ISO/IEC 17025, General requirements for the competence of testing and calibration laboratories, allows labs to demonstrate their competently and ability to generate valid results. By promoting wider acceptance of results between countries, the standard helps facilitate cooperation among labs and other bodies. This facilitates global trade because test reports and certificates can be accepted without further testing.
The ISO 9000 family of quality management standards contains some of ISO’s best-known standards. The standards provide guidance and tools to ensure products and services consistently meet customer requirements. ISO 9001 sets out the criteria for a quality management system and provides a basis for certification. Over a million organizations in more than 170 countries are certified to ISO 9001.
ISO 9001 is based on several quality management principles, including a strong customer focus the motivation and commitment of top management, the process approach, and continual improvement.
Several ISO quality management systems standards are based on ISO 9001 and adapted to specific sectors and industries, including ISO 3485 for medical devices; ISO 17582 for electoral organizations; ISO 18091 for local government; ISO/TS 22163 for rail organization business management systems; ISO/TS 29001 for the petroleum, petrochemical, and natural gas industries; and ISO/IEC 90003 for software engineering.
Some sector-specific requirements, such as TL 9000 for the telecommunications industry; BA 9001 for body armor; SN 9001 for snow and ice management services; and the aviation, space, and defense industry’s AS9000 series standards, also are based on ISO 9001.
ISO/IEC 27001, Information technology – Security techniques -Information security management systems – Requirements, is the best-known standard in the family providing requirements for an information security management system (ISMS). But there are more than a dozen standards in the 27000 family.
An ISMS is a systematic approach to managing sensitive information to keep it secure. It includes people, process, and information technology systems by applying a risk management process.
This ISO/IEC 27001 family of standards is used to help organizations management the security of assets such as financial information, intellectual property, employee details, and information provided by third-parties.