ISO standards lay out the framework for establishing a management system to address needed controls and requirements in areas such as:
Product or Service Quality (ISO 9001 Quality Management System)
Environmental Management (ISO 14001 Environmental Management System)
Information Security (ISO 27001 Information
Security Management System).
Groups of experts from all around the world are responsible for developing ISO standards. These experts are usually part of technical committees and can negotiate all aspects of the standard, including its scope, key definitions and content.
Most ISO standards share the following three commonalities:
Plan-Do-Check-Act Process Approach – the creation of an improvement plan that requires measurement and review.
Management Responsibility – top management must take responsibility for the organisation’s approach to meeting requirements from external (regulations, customers) and internal (product specs, policies, and procedures) sources.
Improvement of the Management System.