In its latest ISO Survey, the International Organization for Standardization gives a global overview of the number of certified organizations based on ten common ISO standards. As in 2016, energy (ISO 50001) and information security (ISO 27001) management achieved strong growth. Including in France.
This doesn’t come as a surprise. In the latest ISO Survey, the ISO 9001 (quality management) and ISO 14001 (environmental management) voluntary standards are the most talked about by companies with certification on December 31, 2017. They make a difference for customers, especially B2B, resulting in a respective 1.05 million and 362,610 approved certificates to date, worldwide. The former has dropped a little but the latter has increased to the same extent. But in some areas of activity, it’s not enough. To set themselves apart from the competition, more and more companies are extending these actions with ISO/IEC 27001 certification to underline the robustness of their information security management, and ISO 50001 to underline their continuous energy efficiency improvements.
ISO/IEC 27001: 19% more worldwide, 63% more in France
The ISO/IEC 27001 standard recorded the most growth in 2017 with 39,501 bodies certified worldwide on December 31 of the same year, i.e. a 19% increase year on year. Japan and China are in pole position on the back of their digital and tertiary companies. The European performance was very respectable too with the United Kingdom, Germany, Italy, the Netherlands and Spain also making it into the top ten. “The publication of the European General Data Protection Regulation (GDPR) in May 2016 contributed to this,” says Brice Gilbert, Digital Confidence Engineer at AFNOR Certification, which grants this type of audit-based certification under the AFAQ brand. This key text, which came into force on May 25, 2018 in France, highlights certification as a means of helping to show compliance with requirements, e.g. a Privacy by Design approach.
Only France has not followed suit. The country recorded just 342 certified organizations in 2017 – a 133 increase on 2016 though. “However, many French companies go beyond the ISO/IEC 27001 requirements, especially in the banking, finance and telecommunications sectors. They simply do not feel the need to talk about it. They see this as evidence of protecting their customers,” Gilbert reasons. The number of certificates in mainland France could, however, increase in the coming years as a result of the growing outsourcing of IT and data storage services. “Companies using cloud services cannot take the risk of having their data damaged or stolen so they ask for a security guarantee,” Gilbert concludes.
The digitalization of companies. This is also one of the reasons why “ISO/IEC 27001 is currently making its way to Tunisia,” says Rhida Hajeri, Director of the AFNOR Tunisian subsidiary. “In our country, cloud banking services and IT companies are fast-developing.
One example of this is the 2017 certification of the Bourse de Tunis stock exchange and the national electronic certification agency (TunTrust).”
ISO 50001: European success with 938 certified companies in France
In energy terms, ISO 50001 certification for energy management systems (EnMS) rose by 10% worldwide between 2016 and 2017. This increase was mainly felt in Europe, which alone accounted for three quarters of the 21,501 certified bodies. “The European 2012 Energy Efficiency Directive boosted this success,” says Catherine Moutet, Manager of AFNOR Energies, the AFNOR Group umbrella brand which is getting on board with AFAQ ISO 50001 certification from AFNOR Certification. “This text imposes an energy audit on major companies every four years, except those with ISO 50001 certification.”
Germany has been particularly outstanding with 8,314 certificates, which peaked at 700 more a year earlier. “EnMS have been a requirement since 2009 for big industries looking for rebates on renewable energy tax they paid every year, like all other electricity consumers,” explains Jan Uwe Lieback, Project Manager at GUTcert, a German certification body and member of the AFNOR group. “When the 2012 directive was published, it was completely natural to pursue this initiative rather than carrying out energy audits.”
In France, the enthusiasm has been more recent. However, the number of certificates did increase by 23% between 2016 and 2017, rising from 759 to 938 (and not 2,307 as erroneously indicated in the ISO Survey tables), most of which following an audit by AFNOR Certification. “This certification has penetrated major electricity consumers thanks to a TURPE (charge for accessing public electricity grids), discount available since late to 2016 to those compliant with ISO 50001. The increase can also be explained by the simultaneous roll-out of the Pro-SMEn national program which pays a bonus to companies requesting ISO 50001 certification as part of the energy-saving certification scheme,” says Moutet.
Number of organizations with an ISO certificate worldwide on 12/31/2017
Three reasons to expect confirmation of these successes in the ISO Survey 2018
- ISO 9001 and ISO 14001: organizations had until September 14, 2018 to comply with the latest versions of these standards or risk losing their certificate and therefore the associated commercial benefits.
- ISO/IEC 27001 : ISO/IEC 27001: A decree dated February 26, 2018 now obliges health data hosts to have HDS certification in France, a standard underpinned by ISO/IEC 27001.
- ISO 50001 : the standard was revised in August 2018. Organizations have until August 2021 to comply with the new version to retain their certification.
> View the ISO 27001 certification…
> View the ISO 50001 certification…
> Consult the ISO Survey 2017 figures…