ISO Procurement Policy and Procedures
V.1.2 effective as of 1 March 2022
Table of content
1. Purpose and scope ........................................................................................................... 1
2. Definitions ......................................................................................................................... 1
3. Overview of procurement process and confidentiality ........................................................ 2
4. Delegation of authority ...................................................................................................... 2
5. Ethics and sustainability .................................................................................................... 2
6. Procurement process (expenditure limits) ......................................................................... 3
7 Suppliers, vendors or consultants...................................................................................... 5
8 Call for tenders (RFP, criteria) ........................................................................................... 5
9 Selection process .............................................................................................................. 6
10 Contract principles, review and management .................................................................... 6
1. Purpose and scope
The purpose of the ISO Procurement Policy and Procedures (Procurement Policy) is to
structure ISO’s purchasing processes and sourcing strategies to ensure that the services and
goods we acquire are the result of transparent, objective, time- and cost-effective decision
making and risk management. This Policy is rooted in ISO’s and ISO members’ commitment
to continuous and performance-driven improvement and benchmarking.
This Procurement Policy applies to all ISO staff, managers, directors and officers as well as
any agent(s) for ISO seeking to acquire, acquiring and/or managing ongoing contractual
relationships for the provision of services and/or goods to or on behalf of ISO. It is not a box-
ticking exercise, but rather implies careful consideration at all stages of the procurement
process, including before and after. Adhering to this Policy is mandatory; violations may result
in disciplinary action.
This Policy may be shared with potential suppliers, donors and external partners, and
incorporated into any resulting contractual relationship.
2. Definitions
The below are definitions of terms used throughout this Policy. When in doubt, speak to your
manager, the Procurement Manager, Financial Services or Legal Services.
2.1 Bid, proposal or tender: is the offer from a possible vendor or consultant responding
to an invitation from ISO for that offer.
2.2 Procurement Manager: is the ISO staff person(s) dedicated to handling ISO
procurement issues, developing templates and answering any questions relative to
this Policy.
2.3 Procurement process: is the acquisition process (purchasing) of goods and/or
Page 1 of 6
� services. ISO’s procurement process is meant to ensure that ISO’s needs are met for
the best possible cost in terms of quality, time and other relevant factors to support
ISO’s business operations.
2.4 Request for proposal (RFP) / Request for quote (RFQ): is an invitation from ISO
defining a need and outlining certain project perimeters and criteria by which ISO will
select a winning bid (in this case, a proposal that discretely sets out what service and
good will be provided, for how much, when and how, etc.). Specific workflows have
been created and made available to guide ISO/CS staff through the different steps of
each process.
3. Overview of procurement process and confidentiality
This Procurement Policy applies to all acquisitions of goods/services at ISO. All purchases
(and perhaps even most) will not need to go through a formal tender process but will remain
subject to this Procurement Policy. To evaluate when a tender process is needed and what it
should look like, see the below tender limits at Section 6. Procurement process (expenditure
limits).
Adhering to this Policy will be the responsibility of the relevant business unit seeking to acquire
the goods/services, and, as required or requested, in consultation with the Procurement
Manager or Financial Services.
While this Policy may be shared with potential bidders and donors, several aspects of the
procurement process are confidential. Offers or tenders received from applicants are strictly
confidential to ISO and should not be shared with potential or actual applicants in order to
ensure fair and unbiased competition. The results of any offer or tender may be shared directly
with the applicant only, including a summary as to why it was not selected.
Record-keeping will be of utmost importance for accounting and auditing reasons.
4. Delegation of authority
Annex B to Clause 24 of the ISO Rules of Procedure (“Delegation of Authority”) and any
further “ISO/CS internal procedures” as referred to in the Delegation of Authority set out how
authority to engage ISO financially is delegated from ISO’s Secretary-General to staff. All ISO
staff should be familiar with the Delegation of Authority and ISO/CS internal procedures,
including on avoidance of oral agreements or commitments.
This Procurement Policy must be read in conjunction with the Delegation of Authority and
ISO/CS internal procedures, which take precedence. Importantly, all engagements (except
as explained in the Delegation of Authority and ISO/CS internal procedures, e.g. for “click-
through” agreements) must be approved by two signatories. When in doubt, speak to your
manager or a member of Legal Services.
As such, all normal budget constraints and approval processes shall also apply to any
procurement process.
5. Ethics and sustainability
All purchasing of goods or engagement of services at ISO must comply not only with Swiss
law, as ISO is headquartered in and subject to the laws of Switzerland, but also meet or
exceed the guidelines from the UN, WTO and OECD as well as those related to the
transparency of project management and administration of projects and contracts with
development agencies.
Page 2 of 6
�Foundational and implementation references include:
• NF X50-135-1:2012: Purchasing function – Sustainable purchasing – Guide for the use of
ISO 26000 – Part 1: Policy-Strategy
• NF X50-135-2:2012: Purchasing function – Sustainable purchasing – Guide for the use of
ISO 26000 – Part 2: Operational deployment
• ISO 20400:2017, Sustainable procurement – Guidance
• ISO 26000:2010, Guidance on social responsibility
Such laws and guidelines include human rights, environmental, employment, health and
safety, data protection, anti-avoidance and anti-corruption regulations. It should be noted that
ISO is not subject to VAT taxes, as prescribed in its Fiscal Accord with Switzerland.
Further to the applicable ISO staff rules and the Code of Conduct and Ethics, this Procurement
Policy also commits all staff to upholding ethical conduct, social responsibility, transparency,
auditability and accountability, and sound risk management in the context of procurement.
Deviations from this should be reported to the relevant line manager, Procurement Manager,
Legal Services, and/or Financial Services.
When selecting possible vendors or consultants, ISO shall strive to seek partners of the same
or similar mindset and corresponding business operations.
As said above, this Procurement Policy is meant to encourage open and wide competition for
the best quality/priced goods and services. As such, ISO procurement processes must always
comply with the following:
• Procurement processes should be fair, unbiased, consistent, and aim to attract the widest
and most diverse pool of applicants as possible and appropriate.
• Compliance with applicable laws and regulations is strictly required.
• ISO procurement should be consistent with socially responsible, diversity and ethical
business operations and practices.
• Engagements made on ISO’s behalf must follow the delegation of authority as described
in Delegation of Authority and ISO/CS internal procedures.
• The procurement process shall be the responsibility of the relevant business unit, with
systematic assistance from the Procurement Manager as required or requested, in order
to ensure that another person can review and validate that the process is being followed.
• Selection should be based on transparent and objective criteria, free from personal
interests, biases, or other untoward or political influences.
• Selected vendors or consultants should ensure compliance with all applicable data
protection laws.
• All records should be as complete and accurate as possible, and timely kept.
• Any contract review shall be in accordance with Legal Services’ normal quality
management practices.
6. Procurement process (expenditure limits)
All acquisition of goods/services for ISO shall comply with the following processes, according
to the below-described expenditure limits and risk level assessment in relation to ISO/CS
financial impact, operational impact and ISO’s reputation. The Procurement Manager may
nevertheless assist if there are any concerns, regardless of the exact monetary limit, especially
if there may be a significant impact on ISO.
Any expenditure by ISO for goods/services shall comply with all the principles set forth in this
Procurement Policy.
Page 3 of 6
� Threshold CHF
Risk/impact
Up to kCHF 10 (0) kCHF 10 – kCHF 50 (1) Over kCHF 50 (2)
Low (0) No formal call (0) No formal call (1) RFQ (2)
Medium (1) No formal call (1) RFQ (2) RFP (3)
High (3) RFP (3) RFP (4) RFP (5)
Note: Numbers in parentheses are the attributed scores: Risk score + Cost score =
Total score.
RFQ (request for quote) shall require that the relevant business unit request and obtain at least
3 (three) offers from possible vendors or consultants.
RFP (request for proposal) shall require formal call for tenders done in consultation with the
Procurement Manager. It is up to the business unit to determine whether the management of
the procurement process will be done by the Procurement Manager or by the business unit.
Nevertheless, the Procurement Manager should be included in every step of the RFP
process. Regular feedback to relevant LT member and/or Procurement Manager/Financial
Services, as appropriate, would be expected in cases with a significant impact on ISO.
Risk management. Regardless of the expenditure, all purchasing shall include an appropriate
and proportionate risk management analysis. Any purchase or engagement for services with
external parties inherently exposes ISO (and possibly its members) to a variety of risks. It
shall be the responsibility of the relevant business unit seeking to acquire the goods and/or
services to conduct and document a risk management analysis, including the identification
and mitigation.
Artificial limit compliance. These above expenditure limits are meant to ensure the proper use
of procurement processes to obtain the best and most cost-effective service/good to meet ISO’s
need. Artificial splitting of contracts or projects in order to avoid the implications of
another procurement process category is strictly prohibited. When in doubt, business
units must consult their relevant LT member, and/or Procurement Manager/Financial
Services.
Auditability and accountability. For any ISO purchase, good record-keeping is important,
including as may be required by law and by internal ISO Procedures. This includes keeping an
original copy of all invoices for goods and services for 10 (ten) years (in paper or electronic
form, if supported), from the end of the year in which the expense was incurred.
Business units should at a minimum also maintain a copy of (1) how and from whom the need
for the acquisition originated, (2) the approval or project management process by which the
purchase was authorized, (3) all records pertaining to the source of the service or good, (4)
the performance of the vendor or consultant, and (5) any remedial measures taken where
performance or compliance so required it.
Continuous improvement. ISO staff or agents engaged in procurement for ISO shall strive to
continually seek relevant training and perform self or team assessments to support an ethical
and sustainable procurement process in accordance with the usual ISO business operations.
As ISO and its members are committed to ISO’s continuous improvement, all vendors and
consultants with whom ISO does business are expected to demonstrate the same
commitment in improving the goods and/or services contracted, as well as identifying and
setting performance targets within the context of their relationship with ISO.
Page 4 of 6
�7 Suppliers, vendors or consultants
ISO only partners with suppliers, vendors or consultants that attest they respect and comply
with all applicable health, safety, environmental, employment, data protection, and fiscal
regulations. Any known violations or inability to provide the appropriate evidence shall
disqualify any supplier, vendor or consultant from the procurement process.
The relevant business unit seeking or managing the acquisition will also manage the vendor
or consultant relationship. For contracts with a particular impact on ISO, feedback should be
given to the relevant LT member and Procurement Manager/Financial Services.
Any conflicts of interests that may arise in the context of a possible or ongoing
vendor/consultant relationship should be immediately raised with the relevant manager of the
business unit, who may escalate its resolution, in accordance with internal ISO Staff Rules
Edition 2016.
8 Call for tenders (RFP, criteria)
A call for tenders is an essential part of any formal procurement plan. Due consideration must
be given to the manner in which the call is released, how to effectively describe the
service/good ISO is requesting (with a clearly defined aim), and by which criteria ISO will
judge timely, eligible bids.
Open/restricted. Calls for tenders should preferably be open (widely advertised). In some
cases, a more targeted approach (whereby a few possible applicants are directly contacted)
may be more effective, especially in cases of genuine time or resource constraints. Derogations
must be authorized by the Procurement Manager, who must keep a list of such derogations
so the reason for the derogation is documented. However, casting a wider (but cost-efficient)
net may help to attract a wider and more diverse pool of applicants. Where appropriate, social
media can be helpful in getting the word out, as well as using a dedicated page on www.iso.org.
Business units must consult the Procurement Manager on both the content and the manner
of invitation for a call for tender to help strike the right balance.
Templates. When issuing a call for tender where the business unit is seeking a more detailed
proposal of the service/good offered to meet ISO’s need, business units may use the RFP
template maintained by the Procurement Manager.
A critical part of any RFP will be the careful selection and weighting of criteria. This is essential
in the later selection process. Such criteria may include:
• Cost competitiveness of the offer
• Service and service level coverage
• Ability to meet time frames
• Company profile and stability
• Geographical coverage
• Compliance with relevant regulatory bodies
• Relevant experience and references
• Ease of implementation
• Communication and technology
• Innovation and continuous process improvement
• Methodology and project management
• Environmental contribution and compliance
• Ability to respond to ISO financial requirements such as prices
• Future developments
Page 5 of 6
�The Procurement Manager can provide assistance in defining and weighting criteria for an
RFP or other call for tender.
9 Selection process
Selection shall be made in a neutral and transparent manner and in accordance with the
criteria pre-determined in the initiation phase or as per the call for tenders. Cost-effectiveness
and quality shall figure heavily in any weighted selection process.
The purchasing of goods or engagement for services from external sources bears inherent
risks. Any selection process shall also take due consideration to manage any pre-identified
risks of the acquisition and any potential risks of the engagement itself, including vis-à-vis the
selected vendor or consultant.
The selection process should correspond to the delegation of authority in the Delegation of
Authority and internal ISO/CS procedures.
Unsuccessful bids or offers should be notified to the applicant as soon as possible, while taking
care to maintain confidentiality vis-à-vis other applicants, including the successful applicant.
10 Contract principles, review and management
Per Section 4. Delegation of Authority above, all ISO contracts (including related to a
procurement process) are subject to execution in accordance with Delegation of Authority and
internal ISO/CS procedures. This also includes contract review by Legal Services, in
accordance with its quality management practices.
Relevant business units must involve Legal Services as soon as possible in the procurement
process so as to help identify and mitigate any risks, as well as increase efficiency for contract
review and negotiation. Where possible, ISO’s terms and conditions should be used,
particularly for Framework Agreements and subsequent Project Agreements. Variation from
ISO terms and conditions should be kept to a minimum.
This Policy may be referred to in contract review and negotiation.
All contracts, including amendments, purchase orders and other contractual documentation
should be properly kept by the relevant business unit, in accordance with internal ISO practices
on archiving and record-keeping.
Any relevant feedback regarding performance, including possible breaches or failures to
perform, should be timely notified to the relevant line manager and/or Legal Services, as
appropriate.
Any questions regarding the ISO Procurement Policy and Procedures can be sent to
tenders@iso.org.
V.1 Effective: 1 August 2015
V.1.1 Effective: 1 March 2018
V.1.2 Effective: 1 March 2022
Page 6 of 6
