ISO sets the invisible rules that keep the modern world consistent. From the size of your bank card to the way dates are written in software, ISO standards shape daily life in ways most people never notice. Here is everything you need to know.
1. ISO Stands for Something Deliberately Vague
ISO does not stand for “International Standards Organisation” – at least, not officially. The name is derived from the Greek word isos, meaning “equal”. The founders chose a name that would work across all languages, so it did not become IOS in English, OIN in French, or something else entirely in German. ISO it is, everywhere.
The organisation’s full official name is the International Organization for Standardization. It was founded in 1947 and is headquartered in Geneva, Switzerland.
2. It Has Published More Than 25,000 Standards
ISO has published over 25,000 active international standards. They cover almost every industry imaginable – from food safety and construction to medical devices, software, and energy management. New standards are added regularly, and existing ones are reviewed and updated every few years.
The sheer breadth is what makes ISO unusual. No other single body touches so many sectors at once.
3. You Use ISO Standards Every Day Without Knowing It
This is where it gets interesting. Several ISO standards are so deeply embedded in daily life that most people have never stopped to wonder where they came from.
- ISO 216 – defines A4 paper. The entire A and B series of paper sizes comes from this standard. The reason A4 folds perfectly into A5 and A5 into A6 is because of the mathematical ratio ISO specified.
- ISO 7810 – defines the dimensions of a credit card, debit card, and most ID cards. Every card in your wallet is exactly 85.6mm x 53.98mm because of this standard.
- ISO 3166 – defines country codes. The two-letter codes you see on domain names, eSIMs, and dropdown menus – GB, US, FR, DE – all come from this standard.
- ISO 4217 – defines currency codes. GBP, USD, EUR, and every other three-letter currency code is an ISO standard.
- ISO 8601 – defines date and time formatting. The YYYY-MM-DD format used in software, spreadsheets, and international documents comes from this standard. It exists to prevent ambiguity between date formats used in different countries.
4. ISO 9001 Is the Standard Businesses Talk About Most
If you have ever seen a company advertise that it is “ISO certified”, it almost certainly means ISO 9001. This is the international standard for quality management systems.
ISO 9001 does not certify a specific product. It certifies that an organisation has a consistent, documented process for delivering quality – whatever that means in their industry. A manufacturer, a law firm, and a hospital can all hold ISO 9001 certification.
The current version is ISO 9001:2015. The year in the title matters – it tells you which revision of the standard the organisation is certified against.
5. There Are Several Other Business Standards Worth Knowing
ISO 9001 is the best known, but several others come up regularly in business contexts.
- ISO 14001 – environmental management. Sets out how organisations should manage their environmental impact and demonstrate responsibility. Popular with companies making sustainability commitments.
- ISO 27001 – information security management. Covers how organisations protect data, manage risk, and respond to security incidents. Increasingly required by enterprise clients and government contracts.
- ISO 45001 – occupational health and safety. The global standard for workplace safety management, replacing the older OHSAS 18001.
- ISO 22000 – food safety management. Used across the food industry from production to retail.
6. ISO Certification Is Not Done by ISO Itself
This surprises most people. ISO does not certify organisations directly. Instead, it publishes the standard, and independent third-party bodies – called certification bodies or registrars – audit organisations against it and issue certificates.
In the UK, well-known certification bodies include BSI (British Standards Institution), Lloyd’s Register, and Bureau Veritas. They are themselves accredited by UKAS – the United Kingdom Accreditation Service.
So the chain looks like this: ISO writes the standard, UKAS accredits the auditors, and the auditors certify the businesses.
7. ISO Standards Are Not Free
You cannot simply download ISO standards from the ISO website at no cost. Each published standard must be purchased – often for between £100 and £300 per document. This surprises many people who assume that global technical standards should be freely available.
The revenue funds ISO’s operations, since it does not receive government funding. Some standards are made freely available over time, particularly those that underpin public safety or open technology. But most remain paid documents.
8. ISO Is Not a Government Body
ISO is an independent, non-governmental organisation. It is not part of the United Nations, though it has observer status with several UN agencies. Membership is made up of national standards bodies – one per country – rather than governments directly.
The UK’s member body is BSI. The US is represented by ANSI (American National Standards Institute). Each national body votes on and contributes to international standards development.
9. Standards Take Years to Develop
Creating an ISO standard is not a quick process. It typically takes three to five years from initial proposal to published standard. The process involves technical committees, working groups, multiple rounds of drafting, and voting by member bodies across the world.
There are currently around 800 technical committees and subcommittees working on standards at any given time, with thousands of experts contributing.
10. Not All ISO Numbers Are Sequential or Logical
ISO standard numbers are assigned administratively, not by category. There is no particular logic to ISO 9001 covering quality management while ISO 27001 covers information security. The numbers reflect when the standard was registered in ISO’s system, not how the standards relate to each other.
This often confuses people who expect a neat numbering hierarchy. There is not one.
Frequently Asked Questions
What does ISO stand for?
ISO stands for International Organization for Standardization. The name is also derived from the Greek word isos, meaning equal. It was chosen deliberately so the abbreviation works the same way across all languages.
Is ISO certification worth it for a small business?
It depends on your customers. For many small businesses, ISO 9001 certification opens doors to contracts with larger companies or public sector organisations that require it as a condition of supply. If your target clients do not ask for it, the cost and effort of certification may outweigh the benefit.
How much does ISO certification cost?
Costs vary depending on the size of the organisation, the standard being pursued, and the certification body used. For a small business, initial ISO 9001 certification typically costs between £2,000 and £10,000 including consultancy, audits, and certification fees. Annual surveillance audits add ongoing cost.
How long does ISO certification last?
Most ISO certifications are valid for three years. During that period, the organisation undergoes annual surveillance audits to confirm it is maintaining its standards. At the end of three years, a full recertification audit is required.
What is the difference between ISO and BSI?
ISO is the international body that writes and publishes global standards. BSI (British Standards Institution) is the UK's national standards body and ISO's UK member. BSI also operates as a certification body, auditing and certifying organisations against ISO standards. The two are related but separate organisations.
Are ISO standards legally required?
Not usually. Most ISO standards are voluntary. However, they can become effectively mandatory when referenced in legislation, regulation, or contract requirements. Some industries - particularly food safety, medical devices, and aerospace - have regulatory frameworks that point to specific ISO standards.
Who owns ISO?
No single entity owns ISO. It is a non-governmental membership organisation, governed by its member bodies - one national standards organisation per country. There are currently 170 member bodies worldwide.