ISO IEC 90003 2004 Translated into Plain English

We've also translated the following into Plain English: ISO 20000 IT Service
Standard and the ISO 27001 and ISO 27002 Information Security Standards.

ISO 90003 is a quality management standard for software products and related
services. It replaces the old ISO 9000-3 1997 software standard. ISO IEC 90003
explains how ISO 9001 2000 can be applied to software and related services.

Please note that ISO presents quality management requirements and guidelines
in sections 4 to 8 of ISO 90003. Therefore, the following material begins with section 4.
However, the bulk of this material will be taken from section 7 since this section makes
up over 60 percent of the standard. Section 7 discusses Software Product Realization.

The following material translates the ISO IEC 90003 standard into plain English.
However, this material is both selective and general. It is, therefore, incomplete.

4. Systemic Requirements and Guidelines

4.1
Establish
a quality 
management
system for
software
products

 

Develop a quality system for software products and related services.

  • Identify the processes that make up your quality system.

    • Identify the processes that make up your approach to software development.               

    • Identify the processes that make up your approach to software development planning.                    

    • Identify the processes that make up your approach to software quality planning.                   

    • Identify the processes that make up your approach to software operation.                                   

    • Identify the processes that make up your approach to software maintenance.                      

  • Describe the processes that make up your quality system.

    • Describe the sequential structure of your processes.

    • Describe how your processes interact with one another.

Implement a quality system for software products and services.

  • Use your quality management system processes.

  • Manage the effectiveness of your processes.

  • Support the effectiveness of your processes.

 

Improve your software oriented quality management system.

  • Monitor the effectiveness of your processes.

  • Measure the effectiveness of your processes.

  • Improve the effectiveness of your processes.

4.2
Document
your software
oriented quality
system

4.2.1 Develop quality management system documents.

  • Develop documents to implement your quality system.

  • Develop documents that describe your software processes.

  • Develop documents that describe your life cycle models.

 

4.2.2 Prepare a quality management system manual.

  • Document your procedures.

  • Describe how your processes interact.

  • Define the scope of your quality system.

  • Justify exclusions and reductions in scope.

 

4.2.3 Control quality management system documents.

  • Approve documents before you distribute them.

  • Provide the correct version of documents at points of use.

  • Prevent the accidental use of obsolete documents.

  • Preserve the usability of your quality documents.

 

4.2.4 Maintain quality management system records.

4.2.4.1 Prove that requirements have been met.

4.2.4.2 Prove that your operations are effective.

4.2.4.3 Establish a record retention approach.

5. Management Requirements and Guidelines

5.1
Support 
quality

Promote the importance of quality.

  • Promote the need to meet customer requirements.

  • Promote the need to meet software product requirements.

 

Develop a quality management system.

  • Support the development of a quality system.

  • Formulate your organization's quality policy.

  • Set your organization's quality objectives.

  • Provide needed quality resources.

Implement your quality management system.

  • Provide resources to implement your quality system.

  • Encourage people to meet quality system requirements.

 

Improve your quality management system.

  • Perform quality management reviews.

  • Provide resources to improve quality system.

5.2
Focus on your
customers

Identify customer requirements.

  • Expect people to identify customer requirements.

 

Meet customers requirements.

  • Expect your organization to meet customer requirements.

 

Enhance customer satisfaction.

  • Expect your organization to enhance customer satisfaction.

5.3
Establish
a quality
policy

Define your quality policy.

  • Ensure that policy serves your organization's purpose.

  • Ensure that policy emphasizes the need to meet requirements.

  • Ensure that policy facilitates the development of quality objectives.

 

Manage your quality policy.

  • Communicate your policy throughout your organization.

  • Review your policy to ensure that it continues to be suitable.

5.4
Perform
quality
planning

5.4.1 Formulate your quality objectives.

  • Set objectives for all functional areas.

  • Set objectives at all organizational levels.

 

5.4.2 Plan your quality management system.

  • Plan the development of your quality system.

    • Carry out quality planning for software products.

  • Plan how to improve the effectiveness of your quality system.

5.5
Control
your quality
system

5.5.1 Define responsibilities and authorities.

  • Document responsibilities and authorities.

  • Communicate responsibilities and authorities.

 

5.5.2 Appoint a management representative.

  • Oversee your quality management system.

  • Report on the status of your quality management system.

  • Support the maintenance of your quality management system.

 

5.5.3 Support internal communications.

  • Ensure that communication processes are established.

  • Ensure that communication occurs throughout organization.

5.6
Perform
management
reviews

5.6.1 Review your quality management system.

  • Plan regular reviews of your quality management system.

  • Evaluate the effectiveness of your quality management system.

  • Maintain a record of your quality management reviews.

 

5.6.2 Examine management review inputs.

  • Examine audit results.

  • Examine opportunities to improve.

  • Examine feedback from customers.

  • Examine software product conformity data.

  • Examine process performance information.

  • Examine corrective and preventive actions.

  • Examine previous quality management reviews.

 

5.6.3 Generate management review outputs.

  • Generate actions to improve quality system effectiveness.

  • Generate actions to improve your software products.

  • Generate actions to address your resource needs.

6. Resource Requirements and Guidelines

6.1
Provide quality
resources

Identify quality management system resource requirements.

  • Identify resources needed to support your quality system.

  • Identify resources needed to meet customer requirements.

  • Identify resources needed to meet regulatory requirements.

 

Provide quality management system resources.

  • Provide resources needed to support your quality system.

  • Provide resources needed to implement the quality system.

  • Provide resources needed to improve your quality system.

  • Provide resources needed to meet customers' requirements.

  • Provide resources needed to meet regulatory requirements.

6.2
Provide quality
personnel

6.2.1 Use competent personnel.

  • Ensure that your personnel have the right experience.

  • Ensure that your personnel have the right education.

  • Ensure that your personnel have the right training.

  • Ensure that your personnel have the right skills.

 

6.2.2 Support competence.

  • Define acceptable levels of competence.

  • Identify your organization's training and awareness needs.

    • Identify training needs of software development personnel.

    • Identify training needs of software project personnel.

  • Deliver your organization's training and awareness programs.

  • Evaluate effectiveness of training and awareness programs.

  • Maintain a record of competence.

6.3
Provide quality
infrastructure

Identify infrastructure needs.

  • Identify the infrastructure you need in order to develop software.

    • Identify the hardware you need in order to develop software.

    • Identify the software you need in order to develop software.

    • Identify the facilities you need in order to develop software.

  • Identify the tools you need in order to manage software.

    • Identify the tools you need in order to develop software.

    • Identify the tools you need in order to support software.

    • Identify the tools you need in order to protect software.

    • Identify the tools you need in order to control software.

 

Provide needed infrastructure.

  • Provide the infrastructure you need in order to develop software.

    • Provide the hardware you need in order to develop software.

    • Provide the software you need in order to develop software.

    • Provide the facilities you need in order to develop software.

  • Provide the tools you need in order to manage software.

    • Provide the tools you need in order to develop software.

    • Provide the tools you need in order to support software.

    • Provide the tools you need in order to protect software.

    • Provide the tools you need in order to control software.

 

Maintain your infrastructure.

  • Maintain the infrastructure you need in order to develop software.

    • Maintain the hardware you need in order to develop software.

    • Maintain the software you need in order to develop software.

    • Maintain the facilities you need in order to develop software.

  • Maintain the tools you need in order to manage software.

    • Maintain the tools you need in order to develop software.

    • Maintain the tools you need in order to support software.

    • Maintain the tools you need in order to protect software.

    • Maintain the tools you need in order to control software.

6.4
Provide quality
environment

  • Identify needed work environment.

  • Implement needed work environment.

  • Manage needed work environment.

7. Realization Requirements and Guidelines

7.1
Control
software
product
realization
planning

Plan software product realization processes.

  • Identify software product quality objectives and requirements.

  • Identify software product realization needs and requirements.

  • Identify software product realization risk management requirements.

  • Identify software product realization record keeping requirements.

 

Develop product realization processes.

  • Develop product realization documents.

  • Develop product realization record keeping systems.

  • Develop methods to control quality during product realization.

7.1.1 Use life cycle models to plan your work.
  • Plan your tasks, activities, and processes using suitable software life cycle models.                       

    • Select suitable software life cycle models.

      • Use suitable software life cycle models to carry out your software projects.                         

    • Select suitable software development methods.

7.1.2 Carry out software quality planning.
  • Plan how you're going to apply your quality management system to the development of your software products.

  • Plan how you’re going to apply your quality management system to each software project.

7.2
Control
customer
processes

7.2.1 Identify your customers' software product requirements.

  • Identify the requirements that customers want you to meet.

  • Identify the requirements that are dictated by the product's use.

  • Identify the requirements that are imposed by external agencies.

  • Identify the requirements that your organization wants to meet.

7.2.1.1 Identify customer related software requirements.
  • Establish methods that can be used to identify customer related software requirements.                       

  • Establish methods that can be used to authorize changes in customer related software requirements.

  • Establish methods that can be used to track changes in customer related software requirements.                    

 

7.2.2 Review your customers' software product requirements.

  • Review requirements related to software contracts.

  • Review requirements related to software engineering.

  • Review requirements related to software maintenance.

  • Review requirements related to software quality.

7.2.2.1 Identify your organization's software product concerns.
  • Identify the software design and development procedures that must be used before you agree to supply software products.

  • Identify the items that must be provided by the customer before you agree to supply software products.

  • Identify and define the methods that will be used to assess the suitability of the items that you expect your customer to provide.

7.2.2.2 Evaluate risks related to product requirements.
  • Evaluate your risks before you agree to meet product oriented requirements.                                        

  • Evaluate criticality issues before you agree to meet product oriented requirements.                  

  • Evaluate safety issues before you agree to meet product oriented requirements.                     

  • Evaluate security issues before you agree to meet product oriented requirements.                      

  • Evaluate your organizations experience and capabilities before you agree to meet product oriented requirements.

  • Evaluate your suppliers’ experience and capabilities before you agree to meet product oriented requirements.

7.2.2.3 Appoint someone to represent the customer.
  • Ask your customer to appoint someone to support your software development activities and manage all contractual responsibilities.

  • Make sure that customer representatives have the authority to ensure that customer personnel will cooperate with your staff.

 

7.2.3 Communicate with your software customers.

  • Develop a process to control communications with customers.

  • Make sure that your process controls customer advisory notices.

  • Implement your customer communications process.

7.2.3.1 Communicate with your software customers.
  • Make sure that your customer communication methods are consistent with your contractual agreements.

7.2.3.2 Communicate with customers during development.
  • Schedule reviews involving the customer and your organization to discuss relevant software product development information.

    • Schedule joint reviews to discuss enquiries.

    • Schedule joint reviews to discuss contracts.

    • Schedule joint reviews to discuss amendments.

    • Schedule joint reviews to discuss progress.

7.2.3.3 Communicate during operations and maintenance.
  • Communicate with your customers during the software operations life cycle process.                   

  • Communicate with your customers during the software maintenance life cycle process.                  

7.3
Control software
design and
development

7.3.1 Plan product design and development.

  • Define your software product design and development stages.

  • Establish procedures to control software design and development.

  • Clarify design and development responsibilities and authorities.

  • Manage interactions between design and development groups.

  • Update your design and development plans as changes occur.

  • Document your planning outputs as changes occur.

7.3.1.1 Plan software design and development.

  • Identify the activities that must be performed.

    • Identify the inputs that each activity requires.

    • Identify the outputs generated by each activity.

    • Identify the management activities that will be needed.

    • Identify the support services that will be required.

    • Identify the team training that will be necessary.

  • Identify the resources that your project will need.

  • Identify verification and validation activities.

  • Identify design and development rules and conventions.

  • Identify software development tools and techniques.

7.3.1.2 Plan review, verification, and validation activities.
  • Use maintenance procedures or service agreements to plan the review, verification, and validation of software operations.

  • Use maintenance procedures or service agreements to plan the review, verification, and validation of software maintenance.

 

7.3.2 Define software design and development inputs.

  • Specify product design and development inputs.

  • Record product design and development input definitions.

  • Evaluate product design and development input definitions.

  • Review input definitions before you approve them.

  • Derive software design and development inputs.                     

 

7.3.3 Generate software design and development outputs.

  • Create software product design and development outputs.

  • Approve design and development outputs prior to release.

  • Use design and development outputs to control product quality.

  • Maintain a record of your design and development outputs.

 

7.3.4 Carry out software design and development reviews.

  • Carry out reviews throughout your software product design and development process.                        

  • Establish procedures that specify how problems identified during your software design and development reviews should be handled.

    • Establish procedures that specify how product deficiencies or nonconformities should be handled.

    • Establish procedures that specify how process deficiencies or nonconformities should be handled.

  • Formulate the guidelines that all participants will be expected to follow during your software design and development reviews.

 

7.3.5 Perform software design and development verifications.

  • Perform verification activities throughout the software design and development process.                      

  • Record the results of your software design and development verification activities.                             

 

7.3.6 Conduct software design and development validations.

  • Perform product design and development validations.

  • Conduct clinical evaluations of medical devices (if required).

  • Conduct performance evaluations of devices (if required)

  • Record product design and development validations.

7.3.6.1 Carry out software validation activities.
  • Validate the operation of your software product before you ask the customer to formally accept it.              

    • Confirm that your new software product meets the requirements specified in your customer contract.            

    • Confirm that your new software product meets the requirements that define its intended use.                 

  • Record the results of your software validations.

7.3.6.2 Carry out software testing activities.
  • Test individual software items in order to ensure that they meet operational requirements.                    

  • Test the complete software product in order to ensure that it meets operational requirements.                      

 

7.3.7 Manage software design and development changes.

  • Identify changes in product design and development.

    • Use configuration management to control software design and development changes.                     

  • Record changes in software product design and development.

  • Review changes in software product design and development.

  • Verify changes in software product design and development.

  • Validate changes in product design and development.

  • Approve changes before they are implemented.

7.4
Control your
purchasing
function

7.4.1 Control purchasing process.

  • Ensure that your purchased products meet requirements.

  • Create a procedure to ensure purchases meet requirements.

  • Ensure that your suppliers meet requirements.

7.4.1.1 Control software purchasing process.
  • Control the purchase of software products.

  • Control the purchase of subcontracted services.

  • Control the purchase of outsourced activities.

7.4.1.2 Control purchased parts and components.
  • Control the purchase of products that will become a component part of your software product.                              

  • Control computer hardware if you intend to make it a component part of your software product.                   

  • Control documentation if you intend to make it a component part of your software product.               

 

7.4.2 Document product purchases.

  • Describe the products being purchased.

    • Identify the software product being purchased.

  • Specify the requirements that purchases must meet.

    • Identify the requirements that software must meet.

    • Identify the procedures that your suppliers must follow.

  • Describe the skill and knowledge requirements that supplier personnel must be able to meet.                      

 

7.4.3 Verify purchased products.

  • Use acceptance testing to verify the suitability of software purchased for use in software design and development.

  • Use acceptance testing to confirm that subcontracted software development work meets your requirements.

  • Use acceptance testing to confirm that software purchased on your behalf by subcontractors meets your requirements.

7.5
Manage
production
and service
provision

7.5.1 Control production and service provision.

7.5.1.1 Control software production and service.

7.5.1.2 Control software build and release.

7.5.1.3 Control software replication activities.

7.5.1.4 Control software delivery activities.

7.5.1.5 Control software installation activities.

7.5.1.6 Control your software operations.

7.5.1.7 Control software maintenance activities.

 

7.5.2 Validate production and service provision.

  • Validate production and service processes whenever process outputs cannot be measured, monitored, or verified.       

  • Develop methods and procedures to prove that special processes can produce planned results.

  • Keep records that can prove that special production and service processes can produce planned results.

 

7.5.3 Identify and track your products.

7.5.3.1 Identify and trace software products.

7.5.3.2 Use software configuration management.

7.5.3.3 Establish a process to trace software.

 

7.5.4 Protect property supplied by customers.

  • Identify property supplied to you by customers.

  • Verify property supplied to you by customers.

  • Safeguard property supplied to you by customers.

 

7.5.5 Preserve your products and components.

  • Preserve products and components during internal processing.

    • Establish procedures to preserve products during processing.

  • Preserve products and components during final delivery.

    • Establish procedures to preserve products during delivery.

7.6
Control
monitoring
devices

 

Identify monitoring and measuring needs.

  • Identify your monitoring and measuring needs and requirements.

  • Identify the monitoring and measurements that must be performed in order to ensure that your products meet specified requirements.

Select monitoring and measuring devices.
  • Select devices that are capable of meeting your organization’s monitoring and measuring needs.

  • Select devices that can perform the monitoring and measuring that your organization needs to perform.             

 

Calibrate your monitoring and measuring devices.

  • Calibrate your monitoring and measuring devices by comparing them against devices that can be traced to national or international standards.                            

  • Identify the calibration status of your devices.

  • Record the results of your calibration activities.

 

Protect your monitoring and measuring devices.

  • Use a configuration management system to control monitoring and measuring devices.                       

    • Protect your devices from unauthorized adjustment.

    • Protect your devices from damage or deterioration.

 

Validate your monitoring and measuring devices.

  • Validate monitoring and measuring devices before you use them.

  • Revalidate monitoring and measuring devices when necessary.

 

Use your monitoring and measuring devices.

  • Use devices to ensure that your products meet requirements.

8. Remedial Requirements and Guidelines <SAMPLE pdf

8.1
Carry out
remedial
processes

Plan remedial processes.

  • Plan how monitoring, measuring, and analytical processes will be used to demonstrate conformity.

  • Plan how monitoring, measuring, and analytical processes will be used to maintain your quality management system.

  • Plan how monitoring, measuring, and analytical processes will be used to continually improve the effectiveness of your quality management system.                                  

 

Implement remedial processes.

  • Use monitoring, measuring, and analytical processes to demonstrate conformance.                          

  • Use monitoring, measuring, and analytical processes to maintain your quality management system.

  • Use monitoring, measuring, and analytical processes to continually improve the effectiveness of your quality management system.                                   

8.2
Monitor and 
measure
quality

8.2.1 Monitor and measure customer satisfaction.

  • Identify methods that you can use to monitor and measure customer satisfaction.                   

  • Use customer satisfaction information as a measure of quality management system performance.                  

    • Monitor and measure customer satisfaction by analyzing help desk calls about quality and service performance.

    • Monitor and measure customer satisfaction by studying "quality in use" metrics derived from direct and indirect customer feedback.                        

 

8.2.2 Plan and perform regular internal audits.

  • Set up an internal audit program.

  • Develop an internal audit procedure.

  • Plan your internal audit projects.

    • Plan how you’re going to audit software projects.

  • Perform regular internal audits.

  • Solve problems discovered by audits.

  • Verify that problems have been solved.

 

8.2.3 Monitor and measure quality processes.

  • Use suitable methods to monitor and measure processes.

  • Take action when processes fail to achieve planned results.

 

8.2.4 Monitor and measure product characteristics.

  • Monitor and measure how well your software products comply with quality requirements.                  

  • Maintain a record of your software product monitoring and measuring activities.                      

8.3
Control your
nonconforming
software products

Establish a nonconforming software products procedure.

  • Define how nonconforming products should be identified.

  • Define how nonconforming products should be controlled.

 

Identify and control your nonconforming software products.

  • Eliminate or correct software product nonconformities.

  • Prevent the delivery or use of nonconforming software products.

  • Avoid the inappropriate use of nonconforming software products. 

  • Grant concessions only if regulatory requirements are met.

 

Re-verify nonconforming software products that were corrected.

  • Prove that corrected software products now meet requirements. 

 

Control nonconforming software products after delivery or use.

  • Control events when you deliver or use nonconforming products. 

  • Develop a work instruction to control product rework process.

 

Maintain records of nonconforming software products.

  • Document your software product nonconformities.

  • Describe the actions taken to deal with nonconformities. 

  • Maintain a record of software product concessions granted.

8.4
Analyze quality
information

Define quality management information needs.

  • Identify the type of information your organization needs to have about its quality management system.

  • Define what kind of information you need in order to be able to evaluate the suitability and effectiveness of your quality management system.                                  

 

Collect quality management system data.

  • Monitor and measure the suitability of quality system.

  • Monitor and measure the effectiveness of quality system.

 

Provide quality management information.

  • Provide information about your customers.

  • Provide information about your suppliers.

  • Provide information about your products.

  • Provide information about your processes.

  • Develop procedures to analyze information.

  • Maintain a record of your analytical results.

8.5
Take required
remedial actions

8.5.1 Maintain your quality management system.

  • Use audits to maintain the effectiveness of your quality system.

  • Use quality data to maintain quality system effectiveness.

  • Use quality policy to maintain quality system effectiveness.

  • Use quality objectives to maintain quality system effectiveness.

  • Use management reviews to maintain quality system effectiveness.

  • Use corrective actions to maintain quality system effectiveness.

  • Use preventive actions to maintain quality system effectiveness.

 

8.5.2 Correct actual nonconformities.

  • Review your nonconformities.

  • Figure out what causes your nonconformities.

  • Evaluate whether you need to take corrective action.

  • Develop corrective actions to prevent recurrence.

  • Take corrective actions when they are necessary.

  • Record the results that your corrective actions achieve.

  • Examine the effectiveness of your corrective actions.

 

8.5.3 Prevent potential nonconformities.

  • Detect potential nonconformities.

  • Identify the causes of potential nonconformities.

  • Study the effects of potential nonconformities.

  • Evaluate whether you need to take preventive action.

  • Develop preventive actions to eliminate causes.

  • Take preventive actions when they are necessary.

  • Record the results that your preventive actions achieve.

  • Examine the effectiveness of your preventive actions.

 

Attention

This page summarizes the ISO 90003 standard. It highlights
the main points. It does not present detail. To get the complete
plain English standard, please consider purchasing our
Title 60: ISO IEC 90003 2004 Checklist.
  It translates the
ISO IEC 90003 2004 quality standard into plain English.

Title 60 is detailed, accurate, and complete. It uses language
that is clear, precise, and easy to understand. We guarantee it

Title 60 can be delivered to you on CD or as an email attachment.
Title 60 is 175 pages long and comes in pdf and MS doc file formats.

Contents

Sample PDF

Place an Order

Check Prices

License


MORE ISO IEC 90003 PAGES

Introduction to ISO IEC 90003 2004

Plain English Software Quality Management Definitions

Introduction to ISO IEC 90003 2004 Plain English Checklist

ISO IEC 90003 Plain English Checklist - SAMPLE (Chapter 8) PDF

ISO 9000-3:1997 Software Quality Standard (obsolete)


OTHER RELATED RESOURCES

IT Service Management Standard

Management System Auditing Standard

ISO 9001 2015 Quality Management Standard

ISO 9004 2009 Quality Management Standard

ISO 27001 Information Security Management Standard

ISO 27002 Information Security Management Standard

Knowledge and Skills QMS Auditors Should Have

ISO 31000 2009 Risk Management Standard

Our Plain English Approach

Updated on November 29, 2014. First published on July 30, 2005.

Home Page

Our Libraries

A to Z Index

Our Customers

How to Order

Our Products

Our Prices

Our Guarantee

Praxiom Research Group Limited          help@praxiom.com          780-461-4514


Legal Restrictions on the Use of this Page
Thank you for visiting this webpage. You are welcome to view our material as often as
you wish, free of charge. And as long as you keep intact all copyright notices, you are also
welcome to print or make one copy of this page for your own personal, noncommercial,
home use. But, you are not legally authorized to print or produce additional copies or to
copy and paste any of our material onto another web site or to republish it in any way.

Copyright © 2005 - 2014 by Praxiom Research Group Limited. All Rights Reserved.

Praxiom Research Group Limited