Is ISO 27001 among the top ISO standards?

Do you know which ISO standards are the most popular? And whether ISO 27001 is among the most popular? There is both good and bad news for information security enthusiasts – ISO 27001 really is among the most popular, but it is insignificant compared to, say, ISO 9001.

Top ISO standards

Unfortunately, there is no official data that is more current, but according to a 2011 ISO survey, these are the most popular standards worldwide:

  • ISO 9001 (quality management): 1,111,698 certificates
  • ISO 14001 (environmental management): 267,457 certificates
  • ISO/TS 16949 (quality management for automotive-related products): 47,512 certificates
  • ISO 13485 (quality management for medical devices): 20,034 certificates
  • ISO 22000 (food safety management): 19,980 certificates
  • ISO/IEC 27001 (information security management): 17,509 certificates

Note: this survey did not include ISO 22301, since it was published in 2012.

Trend looks good for ISO 27001

When we look at the trends, the situation is a bit better – ISO 27001’s growth rate is among the highest, while at the same time showing the most stable growth among all the top standards (growth in % compared to previous year):


ISO 27001 by country

Since this is a very common question, let’s see in which countries ISO 27001 was the most popular (in 2011):

ISO 27001 by country

The future

In my opinion, ISO 27001 will most probably continue its high growth, especially due to cybersecurity threats and an ever-growing reliance on information technology. Most likely it won’t become as popular as ISO 9001, but my guess is it will probably reach place #3 (right behind ISO 9001 and ISO 14001) in the next couple of years, and stay there for a long time.

The areas where the number of certificates will grow the most are certainly China and India, but perhaps also the United States and Latin America. What do you think?

Advisera Dejan Kosutic
Dejan Kosutic
Leading expert on cybersecurity & information security and the author of several books, articles, webinars, and courses. As a premier expert, Dejan founded Advisera to help small and medium businesses obtain the resources they need to become compliant with EU regulations and ISO standards. He believes that making complex frameworks easy to understand and simple to use creates a competitive advantage for Advisera's clients, and that AI technology is crucial for achieving this.

As an ISO 27001 and NIS 2 expert, Dejan helps companies find the best path to compliance by eliminating overhead and adapting the implementation to their size and industry specifics.