This is based on a bunch of reading and some training at Chrysler. If you know more about this than I do, or your writing is more interesting, please chime in. --RonJeffries
A "standard" for stating a quality process and determining whether it is followed. There are five aspects, informally:
Certain industry organizations (or, one supposes, governments) might choose to check your procedures to be sure they're stringent enough. This is not part of ISO-9000, but might be part of your specific contract. --RonJeffries
ISO 9001 is the most general of the series of specifications. It is the model for QA. The core of the standard is:
ISO 9000-3 Is the guide for applying 9001 to SW development. This was revised in Dec. 97 to form a bridge to 12207.
ISO/IEC 12207 Is one of the latest and most comprehensive software standards.
IEEE/EIA 12207 Incorporates ISO/IEC 12207, so that a US organization which conforms to the IEEE standard also conforms the ISO 12207 standard.
The SEI CapabilityMaturityModel (CMM) is a comprehensive guideline for software engineering.
The ISO auditors don't care (and won't tell you) if you implement a good process or a poor process, they rely on the marketplace (the invisible hand) to judge the quality of a process. Of course, if you happen to be using a poor process, and the invisible hand smashes your organization, it's too late to improve it. Both 12207 and the SEI-CMM can help you decide whether your process has the qualities you desire. -- KentSchnaith
The EuropeanFoundationForQualityManagement's ExcellenceModel, on the other hand, does determine how good your process is, by measuring how satisfied your various stakeholders (management, staff, customers, suppliers, partners) are.