Software Engineering

Why standards?

  • Quality

  • Shared communication

  • Shared understanding

  • Influence, from understanding to creation/development

  • Profit

  • Collaboration

  • Reputation

  • Regulation (assurance)

  • Flexibility


  • They encapsulate best practice (normally)

  • Framework for QA

  • Provide continuity

    • Record of decision-making process

    • Organisational memory

    • New staff save time


  • Standards are considered too large, unwieldy and difficult to adopt for SMEs

  • Focus is on large organisations

  • Concerns over cost and documentation

  • Difficult to justify

Software standards

Standards are about providing rules, guidelines and heuristics which, if followed, deliver an assurance of good practice - they are not intended to be about best practice

Standards may be international, national, organisational or project standards.

Product Standards
Defining the characteristics that all software components should exhibit
Process Standards
Defining how the software process should be enacted



ISO SC7 structure





Standards of particular interest

  • ISO 9000, family of standards for quality management systems

  • ISO 12207, defines the software engineering process, activity, and tasks that are associated with a software life cycle process from conception through retirement

  • ISO 15504, also known as SPICE (Software Process Improvement and Capability Determination), is a framework for the assessment of processes

ISO 9000

ISO 9000


  • ISO9001 – QSM for Quality Assurance in design, development, production, installation and service

  • ISO9002 – QSM for Quality Assurance in production, installation, and servicing

  • ISO9003 – QSM for Quality Assurance in final inspection and test

Quality: refers to all features of a product (such as software) which are required by a customer

Quality management: covers the organisations approach to ensuring that it produces quality products and complies with the appropriate regulations

ISO 12207

  • Created to supply a common structure so that the buyers, suppliers, developers, maintainers, operators, managers and technicians involved with the software development use a common language

  • It is the standard that defines all the tasks required for developing and maintaining software

  • Created in ’95, last updated in ’17 (ISO 12207:2017)

  • Covers the process in the life cycle of software:

    • High level process architecture

    • Activities and tasks

    • Tailored for any organisation or project (inc. SME et al)

    • An ‘inventory’ of processes from which to choose

  • This standard does not create a standardised way to create a product

  • It is not prescriptive

  • Nor does it advocate or enforce a standardised methodology

ISO 12207:17

ISO 12207:17

Process Implementation

  • Define or select software life cycle model appropriate to the scope, magnitude, and complexity of the project;

  • Select, tailor, and use standards, methods, tools, and programming languages (if not stipulated in contract);

  • Develop plans for conducting the activities of the Development process.

ISO 15504

Process assessment: What is it?

  • A disciplined examination of the processes by an organisation against a set of criteria to determine capability of those processes to perform within quality, cost and schedule goals

  • Focus here is on continual, self-improvement

Why bother?

  • Identify strengths and weaknesses in current utilisation of processes

  • Ongoing development of systems, maturity and growth

  • Feeds into the future

ISO 15504