What is the primary objective of EN 1090?

EN 1090 ensures controlled execution and conformity assessment of structural steel and aluminium components for permanent incorporation in construction works. As a harmonized standard under the Construction Products Regulation (CPR), it mandates Factory Production Control (FPC), technical requirements via EN 1090-2 (steel) and EN 1090-3 (aluminium), and enables CE marking through risk-based Execution Classes (EXC1–EXC4), covering materials, welding, tolerances, inspection, and traceability.

Who is legally or professionally required to comply with EN 1090?

Manufacturers of load-bearing steel and aluminium structural components and kits placed on the EEA market must comply with EN 1090 to affix CE marking. This includes fabricators, steelwork contractors, and suppliers of components like beams, trusses, and assemblies for buildings, bridges, and industrial structures, as EN 1090-1 implements CPR requirements for market access.

Does EN 1090 require an external audit or third-party certification?

Yes, EN 1090 mandates certification of the Factory Production Control (FPC) system by a Notified Body via AVCP systems. This involves initial inspection, technical documentation review (including ITT/ITC), certificate issuance, and continuous surveillance audits to verify constancy of performance and enable lawful CE marking and Declaration of Performance (DoP).

How often should an assessment for EN 1090 be performed?

EN 1090 requires ongoing Factory Production Control (FPC) with continuous surveillance by a Notified Body, typically starting with the first audit one year post-certification. Subsequent frequencies follow EN 1090-1 Table B.3, scaled by Execution Class (EXC), prior audit results, and changes, supplemented by manufacturer internal audits and reviews.

What are the consequences of non-compliance with EN 1090?

Non-compliance with EN 1090 prevents lawful CE marking, risking market exclusion, product withdrawal, certificate suspension, and legal liability under CPR. Notified Bodies publicly report suspensions for major non-conformities, exposing firms to fines, recalls, contractual penalties, and civil claims from structural failures.

Can EN 1090 be mapped to other international frameworks?

No, these FAQs focus solely on EN 1090 as a standalone standard. While practical implementations often align FPC with complementary systems like ISO 3834 for welding, EN 1090's unique requirements for CE marking, Execution Classes, and CPR conformity do not permit direct mapping here.

What is the first step to begin implementing EN 1090?

Conduct a product scope assessment to confirm EN 1090 applicability and determine Execution Classes (EXC1–EXC4) based on consequence class (CC), service category (SC), and production category (PC). Default to EXC2 if unspecified, then perform gap analysis against FPC requirements before Notified Body engagement.

What is the primary objective of ISO 30301?

ISO 30301 specifies requirements for establishing, implementing, maintaining, and continually improving a Management System for Records (MSR). It ensures organizations create and control authoritative, reliable evidence of business activities to support mandate, mission, strategy, and goals through High-Level Structure clauses 4–10 and records-specific operational controls in Clause 8 and Annex A (normative).

Who is legally or professionally required to comply with ISO 30301?

ISO 30301 applies to any organization wishing to demonstrate MSR conformity, with no legal mandates or thresholds. It is voluntary for all sizes and sectors, including single entities or those sharing business activities, used by public agencies, regulated industries, and enterprises for governance, compliance, and stakeholder assurance via self-declaration, external confirmation, or certification.

Does ISO 30301 require an external audit or third-party certification?

No, ISO 30301 does not require external audit or third-party certification. It offers three conformity pathways: self-assessment and self-declaration, external confirmation of self-declaration, or third-party certification under schemes like ISO/IEC 17065, allowing organizations to match assurance to stakeholder needs.

How often should an assessment for ISO 30301 be performed?

ISO 30301 requires internal audits at planned intervals and management reviews at planned intervals to evaluate MSR performance. Clause 9 mandates monitoring, measurement, analysis, internal audits (Clause 9.2), and top management reviews (Clause 9.3), with frequency determined by risks, objectives, and results to ensure ongoing suitability, adequacy, and effectiveness.

What are the consequences of non-compliance with ISO 30301?

ISO 30301 non-compliance carries no direct penalties as it is voluntary, but exposes organizations to records risks like regulatory sanctions, litigation disadvantages, reputational loss, and operational disruption. Failures in evidence creation, integrity, or retention undermine accountability, business continuity, and stakeholder trust.

Can ISO 30301 be mapped to other international frameworks?

Yes, ISO 30301 aligns with High-Level Structure (HLS/Annex SL) for integration with other management system standards. Its clauses 4–10 and informative annexes enable mapping of MSR governance and operational controls, reducing duplication in integrated systems while standing alone for records-specific requirements.

What is the first step to begin implementing ISO 30301?

The first step is understanding the organization’s context and determining records requirements per Clause 4. This includes analyzing internal/external issues (Clause 4.1), explicitly identifying records needs (Clause 4.1.2), interested parties (Clause 4.2), defining MSR scope (Clause 4.3), and establishing the MSR (Clause 4.4) to anchor governance in business realities.

Standards Comparison

EN 1090 vs ISO 30301

EN 1090

Mandatory

2009

EU standard for steel and aluminium structural execution

ISO 30301

Voluntary

2019

International standard for records management systems

Quick Verdict

EN 1090 mandates CE marking for structural steel/aluminium via FPC and execution classes in EU construction, while ISO 30301 provides voluntary records management systems for any organization. Fabricators adopt EN 1090 for market access; all use ISO 30301 for governance and compliance.

Structural Metalwork

EN 1090

EN 1090 Execution of steel and aluminium structures

Cost

€€€€

Complexity

High

Implementation Time

6-12 months

Key Features

Risk-based Execution Classes (EXC1-EXC4) scaling requirements
Factory Production Control (FPC) for mandatory CE marking
Harmonized conformity assessment under CPR for structures
Technical execution rules for steel (1090-2) and aluminium (1090-3)
Welding quality management aligned with ISO 3834

Records Management

ISO 30301

ISO 30301:2019 Management systems for records requirements

Cost

€€€€

Complexity

High

Implementation Time

12-18 months

Key Features

High-Level Structure for MSS integration
Normative Annex A operational controls
Risk-based records requirements planning
Flexible conformity pathways options
Full records lifecycle management

Detailed Analysis

A comprehensive look at the specific requirements, scope, and impact of each standard.

EN 1090 Details

What It Is

EN 1090 is a harmonized European standard family (EN 1090-1, -2, -3) for execution and conformity assessment of structural steel and aluminium components under the Construction Products Regulation (CPR). It provides a risk-based framework enabling CE marking for load-bearing components in construction works.

Key Components

EN 1090-1: Conformity assessment via certified Factory Production Control (FPC) and Declaration of Performance (DoP).
EN 1090-2/-3: Technical requirements for steel/aluminium execution, including materials, welding, tolerances, inspection.
Execution Classes (EXC1-EXC4): Scales rigor by consequence, service, production categories.
Notified Body certification with ongoing surveillance.

Why Organizations Use It

Mandatory for EU market access and CE marking.
Reduces liability, ensures traceability, improves weld quality.
Builds stakeholder trust, enables high-risk projects.

Implementation Overview

Phased: gap analysis, FPC build, personnel training, NB audits. Applies to fabricators globally targeting Europe; 6-12 months typical, with welding/traceability focus.

ISO 30301 Details

What It Is

ISO 30301:2019 — Information and documentation — Management systems for records — Requirements is a certifiable management system standard for establishing, implementing, and improving a Management System for Records (MSR). It ensures organizations create and control reliable evidence of business activities, using the High-Level Structure (HLS) with risk-based planning across Clauses 4–10.

Key Components

Core clauses: Context, Leadership, Planning, Support, Operation, Performance Evaluation, Improvement.
Annex A (normative) Operational controls for records processes and systems.
Principles: Authenticity, reliability, integrity, usability.
Conformity options: Self-declaration, external confirmation, third-party certification.

Why Organizations Use It

Strengthens compliance, auditability, and transparency.
Mitigates risks like data loss, litigation, and regulatory fines.
Enhances efficiency, business continuity, and stakeholder trust.
Integrates with ISO 9001, 27001 for competitive advantage.

Implementation Overview

Phased approach: Gap analysis, policy design, operational controls, audits. Scalable for any organization size/industry; certification via accredited bodies.

Key Differences

Aspect	EN 1090	ISO 30301
Scope	Execution and conformity of steel/aluminium structures	Management system for records lifecycle controls
Industry	Construction, fabrication (EU/EEA focus)	All organizations worldwide
Nature	Harmonized standard enabling mandatory CE marking	Voluntary certifiable management system standard
Testing	FPC certification, AVCP audits by notified bodies	Internal audits, optional third-party certification
Penalties	Market exclusion, legal liability without CE mark	No legal penalties, loss of certification only

Scope

EN 1090

Execution and conformity of steel/aluminium structures

ISO 30301

Management system for records lifecycle controls

Industry

EN 1090

Construction, fabrication (EU/EEA focus)

ISO 30301

All organizations worldwide

Nature

EN 1090

Harmonized standard enabling mandatory CE marking

ISO 30301

Voluntary certifiable management system standard

Testing

EN 1090

FPC certification, AVCP audits by notified bodies

ISO 30301

Internal audits, optional third-party certification

Penalties

EN 1090

Market exclusion, legal liability without CE mark

ISO 30301

No legal penalties, loss of certification only

Frequently Asked Questions

Common questions about EN 1090 and ISO 30301

EN 1090 FAQ

ISO 30301 FAQ

You Might also be Interested in These Articles...

DORA Third-Party Risk Management: A Consultant’s Guide to Mapping Critical ICT Service Providers in 2026

Navigate DORA's complex third-party risk pillar. Step-by-step consultant guide to identify critical ICT providers, remediate Article 30 contracts, and build the

CIS Controls v8.1, Operationalized: Top 10 Reasons Compliance Monitoring Software Accelerates Real-World Implementation

Operationalize CIS Controls v8.1 with compliance monitoring software. Turn checklists into dashboards, tickets, and audit-proof workflows. Top 10 reasons it acc

ISO 27701 Implementation Roadmap: Step-by-Step Guide for Extending Your ISO 27001 ISMS to PIMS

Extend ISO 27001 ISMS to ISO 27701 PIMS with this step-by-step roadmap. Master role-specific controls, avoid pitfalls, meet certification evidence needs for pri

Run Maturity Assessments with GRADUM

Transform your compliance journey with our AI-powered assessment platform

Assess your organization's maturity across multiple standards and regulations including ISO 27001, DORA, NIS2, NIST, GDPR, and hundreds more. Get actionable insights and track your progress with collaborative, AI-powered evaluations.

100+ Standards & Regulations

AI-Powered Insights

Collaborative Assessments

Actionable Recommendations

Explore More Comparisons

See how EN 1090 and ISO 30301 compare against other standards

Other EN 1090 Comparisons

Other ISO 30301 Comparisons

What It Is

Key Components

EN 1090-1: Conformity assessment via certified Factory Production Control (FPC) and Declaration of Performance (DoP).

EN 1090-2/-3: Technical requirements for steel/aluminium execution, including materials, welding, tolerances, inspection.

Execution Classes (EXC1-EXC4): Scales rigor by consequence, service, production categories.

Notified Body certification with ongoing surveillance.

What It Is

Key Components

Core clauses: Context, Leadership, Planning, Support, Operation, Performance Evaluation, Improvement.

Annex A (normative) Operational controls for records processes and systems.

Principles: Authenticity, reliability, integrity, usability.

Conformity options: Self-declaration, external confirmation, third-party certification.

Aspect

EN 1090

ISO 30301

Scope

Execution and conformity of steel/aluminium structures

Management system for records lifecycle controls

Industry

Construction, fabrication (EU/EEA focus)

All organizations worldwide

Nature

Harmonized standard enabling mandatory CE marking

Voluntary certifiable management system standard

Testing

FPC certification, AVCP audits by notified bodies

Internal audits, optional third-party certification

Penalties

Market exclusion, legal liability without CE mark

No legal penalties, loss of certification only