What is a management system?

A management system is the way in which an organization manages the interrelated parts of its business in order to achieve its objectives. These objectives can relate to a number of different topics, including product or service quality, operational efficiency, environmental performance, health and safety in the workplace and many more.

The level of complexity of the system will depend on each organization’s specific context. For some organizations, especially smaller ones, it may simply mean having strong leadership from the business owner, providing a clear definition of what is expected from each individual employee and how they contribute to the organization’s overall objectives, without the need for extensive documentation. More complex businesses operating, for example, in highly regulated sectors, may need extensive documentation and controls in order to fulfil their legal obligations and meet their organizational objectives.

Management System Standards list
View the full list of ISO MSS.

The ISO model: agreed by experts

ISO management system standards (MSS) help organizations improve their performance by specifying repeatable steps that organizations consciously implement to achieve their goals and objectives, and to create an organizational culture that reflexively engages in a continuous cycle of self-evaluation, correction and improvement of operations and processes through heightened employee awareness and management leadership and commitment.

The benefits of an effective management system to an organization include:

  • More efficient use of resources and improved financial performance
  • Improved risk management and protection of people and the environment
  • Increased capability to deliver consistent and improved services and products, thereby increasing value to customers and all other stakeholders

MSS are the result of consensus among international experts with expertise in global management, leadership strategies, and efficient and effective processes and practices. MSS standards can be implemented by any organization, large or small.

MSS and related standards: the big picture

There are three different types of ISO documents that support organizational management. We've grouped these below, with examples of standards given for each.

Management Systems Standards (MSS)

ISO standards that set out requirements or guidance to help organizations manage their policies and processes to achieve specific objectives. MSS are designed to be applicable across all economic sectors, various types and sizes of organizations and diverse geographical, cultural and social conditions.

Many ISO MSS have the same structure and contain many of the same terms & definitions and requirements.

 

  • Quality management systems — Requirements
  • Information security, cybersecurity and privacy protection — Information security management systems — Requirements
  • Environmental management systems — Requirements with guidance for use

Sector-specific MSS

ISO management system standards that provide additional requirements or guidance for the application of a generic management standard in a  specific economic or business sector.

 

  • Medical devices — Quality management systems — Requirements for regulatory purposes
  • Railway applications — Railway quality management system — ISO 9001:2015 and specific requirements for application in the railway sector
  • Petroleum, petrochemical and natural gas industries — Sector-specific quality management systems — Requirements for product and service supply organizations

Management system related standards and implementation guidance

ISO standards that are intended to provide further guidance and/or requirements on:

  1. specific aspects of an organization’s management system,
  2. ISO management system standards, or
  3. related supporting techniques.
  • Occupational health and safety management — Psychological health and safety at work — Guidelines for managing psychosocial risks
  • Environmental management systems — General guidelines on implementation
  • Guidelines for auditing management systems

ISO management standards and the concept of a harmonized structure 

ISO’s management system standards (MSS) are among the most widely used and recognized documents that we publish. They include standards such as ISO 9001, ISO 14001 and ISO 50001, which apply to quality management, environmental management and energy management respectively. In fact, there are more than 80 MSS. There’s a lot to know, and even experienced standards users might want to consult the complete list or find out more about how MSS work

One of the fundamental principles is that all the standards can work together. Those who already use an MSS in one part of their business, and are considering implementing additional ones in another area, will find that the process has been made as intuitive as possible. That’s thanks to the Harmonized Structure (HS). The concept of HS is that management standards are structured in the same way, regardless of the domain of application. Users who are familiar with one MSS will immediately feel at ease with another, even when using if for the first time. 

Annex SL: more than a shared structure

In addition to being laid out in the same way, there are some parts of a standard where identical text can be used. This improves coherence and recognition, simplifies use, and is defined in something called “Annex SL”. It means that in addition to having the same structure, MSS can contain many of the same terms and definitions. This is particularly useful for those organizations that choose to operate a single (sometimes called “integrated”) management system that can meet the requirements of two or more MSS being used simultaneously. 

Annex SL plays a key role in the interoperability and user friendliness of standards for countless users of ISO management standards around the world. You can find comprehensive information about the current Annex SL and on the Web site of the Joint Technical Coordination Group (JTCG) for Management Systems Standards (MSS).  

As of February 2024, the publication of Climate Action Amendments to existing and new ISO Management Systems Standards (MSS) reflect ISO's Climate Action commitments.

Audits

Audits are a vital part of the management system approach as they enable the company or organization to check how far their achievements meet their objectives and show conformity to the standard.

In order to help the auditing related to these standards, ISO has released ISO 19011:2018 providing specific guidance on internal and external management system audits.

Certification

Certification to management system standards is not a requirement. You can benefit from implementing these standards without being certified to them.

However, if you are looking to get certified to one or more of our management system standards, then you need to get in touch with an external certification body.

That’s because ISO does not perform certification. Read more about certification to ISO standards.

Certification is not the only way to show conformity to standards. Read more about conformity assessment.

ISO survey

Find out how many valid certificates there are in each country for the main ISO management system standards.

What’s the difference between A Type A and Type B MSS?

Useful to know when it comes to conformity.

Some of our management system standards

We have a number of management system standards, each focusing on different issues affecting global business.
More information can be found about some of the best-known MSSs by clicking on the following links. You can find the full list of MSSs here.
 

Manager discussing with male worker at printing plant. Professionals with digital tablet and clipboard at printing press.
ISO 9000 family — Quality management
The ISO 9000 family of standards helps organizations improve the quality of their products and services and consistently meet their customers’ expectations.
Server room or server computers.3d rendering.
ISO/IEC 27000 family — Information security management
IT security, cybersecurity and privacy protection are vital for companies and organizations today. The ISO/IEC 27000 family of standards keeps them safe.
https://cys.isolutions.iso.org/
ISO 50001 — Energy management
ISO’s standard for helping organizations manage their energy performance.
Reduce workplace risks and make sure that everyone gets home safely with ISO 45001.
Improve your environmental performance with this family of standards.
Inspire confidence in your food products with this family of standards.
Prevent, detect and address bribery.