KMWorld 2024 Is Nov. 18-21 in Washington, DC. Register now for $100 off!

To ISO or not to ISO? What you need to know about the new knowledge management standard: ISO 30401

Article Featured Image

There has been a lot of buzz both positive and negative about the new ISO KM Standard. It was mentioned at KMWorld 2018, the Henley Forum, and other international KM venues. 

When I first heard that ISO was going to issue a KM standard I cringed.  How could anyone standardize KM?  Effective KM programs are tailored for a specific organizational culture and context—but having decades of experience with regulations and standards as a U.S. government safety inspector and regulation writer, I decided to do some research. 

I took an ISO 9001-2015 Quality Management Systems Lead Auditor Class to find out what ISO auditors do in an audit and successfully passed the qualifying exam.  I then purchased the ISO KM standard to look at its scope, requirements, and recommendations.  Then, I looked for and found an organization that could certify me as an ISO KM auditor, and was certified in April 2019 as the first ISO KM auditor in the U.S.  So, what did I learn?

Three major points

First, adoption of the ISO KM standard is voluntary.  No one has to adopt it or seek certification to the ISO standard.  You can operate the way you always have.  What the standard does do is to define basic tenets and features that the international ISO KM committee believes every good KM program should have.

Second, the stated intent of ISO 30401 is to “set sound knowledge management principles and requirements as guidance …”   While the standard defines requirements as to what should be done, the standard is silent on how these requirements should be done.  ISO recognizes that each organization has its own mission, environment, and culture so each KM program will be designed to meet specific organization culture and needs.  As an example, ISO 30401, Section 4.2 states:

4.2 Understanding the needs and expectations of interested parties" (stakeholders)

The organization shall determine:

  • the interested parties that are relevant to the knowledge management system;
  • the relevant requirements of these interested parties.

Section 4.2 requires a stakeholder needs analysis, i.e., the what; but it does not dictate how to do the analysis—only that it be done.  The analysis could be as simple as having a management meeting to identify the interested parties and their interests, or as complex as conducting a comprehensive survey of employees and customers and prioritizing survey findings.  How to meet each of the ISO KM requirements is left to the organization.

Third, if an organization chooses to seek certification to the ISO 30401 standard, it should find and use a certified ISO auditor. Having now been through the ISO training and certification process myself, I know what auditors can and cannot do, and understand the audit and certification process.  Most importantly, auditors must be independent with no conflicts of interest to be a certifying auditor.  This means that they cannot consult on programs that they audit and cannot audit programs for which they have consulted or managed. 

When I sought certification, few certifying bodies were prepared to certify individuals as ISO KM auditors since the standard is so new.  The certification process is based on review of the candidate’s experience and publications, personal and professional references, knowledge of how to conduct audits, knowledge of what ISO auditors can and cannot do, auditing ethics, first-hand in depth knowledge of KM programs, and, in my case, a lengthy face to face oral “exam” to demonstrate my in-depth knowledge of these subjects. 

How would ISO 30401 be applied to a real KM program?

Knowing that there was a lot of confusion and disinformation out there about the standard, and ISO audits, Paul Corney, Chris Collison, and I decided to co-author a book to dispel the myths about ISO 30401 and what it means to the KM community. 

The KM CookbookThe KM Cookbook: Stories and Strategies for organizations exploring ISO KM Standard 30401 features interviews of successful KM program managers around the world and looks at how program tactics and initiatives might fare in an ISO KM audit.  It has tips on how to prepare for an audit, questions an organization might ask of itself when preparing for an audit or when evaluating their KM program, and suggestions on how to interact with ISO auditors. 

Whether or not one chooses to adopt or certify to the standard, ISO 30401 provides organizations with an opportunity to examine or develop their KM program against internationally-accepted criteria.  It is up to you!


Publication is expected in the third quarter of 2019.

Those in the U.S. and Canada interested in pre-ordering the book at a discount may contact the American Library Association here and entering the code "KMCB19." 

KMWorld Covers
for qualified subscribers
Subscribe Now Current Issue Past Issues