WG_LCP - Working Group for Life Cycle Processes

Teresa Doran

This project is being performed jointly with ISO/IEC JTC 1/SC 7. As a result of balloting in ISO, the statement of scope was modified as follows: "This standard describes a process for the management of risk during systems or software acquisition, supply, development, operations, and maintenance."

This International Standard provides a set of critical considerations to be addressed at key points in the life cycle of systems created by humans. These considerations are aligned with ISO/IEC/IEEE 15288 and the ISO/IEC/IEEE 24748 framework for system life cycle processes and associated terminology. Selected subsets of these considerations may be applied throughout the life of systems. This is accomplished through the involvement of all interested parties with the ultimate goal of achieving customer satisfaction by ensuring that when delivered, the system will operate effectively in the operational or business environment which will typically be characterized as one or more systems of systems. This International Standard concerns those systems that are man-made and are configured with one or more of the following: hardware, software, humans, procedures and facilities.

This part of ISO/IEC/IEEE 24748 is a guideline for the application of ISO/IEC/IEEE 12207:2017. It focuses on guidance for the Technical processes for software engineering as presented in ISO/IEC/IEEE 12207:2017, with additional guidance on software-specific aspects of the agreement, organizational project-enabling, and technical management processes. It gives guidance on applying ISO/IEC 12207:2017 from the aspects of strategy, planning, application in organizations, and application on projects or ongoing software engineering services. This part of ISO/IEC/IEEE 24748 is intentionally aligned with both ISO/IEC/IEEE 24748-1 and ISO/IEC/IEEE 24748-2 (Guideline for the application of ISO/IEC 15288) in its terminology and process model. ISO/IEC/IEEE 12207:2017 and ISO/IEC/IEEE 15288:2015 (and their accompanying guides, 24748-3 and 24748-2 and 24748-4) use the identical life cycle process model. The normative standard ISO/IEC/IEEE 12207:2017 and this document (24748-3) relate the processes specifically to software engineering for software systems.

The proposed new standard will provide guidance for the utilization of ISO/IEC 15288 in the context of Systems of System Engineering. This document addresses systems of systems (SoS) considerations that apply to systems at key stages in the life cycle of systems. There is a wide variety of systems in terms of their purpose, domain of application, complexity, size, novelty, adaptability, quantities, locations, life spans and evolution. This document is concerned with describing the systems of systems considerations that apply to any system. It applies to one-of-a-kind systems, mass produced systems or customized adaptable systems. This document does not detail the approach to addressing systems of systems considerations in terms of methods or procedures. This document does not detail the described documentation in terms of name, format, explicit content, and recording media of documentation. This document is intended neither to be in conflict with any organization's policies, procedures, and standards nor with any national laws and regulations. Any such conflict needs to be resolved before using this International Standard.

The purpose of this standard is to define normalized taxonomies for systems of systems (SoS) to facilitate communications among stakeholders. It also briefly explains what a taxonomy is and how it applies to the SoS to aid in understanding and communication.

This part of ISO/IEC 15026 gives guidance and recommendations for conducting selected processes, activities and tasks for systems and software products requiring assurance claims for properties selected for special attention, called critical properties. This part of ISO/IEC 15026 specifies a property-independent list of processes, activities and tasks to achieve the claim and show the achievement of the claim. This part of ISO/IEC 15026 establishes the processes, activities, tasks, guidance and recommendations in the context of a defined life cycle model and set of life cycle processes for system and/or software life cycle management. NOTE The stakeholders determine which of the system or software properties are selected for special attention and require assurance claims. This part of ISO/IEC 15026 uses the term "critical" to distinguish those properties from other requirements.

This document provides the mapping expressing corresponding relations between software life cycle processes in ISO/IEC/IEEE 12207-1:2017 and the processes in the previous edition ISO/IEC/IEEE 12207:2008. These relations are demonstrated by means of mapping tables that show relationships between activities and tasks, and process outcomes. This mapping assists users of the 2008 edition to transition to using the 2017 edition. This document provides users who employ processes based on the previous edition of ISO/IEC/IEEE 12207 a rationale and opportunity to apply and perform continuously their life cycle processes including software specific processes, activities and tasks. Also, this document provides to such users the mapping which helps to identify corresponding and compatible process outcomes, activities and tasks of processes for software systems in the ISO/IEC/IEEE 12207-1:2017. The mapping between ISO/IEC/IEEE12207-1:2017 and 2008 in this document can be used as a basis to continuously conduct, improve and extend current process assets including software specific process assets based on ISO/IEC/IEEE12207:2008 for effective implementation of the new edition of ISO/IEC/IEEE 12207-1:2017. These process activities and tasks can be applied iteratively.

An integrated approach to systematic and documented unit testing is defined. It uses unit design and unit implementation information, in addition to unit requirements, to determine the completeness of the testing. The testing process described composed of a hierarchy of phases, activities, and tasks and defines a minimum set of tasks for each activity. The standard can be applied to the unit testing of any digital computer software or firmware and to the testing of both newly developed and modified units. The software engineering concepts and testing assumption on which this standard approach is based and guidance and resource information to assist with the implementation and usage of the standard unit testing approach are provided in appendixes.

This IEThe 12207 Set contains: IEEE/EIA 12207.0-1996 - Abstract: ISO/IEC 12207 provides a common framework for developing and managing software. IEEE/EIA 12207.0 consists of the clarifications, additions, and changes accepted by the Institute of Electrical and Electronics Engineers (IEEE) and the Electronic Industries Alliance (EIA) as formulated by a joint project of the two organizations. IEEE/EIA 12207.0 contains concepts and guidelines to foster better understanding and application of the standard. Thus this standard provides industry a basis for software practices that would be usable for both national and international business.

Superseded by 12207:2008(E) (IEEE Std 12207-2008). This IEEE Standards product is part of the family on Software Engineering. ISO/IEC 12207 provides a common framework for developing and managing software. IEEE/EIA 12207.0 consists of the clarifications, additions, and changes accepted by the Institute of Electrical and Electronics Engineers (IEEE) and the Electronic Industries Association (EIA) as formulated by a joint project of the two organizations. IEEE/EIA 12207.2 provides implementation consideration guidance for the normative clauses of IEEE/EIA 12207.0. The guidance is based on software industry experience with the life cycle processes presented in IEEE/EIA 12207.0.

The interdisciplinary tasks that are required throughout a system's life cycle to transform stakeholder needs, requirements, and constraints into a system solution are defined. This standard is intended to guide the development of systems for commercial, government, military, and space applications. The information applies to a project within an enterprise that is responsible for developing a product design and establishing the life cycle infrastructure needed to provide for life cycle sustainment.

This International Standard describes in greater detail management of the Maintenance Process described in ISO/IEC 12207, including Amendments. This International Standard also establishes definitions for the various types of maintenance. This International Standard provides guidance that applies to planning, execution and control, review and evaluation, and closure of the Maintenance Process. The scope of this International Standard includes maintenance for multiple software products with the same maintenance resources. ?Maintenance? in this International Standard means software maintenance unless otherwise stated.

Superseded by ISO/IEC/15288:2008(E) (IEEE Std 15288-2008). IEEE adoption of ISO/IEC Std 15288-2002 This standard establishes a common framework for describing the life cycle of systems created by humans. It defines a set of processes and associated terminology. These processes can be applied at any level in the hierarchy of a system?s structure. Selected sets of these processes can be applied throughout the life cycle for managing and performing the stages of a system's life cycle. This is accomplished through the involvement of all interested parties with the ultimate goal of achieving customer satisfaction. This standard is identical with ISO/IEC 15288: 2002 but contains an additional informative annex, Annex E, explaining the relationship of this standard to other IEEE standards.

This standard provides guidance to users of IEEE standards as to how to meet the quality management expectations of ISO 9001:2000 clauses and sub-clauses in a software development context by adopting ISO/IEC 90003 (the software development guidance document for ISO 9001) and adding an informative annex to cross-reference IEEE S2ESC standards to relevant ISO 9001 material. This standard is identical to ISO/IEC 90003 but contains an additional informative annex, Annex C, cross-referencing material in ISO 9001 with material in S2ESC standards that could be helpful in meeting the intent of ISO 9001, as well as a second additional annex, Annex D, which is a bibliography of the specific IEEE standards referenced.

A process for the management of risk in the life cycle is defined. It can be added to the existing set of software life cycle processes defined by the ISO/IEC 12207 or ISO/IEC 15288 series of standards, or it can be used independently.

The interdisciplinary tasks, which are required throughout a system's life cycle to transform customer needs, requirements, and constraints into a system solution, are defined. In addition, the requirements for the systems engineering process and its application throughout the product life cycle are specified. The focus of this standard is on engineering activities necessary to guide product development while ensuring that the product is properly designed to make it affordable to produce, own, operate, maintain, and eventually to dispose of, without undue risk to health or the environment.

Supersedes Std. 12207.0 and also makes 12207.2 obsolete. This International Standard was jointly developed by ISO/IEC and IEEE. This International Standard establishes a common framework for software life cycle processes, with well-defined terminology, that can be referenced by the software industry. It applies to the acquisition of systems and software products and services, to the supply, development, operation, maintenance, and disposal of software products and the software portion of a system, whether performed internally or externally to an organization. Those aspects of system definition needed to provide the context for software products and services are included. Software includes the software portion of firmware. This revision integrates ISO/IEC 12207:1995 with its two amendments and was coordinated with the parallel revision of ISO/IEC 15288:2002 (System life cycle processes) to align structure, terms, and corresponding organizational and project processes. This standard may be used stand alone or jointly with ISO/IEC 15288, and supplies a process reference model that supports process capability assessment in accordance with ISO/IEC 15504-2 (Process assessment). An annex provides support for IEEE users and describes relationships of this International Standard to IEEE standards.

Revision of ISO/IEC 15288-2004. This International Standard was jointly developed by ISO/IEC and IEEE. This International Standard establishes a common process framework for describing the life cycle of man-made systems. It defines a set of processes and associated terminology for the full life cycle, including conception, development, production, utilization, support and retirement. This standard also supports the definition, control, assessment, and improvement of these processes. These processes can be applied concurrently, iteratively, and recursively to a system and its elements throughout the life cycle of a system.

This International Standard defines a measurement process applicable to system and software engineering and management disciplines. The process is described through a model that defines the activities of the measurement process that are required to adequately specify what measurement information is required, how the measures and analysis results are to be applied, and how to determine if the analysis results are valid. The measurement process is flexible, tailorable, and adaptable to the needs of different users. This International Standard identifies a process that supports defining a suitable set of measures that address specific information needs. It identifies the activities and tasks that are necessary to successfully identify, define, select, apply, and improve measurement within an overall project or organizational measurement structure. It also provides definitions for commonly used measurement terms. This international standard provides an elaboration of the measurement process from ISO/IEC 15288:2008 and IEEE Std 15288-2008, as well as ISO/IEC 12207:2008 and IEEE Std 12207-2008.

ISO/IEC/IEEE 16326:2009 provides normative content specifications for project management plans covering software projects, and software-intensive system projects. It also provides detailed discussion and advice on applying a set of project processes that are common to both the software and system life cycle as covered by ISO/IEC 12207:2008 (IEEE Std 12207-2008) and ISO/IEC 15288:2008 (IEEE Std 15288- 2008), respectively. The discussion and advice are intended to aid in the preparation of the normative content of project management plans. ISO/IEC/IEEE 16326:2009 is the result of the harmonization of ISO/IEC TR 16326:1999 and IEEE Std 1058-1998.

The concept of integrity levels with corresponding integrity level requirements that are required to be met in order to show the achievement of the integrity level are specified in this adoption of ISO/IEC 15026-3:2011. It places requirements on and recommends methods for defining and using integrity levels and their integrity level requirements, including the assignment of integrity levels to systems, software products, their elements, and relevant external dependences.

This trial-use standard adopts ISO/IEC TR 15026-1:2010, which defines terms and establishes an extensive and organized set of concepts and their relationships for software and systems assurance, thereby establishing a basis for shared understanding of the concepts and principles central to ISO/IEC 15026 across its user communities. It provides information to users of the subsequent parts of ISO/IEC 15026, including the use of each part and the combined use of multiple parts. Coverage of assurance for a service being operated and managed on an ongoing basis is not covered in ISO/IEC 15026.

This guide adopts ISO/IEC TR 24748-1:2010, which provides information on life cycle concepts and descriptions of the purposes and outcomes of representative life cycle stages. It also illustrates the use of a life cycle model for systems in the context of ISO/IEC 15288 and provides a corresponding illustration of the use of a life cycle model for software in the context of ISO/IEC 12207. ISO/IEC TR 24748-1:2010 additionally provides detailed discussion and advice on adapting a life cycle model for use in a specific project and organizational environment. It further provides guidance on life cycle model use by domains, disciplines and specialties. ISO/IEC TR 24748-1:2010 gives a detailed comparison between prior and current versions of ISO/IEC 12207 and ISO/IEC 15288, as well as advice on transitioning from prior to current versions and on using their application guides. The discussion and advice are intended to provide a reference model for life cycle models, facilitate use of the updated ISO/IEC 15288 and ISO/IEC 12207, and provide a framework for the development of updated application guides for those International Standards. ISO/IEC TR 24748-1:2010 is a result of the alignment stage of the harmonization of ISO/IEC 12207 and ISO/IEC 15288.

ISO/IEC 15026-2:2011 is adopted by this standard. ISO/IEC 15026-2:2011 specifies minimum requirements for the structure and contents of an assurance case to improve the consistency and comparability of assurance cases and to facilitate stakeholder communications, engineering decisions, and other uses of assurance cases. An assurance case includes a top-level claim for a property of a system or product (or set of claims), systematic argumentation regarding this claim, and the evidence and explicit assumptions that underlie this argumentation. Arguing through multiple levels of subordinate claims, this structured argumentation connects the top-level claim to the evidence and assumptions. Assurance cases are generally developed to support claims in areas such as safety, reliability, maintainability, human factors, operability, and security, although these assurance cases are often called by more specific names, e.g. safety case or reliability and maintainability (R&M) case. ISO/IEC 15026-2:2011 does not place requirements on the quality of the contents of an assurance case and does not require the use of a particular terminology or graphical representation. Likewise, it places no requirements on the means of physical implementation of the data, including no requirements for redundancy or co-location.

ISO/IEC TR 24774:2010 is adopted by this standard. An increasing number of international, national and industry standards describe process models. These models are developed for a range of purposes including process implementation and assessment. The terms and descriptions used in such models vary in format, content and level of prescription. ISO/IEC TR 24774:2010 presents guidelines for the elements used most frequently in describing a process: the title, purpose, outcomes, activities, task and information item. Whilst the primary purpose of ISO/IEC TR 24774:2010 is to encourage consistency in standard process reference models, the guidelines it provides can be applied to any process model developed for any purpose.

The evolution of the harmonized set of ISO/IEC/IEEE 15288-12207 related standards and technical reports that are discussed in this International Standard provides detailed requirements and guidance on the application of system life cycle processes. This International Standard unifies technical and management requirements and guidance from several of these sources to specify the requirements for the content of a SEMP and to provide a common SEMP format. This International Standard also identifies the processes as defined in ISO/IEC/IEEE 15288 to perform the necessary project planning activities to accomplish the project's technical effort and to develop the project's SEMP. Due to close alignment with the content of ISO/IEC 24748, ISO/IEC 26702 is now Part 4 of the multi-part International Standard, ISO/IEC 24748 (Systems and software engineering -- Life cycle management).

The purpose of the ISO/IEC/IEEE 29119 series of software testing standards is to define an internationally-agreed set of standards for software testing that can be used by any organization when performing any form of software testing. ISO/IEC/IEEE 29119-1 facilitates the use of the other ISO/IEC/IEEE 29119 standards by introducing the concepts and vocabulary on which these standards are built, as well as providing examples of its application in practice. ISO/IEC/IEEE 29119-1 is informative, providing a starting point, context, and guidance for the other parts.

The purpose of the ISO/IEC/IEEE 29119 series of software testing standards is to define an internationally-agreed set of standards for software testing that can be used by any organization when performing any form of software testing. ISO/IEC/IEEE 29119-2 comprises test process descriptions that define the software testing processes at the organizational level, test management level and dynamic test levels. It supports dynamic testing, functional and non-functional testing, manual and automated testing, and scripted and unscripted testing. The processes defined in ISO/IEC/IEEE 29119-2 can be used in conjunction with any software development lifecycle model. Since testing is a key approach to risk-mitigation in software development, ISO/IEC/IEEE 29119-2 follows a risk-based approach to testing. Risk-based testing is a common industry approach to strategizing and managing testing. Risk-based testing allows testing to be prioritized and focused on the most important features and functions.

The purpose of the ISO/IEC/IEEE 29119 series of software testing standards is to define an internationally-agreed set of standards for software testing that can be used by any organization when performing any form of software testing. ISO/IEC/IEEE 29119-3 includes templates and examples of test documentation. The templates are arranged within clauses reflecting the overall test process description structure in ISO/IEC/IEEE 29119-2, i.e. by the test process in which they are being produced. Annex A contains outlines of the contents of each document. Annex B contains mappings ISO/IEC/IEEE 29119-2. Annex C contains an overview of the examples. Annexes D to S contain examples of the application of the templates. Annex T provides mappings to existing standards. The Bibliography for this part of ISO/IEC/IEEE 29119 is at the end of the document. ISO/IEC/IEEE 29119-3 supports dynamic testing, functional and non-functional testing, manual and automated testing, and scripted and unscripted testing. The documentation templates defined in ISO/IEC/IEEE 29119-3 can be used in conjunction with any software development lifecycle model.

This standard supports test case design and execution during any phase or type of testing (e.g., unit, integration, system, acceptance, performance, usability, reliability).

ISO/IEC TR 24748-2:2011 is adopted by this standard. ISO/IEC TR 24748-2:2011 is a guide for the application of ISO/IEC 15288:2008. It addresses system, life cycle, process, organizational, project, and adaptation concepts, principally through reference to ISO/IEC TR 24748-1 and ISO/IEC 15288:2008. It then gives guidance on applying ISO/IEC 15288:2008 from the aspects of strategy, planning, application in organizations, and application on projects. ISO/IEC TR 24748-2:2011 is intentionally aligned with both ISO/IEC TR 24748-1 and ISO/IEC TR 24748-3 (Guide to the application of ISO/IEC 12207) in its terminology, structure and content.

Adoption of ISO/IEC TR 24748-3:2011. ISO/IEC TR 24748-3:2011 is a guide for the application of ISO/IEC 12207:2008. It addresses system, life cycle, process, organizational, project, and adaptation concepts, principally through reference to ISO/IEC TR 24748-1 and ISO/IEC 12207:2008. It gives guidance on applying ISO/IEC 12207:2008 from the aspects of strategy, planning, application in organizations, and application on projects. ISO/IEC TR 24748-3:2011 is intentionally aligned with both ISO/IEC TR 24748-1 and ISO/IEC TR 24748-2 (Guide to the application of ISO/IEC 15288) in its terminology, structure and content.

Guidance and recommendations for conducting selected processes, activities, and tasks for systems and software products requiring assurance claims for properties selected for special attention (called critical properties) are given in this adoption of ISO/IEC 15026-4:2012. IEEE Std 15026-4-2013 specifies a property-independent list of processes, activities and tasks to achieve the claim and show the achievement of the claim. IEEE Std 15026-4-2013 establishes the processes, activities, tasks, guidance, and recommendations in the context of a defined life cycle model and set of life cycle processes for system and/or software life cycle management.

Assurance-related terms are defined and an organized set of concepts and relationships to establish a basis for shared understanding across user communities for assurance are established in this adoption of ISO/IEC 15026-1. It provides information to users of the other parts of this International Standard including the combined use of multiple parts. The essential concept introduced by ISO/IEC 15026 is the statement of claims in an assurance case and the support of those claims through argumentation and evidence. These claims are in the context of assurance for properties of systems and software within life cycle processes for the system or software product. Assurance for a service being operated and managed on an ongoing basis is not covered in this International Standard.

ISO/IEC/IEEE 24748 provides unified and consolidated guidance on the life cycle management of systems and software. This document focuses on the processes required for successful planning and management of the project's software development effort and for development of the software development plan (SDP) as a vehicle for representing a project's application of software life cycle processes. The SDP is a top level technical planning document for a project which addresses technical management processes established by three principal sources (the project?s contract, applicable organizational and technical management processes, and the software development project team) as necessary to successfully accomplish the software development related tasks of the project.

This International Standard establishes a common framework for software life cycle processes, with well defined terminology, that can be referenced by the software industry. It contains processes, activities, and tasks that are to be applied during the acquisition of a software system, product or service and during the supply, development, operation, maintenance and disposal of software products. This is accomplished through the involvement of stakeholders, with the ultimate goal of achieving customer satisfaction. This International Standard applies to the acquisition of software systems, products and services, to the supply, development, operation, maintenance, and disposal of software products and the software portion of any system, whether performed internally or externally to an organization. Software includes the software portion of firmware. Those aspects of system definition needed to provide the context for software products and services are included. This International Standard also provides processes that can be employed for defining, controlling, and improving software life cycle processes within an organization or a project. The processes, activities and tasks of this International Standard may also be applied during the acquisition of a system that contains software, either alone or in conjunction with ISO/IEC/IEEE 15288, Systems and software engineering?System life cycle processes. In the context of this International Standard and ISO/IEC/IEEE 15288, it is recognized that there is a continuum of human-made systems from those that use little or no software to those in which software is the primary interest. It is rare to encounter a complex system without software, and all software systems require physical system components (hardware) to operate, either as part of the software system of interest or as an enabling system or infrastructure. Thus, the choice of whether to apply this International Standard for the software life cycle processes, or ISO/IEC/IEEE 15288:2015, Systems and software engineering?System life cycle processes, depends on the system of interest. Processes in both standards have the same process purpose and process outcomes, but differ in activities and tasks to perform software engineering or systems engineering, respectively.

This International Standard establishes a common process framework for describing the life cycle of man-made systems. It defines a set of processes and associated terminology for the full life cycle, including conception, development, production, utilization, support and retirement. This standard also supports the definition, control, assessment, and improvement of these processes. These processes can be applied concurrently, iteratively, and recursively to a system and its elements throughout the life cycle of a system.

This International Standard provides guidance for organizations in the application of ISO 9001:2008 to the acquisition, supply, development, operation, and maintenance of computer software and related support services. It does not add to or otherwise change the requirements of ISO 9001:2008.

This document provides an elaboration of the measurement process from ISO/IEC 15288 and ISO/IEC 12207. The measurement process is applicable to system and software engineering and management disciplines. The process is described through a model that defines the activities of the measurement process that are required to adequately specify what measurement information is required, how the measures and analysis results are to be applied, and how to determine if the analysis results are valid. The measurement process is flexible, tailorable, and adaptable to the needs of different users. This document identifies a process that supports defining a suitable set of measures that address specific information needs. It identifies the activities and tasks that are necessary to successfully identify, define, select, apply, and improve measurement within an overall project or organizational measurement structure. It also provides definitions for commonly used measurement terms.

The purpose of this document is to facilitate the joint usage of the process content of the latest revisions of both ISO/IEC/IEEE 15288 and ISO/IEC/IEEE 12207, by providing unified and consolidated guidance on life cycle management of systems and software. This is to help ensure consistency in system concepts and life cycle concepts, models, stages, processes, process application, key points of view, adaptation and use in various domains as the two International Standards are used in combination. That will in turn help a project team design a life cycle model for managing the progress of their project. Hence, ISO/IEC/IEEE 15288 and ISO/IEC/IEEE 12207 are the documents that apply the concepts found in this document to specific processes.

This document specifies requirements and procedures for managing information for users throughout the software-, services-, and systems-development life cycle. It applies to people or organizations producing suites of information, to those undertaking a single information-development project, and to information produced internally, as well as to information contracted to outside service organizations. It provides details of the information-development and project-management processes and also presents aspects of strategic planning and translation management that managers apply. It covers management activities related to starting a project, building a team, and managing information through the translation and localization process. It addresses productivity and quality measurements needed for management control. This document is independent of the software tools that may be used to produce or manage information for users and applies to both printed, embedded, and mobile information. Much of its guidance is applicable to information for users of systems of hardware as well as software, systems, and services.

This document contains provisions for the processes and products related to the engineering of requirements for systems and software products and services throughout the life cycle. It defines the construct of a good requirement, provides attributes and characteristics of requirements, and discusses the iterative and recursive application of requirements processes throughout the life cycle. This document provides additional guidance in the application of requirements engineering and management processes for requirements-related activities in ISO/IEC/IEEE 12207 and ISO/IEC/IEEE 15288. Information items applicable to the engineering of requirements and their content are defined. The content of this document can be added to the existing set of requirements-related life cycle processes defined by ISO/IEC/IEEE 12207 or ISO/IEC/IEEE 15288, or can be used independently.

This document defines assurance-related terms and establishes an organized set of concepts and their relationships, thereby establishing a basis for shared understanding of the concepts and principles central to all parts of ISO/IEC/IEEE 15026 across its user communities. It provides information to users of the subsequent parts of ISO/IEC/IEEE 15026, including the use of each part and the combined use of multiple parts. Coverage of assurance for a service being operated and managed on an ongoing basis is not covered in the ISO/IEC/IEEE 15026 series.

This document provides guidance for organizations in the application of ISO 9001:2015 to the acquisition, supply, development, operation and maintenance of computer software and related support services. This document does not add to or otherwise change the requirements of ISO 9001:2015. The guidelines provided in this document are not intended to be used as assessment criteria in quality management system registration/certification. The application of this document is appropriate to software that is: part of a commercial contract with another organization, a product available for a market sector, used to support the processes of an organization, embedded in a hardware product, or related to software services. Some organizations may be involved in all the above activities; others may specialize in one area. Whatever the situation, the organization?s quality management system should cover all aspects (software related and non-software related) of the business. This document identifies the issues that should be addressed and is independent of the technology, life cycle models, development processes, sequence of activities and organizational structure used by an organization. Additional guidance and frequent references to the ISO/IEC JTC 1/SC 7 software engineering standards are provided to assist in the application of ISO 9001:2015, in particular ISO/IEC/ IEEE 12207:2017.