1、BSI Standards PublicationBS ISO/IEC 25001:2014Systems and softwareengineering Systems andsoftware Quality Requirementsand Evaluation (SQuaRE) Planning and managementBS ISO/IEC 25001:2014 BRITISH STANDARDNational forewordThis British Standard is the UK implementation of ISO/IEC25001:2014. It supersed
2、es BS ISO/IEC 25001:2007 which is withdrawn.The UK participation in its preparation was entrusted to TechnicalCommittee IST/15, Software and systems engineering.A list of organizations represented on this committee can beobtained on request to its secretary.This publication does not purport to inclu
3、de all the necessaryprovisions of a contract. Users are responsible for its correctapplication. The British Standards Institution 2014. Published by BSI StandardsLimited 2014ISBN 978 0 580 84122 4ICS 35.080Compliance with a British Standard cannot confer immunity fromlegal obligations.This British S
4、tandard was published under the authority of theStandards Policy and Strategy Committee on 31 March 2014.Amendments issued since publicationDate Text affectedBS ISO/IEC 25001:2014Systems and software engineering Systems and software Quality Requirements and Evaluation (SQuaRE) Planning and managemen
5、tIngnierie des systmes et du logiciel Exigences de qualit et valuation des systmes et du logiciel (SQuaRE) Planification et gestion ISO/IEC 2014INTERNATIONAL STANDARDISO/IEC25001Second edition2014-03-15Reference numberISO/IEC 25001:2014(E)BS ISO/IEC 25001:2014ISO/IEC 25001:2014(E)ii ISO/IEC 2014 All
6、 rights reservedCOPYRIGHT PROTECTED DOCUMENT ISO/IEC 2014All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, with
7、out prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester.ISO copyright officeCase postale 56 CH-1211 Geneva 20Tel. + 41 22 749 01 11Fax + 41 22 749 09 47E-mail copyrightiso.orgWeb www.iso.orgPublished in Switze
8、rlandBS ISO/IEC 25001:2014ISO/IEC 25001:2014(E) ISO/IEC 2014 All rights reserved iiiContents PageForeword ivIntroduction v1 Scope . 12 Conformance . 13 Normative references 14 Terms and definitions . 25 Evaluation management concepts . 36 Requirements and recommendations for systems and software qua
9、lity requirements specification and quality evaluation 46.1 General . 46.2 Organisation level activities . 46.3 Project Management level activities . 76.4 Analysis and use of evaluation results 8Annex A (informative) Quality Evaluation Project Plan Template .10Bibliography .13BS ISO/IEC 25001:2014IS
10、O/IEC 25001:2014(E)ForewordISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standa
11、rds through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and I
12、EC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.The main task of the joint technical committee is t
13、o prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote.Attention is drawn to the possibil
14、ity that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.ISO/IEC 25001 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 7, Systems and so
15、ftware engineering.This second edition cancels and replaces the first edition (ISO/IEC 25001:2007), of which it constitutes a minor revision.The SQuaRE series of standards consists of the following divisions under the general title Systems and Software Quality Requirements and Evaluation (SQuaRE): I
16、SO/IEC 2500n, Quality Management Division, ISO/IEC 2501n, Quality Model Division, ISO/IEC 2502n, Quality Measurement Division, ISO/IEC 2503n, Quality Requirements Division, and ISO/IEC 2504n, Quality Evaluation Division.ISO/IEC 25050 to ISO/IEC 25099 are reserved to be used for SQuaRE extension Inte
17、rnational Standards and/or Technical Reports.iv ISO/IEC 2014 All rights reservedBS ISO/IEC 25001:2014ISO/IEC 25001:2014(E)IntroductionThis International Standard provides details about the planning and management requirements associated with systems and software product quality requirements and eval
18、uation.While this International Standard is mainly concerned with systems and software product quality requirements and evaluation, wherever it is relevant the corresponding process requirements and evaluation activities are also discussed.This International Standard aims to clarify the requirements
19、, which should be identified by the organisation in order to ensure the success of specifying systems and software quality requirements and executing the evaluation.This International Standard is intended to be used in conjunction with the other documents of the ISO/IEC 25000 SQuaRE series of standa
20、rds. The ISO/IEC 25000 SQuaRE series replaces the ISO/IEC 9126 series and the ISO/IEC 14598 series.This International Standard complies with the technical processes identified in ISO/IEC 15288:2008 and ISO/IEC 12207:2008 related to quality requirements definition and analysis.Figure 1 Organization o
21、f SQuaRE series of standardsFigure 1 (quoted after ISO/IEC 25000) illustrates the organisation of the SQuaRE series representing families of standards, further called Divisions.The Divisions within SQuaRE model are: ISO/IEC 2500n - Quality Management Division. The International Standards that form t
22、his division define all common models, terms and definitions referred to by all other standards from the SQuaRE series. Referring paths (guidance through SQuaRE documents) and high level practical suggestions in applying proper standards to specific application cases offer help to all types of users
23、. The division also provides requirements and guidance for a supporting function, which is responsible for the management of product requirements specification and evaluation. ISO/IEC 2014 All rights reserved vBS ISO/IEC 25001:2014ISO/IEC 25001:2014(E) ISO/IEC 2501n - Quality Model Division. The Int
24、ernational Standards that form this division present detailed quality models for systems and software product, quality in use and data. Practical guidance on the use of the quality model is also provided. ISO/IEC 2502n - Quality Measurement Division. The International Standards that form this divisi
25、on include a system and software product quality measurement reference model, mathematical definitions of quality measures, and practical guidance for their application. This division presents internal measures of software quality, external measures of system or software product quality and quality
26、in use measures. Quality measure elements forming foundations for the latter measures are defined and presented. ISO/IEC 2503n - Quality Requirements Division. The International Standard that forms this division helps specifying quality requirements. These quality requirements can be used in the pro
27、cess of quality requirements elicitation for a product to be developed or as inputs for an evaluation process. The requirements definition process is mapped to Stakeholder Requirements Definition Process in Technical Processes defined in ISO/IEC 15288:2008 and ISO/IEC 12207:2008. ISO/IEC 2504n - Qua
28、lity Evaluation Division. The International Standards that form this division provide requirements, recommendations and guidelines for product evaluation, whether performed by independent evaluators, acquirers or developers. The support for documenting a measure as an Evaluation Module is also prese
29、nted. ISO/IEC 25050-25099 - Extension Division. SQuaRE extension (ISO/IEC 25050 to ISO/IEC 25099) is designated to contain system or software product quality International Standards and/or Technical Reports that address specific application domains or that can be used to complement one or more SQuaR
30、E International Standards.vi ISO/IEC 2014 All rights reservedBS ISO/IEC 25001:2014INTERNATIONAL STANDARD ISO/IEC 25001:2014(E)Systems and software engineering Systems and software Quality Requirements and Evaluation (SQuaRE) Planning and management1 ScopeThis International Standard provides requirem
31、ents and recommendations for an organization responsible for implementing and managing the systems and software product quality requirements specification and evaluation activities through the provision of technology, tools, experiences, and management skills.The role of the evaluation group include
32、s motivating employees and training them for the requirements specification and the evaluation activities, preparing appropriate documents, identification or development of required methods, and responding to queries on relevant technologies.Technology management is related to the planning and manag
33、ement of a systems and software quality requirements specification and evaluation process, measurements and tools. This includes the management of development, acquisition, standardisation, control, transfer and feedback of requirements specification and evaluation technology experiences within the
34、organisation.The intended users of this International Standard are those responsible for: managing technologies used for requirements specification and evaluation execution, specifying systems and software product quality requirements, supporting systems and software product quality evaluation, mana
35、ging systems and software development organisations,as well as those in a quality assurance function. However, it is also applicable to managers involved in other systems or software related activities.2 ConformanceIn order to conform to this International Standard, an organisation shall apply requi
36、rements from clause 6 giving the reasons for any exclusion, or describe its own recommendations and provide a mapping to the original requirements.3 Normative referencesThe following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application
37、. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.ISO/IEC 25000:2014, Software Engineering Software product Quality Requirements and Evaluation (SQuaRE) Guide to SQuaREISO/IEC 25010:2011, S
38、ystems and software engineering Systems and software Quality Requirements and Evaluation (SQuaRE) System and software quality modelsISO/IEC 25020:2007, Software engineering Software product Quality Requirements and Evaluation (SQuaRE) Measurement reference model and guide ISO/IEC 2014 All rights res
39、erved 1BS ISO/IEC 25001:2014ISO/IEC 25001:2014(E)ISO/IEC 25021:2012, Systems and software engineering Systems and software Quality Requirements and Evaluation (SQuaRE) Quality measure elementsISO/IEC 25022, Systems and software engineering - Systems and software Quality Requirements and Evaluation (
40、SQuaRE) Measurement of quality in use1)ISO/IEC 25023, Systems and software engineering: Systems and software Quality Requirements and Evaluation (SQuaRE) Measurement of system and software product quality2)ISO/IEC 25024, Systems and software engineering: Systems and software Quality Requirements and
41、 Evaluation (SQuaRE) Measurement of data quality3)ISO/IEC 25030:2007, Software engineering Software product Quality Requirements and Evaluation (SQuaRE) Quality requirementsISO/IEC 25040:2011, Systems and software engineering - Systems and software Quality Requirements and Evaluation (SQuaRE) Evalua
42、tion processISO/IEC 25041:2012, Systems and software engineering Systems and software Quality Requirements and Evaluation (SQuaRE) Evaluation guide for developers, acquirers and independent evaluatorsISO/IEC 25045:2010, Systems and software engineering Systems and software Quality Requirements and E
43、valuation (SQuaRE) Evaluation module for recoverabilityISO/IEC 25051, Software engineering Systems and software Quality Requirements and Evaluation (SQuaRE) Requirements for quality of Ready to Use Software Product (RUSP) and instructions for testingISO/IEC 15288:2008, Systems and software engineeri
44、ng System life cycle processesISO/IEC 12207:2008, Systems and software engineering Software life cycle processes4 Terms and definitionsFor the purposes of this document, the terms and definitions given in ISO/IEC 25000 and the following apply.4.1evaluationsystematic determination of the extent to wh
45、ich an entity meets its specified criteria (ISO/IEC 12207:2008)4.2evaluation activityassessment of systems or software product against targeted values of identified and applicable quality characteristics performed using applicable techniques or methods4.3evaluation grouporganization responsible for
46、specifying the systems and software quality requirements as well as managing and implementing the quality evaluation activities through the provision of technology, tools, experiences, and management skillsNote 1 to entry: Software quality requirements could be specified previously by the requestor
47、of the evaluation while the evaluation group would verify presence and value of the software quality requirements.1) To be published.2) To be published.3) To be published.2 ISO/IEC 2014 All rights reservedBS ISO/IEC 25001:2014ISO/IEC 25001:2014(E)4.4evaluation technology (technology used for evaluat
48、ion)techniques, processes, tools, measures and relevant technical information used for evaluationEXAMPLE internal, external or quality in use measures or specific evaluation processes designed for developers, acquirers or independent evaluators4.5techniquesmethods and skills required to carry out a
49、specific activity5 Evaluation management conceptsThe ISO/IEC 25001 is applicable to the evaluation group, which provides the organisation-wide support to all projects in systems or software development, systems or software acquisition and third party evaluation organisations (see Table 1).Table 1 System or software quality evaluation activitiesDEVELOPED SYSTEMS or SOFTWARE ACQUIRED SYSTEMS or SOFTWAREDevelopment Activities Evaluation Activities Acquisition Activities Evaluation Ac
