INTERNATIONAL STANDARDS – What you should know
A quality standard is an agreed set of rules, criteria and expectations that helps organizations to reliably achieve a defined quality level for their products or services. Such standards describe what is considered "sufficiently good" or "high quality" in a certain area and create a common language for all market participants.
It is essential that quality standards relate not only to the "end product" but to the entire system: from planning and formulating objectives to implementation, feedback, evaluation of results, and continuous improvement. Especially in online services in the holistic field and non-formal sectors, this helps to distinguish professionally designed offers from random or purely marketing-driven formats.
In addition to quality standards, requirements for copyright, information protection, and cybersecurity also play a central role for modern organizations. These include the lawful handling of materials (texts, videos, images, presentations), the protection of personal data, and technical and organizational measures to secure access to platforms, results, and other sensitive information.
Compliance with recognized standards and legal requirements – from quality management and data protection to the protection of intellectual property – creates a high level of trust. Clients and contractors see that offers not only look good but correspond to clearly described requirements, are regularly checked, and handle content and data responsibly.
For providers of online services – ranging from non-formal education to various theoretical and practical expert services – quality standards serve several central functions:
They provide clear guidance on the requirements for the structure of programs, theoretical and practical work processes, success monitoring, and professional cooperation with clients.
They support the development of transparent, reproducible processes that do not just depend on the "personality" of an individual expert but are based on systematic excellence.
They form a basis for external reviews (audits), through which the quality level is objectively confirmed.
Regardless of the form, method, or field of service, all providers must ensure the highest level of information and data protection.
Internationally recognized quality standards are developed by various organizations. In addition to the International Organization for Standardization (ISO), these include the International Electrotechnical Commission (IEC) and the International Telecommunication Union (ITU), as well as CEN, CENELEC and ETSI at the European level, which adopt many international norms as European standards. For management systems, forms of non-formal education and other online services, ISO is however the central point of reference: ISO standards such as ISO 9001, ISO 21001 or ISO 29993/29994, as well as the information security standards of the entire ISO/IEC 27000 family, are used worldwide, frequently incorporated into European and national standards and thus form a stable, internationally understandable "quality language" on which EAS™ is based.
EAS™ has deliberately decided to use ISO standards as a reference framework for the attestation of quality-oriented online offers and services. They combine international recognition with clear, auditable requirements for processes, responsibilities, documentation, quality of results and continuous improvement. This allows providers to present their services in a traceable manner not only nationally, but also across Europe and internationally, and to refer to a globally established basis towards customers, clients and partners.
EAS
Important International Standards at a Glance
Standards on which the internal operations and external expertise of EAS™ are founded
What are standards and why do we need them?
Right Block: Some examples of ISO standards:
Standards are the concentrated expertise of people who have profound knowledge of their industry and understand the requirements of the organizations they represent: manufacturers, suppliers, clients, users, professional associations, and authorities. Based on this shared wealth of experience, norms and requirements are created that help to work more systematically and successfully.
Quality Management Systems (ISO 9001) – support organizations in working more efficiently, improving the quality of their services, and reducing errors.
Standards for Educational Organizations (ISO 21001) – describe how organizations systematically improve the quality of learning and the development of their learners.
Standards for Online Learning and Services outside formal education (ISO 29993/29994) – define requirements for distance learning courses, programs, and digital services.
Standards for Occupational Health and Safety (ISO 45001) – contribute to the prevention of accidents and the protection of employees.
Standards for Information Security and Cybersecurity (ISO 27001, ISO 27002) – prevent unauthorized access to confidential data.
Standards for Energy Management Systems (ISO 50001) – help to lower energy consumption and increase resilience against resource shortages.
Discover some of the most well-known and widely used standards, as well as those that address current challenges and changes that affect us all
On this basis and with current reference, the EAS™ attestation system was developed — a system that takes the international standards landscape into account and adapts its requirements accessibly, flexibly, and professionally for the provision of online services. Whether individual authors, small and medium-sized enterprises, startups, or established institutions — EAS™ enables each of them to take a strong, internationally recognized position in their market.
ISO 9001:2015 is an internationally recognized standard that defines requirements for a quality management system (QMS). It is part of the ISO 9000 family of standards and describes principles and best practices for effective quality management in organizations of any size and industry. With ISO 9001:2015, companies receive a framework to permanently ensure the quality of their products and services and to specifically increase the satisfaction of their customers.
ISO 29993:2017 is an international standard that defines requirements for learning services outside formal education. It is aimed at all providers of courses, trainings, workshops, and online training — from coaching programs and fitness classes to creative studios. With ISO 29993:2017, learning service providers receive a clear framework to design their offerings professionally, ensure quality, and sustainably strengthen the trust of learners.
ISO 29994:2021 is an international standard that defines specialized requirements for distance learning services – including online courses, digital training, and all types of web-based learning programs. It is aimed at all those who provide learning offerings at a distance and supplements ISO 29993. With ISO 29994:2021, distance learning service providers receive a comprehensive framework for the design, implementation, and evaluation of online learning services to ensure the highest quality, transparency, and customer trust.
ISO/IEC 27000:2018 is the foundational standard for the entire ISO/IEC 27000 family and provides a comprehensive overview of information security management systems (ISMS) as well as a unified vocabulary. It defines all important terms and concepts used in the subsequent standards (ISO/IEC 27001, 27002, 27005, etc.), thereby creating a common language for all stakeholders — from IT professionals and auditors to management and data protection officers.
ISO/IEC 27001:2022 is the world's leading and only certifiable standard for information security management systems (ISMS). It defines concrete requirements that organizations of all sizes must meet to systematically manage information security – from risk identification to the implementation of security controls and continuous improvement. With ISO/IEC 27001:2022, companies demonstrate to customers, partners, and regulatory authorities that they proactively address cyber risks and protect data reliably.
ISO/IEC 27002:2022 is the practical guideline for the implementation of information security controls. While ISO/IEC 27001 defines what you must do, ISO/IEC 27002 explains in detail how you implement it. The standard describes 93 concrete security measures in four categories (Organizational, People, Physical, Technological) and provides clear implementation guidance, purpose descriptions, and best practices for each control — an indispensable tool for everyone who wants to professionally build and operate an ISMS.
ISO/IEC 27005:2022 is the practical guide for managing information security risks. While ISO/IEC 27001 requires that you manage risks, ISO/IEC 27005 explains how you do it systematically: from context establishment to risk identification and assessment, through to risk treatment. The standard provides a structured, repeatable process that ensures security investments are based on actual threats — and not on assumptions. For any organization building an ISMS, ISO/IEC 27005 is indispensable.
CONTACTS
Moosbach,
Germany, 92709
ADDRESS
© 2026 European Attestation Standard (EAS). All rights reserved.
FOR OUR INTERNATIONAL PARTNERS:
Our website is available in German, Ukrainian, English, and Italian. To support our cooperation, we provide official EAS documents and attestation materials upon request, not only in these languages but also in any other required language by agreement.