1、BSI Standards Publication BS ISO/IEC 25001:2014 Systems and software engineering Systems and software Quality Requirements and Evaluation (SQuaRE) Planning and managementBS ISO/IEC 25001:2014 BRITISH STANDARD National foreword This British Standard is the UK implementation of ISO/IEC 25001:2014. It
2、supersedes BS ISO/IEC 25001:2007 which is withdrawn. The UK participation in its preparation was entrusted to Technical Committee IST/15, Software and systems engineering. A list of organizations represented on this committee can be obtained on request to its secretary. This publication does not pur
3、port to include all the necessary provisions of a contract. Users are responsible for its correct application. The British Standards Institution 2014. Published by BSI Standards Limited 2014 ISBN 978 0 580 84122 4 ICS 35.080 Compliance with a British Standard cannot confer immunity from legal obliga
4、tions. This British Standard was published under the authority of the Standards Policy and Strategy Committee on 31 March 2014. Amendments issued since publication Date Text affectedBS ISO/IEC 25001:2014 Systems and software engineering Systems and software Quality Requirements and Evaluation (SQuaR
5、E) Planning and management Ingnierie des systmes et du logiciel Exigences de qualit et valuation des systmes et du logiciel (SQuaRE) Planification et gestion ISO/IEC 2014 INTERNATIONAL STANDARD ISO/IEC 25001 Second edition 2014-03-15 Reference number ISO/IEC 25001:2014(E)BS ISO/IEC 25001:2014ISO/IEC
6、 25001:2014(E)ii ISO/IEC 2014 All rights reserved COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2014 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting o
7、n the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrighti
8、so.org Web www.iso.org Published in SwitzerlandBS ISO/IEC 25001:2014ISO/IEC 25001:2014(E) ISO/IEC 2014 All rights reserved iii Contents Page Foreword iv Introduction v 1 Scope . 1 2 Conformance . 1 3 Normative references 1 4 T erms and definitions . 2 5 Evaluation management concepts . 3 6 Requireme
9、nts and recommendations for systems and software quality requirements specification and quality e v aluation 4 6.1 General . 4 6.2 Organisation level activities . 4 6.3 Project Management level activities . 7 6.4 Analysis and use of evaluation results 8 Annex A (informative) Quality Evaluation Proje
10、ct Plan Template .10 Bibliography .13BS ISO/IEC 25001:2014ISO/IEC 25001:2014(E) Foreword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO
11、 or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations
12、, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directi
13、ves, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the n
14、ational bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC 25001 was prepared by Joint Technical Committee ISO/IE
15、C JTC 1, Information technology, Subcommittee SC 7, Systems and software engineering. This second edition cancels and replaces the first edition (ISO/IEC 25001:2007), of which it constitutes a minor revision. The SQuaRE series of standards consists of the following divisions under the general title
16、Systems and Software Quality Requirements and Evaluation (SQuaRE): ISO/IEC 2500n, Quality Management Division, ISO/IEC 2501n, Quality Model Division, ISO/IEC 2502n, Quality Measurement Division, ISO/IEC 2503n, Quality Requirements Division, and ISO/IEC 2504n, Quality Evaluation Division. ISO/IEC 250
17、50 to ISO/IEC 25099 are reserved to be used for SQuaRE extension International Standards and/or Technical Reports.iv ISO/IEC 2014 All rights reservedBS ISO/IEC 25001:2014ISO/IEC 25001:2014(E) Introduction This International Standard provides details about the planning and management requirements ass
18、ociated with systems and software product quality requirements and evaluation. While this International Standard is mainly concerned with systems and software product quality requirements and evaluation, wherever it is relevant the corresponding process requirements and evaluation activities are als
19、o discussed. This International Standard aims to clarify the requirements, which should be identified by the organisation in order to ensure the success of specifying systems and software quality requirements and executing the evaluation. This International Standard is intended to be used in conjunc
20、tion with the other documents of the ISO/IEC 25000 SQuaRE series of standards. The ISO/IEC 25000 SQuaRE series replaces the ISO/IEC 9126 series and the ISO/IEC 14598 series. This International Standard complies with the technical processes identified in ISO/IEC 15288:2008 and ISO/IEC 12207:2008 rela
21、ted to quality requirements definition and analysis. Figure 1 Organization of SQuaRE series of standards Figure 1 (quoted after ISO/IEC 25000) illustrates the organisation of the SQuaRE series representing families of standards, further called Divisions. The Divisions within SQuaRE model are: ISO/IE
22、C 2500n - Quality Management Division. The International Standards that form this division define all common models, terms and definitions referred to by all other standards from the SQuaRE series. Referring paths (guidance through SQuaRE documents) and high level practical suggestions in applying p
23、roper standards to specific application cases offer help to all types of users. The division also provides requirements and guidance for a supporting function, which is responsible for the management of product requirements specification and evaluation. ISO/IEC 2014 All rights reserved vBS ISO/IEC 2
24、5001:2014ISO/IEC 25001:2014(E) ISO/IEC 2501n - Quality Model Division. The International Standards that form this division present detailed quality models for systems and software product, quality in use and data. Practical guidance on the use of the quality model is also provided. ISO/IEC 2502n - Q
25、uality Measurement Division. The International Standards that form this division include a system and software product quality measurement reference model, mathematical definitions of quality measures, and practical guidance for their application. This division presents internal measures of software
26、 quality, external measures of system or software product quality and quality in use measures. Quality measure elements forming foundations for the latter measures are defined and presented. ISO/IEC 2503n - Quality Requirements Division. The International Standard that forms this division helps spec
27、ifying quality requirements. These quality requirements can be used in the process of quality requirements elicitation for a product to be developed or as inputs for an evaluation process. The requirements definition process is mapped to Stakeholder Requirements Definition Process in Technical Proce
28、sses defined in ISO/IEC 15288:2008 and ISO/IEC 12207:2008. ISO/IEC 2504n - Quality Evaluation Division. The International Standards that form this division provide requirements, recommendations and guidelines for product evaluation, whether performed by independent evaluators, acquirers or developer
29、s. The support for documenting a measure as an Evaluation Module is also presented. ISO/IEC 25050-25099 - Extension Division. SQuaRE extension (ISO/IEC 25050 to ISO/IEC 25099) is designated to contain system or software product quality International Standards and/or Technical Reports that address sp
30、ecific application domains or that can be used to complement one or more SQuaRE International Standards.vi ISO/IEC 2014 All rights reservedBS ISO/IEC 25001:2014INTERNATIONAL ST ANDARD ISO/IEC 25001:2014(E) Systems and software engineering Systems and software Quality Requirements and Evaluation (SQu
31、aRE) Planning and management 1 Scope This International Standard provides requirements and recommendations for an organization responsible for implementing and managing the systems and software product quality requirements specification and evaluation activities through the provision of technology,
32、tools, experiences, and management skills. The role of the evaluation group includes motivating employees and training them for the requirements specification and the evaluation activities, preparing appropriate documents, identification or development of required methods, and responding to queries
33、on relevant technologies. Technology management is related to the planning and management of a systems and software quality requirements specification and evaluation process, measurements and tools. This includes the management of development, acquisition, standardisation, control, transfer and feed
34、back of requirements specification and evaluation technology experiences within the organisation. The intended users of this International Standard are those responsible for: managing technologies used for requirements specification and evaluation execution, specifying systems and software product q
35、uality requirements, supporting systems and software product quality evaluation, managing systems and software development organisations, as well as those in a quality assurance function. However, it is also applicable to managers involved in other systems or software related activities. 2 Conforman
36、ce In order to conform to this International Standard, an organisation shall apply requirements from clause 6 giving the reasons for any exclusion, or describe its own recommendations and provide a mapping to the original requirements. 3 Normative references The following documents, in whole or in p
37、art, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 25000:2014, Software Engineering Softwar
38、e product Quality Requirements and Evaluation (SQuaRE) Guide to SQuaRE ISO/IEC 25010:2011, Systems and software engineering Systems and software Quality Requirements and Evaluation (SQuaRE) System and software quality models ISO/IEC 25020:2007, Software engineering Software product Quality Requireme
39、nts and Evaluation (SQuaRE) Measurement reference model and guide ISO/IEC 2014 All rights reserved 1BS ISO/IEC 25001:2014ISO/IEC 25001:2014(E) ISO/IEC 25021:2012, Systems and software engineering Systems and software Quality Requirements and Evaluation (SQuaRE) Quality measure elements ISO/IEC 25022
40、, Systems and software engineering - Systems and software Quality Requirements and Evaluation (SQuaRE) Measurement of quality in use 1) ISO/IEC 25023, Systems and software engineering: Systems and software Quality Requirements and Evaluation (SQuaRE) Measurement of system and software product qualit
41、y 2) ISO/IEC 25024, Systems and software engineering: Systems and software Quality Requirements and Evaluation (SQuaRE) Measurement of data quality 3) ISO/IEC 25030:2007, Software engineering Software product Quality Requirements and Evaluation (SQuaRE) Quality requirements ISO/IEC 25040:2011, Syste
42、ms and software engineering - Systems and software Quality Requirements and Evaluation (SQuaRE) Evaluation process ISO/IEC 25041:2012, Systems and software engineering Systems and software Quality Requirements and Evaluation (SQuaRE) Evaluation guide for developers, acquirers and independent evaluat
43、ors ISO/IEC 25045:2010, Systems and software engineering Systems and software Quality Requirements and Evaluation (SQuaRE) Evaluation module for recoverability ISO/IEC 25051, Software engineering Systems and software Quality Requirements and Evaluation (SQuaRE) Requirements for quality of Ready to U
44、se Software Product (RUSP) and instructions for testing ISO/IEC 15288:2008, Systems and software engineering System life cycle processes ISO/IEC 12207:2008, Systems and software engineering Software life cycle processes 4 T erms a nd definiti ons For the purposes of this document, the terms and defi
45、nitions given in ISO/IEC 25000 and the following apply. 4.1 evaluation systematic determination of the extent to which an entity meets its specified criteria (ISO/IEC 12207:2008) 4.2 evaluation activity assessment of systems or software product against targeted values of identified and applicable qu
46、ality characteristics performed using applicable techniques or methods 4.3 evaluation group organization responsible for specifying the systems and software quality requirements as well as managing and implementing the quality evaluation activities through the provision of technology, tools, experie
47、nces, and management skills Note 1 to entry: Software quality requirements could be specified previously by the requestor of the evaluation while the evaluation group would verify presence and value of the software quality requirements. 1) To be published. 2) To be published. 3) To be published.2 IS
48、O/IEC 2014 All rights reservedBS ISO/IEC 25001:2014ISO/IEC 25001:2014(E) 4.4 evaluation technology (technology used for evaluation) techniques, processes, tools, measures and relevant technical information used for evaluation EXAMPLE internal, external or quality in use measures or specific evaluati
49、on processes designed for developers, acquirers or independent evaluators 4.5 techniques methods and skills required to carry out a specific activity 5 Evaluation management concepts The ISO/IEC 25001 is applicable to the evaluation group, which provides the organisation-wide support to all projects in systems or software development, systems or software acquisition and third party evaluation organisations (see Table 1). Table 1 System or software quality evalu
