Two documents, two jobs
- ISO 9000:2015, Quality management systems, Fundamentals and vocabulary. Defines the terms (nonconformity, process, documented information, and dozens more) and states the seven quality management principles. It contains no auditable requirements. Think of it as the dictionary and philosophy.
- ISO 9001:2015, Quality management systems, Requirements. The "shall" document: clauses 4 to 10 that an accredited certification body audits against. Every certificate on a wall is an ISO 9001 certificate.
The wider ISO 9000 family
The confusion has history: before the year 2000, certifiable requirements were spread across ISO 9001, 9002, and 9003 depending on whether you did design, production, or inspection. The 2000 revision merged them into a single ISO 9001, and "ISO 9000" survived in everyday speech as the family name. Today the core family is: ISO 9000 (vocabulary and principles), ISO 9001 (requirements), ISO 9004 (guidance for sustained success beyond 9001, not certifiable), and ISO 19011 (guidelines for auditing management systems).
Which one you actually need to read
Implementing or certifying: ISO 9001 is your working document, with ISO 9000 open beside it the first few weeks until the vocabulary is second nature. Training internal auditors: add ISO 19011. Pushing an already-certified system toward operational excellence: ISO 9004 is the most underrated document in the family, precisely because nobody is audited against it and it can therefore speak about maturity honestly.
Getting the language right in contracts
A precision habit that prevents real disputes: specify "certified to ISO 9001:2015 by an accredited certification body" in supplier requirements, not "ISO 9000 certified" or "ISO 9000 compliant". Vague wording invites the weakest interpretation, and in supplier quality, you get what you specify, not what you meant.