ISO Standards

The International Organization for Standardization (ISO) has been promulgating standards [10.8] that are becoming more widely recognized and accepted. ISO standards referred to in Mil-Std-498, discussed before, are

ISO/IEC 12207: ISO/IEC 9126: ISO 9001:

ISO 9000-3:

Software Life Cycle Processes Quality Characteristics and Guidelines for Their Use Quality System—Model for Quality Assurance in Design/Development, Production, Installation and Servicing

Guidelines for the Application of ISO 9001 to the Development, Supply and Maintenance of Software

As implied by their titles, ISO 12207 and ISO 9000-3 apply directly to software development.

ISO 12207 is focused on three types of life-cycle processes, namely, primary, supporting, and organizational. Primary processes deal with such areas as acquisition, supply, development, operation, and maintenance. Supporting processes are concerned with documentation, configuration management, quality assurance, verification and validation, reviews, audits, and problem resolution. Organizational processes include management, infrastructure, improvement, and training.

ISO 9000-3 (Part 3 of ISO 9000) particularizes ISO 9001 to matters dealing with software. Key areas within this document are concerned with

• Management responsibility

• Quality systems

• Internal quality system audits

• Corrective action

• Quality system life-cycle activities

• Quality system supporting activities

In general, the ISO standards are broader than Mil-Std-498 with respect to software. They also revolve around the centerpiece of quality. Practitioners who wish to do business in the international community, however, should devote time to understand the main thrusts of the ISO standards to be successful.

