Library Technology Guides

Document Repository

Smart Libraries Newsletter

Library Technology Vendors and ISO Certifications

Smart Libraries Newsletter [December 2017]


Since libraries depend on external providers for critical aspects of their technical infrastructure, they require reassurance that those providers can deliver their services according to the highest possible standards. Individual customers of those businesses usually do not have the time or expertise to perform audits to verify performance in each area of concern. Instead, service providers apply for certifications that they comply to the requirements established by the International Standards Organization (ISO). ISO has developed standard and measurable requirements in many different areas of technology and organizational practices.

Multiple vendors in the library automation industry have achieved conformance to ISO certifications in relevant areas of concern. Only some of these certifications are announced publicly, and there is not a comprehensive source detailing them. Some of the certifications that can be gleaned from public announcements and company websites include the following:

  • ISO 27018: Protection of personally identifying information in a cloud computing environment (see https://www
    • Ex Libris (announced May 2016)
    • SirsiDynix (announced May 2016)
  • ISO 27001: Information security management systems (see .html).
    • ODILO (awarded March 2016)
    • Ex Libris (announced April 2013)
    • OCLC (announced February 2012)
    • SirsiDynix (announced June 2015)
    • Innovative Interfaces (announced March 2017)
    • PTFS Europe
    • Axiell
  • ISO 22301: Business continuity management and disaster preparedness (see
    • ODILO (awarded July 2017)
    • Ex Libris (announced October 2017)
  • ISO 14721: OAIS model for archiving and preservation systems (see
    • ODILO (awarded July 2017)
    • Preservica
  • ISO 9001: Quality management (see /iso-9001-quality-management.html).<
    • ODILO (awarded October 2010)
    • OCLC
    • SirsiDynix (announced July 2015)
    • VTLS (announced October 1997)

Absence from these lists should not be interpreted that other vendors have not achieved the relevant ISO certification. Libraries should ask their vendors regarding compliance in areas of interest. Many libraries will ask vendors to indicate specific ISO certifications on an RFP or RFI procurement process.

It should also be noted that vendors without ISO certifications can provide services at the same level of reliability, security, or quality as companies that have been officially recognized as compliant with ISO standards. The process for certification can be extensive and expensive, which may be beyond the reach of smaller companies.

View Citation
Publication Year:2017
Type of Material:Article
Language English
Published in: Smart Libraries Newsletter
Publication Info:Volume 37 Number 12
Issue:December 2017
Publisher:ALA TechSource
Place of Publication:Chicago, IL
Record Number:23332
Last Update:2022-11-29 00:33:40
Date Created:2018-03-25 08:20:22