Forecasting the diffusion of ISO/IEC 27001: a Grey model approach

Purpose– The aim of this paper is to present the first diffusion analysis of ISO/IEC 27001, the fourth most popular ISO certification at global level and the most important standard for information security. Design/methodology/approach– To achieve the purposes, the authors applied Grey Models (GM)– Even GM(1,1), Even GM(1,1,α,θ), Discrete GM (1,1), Discrete GM (1,1,α)– complemented by the relative growth rate and the doubling time indexes on the six most important countries in terms of issued certificates. Findings–Resultsshowthatagrowingtrend islikelyto beexpected in the yearsto comeand thatChinawill lead at country level. Originality/value–Thestudycontributestothescientificdebatebypresentingthefirst diffusiveanalysisof ISO/IEC 27001 and by proposing a forecasting approach that to date has found little application in the field of international standards.