What is the primary objective of **EN 1090**?

**EN 1090 ensures controlled execution and conformity assessment of structural steel and aluminium components for permanent incorporation in construction works.** As a harmonized standard under the Construction Products Regulation (CPR), it mandates **Factory Production Control (FPC)**, technical requirements via **EN 1090-2** (steel) and **EN 1090-3** (aluminium), and enables **CE marking** through risk-based **Execution Classes (EXC1–EXC4)**, covering materials, welding, tolerances, inspection, and traceability.

Who is legally or professionally required to comply with **EN 1090**?

**Manufacturers of load-bearing steel and aluminium structural components and kits placed on the EEA market must comply with EN 1090 to affix CE marking.** This includes fabricators, steelwork contractors, and suppliers of components like beams, trusses, and assemblies for buildings, bridges, and industrial structures, as EN 1090-1 implements CPR requirements for market access.

Does **EN 1090** require an external audit or third-party certification?

**Yes, EN 1090 mandates certification of the Factory Production Control (FPC) system by a Notified Body via AVCP systems.** This involves initial inspection, technical documentation review (including ITT/ITC), certificate issuance, and continuous surveillance audits to verify constancy of performance and enable lawful CE marking and Declaration of Performance (DoP).

How often should an assessment for **EN 1090** be performed?

**EN 1090 requires ongoing Factory Production Control (FPC) with continuous surveillance by a Notified Body, typically starting with the first audit one year post-certification.** Subsequent frequencies follow EN 1090-1 Table B.3, scaled by Execution Class (EXC), prior audit results, and changes, supplemented by manufacturer internal audits and reviews.

What are the consequences of non-compliance with **EN 1090**?

**Non-compliance with EN 1090 prevents lawful CE marking, risking market exclusion, product withdrawal, certificate suspension, and legal liability under CPR.** Notified Bodies publicly report suspensions for major non-conformities, exposing firms to fines, recalls, contractual penalties, and civil claims from structural failures.

An **EN 1090** be mapped to other international frameworks?

**No, these FAQs focus solely on EN 1090 as a standalone standard.** While practical implementations often align FPC with complementary systems like ISO 3834 for welding, EN 1090's unique requirements for CE marking, Execution Classes, and CPR conformity do not permit direct mapping here.

What is the first step to begin implementing **EN 1090**?

**Conduct a product scope assessment to confirm EN 1090 applicability and determine Execution Classes (EXC1–EXC4) based on consequence class (CC), service category (SC), and production category (PC).** Default to EXC2 if unspecified, then perform gap analysis against FPC requirements before Notified Body engagement.

What is the primary objective of **ISO 30301**?

**ISO 30301 specifies requirements for establishing, implementing, maintaining, and continually improving a Management System for Records (MSR).** It ensures organizations create and control authoritative, reliable evidence of business activities to support mandate, mission, strategy, and goals through High-Level Structure clauses 4–10 and records-specific operational controls in Clause 8 and **Annex A (normative)**.

Who is legally or professionally required to comply with **ISO 30301**?

**ISO 30301 applies to any organization wishing to demonstrate MSR conformity, with no legal mandates or thresholds.** It is voluntary for all sizes and sectors, including single entities or those sharing business activities, used by public agencies, regulated industries, and enterprises for governance, compliance, and stakeholder assurance via self-declaration, external confirmation, or certification.

Does **ISO 30301** require an external audit or third-party certification?

**No, ISO 30301 does not require external audit or third-party certification.** It offers three conformity pathways: self-assessment and self-declaration, external confirmation of self-declaration, or third-party certification under schemes like ISO/IEC 17065, allowing organizations to match assurance to stakeholder needs.

How often should an assessment for **ISO 30301** be performed?

**ISO 30301 requires internal audits at planned intervals and management reviews at planned intervals to evaluate MSR performance.** Clause 9 mandates monitoring, measurement, analysis, internal audits (Clause 9.2), and top management reviews (Clause 9.3), with frequency determined by risks, objectives, and results to ensure ongoing suitability, adequacy, and effectiveness.

What are the consequences of non-compliance with **ISO 30301**?

**ISO 30301 non-compliance carries no direct penalties as it is voluntary, but exposes organizations to records risks like regulatory sanctions, litigation disadvantages, reputational loss, and operational disruption.** Failures in evidence creation, integrity, or retention undermine accountability, business continuity, and stakeholder trust.

An **ISO 30301** be mapped to other international frameworks?

**Yes, ISO 30301 aligns with High-Level Structure (HLS/Annex SL) for integration with other management system standards.** Its clauses 4–10 and informative annexes enable mapping of MSR governance and operational controls, reducing duplication in integrated systems while standing alone for records-specific requirements.

What is the first step to begin implementing **ISO 30301**?

**The first step is understanding the organization’s context and determining records requirements per Clause 4.** This includes analyzing internal/external issues (Clause 4.1), explicitly identifying records needs (Clause 4.1.2), interested parties (Clause 4.2), defining MSR scope (Clause 4.3), and establishing the MSR (Clause 4.4) to anchor governance in business realities.

EN 1090 vs ISO 30301

Standards Comparison

EN 1090

Mandatory

2009

EU standard for steel and aluminium structural execution

ISO 30301

Voluntary

2019

International standard for records management systems

Quick Verdict

EN 1090 mandates CE marking for structural steel/aluminium via FPC and execution classes in EU construction, while ISO 30301 provides voluntary records management systems for any organization. Fabricators adopt EN 1090 for market access; all use ISO 30301 for governance and compliance.

Structural Metalwork

EN 1090

EN 1090 Execution of steel and aluminium structures

Cost

€€€€

Complexity

High

Implementation Time

6-12 months

Key Features

Risk-based Execution Classes (EXC1-EXC4) scaling requirements
Factory Production Control (FPC) for mandatory CE marking
Harmonized conformity assessment under CPR for structures
Technical execution rules for steel (1090-2) and aluminium (1090-3)
Welding quality management aligned with ISO 3834

Records Management

ISO 30301

ISO 30301:2019 Management systems for records requirements

Cost

€€€€

Complexity

High

Implementation Time

12-18 months

Key Features

High-Level Structure for MSS integration
Normative Annex A operational controls
Risk-based records requirements planning
Flexible conformity pathways options
Full records lifecycle management

Detailed Analysis

A comprehensive look at the specific requirements, scope, and impact of each standard.

EN 1090 Details

What It Is

EN 1090 is a harmonized European standard family (EN 1090-1, -2, -3) for execution and conformity assessment of structural steel and aluminium components under the Construction Products Regulation (CPR). It provides a risk-based framework enabling CE marking for load-bearing components in construction works.

Key Components

**EN 1090-1Conformity assessment via certified Factory Production Control (FPC) and Declaration of Performance (DoP).
**EN 1090-2/-3Technical requirements for steel/aluminium execution, including materials, welding, tolerances, inspection.
**Execution Classes (EXC1-EXC4)Scales rigor by consequence, service, production categories.
Notified Body certification with ongoing surveillance.

Why Organizations Use It

Mandatory for EU market access and CE marking.
Reduces liability, ensures traceability, improves weld quality.
Builds stakeholder trust, enables high-risk projects.

Implementation Overview

Phased: gap analysis, FPC build, personnel training, NB audits. Applies to fabricators globally targeting Europe; 6-12 months typical, with welding/traceability focus.

ISO 30301 Details

What It Is

ISO 30301:2019 — Information and documentation — Management systems for records — Requirements is a certifiable management system standard for establishing, implementing, and improving a Management System for Records (MSR). It ensures organizations create and control reliable evidence of business activities, using the High-Level Structure (HLS) with risk-based planning across Clauses 4–10.

Key Components

Core clauses: Context, Leadership, Planning, Support, Operation, Performance Evaluation, Improvement.
**Annex A (normative)Operational controls for records processes and systems.
Principles: Authenticity, reliability, integrity, usability.
Conformity options: Self-declaration, external confirmation, third-party certification.

Why Organizations Use It

Strengthens compliance, auditability, and transparency.
Mitigates risks like data loss, litigation, and regulatory fines.
Enhances efficiency, business continuity, and stakeholder trust.
Integrates with ISO 9001, 27001 for competitive advantage.

Implementation Overview

Phased approach: Gap analysis, policy design, operational controls, audits. Scalable for any organization size/industry; certification via accredited bodies.

Key Differences

Aspect	EN 1090	ISO 30301
Scope	Execution and conformity of steel/aluminium structures	Management system for records lifecycle controls
Industry	Construction, fabrication (EU/EEA focus)	All organizations worldwide
Nature	Harmonized standard enabling mandatory CE marking	Voluntary certifiable management system standard
Testing	FPC certification, AVCP audits by notified bodies	Internal audits, optional third-party certification
Penalties	Market exclusion, legal liability without CE mark	No legal penalties, loss of certification only

Scope

EN 1090

Execution and conformity of steel/aluminium structures

ISO 30301

Management system for records lifecycle controls

Industry

EN 1090

Construction, fabrication (EU/EEA focus)

ISO 30301

All organizations worldwide

Nature

EN 1090

Harmonized standard enabling mandatory CE marking

ISO 30301

Voluntary certifiable management system standard

Testing

EN 1090

FPC certification, AVCP audits by notified bodies

ISO 30301

Internal audits, optional third-party certification

Penalties

EN 1090

Market exclusion, legal liability without CE mark

ISO 30301

No legal penalties, loss of certification only

Frequently Asked Questions

Common questions about EN 1090 and ISO 30301

EN 1090 FAQ

ISO 30301 FAQ

You Might also be Interested in These Articles...

Singapore PDPA Implementation Guide: Mastering Part 6A Breach Notification Thresholds and Timelines from Primary Statute

Master Singapore PDPA Part 6A breach notifications: statutory thresholds (risk of significant harm), 72-hour timelines, checklists, templates & frameworks. Comp

The Tool Landscape for Reaching and Maintaining ISO 27701 Compliance

Discover the top tools for ISO 27701 compliance. Compare functionality, complexity, costs, and benefits to choose the best solution for your privacy program. Ac

CMMC Scoping Mastery for Defense Supply Chains: Enclave Mapping, Subcontractor Flow-Down, and CUI Inventory Blueprint

Master CMMC scoping for DIB: delineate FCI/CUI boundaries, segment enclaves, manage subcontractor flow-down. Prevent 80% assessment failures with SSP templates,

Run Maturity Assessments with GRADUM

Transform your compliance journey with our AI-powered assessment platform

Assess your organization's maturity across multiple standards and regulations including ISO 27001, DORA, NIS2, NIST, GDPR, and hundreds more. Get actionable insights and track your progress with collaborative, AI-powered evaluations.

100+ Standards & Regulations

AI-Powered Insights

Collaborative Assessments

Actionable Recommendations

Check out these other Gradum.io Standards Comparison Pages

ISO 26000 vs ISO 27701

Compare ISO 26000 vs ISO 27701: Non-certifiable SR guidance vs certifiable privacy management. Gain insights on governance, risks & compliance. Choose the right framework now.

J-SOX vs CIS Controls

Compare J-SOX vs CIS Controls: Japan's ICFR rules meet cybersecurity safeguards. Uncover key differences, overlaps & strategies for compliance, risk mitigation. Strengthen governance today!

SAFe vs EMAS

SAFe vs EMAS: Compare Scaled Agile Framework's enterprise agility with EU's Eco-Management Scheme for sustainability. Uncover ROI, configs, compliance—choose the right framework now!

EN 1090

ISO 30301

Quick Verdict

EN 1090

Key Features

ISO 30301

Key Features

Detailed Analysis

EN 1090 Details

What It Is

Key Components

Why Organizations Use It

Implementation Overview

ISO 30301 Details

What It Is

Key Components

Why Organizations Use It

Implementation Overview

Key Differences

Scope

Industry

Nature

Testing

Penalties

Frequently Asked Questions

EN 1090 FAQ

What is the primary objective of EN 1090?

Who is legally or professionally required to comply with EN 1090?

Does EN 1090 require an external audit or third-party certification?

How often should an assessment for EN 1090 be performed?

What are the consequences of non-compliance with EN 1090?

An EN 1090 be mapped to other international frameworks?

What is the first step to begin implementing EN 1090?

ISO 30301 FAQ

What is the primary objective of ISO 30301?

Who is legally or professionally required to comply with ISO 30301?

Does ISO 30301 require an external audit or third-party certification?

How often should an assessment for ISO 30301 be performed?

What are the consequences of non-compliance with ISO 30301?

An ISO 30301 be mapped to other international frameworks?

What is the first step to begin implementing ISO 30301?

You Might also be Interested in These Articles...

Singapore PDPA Implementation Guide: Mastering Part 6A Breach Notification Thresholds and Timelines from Primary Statute

The Tool Landscape for Reaching and Maintaining ISO 27701 Compliance

CMMC Scoping Mastery for Defense Supply Chains: Enclave Mapping, Subcontractor Flow-Down, and CUI Inventory Blueprint

Run Maturity Assessments with GRADUM

Check out these other Gradum.io Standards Comparison Pages

ISO 26000 vs ISO 27701

J-SOX vs CIS Controls

SAFe vs EMAS