ISO 9001

There are many different ISO Standards out there, sometimes it can be hard to understand which ones are the most suitable for your business. While some are industry-specific, many of the most popular standards are generic and can be implemented into an organization no matter what sector it is in. If you are not certified to any ISO standards and are interested in a certification, or want to add more, we have outlined the ten most popular standards below. Read on to learn about their history, what they entail, and their impact on the businesses that employ them.

By far the most popular family is that of ISO 9000. A family of quality management standards, there are fourteen in total. Of these, ISO 9001:2015 is the only one that can be certified to. It was first published in 1987, and has since been updated about every 7 years. The standard details how to put a Quality Management System (QMS) in place to better prepare your organization to produce quality products and services. It is customer focused, and places an emphasis on continuous improvement and top management processes that extended throughout the organization.

The standard was updated in 2015, and now places a greater emphasis on risk management. The standard is generic, and can be used in any organization in any sector. Over 1,000,000 ISO certifications have been given out in over 170 countries according to the ISO Survey of Management System Standard Certifications.

ISO 14001

ISO 14000 is a family of standards relating to the environment. It includes multiple standards, similar to ISO 9000. ISO 14001:2015 is the most popular in the family, and is the only one in which an organization can be certified.

It establishes requirements for an Environmental Management System (EMS) and is based on the continuous improvement model PDCA (Plan-Do-Check-Act). It is a voluntary standard, put in place by companies who want to improve their processes, and is very popular, with over 300,000 certifications in 171 countries worldwide.

ISO 27000

This family of standards concerns information technology, with the goal of improving security and protecting company assets. Started in 2005, the two most popular standards are ISO 27001:2013 and 27002:2013. 27001 is management-based system, whereas 27002 is a technical document, focused on the individual and putting a code of conduct in place.

Organizations can choose either standard; ISO 27001 has over 22,000 certifications worldwide. It is a broad standard, and for this reason the certification can be customized to fit the needs of the organization, and is not mandatory.

ISO 22000

This standard is focused on the development and implementation of a food safety management system, and can help any organization that works in the food chain. With multiple standards including 22001 for food and drink, 22002 for food manufacturing, and more, this family is used in a variety of organizations directly or indirectly involved with food. These include obvious choices such as restaurants of any kind, and also companies such as food manufacturers or even food transportation services such as caterers.

With over 26,000 certifications, ISO 22000:2005 is one of the more common standards. It can be applied on its own or integrated with ISO 9001. 22000 is currently under revision with the updated version expected to be released early 2017.

ISO 50001

One of the newest standards, the energy standard ISO 50001:2011 is nevertheless becoming increasingly important. Released in 2011, the standard is meant for companies to put in place an Energy Management System (EMS) dedicated to improving energy usage and efficiency. This includes reducing an organization?s energy footprint by reducing greenhouse gas emissions as well as energy cost.

It is not required, but with over 5,000 certifications and a 234% certification increase in the past calendar year according to the Office of Energy Efficiency & Renewable Energy, it is clear that companies are finding benefits and think the standard improves their business processes.

ISO/TS 16949

One of the older standards, ISO/TS 16949 refers to the automotive industry. TS stands for Technical Specification. Prior to the standard, suppliers were asked by car manufacturers to standardize to the regulations of each individual country, which often led to suppliers needing multiple certifications for the same vehicle.

According to the British Standards Institution (BSI), in 1999 the ISO/TS 16949 standard was created by the International Automotive Task Force (IATF) to help streamline this process. It focuses on avoidance of errors, and defines the requirements for the development, production, and installation of automotive-related products. Today certification is required by almost all tier 1 companies, and in turn many of them require their tier 2 and 3 suppliers to certify. The standard has over 50,000 certifications.

ISO 13485

The medical equipment standard ISO 13485 is a single document and does not belong to a family like many of the ISO standards. Published in 2003, with one revision published in 2016. It puts a QMS in place for the production of medical devices and equipment, and is very specific to the health industry.

It is a regulated standard, and has over 25,000 certifications. It is often implemented with ISO 9000 to show that an organization is qualified to do business with, and the document can be catered to the needs of a specific organization.

ISO 31000

It is very important for an organization in any field to be able to manage risk effectively. ISO 31000:2009 puts in place a risk-management system to do just that. It was created in 2009 as an attempt to create a universally recognized program to reduce risk, eliminating the need for the many standards in other industries that include risk. The standard allows a company to better identify threats before they occur, and effectively allocate and use resources for risk treatment.

ISO 26000

A relatively new standard, ISO 26000 focuses on social responsibility and was released in 2010. It cannot be certified to, but rather provides guidance on how businesses can operate in a socially responsible way. It helps clarify what social responsibility is, and helps organizations put in place the methodology to take effective actions relating to global social responsibility. The certification is used in over 60 countries.

ISO 20121

The newest standard on this list, ISO 20121 was started in 2012. It came about due to overwhelming support of BS 8901, an event sustainability standard put in place with support from the Head of Sustainability at the London 2012 Olympics. It is a voluntary event sustainability management system.

ISO 20121 is relevant to all members of an event?s supply chain, from organizers to caterers, and assists these organizations in reducing their environmental footprint while still being a financial success. These can be of any size, from music festivals to a school function, even something on a scale as large as the Olympics. To read more about the history of ISO 20121, check out our blog post.


There are ISO standards for just about every sector in business, and even can be applied to non-business organizations. These standards are being revised constantly to account for the changes in our environment, technology, social attitude, and legislation.

If your organization wants to be certified to any of these, there are many great registrars out there who certify, NQA and Eagle Certification Group are two great examples. If you are new to implementing a Quality Management System, or want to improve your current process, our Competency Manager software can help you capture employee competencies and training information to better adhere to ISO and OSHA standards.


No Responses

Write a response