I'll pick a case study: the British Standards Institute.
The ISO organisation was established back in 1926 (
up for discussion) as the ISA and since then their business model was to create international agreed standards, copywrite-protect the standards and then sell them. Their value is provided by acting as a body to co-ordinate and deliver what was thought to be "too difficult". To get experts from around the world to agree to a standard they would be happy with.
From their wiki:
ISO is funded by a combination of:[17]
- Organizations that manage the specific projects or loan experts to participate in the technical work.
- Subscriptions from member bodies. These subscriptions are in proportion to each country's gross national product and trade figures.
- Sale of standards.
One such member body is the British Standards Institute (BSI). Again, they write standards and sell them with the goal of having business sign up to them in order to benefit the end-customer. The BSI also has its auditor wing, people who are trained as auditors against specific ISO, BSI or other management system standards.
The history of how companies got into using standards has its roots in high-assurance projects (the military). These contracts demanded a level of quality and recognised the standards as an acceptable equivalent to their own standards. This trickled down over time to give us the business "default" standards we see today: ISO 9001, 14001, 45001, etc. The changed from being a benefit to a requirement in contracts.