ISO 56001: what is certifiable innovation management

·

Until 2024, innovation was, for many companies, a well-stated intention in the annual report and a vague reality in day-to-day operations. The publication of ISO 56001:2024 — the international standard for innovation management systems — changes that equation: for the first time, there is an auditable standard that allows any organisation to demonstrate, with evidence, that it innovates systematically and not by chance. This article explains what the standard is, what it requires, who it is for, and why more and more Spanish SMEs are exploring its implementation.

What is ISO 56001 and where does it come from?

ISO 56001 is a standard from the International Organization for Standardization (ISO) that specifies the requirements for an innovation management system (IMS). It was published in September 2024 after several years of work by technical committee ISO/TC 279, which had already issued earlier guidance standards such as ISO 56002:2019 (implementation guide) and ISO 56000 (vocabulary). The key difference from its predecessors is that 56001 is certifiable: an accredited certification body (AENOR, Bureau Veritas, SGS, TÜV, etc.) can audit the system and issue a certificate valid for three years, renewable.

The standard follows the High Level Structure (HLS) common to all modern ISO management standards — the same one you will recognise if you already hold ISO 9001, ISO 14001, or ISO 27001 — which makes it easy to integrate with existing systems. Its ten clauses cover everything from organisational context and leadership to planning, support, operation, performance evaluation, and continual improvement; but with vocabulary and requirements specifically focused on creating value through novelty.

What does ISO 56001 mean by «innovation»?

The standard adopts the definition from ISO 56000: an innovation is «a new or changed entity realising or redistributing value». This definition is deliberately broad: it covers products, services, processes, business models, and organisational methods. It is not limited to technological innovation and does not require R&D. A substantial improvement in customer experience, a new distribution model, or a redesigned internal process can all be innovations within the meaning of the standard, provided they deliver real value and there is a documented, repeatable process for generating them.

This is precisely what makes ISO 56001 relevant for SMEs that do not have R&D laboratories but do have adaptability, operational creativity, and a willingness to continually improve their value proposition.

Main requirements of the innovation management system

To implement ISO 56001 and pass a certification audit, the organisation must demonstrate, among other things:

If you want to know in detail how we structure the implementation process, you can consult our ISO 56001 certification service for companies, where we explain the phases, typical timelines, and project deliverables.

ISO 56001 compared with other innovation management approaches

Before ISO 56001, other tools and frameworks existed for structuring innovation. The table below compares the most common ones in the Spanish market:

Framework or tool Type Certifiable Main focus Compatibility with ISO 56001
ISO 56001:2024 International standard (requirements) Yes, by accredited third party Complete management system
ISO 56002:2019 International standard (guidance) No Guidance for implementing an IMS High (conceptual basis of 56001)
Design Thinking Design methodology No User-centred development Can be used as a tool within the IMS
Lean Startup / OKR Agile management framework No Rapid hypothesis validation Compatible as an experimentation method
EFQM 2020 Excellence model Yes, by self-assessment + recognition Overall organisational excellence High; innovation is one of its criteria
R&D+i (UNE 166002) Spanish standard (AENOR) Yes Technological research and development Complementary; 56001 is broader in scope

The advantage of ISO 56001 over methodologies such as Design Thinking or OKRs is that it provides the systemic structure and audit traceability that agile methodologies do not offer on their own. And compared with UNE 166002, it broadens the focus beyond technological R&D to include business model, process, and organisational innovation.

Who benefits from ISO 56001 certification?

The standard sets no size thresholds or mandatory sectors, so any organisation can apply it. In practice, the most common profile in Spain is:

It is also relevant for companies claiming R&D+i tax deductions. A certified innovation management system under ISO 56001 strengthens the documentation of eligible projects and facilitates the binding reasoned reports issued by the Ministry of Science.

Realistic timelines and implementation effort

In organisations of between 20 and 200 employees with some management maturity (even if not certified under any ISO standard), the implementation process from scratch to certification audit typically requires between 8 and 14 months. The range depends on how much prior documentation exists, on the involvement of management, and on whether integration with existing systems is pursued.

The typical phases are:

  1. Gap diagnosis: gap analysis against the standard's requirements. This allows the project to be scoped and the areas with the greatest gap to be prioritised.
  2. System design: innovation policy, role structure, opportunity portfolio, metrics, and key procedures.
  3. Implementation and training: rollout to teams, first managed ideation cycles, recording of evidence.
  4. Internal audit: review of the system before calling in the certification body. This identifies non-conformities that should be closed before the external audit.
  5. Certification audit (stages 1 and 2): the certification body reviews the documentation (stage 1) and audits the actual operation of the system on site (stage 2).

Relationship with ISO 42001 and the innovation standards ecosystem

ISO 56001 does not operate alone. In the current regulatory context it is worth understanding how it relates to other relevant standards:

Frequently asked questions

Does ISO 56001 require me to disclose my innovation projects or trade secrets?

No. The standard requires that the management system be documented internally and that the auditor can verify that the processes exist and function. But the specific content of projects — ideas in development, proprietary technologies, strategic alliances — is confidential information that is not made public. The certification audit works with process evidence, not with the disclosure of innovations.

What is the difference between holding ISO 56001 and simply claiming to be innovative?

The difference is the same as between saying you manufacture with quality and holding ISO 9001: the standard requires you to demonstrate with evidence — records, indicators, management reviews, internal audits — that the system works systematically and not only when there is inspiration or budget. A certificate issued by an accredited third party (AENOR, Bureau Veritas, SGS…) has credibility with clients, investors, and public authorities that a self-declaration does not.

How much does ISO 56001 certification cost?

The total cost combines the implementation consulting service and the certification body's audit fees. Certification fees depend on the size of the company and the number of locations audited; for an SME of 30–100 employees they typically range between 3,000 and 6,000 euros (initial two-stage audit plus first year of surveillance), based on published rates from the main certification bodies. Consulting costs depend on the starting gap and the scope of the project. We do not publish fixed prices because each project requires prior scoping; if you would like a quote tailored to your situation, please contact us.

Can I integrate ISO 56001 with my existing ISO 9001 or do I need a separate system?

You can and should integrate them. The fact that both standards follow the High Level Structure (HLS) means they can share the same management manual, the same management reviews, the same internal audit procedure, and the same continual improvement mechanisms. The quality policy is extended to include the innovation dimension; the innovation project portfolio is managed as a natural extension of the strategic planning required by ISO 9001. At Summum Calidad we regularly work with clients that already hold one or more ISO systems and we design the integration to minimise additional documentary burden.