ISO, the International Organization for Standardization, is a global, non-governmental standards publishing body. (Although it’s always capitalized, ISO is a word, not an acronym. The name ISO was derived from the Greek word isos, meaning “equal.”)
These standards are not regulations. They are a method of getting a standard set of criteria for quality management systems. An outside agency, the registrar, will then audit to see if you have all the required elements in place. If you do, you will get ISO 9001 registration. This registration tells others all over the world that you have this quality system in place.
ISO 9001, Quality management systems – Requirements, is arguably ISO’s most well-known standard, but ISO is involved in much more than management systems – there are ISO standards for everything from technological connections, railroad construction to ink color.
Also, there are many management systems standards that are not published by ISO (such as AS9100, which is published by the International Aerospace Quality Group). Therefore, while you may find that people use the term ISO certification to describe management systems certification, it’s not a technically correct term. It can be corrected by adding the standard name: for example, ISO 9001:2008 certification.
Each member country has representatives that make up a Technical Advisory Group (TAG). These groups draft the standard, then members comment and vote on the standard. The document then becomes and ISO standard.