Get in touch

Get in touch

  • This field is for validation purposes and should be left unchanged.

Privacy Notice


When you submit an enquiry via our website, we use the personal data you supply to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your enquiry in order to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to a sale. Your enquiry is stored and processed as an email which is hosted by Microsoft within the European Economic Area (EEA). We keep enquiry emails for two years, after which they are securely archived and kept for seven years, when we delete them.

Reveal Menu

The Results Are In - Everybody Loves Standards!


The ISO (International Organization for Standardization) conducts a survey every year to identify trends in certifications to nine of its most popular standards, including ISO/IEC 27001, ISO22301 and (new this year) ISO/IEC 20000. The survey involves the ISO asking certification bodies that are accredited by members of the IAF (see our earlier blog article for details of how this works) about how many organizations they certified during the year, by standard and by country.

The overall headline for 2015 is a 3% increase in the total number of certificates issued across the board, taking the total worldwide over the one and a half million mark for the first time; a modest increase by anyone’s standards, but it masks a number of much more interesting trends….

Let’s look at the main points by standard.


ISO/IEC 27001 – Information security



The total number of certified organizations worldwide for ISO/IEC 27001 is now 27, 536 – an increase of 20% over 2014 (by far the highest rate of increase since 2010) and a creditable result for a standard that has been around since 2005. Continuing concern over cyber security and the race to the cloud are bound to have contributed to this renewed interest.

Delving deeper into the numbers however raises a few interesting nuggets of information. Firstly the huge interest in this standard in Japan which on its own accounts for about 30% of all certifications worldwide and in 2015 experienced a close to 50% increase in the number of certified sites. Strict laws on the protection of personal information contribute to the high level of certification there and it will be interesting to see if the introduction of the EU General Data Protection Regulation has a similar impact in the West.


Another remarkable increase is in the USA where 90% more organizations were certified in 2015 than in 2014, rising from 645 to 1247 in that 12 month period. The figures suggest that the Information Technology sector is by far the main driver for that growth and this mirrors what we see at CertiKit with a lot of interest in our toolkits from US cloud service providers.



The United Kingdom is second only to Japan in the level of certification to the ISO/IEC 27001 standard, with 2790 certified organizations reported in 2015, an increase of 24% over the previous year. Again, the information technology sector leads the way.

ISO 22301 – Business continuity

ISO only started collecting figures for ISO22301 in 2014 as it’s still a relatively young standard so it’s only possible to measure trends over the last two years. What this shows however is a 78% increase in worldwide certifications to 3133, with most interest in India, United Kingdom, Japan, Singapore and The Netherlands. The UK has experienced a 19% rise in numbers to 411, with the USA up 42% to 57 certifications.

The information technology sector again dominates the certification list, with 40% of certified organizations being in that business area.

ISO/IEC 20000 – IT service management

This the first year that the ISO/IEC 20000 standard has been included in the survey so the figures only really reflect a starting point for future conclusions. The picture that is presented is that there are 2778 certified organizations with 40% of these being in Europe. However, India and Japan lead the table in terms of numbers of certifications with 425 and 299 respectively.

The USA leads the UK with 223 to 197 certified organizations which ties in with our impressions here at CertiKit that this standard is popular with American technology firms. As expected, information technology is again the dominant industrial sector, with 77% of certified organizations falling into this business category.

Some Conclusions

The ISO survey only goes so far in terms of the information it collects but there are perhaps a few straightforward observations we would make based on its data:

  • Certification numbers in these three standards are all on the rise and their growth shows no sign of slowing
  • ISO/IEC 27001 is getting bigger and bigger in the USA and, although still behind the UK, it is catching up fast
  • The number of ISO/IEC 27001 certified organizations is still low compared to that of ISO9001 (the “Big Daddy” of management system standards) which has over one million – but does this simply show the growth potential for ISO/IEC 27001?
  • The Japanese love standards
  • The information technology industry is showing the way with quality improvement and is the biggest adopter of these types of standards

We’ll keep you posted when the results for 2016 come out in October 2017.

We’ve helped more than 4000 businesses with their compliance


It was like having your hand held through the whole confusing and frustrating process of getting GDPR compliant, making it much more bearable.

EBY Design

View all Testimonials