What is ISO? – International Organization for Standardization

What is ISO? – International Organization for Standardization

The International Organization for Standardization (ISO) is an international standard-setting body composed of representatives from national standards bodies. Founded on February 23, 1947, the organization produces world-wide industrial and commercial standards.

iso_9001_certifiedWhile the ISO defines itself as a non-governmental organization, its ability to set standards which often become law through treaties or national standards makes it more powerful than most NGOs, and in practice it acts as a consortium with strong links to governments. Participants include several major corporations and at least one standards body from each member country.

ISO cooperates closely with the International Electrotechnical Commission (IEC), which is responsible for standardization of electrical equipment.

The organization is usually referred to simply as ISO (pronounced eye-so). It is a common misconception that ISO stands for “International Standards Organization”, or something similar. ISO is not an acronym; it comes from the Greek word isos, meaning “equal”. In English, the organization’s long-form name is “International Organization for Standardization”, while in French it is called “Organisation internationale de normalisation”; to use an acronym would result in different acronyms in ISO’s official languages, English (IOS) and French (OIN), thus the founders of the organization chose “ISO” as the universal short form of its name.

ISO standards are numbered, and have a format that contains “ISO[/IEC] [IS] nnnnn[:yyyy]: Title” where “nnnnn” is the standard number, “yyyy” is the year published, and “Title” describes the subject. IEC will only be included if the standard results from work of JTC1. The date and IS will always be left off an incomplete or unpublished standard, and may (under certain circumstances) be left off the title of the published work.

Aside from standards, ISO also creates Technical Reports for documents that cannot or should not become International Standards such as references, explanations, etc. The naming conventions for these are the same as for standards with the exception of having TR prepended in the place of IS in the standard’s name. Examples:

  • ISO/IEC TR 17799:2000 Code of Practice for Information Security Management
  • ISO TR 15443-1/3 Information Technology – Security Techniques – A Framework for IT Security Assurance parts 1-3

Finally, ISO will on rare occasions issue a Technical Corrigendum. These are amendments to existing standards because of minor technical flaws, improvements to usability or to extend applicability in a limited way. Generally, these are issued with the expectation that the affected standard will be updated or withdrawn at its next scheduled review.

ISO documents are copyrighted and ISO charges for copies of most. ISO does not, however, charge for most draft copies of documents in electronic format. Although useful, care must be taken using these drafts as there is the possibility of substantial change before it becomes finalized as a standard. Some ISO standards are made freely available. For examples, see

Freely Available Standards and Free Standards2

During the 1990s, ISO gained a reputation for being slow, bureaucratic, congested, and insensitive to feedback from both vendors and their customers. One problematic project was the enormous Open Systems Interconnect project, which attempted the development of one single computer networking standard, but was finally shut down in 1996 after becoming mired in interoperability problems and bickering between vendors. Attention then turned to the volunteer-based, open-process and non-profit Internet Engineering Task Force (IETF), which develops the standards necessary for the Internet to function. When IETF turned out to be too slow, vendors began funding more focused, agile consortia like the W3C, another open, non-profit organisation headed by the inventor of the World Wide Web, Tim Berners-Lee. Since then, ISO has undertaken modest reforms to decrease the time required to promulgate new standards.

ISO International Standards are not in any way binding on either governments or industry merely by virtue of being International Standards. This is to allow for situations where certain types of standards may conflict with social, cultural or legislative expectations and requirements. This also reflects the fact that national and international experts responsible for creating these standards do not always agree and not all proposals become standards by unanimous vote. The individual nations and their standards bodies remain the final arbiters.

The fact that many of the ISO-created standards are ubiquitous has led, on occasion, to common usage of “ISO” to describe the actual product that conforms to a standard. Some examples of this are:

  • CD images end in the file extension “ISO” to signify that they are using the ISO 9660 standard filesystem (there are other file systems that can be used) – hence CD images are commonly referred to as “ISOs”. Virtually all computers with CD-ROM drives can read CDs that use this standard. DVD-ROMs also use ISO 9660 filesystems.
  • Photographic film sensitivity to light, its speed, is measured and determined by ISO standard, hence the film speed is often referred to as its “ISO number”. There are equivalent standards giving us its ASA and DIN.

ISO/IEC Joint Technical Committee 1

To deal with the consequences of substantial overlap in areas of standardization and work related to information technology, ISO and IEC formed a Joint Technical Committee known as the ISO/IEC JTC1. It was the first such committee, and to date remains the only one. Its official mandate is:

Develop, maintain, promote and facilitate IT standards required by global markets meeting business and user requirements concerning:

  • design and development of IT systems and tools,
  • performance and quality of IT products and systems
  • security of IT systems and information
  • portability of application programs
  • interoperability of IT products and systems
  • unified tools and environments
  • harmonized IT vocabulary
  • user friendly and ergonomically designed user interfaces

There are currently 18 sub-committees:

  • SC 02 – Coded Character Sets
  • SC 06 – Telecommunications and Information Exchange Between Systems
  • SC 07 – Software and System Engineering
  • SC 17 – Cards and Personal Identification
  • SC 22 – Programming Languages, their Environments and Systems Software Interfaces
  • SC 23 – Removable Digital Storage Media Utilizing Optical and/or Magnetic Recording Technology for Digital
  • SC 24 – Computer Graphics and Image Processing
  • SC 25 – Interconnection of Information Technology Equipment
  • SC 27 – IT Security Techniques
  • SC 28 – Office Equipment
  • SC 29 – Coding of Audio, Picture, and Multimedia and Hypermedia Information
  • SC 31 – Automatic Identification and Data Capture Techniques
  • SC 32 – Data Management and Interchange
  • SC 34 – Document Description and Processing Languages
  • SC 35 – User Interfaces
  • SC 36 – Information Technology for Learning, Education, and Training
  • SC 37 – Biometrics

Membership in ISO/IEC JTC1 is restricted in much the same way as membership in either of the two parent organizations. A member can be either participating (p) or observing (O) and the difference is mainly the ability to vote on proposed standards and other product. There is no requirement for any member body to maintain either (or any) status on all of the sub-committees. Although rare, sub-committees can be created to deal with new situations (SC 37 was approved only in the last year) or disbanded if the area of work is no longer relevant.

All text is available under the terms of the GNU Free Documentation License