security risk management
access controls and identity management
physical and environmental security
supplier and third-party security
incident detection and response
business continuity and recovery
data protection and privacy-related controls.
-
The standard requires organisations to implement an information security management system that includes:
identification and classification of information assets
systematic information security risk assessment and treatment
selection and implementation of security controls from Annex A
defined policies, roles and responsibilities
security awareness and training
internal audit and management review
incident management and response procedures
continual improvement through corrective action and performance monitoring.
-
Certification to ISO 27001 demonstrates independently verified information security management aligned with internationally recognised best practice and delivers:
assurance to customers, partners and regulators on data protection
reduced risk of security breaches and associated financial and reputational loss
support for compliance with data protection regulations including GDPR
meeting contractual and procurement security requirements
structured framework for managing cyber risk
credible evidence of security posture for insurers and investors
integration with ISO 27701 for privacy information management.
We are not focused on ticking boxes on checklists.
“Clients engage Speeki because they want expertise. They want us to add value to their management system. They care about conformance, just as much as non-conformance. They expect senior audit practitioners with real expertise. They expect their auditors to engage, to support their objectives and to add value.”
Jenna Kim, Auditor, Speeki
Management system certification by Speeki
Whichever management system you choose to follow, Speeki can help certify that you meet its requirements.
Speeki supports you through the full cycle of certification and re-certification with our pre-certification, training and monitoring solutions.
We know that ISO certifications can be complex.
Let us help.