ISO has released its annual “ISO Survey,” which reports on total certificates worldwide for standards such as ISO 9001, ISO 14001 and others. The 2019 report provides data up to last year — 2018 — and represents the 28th “cycle” for the annual data dump, which began in 1990 as “The Mobil Survey,” published by Mobil Oil Co. ISO took over the reporting in 1996, and has published it consistently ever since.

Since that time, every year’s annual report included the data from the prior reports, to allow for trending the data over time. For last year’s ISO Survey (27th Cycle), for example, it included all the figures for certificate totals for every year, going back to 1993, allowing one to notice upward or downward trends.

Table from the original 1995 Mobil Survey, showing annual ISO 9001 certificate data for multiple years.

Given the worldwide frustration with ISO 9001:2015, I predicted last year that ISO would have to scrap the ISO Survey entirely, since the certification numbers were about to plummet. Remember that ISO is, first and foremost, a private publishing company. It does not release sales figures on the number of copies of ISO 9001 sold, so even offering an annual insight on the number of ISO 9001 certificates has been an entirely optional offering on their part. They can pull that back at any time.

Seriously: why keep publishing a report that proves people hate your product, especially when you have no intention of every listening to those people to improve it?

For this latest 28th Cycle report, ISO hasn’t ditched the report entirely, but instead has made it useless by crippling it: ISO broke a tradition going back almost two decades, and has stopped reporting all historical data entirely. This latest report only includes figures for 2018, and no prior years at all, meaning you can no longer do any trend analysis or forecasting. This is stunning, and ISO’s motives are clear as day.

Making matters worse, ISO is trying to recalculate how it reports totals, breaking the entire system. For the latest 2018 report, ISO is still reporting total certificates — keeping in line with every prior report since 1990 — but is shifting to reporting the “number of sites” certified as well. By analyzing sites, this artificially inflates the numbers, preventing ISO from looking completely humiliated by the data.

No one should fall for this trick, and for now I am ignoring their “site” data altogether as a clumsy attempt to spike their own data.

Oh, and if you ask them about why they do this, you can expect this gruff response.

Fortunately, Oxebridge has maintained the data going back to 1993, and can analyze the numbers manually. As expected the revelations are damning for ISO, and for its efforts to offload standards development to its “Technical Management Board,” stripping away those powers from the nominated Technical Committees who — under ISO and WTO rules — are supposed to be writing standards. TMB is toxic to ISO, but they haven’t figured that out yet.

Worldwide Analysis: 20% Loss 

Manually importing the latest data into the historical data, it quickly becomes apparent that ISO 9001 certificates have declined by 20% worldwide, dropping from 1,058,504 certs in 2017 to only 878,620 certs in 2018. This represents a loss of 179,884 certificates, the lowest figure since 2005. This blows a hole into ISO’s marketing, which has relied on the talking point that “more than 1 million companies worldwide are certified.” That claim has always been mathematically spurious (a million companies out of all the companies in the world is irrelevant, statistical noise), but now they can’t say that at all.

Making things worse for ISO is the fact that this represents the largest loss of ISO 9001 certificates in the entire history of the standard, since it was released in 1987. Only two other years saw “negative growth” (as ISO liked to call it at the time): 2002 and 2014. In those days, the ISO Secretary-General would simply dismiss the losses with a host of excuses, or deny they existed at all. Now they can’t ignore it, so instead they are changing the reporting rules and focusing on “sites.” But if we analyze the changes in certificate totals year-to-year, it looks like this:

This means that in both years since the TMB crafted “Annex SL,” ISO 9001 has faced huge losses.

ISO included another of its farcical “explanation” documents with this year’s Survey, a running joke that started with bald-faced fibs published by their former PR flack, Roger Frost (who subsequently went rogue against ISO.) This year the duties for lying to the entire world fall on Laurent Charlet, and through his tortured explanation ISO blames the low numbers on a host of factors: CBs being confused on whether to report sites or certificates, CB data fluctuation (meaning they are falsifying the numbers), or some “important” CBs just refusing to give ISO the data altogether. In short, any data problems are the CBs’ fault, and ISO doesn’t take any responsibility at all. It couldn’t be that the TMB is writing standards in violation of international development rules, and people hate them.

Hey, remember when the IAF insisted that 95% of all ISO 9001:2008 users had upgraded to the new standard? They still haven’t explained how if that were true, the number of ISO 9001 consistently drops every year.

The 2000 edition of ISO 9001 triggered the beginning of the decline for ISO 9001, especially in early adopter nations like the UK, US and Germany. Despite a lot of hype, companies simply felt the “process approach” was too confusing, and moving from a 9-page previous version to the 30-page monstrosity that ISO 9001:2000 became was a bit much. ISO worsened things when, in 2008, it made no changes to the standard, but released a new version anyway, forcing everyone to buy a new copy and undergo additional audits, at the threat of de-certification. These storm trooper tactics piss people off.

For years, though, countries like China allowed the overall worldwide numbers to increase, and new countries came haltingly on board. For example, tens of thousands of additional certificates from China would offset the losses from key countries like USA, UK, Germany combined. This appears to have stopped, though, as frustration with the new TMB-crafted ISO 9001:2015 edition is just outright infuriating companies.

ISO did provide some data on which industries are adopting ISO 9001. The biggest adopters are manufacturing and construction, to no surprise, with a big slice being generally unidentified. Despite decades of trying, ISO has simply not been able to get the service sector to buy into its flagship product. The only exceptions seem to be for “engineering services” and the unclear “other services” categories. The former makes sense, since most engineering services are likely supporting either in-house or customer manufacturing, so they get dragged in with the ship’s wake.

USA Analysis

Let’s cut to the chase: the US dropped 3,239 certificates for a total of 21,848 nationally, and a 13% overall loss. This represents the lowest figure for the country since 1997. At its peak in 2006, the US had 44,883 certificates, over twice as many. The lesson here is that American companies really, really hate it when ISO pushes out a new version so frequently.

That’s not the greatest loss in US history, though. That honor goes to the year 2003, when the US lost 22% of its certs from the prior year.

Last year, the Oxebridge model predicted the US would dip to 20,822 in 2018, so we were only off by just over a 1K certs… not bad. We’re currently predicting a worse decline next year, when we expect US certs to reach less than 17K.

The US has apparently course-corrected from the phony 2015 and 2016 data, which is thought to be the result of two major American CBs submitting falsified data in order to boost their own stature in the industry. Reportedly, a senior rep with one of those CBs was fired for his role in the scandal. Full disclosure: no one has ever been able to corroborate that story, though.

Updating the Oxebridge prediction model, and we still are on track to dip below 10k certs by the year 2021, reaching lows we haven’t seen since the mid-1990’s:

Avoiding that would require a massive shift in … well, something … on the part of ISO. This could be a revamping of its standards development process (highly unlikely), the US TAG finally grabbing control of TC 176 through its bully pulpit (also unlikely), converting standards to a maturity model focus (not happening), or aggressive marketing by ISO with the world’s governments to embed ISO 9001 into official contracts, thus forcing companies to adopt it upon threat of losing bids (that sounds most likely).

Comparing the US against Mexico and Canada, the North American picture looks like this:

We can see Mexico beating out Canada, but the two nations are still experiencing a general decline.

Industry-wise, the CBs are terrible at reporting what industries their clients are in, so the sector data has a huge gap identified as “sector unknown.” Sounds like a Star Trek episode, doesn’t it? But it’s clear the overwhelming majority of ISO 9001 certified companies in the US are manufacturing, so ISO has not broken into the service sector here, either.

China Analysis

ISO has gone full-in on marketing to China, including ensuring either Chinese-friendly or Chinese nationals are placed into key positions in the organization, and engaging in endless outreach to the Chinese market. In past years, China’s numbers alone inflated the world totals, which allowed ISO to continually insist “ISO 9001 is growing.” Everyone knew the numbers coming out of China were artificially inflated, prompted by that government’s Accreditation Body adhering to the Party mandate to improve the perception of China’s quality. But ISO didn’t care so long as it showed upward momentum.

In this year’s report, the total ISO 9001 certificates reported by China plunged, to a 295,703. Compare this with the outlandish figures from 2017, which claimed 393,008 certs. I suspect ISO will blame this on “an important CB” in that country not reporting data, but it may just be a course correction, or China’s looming disinterest in ISO. China has no real interest in partnering with ISO, and intends on developing its own standards not only to compete with ISO, but also then control key industrial markets through forced implementation of those standards. ISO’s just too stupid to see this.

Other east Asian countries fared similarly. Japan lost over 10,000 certs in one year, for a 2018 total of 34,335. Vietnam, Thailand and Singapore all lost certificates since the prior year.

South Korea fared better, having gained 15K certs, for a new total of 14,123, which is still far below their record high from 2011 when it had nearly double that number. Taiwan — credited as “Chinese Taipei” in the official ISO report, in order not to upset the mainland — gained a few certs, too, reaching 8,553 certificates.

But China can no longer carry the entire world, and either its prior years of fake certificate data have been cleaned up, or inventing fake data every year got too hard, and they couldn’t keep their story straight. Either way, it’s assumed that a large portion of the Chinese numbers still includes false certificates.


India has become the bargain basement of the ISO certification industry, and the country’s inept government hasn’t been able to rein in the massive flood of fake certificates and corrupt accredited bodies operating within its borders. But the numbers coming out of that country appear oddly truthful, and I suspect that in India’s case, only valid certs are being reported to ISO, and India’s vast sea of unaccredited certificate mills didn’t infect the official data. This is because whereas China’s central government is in on the fudging of official data, India’s government isn’t. So in 2018, India reported a loss of over 5,000 certificates, to reach a final figure of only 31,795; this is the lowest number reported by India since 2012.


Europe used to lead ISO 9001 certifications, even over the United States. In 1999, the United Kingdom reported a whopping 66760 certificates; compare that to 2018, when the number has dropped to a paltry 26,434 certs. The UK has literally dropped nearly two-thirds of the ISO 9001 certificates it once had, and that is even while BSI and CQI are pumping the world full of pro-ISO propaganda. At some point, you have to wonder if someone at CQI will start to realize they are spending a lot of money selling something that their country has clearly rejected.

Analyzing the numbers coming out of Italy is always fun, because the shoe-shaped nation has always boasted the highest total certificate count of any European country. By 2014, Italy had reached a peak of 168960 certificates,  which was 4.2 times the total of the UK in that same year. It never made any sense, since Italy isn’t known for having that many manufacturing firms, but the data was always steady, and attributed to a general ambiance of quality that was somehow embedded in the corporate culture. But Italy has been slowly hemorrhaging certs, and now finds itself at a more realistic total of 87,794, still one of the highest on the continent, but nearly half of what it once was.

Germany is another bellwether nation, often used to gauge the health of ISO 9001. But Germany lost an incredible 10K certs in 2018, to hit a total of 47,482 certs, the lowest it’s had since 2009.

And Switzerland — the home of ISO — has never been a big supporter of ISO 9001, running flat for decades, but finally showing a downward trend itself.

Winners and Losers

The nations with the most ISO 9001 certificates in 2018 were as follows:

  1. China – 295,703
  2. Italy – 87,794
  3. Germany – 47,482
  4. Japan – 34,335
  5. India – 31,795
  6. Spain – 29,562
  7. United Kingdom – 26,434
  8. USA – 21,848
  9. France – 21,095
  10. Brazil – 16,351

This makes the average total certs of the top ten about 61,000.

Comparing the top ten list with the prior year — 2017 — the same nations ranked in the top ten, albeit in slightly different slots. Compare that to 2000, when the top ten included Australia and South Korea, who don’t even appear in the list now.

The countries having lost the most certificates in 2018 are as follows:

  1. China – lost 97,305 certs
  2. Germany – lost 17,176 certs
  3. United Kingdom – lost 11,044 certs
  4. Japan – lost 10,695 certs
  5. Italy – lost 9,852 certs
  6. Australia – lost 5,491 certs
  7. India – lost 4,258 certs
  8. USA – lost 3,239 certs
  9. Romania – lost 2,732 certs
  10. Spain – lost 2,422 certs

The average loss of this list was -16K.

The fact that so many countries occupy both lists should be worrisome for ISO. It means that no one is coming to save it, and that includes China.

Overall Trend Analysis

There’s no good news here for ISO, no matter how they try to spin or obfuscate the data. Companies and countries are rejecting ISO 9001:2015 by the tens of thousands, period. We can speculate on why this is, but my unscientific feedback with hundreds of companies suggests that a decade later, people were still annoyed by the 2000/2008 revisions — which they claimed were confusing — and then just full-on outraged when ISO worsened things with ISO 9001:2015. The new standard, they say, is incomprehensible and largely incoherent from page to page.

Since ISO exists in a reinforcing self-contained echo chamber, and the TC 176 leadership doesn’t mix it up with actual user organizations, this information is unlikely to ever reach the people it needs to within ISO. The TC 176 folks will blame customers for not buying their product (yeah, that never works), and the addled top management will buy into it. Anything else would require them to admit defeat, and start over with ISO 9001. They will go out of business before ever doing that, though.

Things are not likely to improve much in the US, either. The TAG 176 group is — as I will be reporting shortly — working on a new “Vision and Strategy” plan that is intended to improve the performance of the TAG by maybe/kinda/sorta stopping all the corrupt shit that’s gone on in that group for the past few decades. But the focus there isn’t on whether ISO 9001 is actually accepted by customers or not, but instead on some other bland and largely meaningless internal metrics. They aren’t analyzing the ISO Survey data to ask themselves, “what did we do wrong?” — even if that’s exactly what they need to do. So, again, the message that the world hates ISO 9001 won’t ever read the inner sanctum, except for the irritating emails I send them about it.

Some Fixes

As usual, I can provide some opinions on what ISO must do to fix this. In prior years I beat the drum that ISO needed to break the monopoly of power by the ISO “consultant class” of developers: these are private consultants who intentionally work to make ISO 9001 confusing so they can sell expensive consulting services later. But this has fallen to second place behind a far more nefarious problem: the fact that ISO 9001 is now written by the unknown bureaucrats in the ISO Technical Management Board, and not TC 176. This, of course, is through the development of “Annex L” (formerly “Annex SL”) which is written outside of TC 176 and then imposed on them. Over 30% of the current ISO 9001 standard was written by the TMB, and voting on the TMB portions of text was prohibited. This includes the clauses people hate the most, like 4.0 “Context of the Organization” and 6.1 on “risks and opportunities.” Clearly the folks at the TMB do not know what the customers of ISO 9001 want, nor are they likely to care.

For ISO to right this ship, it now has to accomplish two impossible tasks: reverse course on the TMB and give the power of standards development back solely to TC 176. Then it has to fire the private consultants and get actual quality management experts on the committee, preferably from ISO 9001 end-user organizations.  They should issue a “recall” for their defective product, too, and by that I mean ISO 9001:2015.

As for what ISO will actually do, I have a theory but am afraid to publish it. If they haven’t thought of it, I don’t want to put the bug in their head, but it would permanently destroy the ISO Survey, and allow ISO to do the only thing that would be less-worse than stopping the annual report altogether. I still think that the latter option is on the table in Geneva. They are not going to fix ISO 9001, but they will stop publishing data that proves it’s broken.

If you’re a real analysis nerd, you can check out the last two Oxebridge number-crunching articles on prior ISO Surveys:


About Christopher Paris

Christopher Paris is the founder and VP Operations of Oxebridge. He has over 30 years' experience implementing ISO 9001 and AS9100 systems, and is a vocal advocate for the development and use of standards from the point of view of actual users. He is the author of Surviving ISO 9001 and Surviving AS9100. He reviews wines for the irreverent wine blog, Winepisser.


ISO 45001 Implementation