What exactly did Amendment 1:2024 change in ISO 22000?

It added two targeted changes: clause 4.1 now requires the organization to determine whether climate change is a relevant issue for its context, and clause 4.2 gains a note observing that interested parties can have climate-related requirements. Nothing in the HACCP or operational planning clauses was altered.

Does ISO 22000:2018/Amd 1:2024 require re-certification?

No. The ISO/IAF Joint Communiqué published with the amendment confirmed that no additional audit is triggered. The amendment is assessed at the organization's next scheduled surveillance or recertification audit.

What are the two PDCA cycles in ISO 22000:2018?

ISO 22000:2018 operates two nested Plan-Do-Check-Act cycles: an outer management-system PDCA that governs the food safety management system as a whole, and an inner operational PDCA that governs the HACCP-based hazard analysis and control process. Both cycles must be maintained and are subject to audit.

How does ISO 22000 relate to Codex Alimentarius HACCP?

ISO 22000:2018 incorporates the seven Codex HACCP principles. They sit within Clause 8 (operational planning and control). Annex A of the standard cross-references specific clauses to the Codex HACCP steps, making the relationship explicit. ISO 22000 adds a management-system layer (Annex SL structure, leadership, planning, improvement) on top of the operational HACCP logic.

What's new in ISO 22000:2018/Amd 1:2024

Amendment 1:2024 added climate-change considerations to 31 management-system standards, including ISO 22000. Here's what changed, how it fits the 2018 core, and what food-safety practitioners need to know.

On 23 February 2024, ISO published a coordinated amendment across 31 management-system standards in the Annex SL (Harmonized Structure) family. ISO 22000, the international standard for food safety management systems, was one of them. The amendment adds explicit climate-change language to the organizational context clauses, producing the current edition: ISO 22000:2018/Amd 1:2024.

For food-safety practitioners and candidates preparing for an ISTO Test of Understanding, the amendment is the latest layer on top of the substantial 2018 revision, which itself introduced two nested PDCA cycles, Annex SL alignment, and a clearer split between organizational and operational risk. Understanding both the 2018 core and the 2024 addition is essential for a complete picture of the standard as it is audited today.

ISO 22000 edition timeline

ISO 22000 edition milestones

2005
First edition
ISO 22000:2005 published
2018
Second edition
ISO 22000:2018, adopts Annex SL, two PDCA cycles
Feb 2024
Amd 1:2024
Climate-change considerations added to clauses 4.1 and 4.2

The February 2024 climate amendment — clauses 4.1 and 4.2

Clause 4.1 — Understanding the organization and its context

The amendment adds a "shall determine" statement: the organization shall determine whether climate change is a relevant issue. For food businesses, this means climate change must be explicitly considered when scanning the external environment, for example, how shifting weather patterns affect ingredient supply chains, temperature-controlled logistics, or the prevalence of specific biological hazards. If a genuine assessment concludes climate change is not currently relevant, the organization can document that conclusion. The word "whether" makes this a real binary question, not a foregone finding.

Clause 4.2 — Understanding the needs and expectations of interested parties

Amendment 1:2024 adds a note to clause 4.2 observing that interested parties, such as regulators, customers, suppliers, and others, can have climate-related requirements and expectations. Notes in ISO standards do not create requirements, but they signal interpretive intent: auditors will expect to see climate perspectives considered when an organization maps its interested parties, even in the food-safety context.

Clause	ISO 22000:2018	ISO 22000:2018/Amd 1:2024
4.1 — Context	Shall determine external and internal issues relevant to the FSMS purpose and strategic direction	Same, plus: shall determine whether climate change is a relevant issue
4.2 — Interested parties	Shall determine relevant interested parties and their requirements relevant to food safety	Same, plus Note: relevant interested parties can have climate-related requirements
Operational clauses (Clause 8)	HACCP-based hazard analysis and control — PRP, OPRP, CCP — unchanged	Unchanged — the amendment does not touch HACCP or hazard control requirements

The 2018 revision — two nested PDCA cycles

To understand where the 2024 amendment sits, it helps to recall what the 2018 edition introduced. ISO 22000:2005 was succeeded by ISO 22000:2018, which brought the standard into the Annex SL Harmonized Structure and introduced a defining architectural feature: two nested Plan-Do-Check-Act (PDCA) cycles operating simultaneously.

ISO 22000:2018 operates two nested PDCA cycles: an outer management-system cycle governing the FSMS as a whole, and an inner operational cycle governing hazard analysis and control. Both are subject to audit.

The outer cycle governs the food safety management system as a whole: leadership commitment, planning, support, performance evaluation, and continual improvement. This is the management-system layer that ISO 22000 shares with other Annex SL standards: setting objectives, allocating resources, conducting management reviews, and driving improvement over time.

The inner cycle governs the operational process, the HACCP-based hazard analysis and control sequence within Clause 8. Here the PDCA logic applies specifically to identifying hazards, selecting controls (PRPs, OPRPs, and CCPs), monitoring performance, taking corrective actions, and verifying that the system is working. This is where the food-safety science lives.

The two cycles are interdependent. A failure in operational monitoring (inner cycle) must feed back into management-system improvement (outer cycle). A management decision to change a product line (outer cycle) must trigger a new hazard analysis (inner cycle). Auditors assess both, and candidates for an ISTO Test of Understanding need to demonstrate they understand the relationship, not just the mechanics of HACCP in isolation.

Risk at business vs operational level

Another 2018 contribution was making explicit that ISO 22000 manages risk at two levels:

Organizational risk (Annex SL Clause 6) — the conventional risk-and-opportunity thinking shared across all management-system standards: strategic risks to the FSMS, opportunities for improvement, and planning responses. This sits in the outer PDCA cycle.
Operational risk (Clause 8) — the hazard-analysis logic at the heart of HACCP: identifying biological, chemical, and physical hazards, determining their significance, and selecting appropriate controls (PRP, OPRP, or CCP). This sits in the inner PDCA cycle.

The 2018 edition separated these clearly so that organizations would not conflate a strategic business risk (say, a supplier becoming financially unstable) with an operational food-safety hazard (say, the same supplier failing to maintain cold-chain temperatures). Both matter; they require different analytical tools and different responses.

High-Level Structure alignment

ISO 22000:2018 adopted the Annex SL High-Level Structure, the common ten-clause architecture shared by all modern management-system standards. This means ISO 22000 now has identical clause numbering and headings to ISO 9001, ISO 14001, ISO 45001, and ISO 50001 for the management-system sections (Clauses 4–10). The food-safety-specific content sits within that shared skeleton, particularly in Clause 8.

For organizations running integrated management systems, this alignment is significant: the context analysis, leadership requirements, planning, support, and improvement clauses can be handled once at the organization level, with standard-specific content (HACCP in ISO 22000's case) slotted into the operational clause. The 2024 amendment adds its climate language to Clauses 4.1 and 4.2, clauses that are architecturally identical across all 31 amended standards, making the update consistent for multi-standard practitioners.