Long awaited changes to the ISO 14001 standard for environmental management systems: Part 2

ISO 14001:2026 Environmental management systems — Requirements with guidance for use has now been published, marking the start of the formal transition period. From April 15, 2026, organizations certified to the ISO 14001:2015 standard have three years to transition to the revised standard. After this time, certificates to ISO 14001:2015 will no longer be valid.

In Part 1, we covered why this update matters and who is most affected. This article walks through each of the key changes in detail and what they mean for your environmental management system. The revision sharpens expectations around climate change, biodiversity, natural resource use, leadership accountability, risk management and life-cycle considerations including supply chain and sourcing responsibility. All of these topics were covered by the previous iteration of the standard, but were not always prioritized, or well implemented by organizations.

What are the Key 2026 Changes?

Expanded Requirements for Externally Provided Processes

This is likely the most significant operational change in the 2026 update. Organizations that rely on contractors, purchased materials, outsourced functions, or logistics partners will need to demonstrate that environmental controls extend throughout those relationships, and that emergency planning accounts for supplier-related risks.

ISO 14001:2026 strengthens expectations for supply-chain relationships, promoting more responsible sourcing. Organizations must now be able to demonstrate that environmental control extends throughout the supply chain and organizations are expected to define the level of control in documented information. This language captures:

• Contracted services
• Purchased materials
• Outsourced functions
• Logistics and distribution partners

ISO has replaced the term “outsourced processes” with “externally provided processes, products or services”. This reinforces that any external provider influencing the organization’s environmental performance must be controlled and that suppliers and partners must be brought into the scope of the EMS.

ISO 14001:2026 underlines that supplier-related risks, over which the organization has control and influence, must also be included in Clause 8.2 Emergency Planning. This means emergency preparedness must consider situations such as:

• Supplier spills or releases
• Failures in waste contractors
• Supply chain disruptions affecting environmental controls
• Contractor accidents with environmental consequences
• Contamination caused by externally provided materials

Stronger Links to Current Sustainability Imperatives: Climate Change, Biodiversity and Resource Consumption

The new standard strengthens links between the EMS and climate-related challenges and other environmental conditions directly into multiple clauses, especially Clause 4.1 Understanding the organization and its context, Clause 4.2 Understanding the needs and expectation of interested parties and Clause 6.1 Actions to address risks and opportunities.

Climate change, use of natural resources and biodiversity are all now required considerations.

Climate Change

Climate change considerations were formally required in ISO 14001:2015 as of February 2024. ISO issued a climate-action amendment affecting all major management system standards. This amendment is now incorporated into ISO 14001:2026. These changes strengthen how organizations are required to evaluate climate change and its effects on environmental performance, including consideration of:

• Extreme weather events
• Flooding heat waves and wildfires
• Changes in resource availability
• Regulatory responses like carbon taxes

Effects on the EMS as a result of stakeholder action on climate change, including obligations imposed by customers, regulators, communities and investors, must be considered, such as:

• Low carbon product expectations
• Green supply chain requirements
• Disclosure and reporting expectations
• Resilience-related concerns

For organizations that have made net-zero or climate-related pledges, these requirements mean your EMS now plays a direct role in evidencing those commitments. The gap between public claims and system-level controls is exactly where regulatory and reputational risk sits.

Use of Natural Resources

ISO 14001:2026 has expanded Clause 4.1 Understanding the organization and its context, to include natural resource use as a factor that organizations must evaluate when understanding environmental conditions that could influence the organization’s environmental performance. ISO 14001:2026 places much stronger emphasis on how operations rely on and impact natural resources such as:

• Water consumption - operational water use for processes, cooling, cleaning or production
• Raw materials - inputs such as timber, aggregates, chemicals, packaging materials or industrial feedstocks
• Minerals and metals - mined or refined materials used in manufacturing, electronics, construction and equipment
• Energy sources - both renewables (solar, wind, hydro) and non-renewables (oil, gas, coal) sources used to power operations
• Biomass and organic inputs - agricultural products, biological feedstocks, food ingredients, fiber or other biological materials

ISO 14001:2026 connects these resource-use examples to environmental impacts, meaning that they must now be contemplated by the organization in its review and inventory of significant environmental aspects and impacts, with risk assessment requiring consideration of:

• Resource scarcity
• Cost volatility
• Environmental degradation
• Ecosystem protection
• Increasing regulatory and stakeholder expectations

This is not limited to organizations operating in sensitive ecosystems. A manufacturing facility that withdraws water from a shared watershed, or a company sourcing raw materials from regions with deforestation risk, has biodiversity considerations that the updated standard now requires them to address.

Biodiversity Considerations

ISO 14001:2026 places more emphasis on biodiversity as a core environmental condition that organizations must understand and manage. Biodiversity is now treated as a central component of environmental sustainability. This expectation applies to any organization whose activities may influence or depend on local ecosystems species and natural habitats. Like other aspects, ISO 14001:2026 now requires more explicit and evidenced consideration of biodiversity impacts. Activities that affect biodiversity may include:

• Land use changes
• Water withdrawals that may affect aquatic ecosystems
• Air emissions or noise affecting sensitive species
• Waste or runoff affecting soil, water or habitat quality
• Sourcing of raw materials that influence biodiversity indirectly through supply chains

Organizations are now expected to:

• Demonstrate their understanding of how operations affect living systems
• Prevent negative impacts where possible
• Protect or restore ecological value
• Consider biodiversity in strategic and operational decisions

New clause for formal change management

ISO 14001:2026 strengthens expectations around how organizations evaluate and control changes within the EMS. The update clarifies what must be considered when changes occur and reinforces structured evaluation and communication.

The requirement to manage change existed in the 2015 version of the standard but is now captured by various requirements in the 2026 standard and in a standalone Clause 6.3 Planning of changes. This new clause explicitly requires organizations to more systematically control change that could influence the environmental performance of the organization:

• Monitor and evaluate the effectiveness of the planned changes
• Ensure changes are communicated
• Review results of changes

Organizations that do not currently have a formal process for evaluating and controlling changes to materials, suppliers, processes, or organizational structure will need to build one.

Leadership Accountability is Strengthened

ISO 14001:2026 reinforces that environmental management cannot be delegated solely to technical or environmental teams. Enhanced leadership engagement is emphasized to drive environmental performance and align the EMS with organizational strategy. Top management must be able to explicitly show personal involvement and remain accountable, even when tasks are delegated.

• Align environmental objectives with strategic direction
• Integrate EMS requirements into core business processes
• Actively promote continual improvement

Top management can delegate certain responsibilities for actions to others as indicated by the word “ensuring” in 5.1 Leadership and commitment; however, top management retains accountability. In practical terms, this means top management can no longer treat the EMS as something that lives in the environmental department. Auditors will look for evidence of personal involvement: meeting minutes, resource allocation decisions, strategic planning inputs, and active promotion of environmental performance.

Stronger and Clearer Life Cycle Perspective Requirements

ISO 14001:2026 strengthens the language around life cycle to ensure that environmental impacts are considered beyond the boundaries of a single facility. Organizations must now actively apply life cycle thinking, not just “consider” it. In scoping its EMS, the organization is expected to consider “its authority and ability to exercise control and influence over the full life cycle of its activities, products and services” (4.3 Determining the scope of the environmental management system). This includes inputs and outputs the organization can control. For example, climate change, biodiversity and natural resource use must be considered through a life-cycle lens, including supply chains and externally provided processes. This includes:

• Upstream impacts, such as resource extraction and supplier practices
• Downstream impacts such as waste and disposal

Organizations are now expected to be able to evidence how life-cycle thinking has informed:

• Product or service design and development
• Procurement of goods and services and supply chain controls
• Communication of environmental requirements to external providers

Enhanced Risk Based Planning

ISO 14001:2026 provides clarity around risk-based thinking and compliance obligations. The new standard makes it clear that organizations must plan actions based on environmental risks, opportunities and life-cycle impacts. ISO 14001:2026 reorganizes Section 6 Planning with the following changes:

• Risks and opportunities move to Clause 6.1.4
• Planning actions to address significant aspects, compliance obligations and risks and opportunities moves to Clause 6.1.5 Planning action

The intention of the restructuring is to remove ambiguity and clarify how organizations determine all relevant enterprise environmental risks and opportunities and then plan actions to address them. A new note has been added to Clause 6.1.2 Environmental aspects, to clarify that environmental risk planning (risk identification, risk assessment and in determining emergency situations) must now consider the life cycle perspective. This revision is meant to ensure:

• Risks are not viewed only at the facility level but across the value chain, upstream and downstream
• Climate change, biodiversity loss and resource scarcity must be incorporated into emergency scenario planning
• Emergency situations are separated from “abnormal conditions” reinforcing their unique risk pathways and planning requirements

Internal Audit Program

Clause 9.2.2 of the new standard requires that audit objectives be explicitly documented in an organization’s internal audit plan. This change is designed to ensure that audits are:

• Purposeful
• Risk-based
• Aligned with business priorities
• Capable of driving meaningful improvements to EMS effectiveness and environmental performance

Management Review

ISO 14001:2026 introduces structural changes and clarifies expectations for management review. The management review section of the standard is restructured with 2 new sub-clauses:

• Inputs to the management review process
• Outputs or results of the management review process

This restructuring improves clarity and consistency with the harmonized structure used across the ISO management system standards. With this structural change, it is expected that management reviews become a central mechanism for monitoring performance, risks, compliance and opportunities, and not merely a conformance exercise.

Documented Information

ISO 14001:2026 introduces refined terminology that distinguishes information that “must be available as documented information”. This means the organization must have documented evidence of conformance, but a formal standalone procedure or controlled document is not explicitly required. This is different from information that “must be maintained” – which applies to controlled documents such as procedures and policies, and scope statements or records.

• As evidence of change management (new Clause 6.3) the organization must be able to show that changes were planned and controlled but a formal procedure is not required. Evidence may include change forms meeting notes or digital workflow logs.
• Have evidence of life cycle perspective application. The standard does not require a documented lifecycle procedure, but you must show how lifecycle impacts were considered.
• Have evidence of supplier / externally provided process controls. ISO 14001:2026 expands controls to all externally provided processes. The organization must be able to show evidence of contracts, evaluations, performance data, etc., but does not necessarily need a specific procedure.
• Be able to demonstrate leadership engagement. Documented information can include meeting minutes, decisions, approval records resource allocation, etc. A formal leadership procedure is not required.

ISO 14001:2026 raises the bar on what an effective environmental management system looks like, requiring organizations to move beyond internal compliance and demonstrate control, accountability and performance across their full value chain.