ISO IEC 90003 2014 QMS Definitions for Software

Acceptance testsActivity - Audit - Audit client - Audit conclusion - Audit criteria
Auditee - Audit evidence  -  Audit findings  -  Auditor  Audit plan - Audit program
Audit scope  -  Audit team  -  Baseline  Characteristic  Competence  Complaint
Concession - Configuration control - Configuration identification - Configuration item
Configuration management - Configuration status accounting - Conformity - Continual
improvement - Contract review  -  Correction  Corrective action  -  COTS - Customer
Customer satisfaction - Defect - Dependability - Design and development - Design and
development review Design and development validationDesign and development
verification  Design review  -  Design validation  -  Design verification  -  Document
Effectiveness - Efficiency - Grade - Implementation - Infrastructure - Inputs and outputs
Inspection  -   Integration tests  -  Interested party  -  Internal audit  -  Life cycle model Management  Management review  -  Management system  -  Measure  Measurement
Measurement equipment - Monitoring - Nonconformity product - Nonconformity - Objective
Objective evidence  -  Organization  Organizational structure  -  Outsource  Preventive
action - Procedure - Process - Process approach - Product - Product inspection - Product nonconformity - Product realization - Project - Qualification process - Qualification tests
Quality - Quality assurance - Quality characteristic - Quality control - Quality improvement
Quality-in-use-metrics - Quality management - Quality management system (QMS) - Quality
manual  Quality objective  -  Quality plan  -  Quality planning  -  Quality policy  -  Quality surveillance  - Record  Regrade  Regression testing  -  Release  Repair - Replication
Requirement- Resources - Review - Rework - Scrap - Service - Service delivery - Software
Software item - Software product - Special process - Specification - Standard - Supplier
System - System tests - Test - Top management - Traceability - Unit tests - Validation
Verification - Work breakdown structure (WBS) - Work environment

OTHER RELATED MANAGEMENT DICTIONARIES
IT Service ManagementInternal Auditing - Information Security
Risk Management - Business Continuity Management - Quality Management
INTRODUCTION TO OUR PLAIN ENGLISH DEFINITIONS

Since ISO IEC 90003 2014 wants you to refer to the definitions found
in both ISO 9000 2005 and ISO IEC 90003 2014, we've translated them
into plain English. Our plain English definitions are based not only on
the original terms and definitions but also on how ISO IEC 90003 2014
(which includes the ISO 9001 2008 standard) actually uses these terms.

We’ve also defined several important terms that ISO IEC 90003 uses
but does not officially define, terms that all users should, nevertheless,
understand if they want to actually use this QMS standard. For example,
ISO IEC 90003 refers to the process approach and to inputs, outputs,
management reviews, and to something called product realization.
However, it doesn't formally define what these words mean. We’ve
addressed this important shortcoming by considering how the
standard actually uses these concepts and by using bits of
other definitions to build new Plain English definitions.

ISO’s official definitions tend to use words that are themselves defined
elsewhere within the same ISO standard. As a result, readers are often
expected to flip back and forth between several definitions in order
to understand how a single term is defined. We try to avoid this
by keeping all the defining elements together in one place.

Acceptance tests

Acceptance tests use criteria to evaluate the complete software
product to ensure that customer requirements have been met
and that the software is acceptable.

Activity

An activity is a cohesive set of tasks (a cohesive set of tasks is a process).

Audit

An audit is a systematic evidence gathering process. Audits must be
independent and evidence must be evaluated objectively to determine how
well audit criteria are being met. There are three types of audits: first-party,
second-party, and third-party. First-party audits are internal audits while
second and third party audits are external audits.

Organizations use first party audits to audit themselves. First party audits
are used to provide input for management review and for other internal
purposes. They're also used to declare that an organization meets
requirements (this is called a self-declaration of conformity).

Second party audits are external audits. They’re usually done by customers
or by others on their behalf. However, they can also be done by regulators or
any other external party that has an interest in the organization.  Third party
audits are also external audits. However, they’re performed by independent
organizations such as registrars (certification bodies) or regulators.

ISO also distinguishes between combined audits and joint audits. When
two or more management systems of different disciplines are audited
together at the same time, it's called a combined audit; and when
two or more auditing organizations cooperate to audit a single
auditee organization it's called a joint audit.

Audit client

An audit client could be an auditee or any other person or organization who
has requested an audit and has the regulatory or contractual right to do so.

Audit conclusion

Audit conclusions are drawn by an audit team after an audit has
been completed and after it has considered its audit findings and
audit objectives. Audit findings result from a process that evaluates
audit evidence and compares it against audit criteria.

Audit criteria

Audit criteria are used as a reference point and include policies,
requirements, and other forms of information. They are compared
against audit evidence to determine how well they are being met.
Audit evidence is used to determine how well policies are being
followed and how well requirements are being met.

Auditee

An auditee is an organization that is being audited. Organizations include
companies, corporations, enterprises, firms, charities, associations, and
institutions (or some combination of these). Organizations can be either
incorporated or unincorporated and can be privately or publicly owned.

Audit evidence

Audit evidence includes records, factual statements, and other verifiable
information that is related to the audit criteria being used. Audit criteria
 include policies, procedures, and requirements.

Audit findings

Audit findings result from a process that evaluates audit evidence
and compares it against audit criteria. Audit findings can show that
audit criteria are being met (conformity) or that they are not being met
(nonconformity). They can also identify best practices or improvement
opportunities.

Audit evidence includes records, factual statements, and other verifiable
information that is related to the audit criteria being used. Audit criteria
include policies, procedures, and requirements.

Auditor

In the context of this quality management standard, an auditor is a person
who collects evidence in order to evaluate how well quality management
systems meet requirements.

Auditors are expected to determine whether quality management systems
comply with standards and other planned arrangements. They must also
be able to determine whether quality management systems are properly
implemented and maintained. And they must be able to do all of this
while being independent, objective, impartial, and competent.

Audit plan

An audit plan specifies how you intend to conduct a particular audit. It
describes the activities you intend to carry out and the arrangements you
intend to make. An audit is an evidence gathering process. Audit evidence
is used to evaluate how well audit criteria are being met.

Audit program

An audit program (or programme) refers to a set of one or more audits
that are planned and carried out within a specific time frame and are
intended to achieve a specified audit purpose.

Audit scope

The scope of an audit is a statement that specifies the focus, extent, and
boundary of a particular audit. The scope of an audit is generally defined
by specifying the physical location of the audit, the organizational units
that will be examined, the processes and activities that will be included,
and the time period that will be covered.

Audit team

An audit team is made up of one or more auditors, one of whom is
appointed to be the audit leader. When necessary, audit teams are
also supported by technical experts.

Baseline

A baseline is a specific version of a specification or product that has been
officially selected and formally approved at a particular point in its life cycle.
A baseline serves as the basis for future development work and can only be
changed by following change control procedures.

Characteristic

A characteristic is a distinctive feature or property of something.
Characteristics can be inherent or assigned. An inherent characteristic
 exists in something or is a permanent feature of something while an
assigned characteristic is a feature that is attributed or attached.

Competence

Competence means being able to apply knowledge and skill
to achieve intended results. Being competent means having the
knowledge and skill that you need and knowing how to apply it.
It means that you’re qualified to do the job.

Complaint

In the context of ISO IEC 90003, a complaint refers to an expression of
dissatisfaction with a product or service and is filed by a customer and
received by an organization. Whenever a customer lodges a complaint,
a response is either explicitly or implicitly required.

Concession

A concession is a special approval that is officially granted to release
a nonconforming product for use or delivery. Concessions are usually
limited by time and quantity and tend to specify that nonconforming characteristics may not violate specified limits.

Configuration control

The process of managing a configuration item that is being updated
is called configuration control. A configuration item is a component
or some combination of components that satisfies an end use.

Configuration identification

The process of selecting items, recording their identifying characteristics,
and assigning identifiers to them is called configuration identification.

Configuration item

A configuration item is a component or some combination of components
that satisfies an end use function and is treated as a single unique entity
for configuration management purposes.

Configuration management

Configuration management is a discipline whose purpose is to identify
the status of items and to control changes throughout their life cycle.

Configuration status accounting

The process of controlling a configuration item that is being
modified because of a change request or problem is called
configuration status accounting.

Conformity

Conformity is the "fulfillment of a requirement". To conform means
to meet or comply with requirements and a requirement is a need,
expectation, or obligation. There are many kinds of requirements
including customer requirements, quality requirements, quality
management requirements, management requirements, product
requirements, service requirements, contractual requirements,
statutory requirements, and regulatory requirements.

Continual improvement

Continual improvement is a set of recurring activities that organizations
carry out in order to enhance performance. Continual improvements can
be achieved by carrying out audits, self-assessments, and management
reviews. Continual improvements can also be realized by collecting data,
analyzing information, setting objectives, and implementing corrective
and preventive actions.

Contract review

Contract review is a set of activities that an organization carries out in
order to make sure that customer orders and contracts specify all the
requirements that must be met and in order to establish that it can
actually meet these requirements.

Correction

A correction is any action that is taken to eliminate a nonconformity
and does not address causes. When applied to products, corrections
can include reworking products, reprocessing them, regrading them,
assigning them to a different use, or simply destroying them.

Corrective action

Corrective actions are steps that are taken to remove the causes
of an existing nonconformity.  The corrective action process is
designed to prevent the recurrence of nonconformities. It tries
to make sure that they don’t happen again. It tries to prevent
recurrence by eliminating causes.

COTS

COTS is an acronym that stands for “commercial-off-the-shelf”.
COTS software products are mass produced and used “as-is”
by customers with little or no customization.

Customer

A customer is anyone who receives products or services from a
supplier organization. Customers can be people or organizations
and can be either external or internal to the supplier organization.
For example, a factory might supply products or services to
another factory (customer) within the same organization.

Customer satisfaction

Customer satisfaction is a perception. It's also a question of degree.
It can vary from high satisfaction to low satisfaction. If customers
believe that you have met their requirements, they experience high
satisfaction. If they believe that you've not met their requirements,
they experience low satisfaction.

Since satisfaction is a perception, customers may not be satisfied
even though you’ve met all contractual requirements. Just because
you haven’t received any complaints doesn’t mean that customers
are actually satisfied.

Defect

A defect is a type of nonconformity. It occurs when a product
or service fails to meet specified or intended use requirements.

Dependability

A product or service is dependable if it is available when needed and
performs as expected. Dependability is influenced by at least three
factors: reliability, maintainability, and supportability.

Design and development

Design and development is a process (or a set of processes).
This process uses resources to transform requirements (inputs)
into characteristics or specifications (outputs) for products,
processes, and systems.

You may treat design and development as different stages of a single
integrated design and development process or you may treat design
and development as two (or more) separate processes. You may
also use the terms design and development interchangeably
if they mean the same thing in your organization.

Design and development review

Design and development review is a set of activities whose purpose
is to evaluate the suitability, adequacy, effectiveness, and sometimes
the efficiency of a set of characteristics or specifications. Design and
development review can be used to evaluate product, process, and
system characteristics or specifications.

In this context, an effective set of characteristics or specifications
is one that has the potential to achieve planned results or realize
planned activities.

Design and development validation

Design and development validation is a process. This process uses
objective evidence to confirm that products meet the requirements
which define their intended use or application. Whenever specified
requirements have been met, a validated status is achieved. The
process of validation can be carried out under realistic use
conditions or within a simulated use environment.

Design and development verification

Design and development verification is a process. It uses objective
evidence to confirm that design and development outputs meet design
and development input requirements. Whenever specified input
requirements have been met, a verified status is achieved.

Design review

A design review is a set of activities whose purpose is to evaluate
how well a potential product (a design) meets requirements. During
the course of this review, problems are identified and solutions are
developed.

Design validation

Design validation is a process whose purpose is to examine
products and to use objective evidence to confirm that
these products meet user needs.

Design verification

Design verification is a process whose purpose is to examine
design outputs and to use objective evidence to confirm that
outputs meet input requirements.

Document

The term document refers to information and the medium that is
used to bring it into existence. Documents can be digital or physical.
A set of documents is referred to as documentation.

ISO 9000 identifies six types of documents: records, reports,
specifications, standards, drawings, and procedures. Each type
of document must meet a set of specific requirements. For example,
records must be retrievable and specification revisions must be
controlled. However, some requirements, such as readability,
apply to all types of documents.

Effectiveness

Effectiveness refers to the degree to which a planned effect is achieved.
Planned activities are effective if these activities are realized. Similarly,
planned results are effective if these results are actually achieved.

Efficiency

Efficiency is a relationship between results achieved (outputs) and
resources used (inputs). Efficiency can be enhanced by achieving more
with the same or fewer resources. The efficiency of a process or system
can be enhanced by achieving more or getting better results (outputs)
with the same or fewer resources (inputs).

Grade

A grade is a rank or category that is assigned to a product, process, or
system that has the same functional use but different quality requirements.
Grades are usually specified when quality requirements are defined.

Implementation

Implementation is a software life cycle process that is made up of the
following activities: requirements analysis, design, coding, integration,
testing, installation, and acceptance.

Infrastructure

The term infrastructure refers to the system of facilities, equipment,
and services that organizations need in order to function. According to
ISO 9001, section 6.3, infrastructure includes buildings and workspaces
(including the associated utilities), process equipment (both hardware
and software), support services (such as transportation and
communications), and information systems.

Inputs and outputs

Inputs and outputs are the same thing. This is because the output
of one process or system becomes the input of another process or
system. Inputs/outputs can be grouped into four general categories:
products, services, resources, and information.

While it is easy to see how products and services can be thought of
as inputs/outputs, the third and fourth categories need to be clarified. Resources can include people, money, energy, and supplies, while information can include both tangible and intangible items.

Specifically, information inputs/outputs include tangible items such as
documents, records, and reports, but also more intangible items such.
as decisions, instructions, authorizations, expectations, requirements, complaints, comments, feedback, measurements, plans, ideas,
solutions, and proposals.

Inspection

Inspections use observation, measurement, testing and judgment
to evaluate conformity. Inspection results are compared with specified
requirements in order to establish whether or not conformity has been
achieved. Product inspections compare product characteristics
with product requirements in order to evaluate conformity.

Integration tests

Integration tests examine aggregations of individual software
features and components in order to determine whether a new
feature or component works with (or integrates with) existing
features and components. Integration tests are used to prove
that all software features and components work together
like they're supposed to.

Interested party

An interested party is anyone who can affect, be affected
by, or believe that they are affected by a decision or activity.
An interested party is a person, group, or organization that
has an interest or a stake in a decision or activity.

Internal audit

Internal audits are referred to as first-party audits. Organizations use
internal audits to audit themselves for internal purposes. However, you
don’t have to do them yourself. You can ask an external organization to
carry out an internal audit on behalf of your organization. You can also
use first party audits to declare that your organization complies with the
ISO 9001 (or ISO IEC 90003) standard. This is called a self-declaration.

Life cycle model

A software life cycle model is a conceptual and methodological
framework used to organize and manage software product development,
operation, maintenance, and retirement activities. Life cycle models are
used to control the evolution of products from the beginning of their
life to their ultimate termination.

Management

The term management refers to all the activities that are used to
coordinate, direct, and control organizations. These activities include
developing policies, setting objectives, and establishing processes to
achieve these objectives. In this context, the term management does
not refer to people. It refers to what people do.

Management review

The purpose of a management review is to evaluate the suitability,
adequacy, and effectiveness of an organization's quality management
system, and to look for improvement opportunities. Management reviews
are also used to assess opportunities to change an organization’s quality
policy and quality objectives, to address resource needs, and to look for
opportunities to improve its products.

Management system

A management system is a set of interrelated or interacting elements
that are used to formulate policies and objectives and to establish the processes needed to ensure that policies are followed and objectives
are achieved. These elements include structures, programs, practices, procedures, plans, rules, roles, responsibilities, relationships, records, contracts, agreements, documents, methods, tools, tasks, techniques,
technologies, and resources.

There are many types of management systems. Some of these
include quality management systems, environmental management
systems, business continuity management systems, safety management systems, information security management systems, risk management systems, disaster management systems, emergency management
systems, and worker health and safety management systems.

Measure (noun)

A measure is a variable made up of values. When measurement
is carried out, a value (quantity) is assigned to a variable.

Measure (verb)

To measure means to make a measurement.

Measurement

Measurement is a set of operations that are carried out
in order to determine the value of a variable (measure).

Measurement equipment

Measuring equipment includes all the things that are needed to carry
out a measurement process. Accordingly, measuring equipment includes
measuring instruments and apparatuses as well as all the associated
software, standards, and reference materials.

Monitoring

To monitor means to determine the status of an activity, process, or
system at different stages or at different times. In order to determine
status, you may need to supervise and to continually check and
observe the activity, process, or system being monitored.

Nonconforming product

When one or more characteristics of a product fail to meet specified
requirements, it is referred to as a nonconforming product. When a
product deviates from specified product requirements, it fails to
conform. Nonconformity products must be identified and
controlled to prevent unintended use or delivery.

A product is the output of a process. Products can be tangible
or intangible. ISO 9000 lists four generic product categories:
services, software, hardware, and processed materials.

Nonconformity

Nonconformity is a nonfulfillment or failure to meet a requirement.
A requirement is a need, expectation, or obligation. It can be stated
or implied by an organization or by interested parties.

Objective

An objective is a result you intend to achieve. Objectives can be strategic,
tactical, or operational and can apply to an organization as a whole or to a
system, process, project, product, or service. Objectives may also be
referred to as targets, aims, goals, or intended outcomes.

Objective evidence

Objective evidence is data that shows or proves that something exists or
is true. Objective evidence can be collected by performing observations,
measurements, tests, or by using any other suitable method.y.

Organization

An organization can be a single person or a group that achieves
its objectives by using its own functions, responsibilities, authorities,
and relationships. It can be a company, corporation, enterprise, charity,
partnership, firm, association, or institution and can be either incorporated
or unincorporated and be either privately or publicly owned. It can also be
an operating unit that is part of a larger entity.

Organizational structure

The term organizational structure refers to the set of responsibilities
and authorities that regulate human interactions and relationships.
Formal organizational structures may be presented in quality
manuals and in quality plans (for projects).

Outsource

When an organization makes an arrangement with an outside
organization to perform part of a function or process, it is referred
to as outsourcing. To outsource means to ask an external organization
to perform part of a function or process normally done inhouse.

While the outsourced organization itself is beyond the scope of your QMS,
the outsourced process or function falls within your scope.  According to
ISO IEC 90003, you must identify and control your outsourced processes,
and you must ensure that each outsourced process is effective. You also
need to figure out how to control the interaction between internal and
outsourced processes.

Preventive action

Preventive actions are steps that are taken to remove the causes of
potential nonconformities or potential situations that are undesirable.

The preventive action process is designed to prevent the occurrence
of nonconformities or situations that do not yet exist. Preventive actions
address potential problems, ones that haven't yet occurred. Preventive
actions try to prevent occurrence by eliminating causes.

While corrective actions prevent recurrence, preventive actions prevent
occurrence. Both types of action are intended to prevent nonconformities.

Procedure

A procedure is a way of carrying out a process or activity. According
to ISO 9000 2005, procedures may or may not be documented. However,
in most cases, ISO IEC 90003 expects you to document your procedures.

Documented procedures can be very general or very detailed, or anywhere
in between. While a general procedure could take the form of a simple flow
diagram, a detailed procedure could be a one page form or it could be
several pages of text.

A detailed procedure defines and controls the work that should be done,
and explains how it should be done, who should do it, and under what circumstances. In addition, it explains what authority and what
responsibility has been allocated, which inputs should be
used, and what outputs should be generated.

Process

A process is a set of activities that are interrelated or that interact with
one another. Processes use resources to transform inputs into outputs.

Processes are interconnected because the output from one process
often becomes the input for another process. While processes usually
transform inputs into outputs, this is not always the case. Sometimes
inputs become outputs without transformation.

Process approach

The process approach is a methodology or strategy. When managers use
a process approach, it means that they manage the processes that make
up their organization, the interaction between these processes, and the
inputs and outputs that tie these processes together.

Product

A product is the output of a process. Products can be tangible or
intangible. ISO 9000 lists four generic product categories: services,
software, hardware, and processed materials. Many products combine
several of these categories. For example, an automobile (a product)
combines hardware (e.g. tires), software (e.g. engine control
algorithms), and processed materials (e.g. lubricants).

Service is always the result of an interaction between a service
supplier and a customer and can take many forms. Service can be
provided to support an organization’s products (e.g. warranty service
or the serving of meals). Conversely, service could be provided for a
product supplied by a customer (e.g. a repair service or a delivery
service). Service can also involve the provision of an intangible
thing (e.g. entertainment, transportation, or advice).

While software is intangible, and includes things like approaches
and procedures, hardware and processed materials are tangible
and are often referred to as goods.

Product inspection

Product inspection is an activity that compares product characteristics
with product requirements in order to evaluate conformity. More precisely,
a product inspection compares one or more characteristics of a product
with specified requirements in order to determine if the product meets
these requirements. Inspections use observation, measurement,
testing, and judgment to evaluate conformity.

Product nonconformity

When one or more characteristics of a product fail to meet specified
requirements, they are referred to as product nonconformities.

Product realization

A product starts out as an idea. The idea is realized or actualized by
following a set of product realization processes. Product realization
refers to all the processes that are used to bring products into being.

Project

A project is a set of coordinated and controlled activities (i.e., a process)
with start and finish dates. Projects are established in order to achieve
an objective while staying within time, cost, and resource limits.

Qualification process

A qualification process is a set of activities. Its purpose is to demonstrate
that people, products, processes, or systems meet specified requirements.
When specified requirements have been met, a qualified status is achieved.

Qualification tests

Qualification tests evaluate the complete software
product prior to its delivery to the customer.

Quality

A quality is a characteristic that a product or service must have.
For example, products must be reliable and useable. These are the characteristics that some products must have. Similarly, service must
be courteous, efficient, and effective. These are the characteristics that
some services must have. In short, a quality is a desirable characteristic.

The quality of something can be determined by comparing a set of inherent characteristics with a set of requirements. When those characteristics meet all requirements, high or excellent quality is achieved. When they do not
meet all requirements, a low or poor level of quality is achieved.

Quality is, therefore, a question of degree. As a result, the central quality
question is: How well does this set of inherent characteristics comply with
this set of requirements? The quality of something depends on a set of
inherent characteristics and a set of requirements and how well the
former complies with the latter.

Quality assurance

Quality assurance (QA) is a set of activities intended to establish
confidence that quality requirements will be met. QA is one part
of quality management.

Quality characteristic

A quality characteristic is tied to a requirement and is an inherent
feature or property of a product, process, or system. An inherent characteristic exists in something or is a permanent feature of it.

Quality control

Quality control is a set of activities intended to ensure that quality
requirements are actually being met. Quality control is one part
of quality management.

Quality improvement

Quality improvement refers to anything that enhances an organization's
ability to meet quality requirements. Quality improvement is one part of
quality management.

Quality-in-use metrics

Quality-in-use metrics are used to monitor and measure how
effectively and safely software products satisfy user needs.

Quality management

Quality management includes all the activities that organizations use to direct, control, and coordinate quality. These activities include developing
a quality policy and setting quality objectives. They also include quality planning, quality control, quality assurance, and quality improvement.

Quality management system

A quality management system (QMS) is a set of interrelated or
interacting elements that organizations use to formulate quality
policies and quality objectives and to establish the processes that
are needed to ensure that policies are followed and objectives are
achieved. These elements include structures, programs, procedures,
practices, plans, rules, roles, responsibilities, relationships, contracts,
agreements, documents, records, methods, tools, tasks, techniques,
technologies, and resources.

Quality manual

A quality manual documents an organization's quality management
system (QMS). It can be a paper manual or an electronic manual.
According to section 4.2.2 of ISO 9001, your manual should:

  • Define the scope of your QMS.
    • Explain reductions in scope of your QMS.
    • Justify all exclusions (reductions in scope).
  • Describe how your QMS processes interact.
  • Document quality procedures or refer to them.

Quality objective

A quality objective is a quality result that you intend to achieve.
Quality objectives should be based on or derived from a quality policy
and must be consistent with it. They are usually formulated at all relevant
levels within the organization and for all relevant functions.

Quality plan

A quality plan is a document that is used to specify the procedures
and resources that will be needed to carry out a project, perform a
process, realize a product, or manage a contract. Quality plans
also specify who will do what and when.

Quality planning

Quality planning involves setting quality objectives and then specifying
the operational processes and resources that will be needed to achieve
those objectives. Quality planning is one part of quality management.

Quality policy

An organization’s quality policy formally defines top management’s
commitment to quality. Quality policies should be used to prepare quality
objectives and should serve as a general framework for action. Quality
policies can be based on the ISO 9000 quality management principles
and should be consistent with the organization’s other policies.

Quality surveillance

Quality surveillance is a set of activities whose purpose is to
monitor an entity and review its records to prove that quality
requirements are being met.

Record

A record is a type of document. Records provide evidence that
activities have been performed or results have been achieved.
They always document the past. Records can, for example, be
used to show that traceability requirements are being met,
that verification is being performed, and that preventive
and corrective actions are being carried out.

Regrade

Nonconforming products can be regraded. This is done by first
selecting different requirements and then by assigning a grade that
ensures that the nonconforming product now conforms to the new requirements. A grade is a rank or category that is assigned to a
product, process, or system that has the same functional use
but different quality requirements.

Regression testing

Regression testing is carried out in order to figure out whether or
not a software change is a step backwards or a step forwards. It is
used to determine whether or not a change did more harm than good:
whether or not it is regressive or progressiveRegression testing is
carried out in order to see if changes to a software component have
created new defects or reduced the reliability, performance, or
functionality of the software product.

Release

To release a product means to give formal permission to proceed
to the next step of a process. A process is a set of activities that
are interrelated or that interact with one another.

Repair

In the context of this standard, the concept of repair is restricted to
nonconforming products. When nonconforming products are repaired,
they become conforming products and are once again suitable for their
original intended use.

Replication

Replication refers to the process or act of copying
a software product from one medium to another.

Requirement

A requirement is a need, expectation, or obligation. It can be stated
or implied by an organization, its customers, or other interested parties.
A specified requirement is one that has been stated (in a document for example), whereas an implied requirement is a need, expectation, or obligation that is common practice or customary.

There are many types of requirements. Some of these include quality
requirements, customer requirements, management requirements,
product requirements, and legal requirements.

Resources

Resources include people, money, information, knowledge, skill, energy,
facilities, machines, tools, equipment, technologies, and techniques.

Review

A review is an activity. Its purpose is to figure out how well the thing
being reviewed is capable of achieving established objectives. Reviews
ask the following question: is the subject of the review a suitable, adequate,
effective, and efficient way of achieving your organization’s objectives?

There are many kinds of reviews. Some of these include management
reviews, design and development reviews, customer requirement reviews,
and nonconformity reviews. Relative to the previous types of reviews, the
focus of each review is as follows: quality management systems, design
characteristics and specifications, customer requirements, and
nonconformities, respectively.

Rework

Rework applies to nonconforming products. To rework a nonconforming
product means to make it conform to requirements. However, rework
does not mean changing parts of the nonconforming product.

When applied to nonconforming products, corrections can include
reworking products, reprocessing them, regrading them, assigning
them to a different use, or simply destroying them.

Scrap

To scrap a nonconforming product means to prevent or preclude
its original intended use. Nonconforming products can be scrapped
by recycling or destroying them.

Service

According to ISO 9000, a service is a type of product. Service is
always the result of an activity or interaction between a service
supplier and a customer and can take many forms.

Service can be provided to support an organization’s own products
(e.g. warranty service or the serving of meals) or it can be provided for a
product supplied by a customer (e.g. a repair service or a delivery service).
Service can also involve the provision of an intangible thing to a customer
(e.g. entertainment, transportation, or advice).

Service delivery

Service delivery is a customer-oriented activity. Service delivery
activities are carried out by organizations and are oriented towards
meeting customer needs and expectations.

Software

The terms software and software product mean the same thing (see below).

Software item

A software item is any identifiable part of a software product.

Software product

A software product is made up of a set of computer programs. In addition
to programs, the term software product may also include the associated
procedures, documentation, or data. A software product may be part of
another software product, may be used to develop other software
products, or may be a product that has been designated for
delivery to customers.

Special process

A special process is any production or service delivery process that
generates outputs that cannot be measured, monitored, or verified until
it's too late. It's often too late because deficiencies may not be obvious
until after the product has been used or the service has been delivered.
In order to prevent output deficiencies, these types of processes must
be validated in order to prove that they can generate planned results.

Specification

A specification is a document that states either product or activity
requirements. Examples include product, process, performance,
and test specifications.

Standard

A standard is a document. It is a set of rules that control how people
develop and manage materials, products, services, technologies,
processes, and systems.

ISO's standards are agreements. ISO refers to them as agreements
because its members must agree on content and give formal approval
before they are published. ISO standards are developed by committees. Members of these committees come from many countries. Therefore,
ISO standards tend to have international support.

Supplier

A supplier is a person or an organization that provides products.
Suppliers can be either internal or external to the organization. Internal
suppliers provide products to people within their own organization while
external suppliers provide products to other organizations. Examples of
suppliers include organizations and people who produce, distribute,
or sell products, provide services, or publish information.

System

A system can be defined as a set of elements that
are interrelated or that interact with one another.

System tests

System tests examine the complete software system.

Test

To test means to use a procedure to determine or identify the
characteristics of something. A characteristic is a distinctive
feature or property.

Top management

When ISO 9001 uses the term top management it is referring to a person
or a group of people at the highest level within an organization. It refers
to the people who coordinate, direct, and control organizations.

Traceability

Traceability is the ability to identify and track the history, distribution,
location, and application of products, parts, and materials. A traceability
system records and follows the trail as products, parts, and materials come
from suppliers and are processed and ultimately distributed as end products.

Unit tests

Unit tests are stand alone tests of individual software components.

Validation

Validation is a process. It uses objective evidence to confirm that the
requirements which define an intended use or application have been met.
Whenever all requirements have been met, a validated status is achieved.
The process of validation can be carried out under realistic use
conditions or within a simulated use environment.

In the context of this standard, the term validation is used in at least
two different situations: design and development and production and
service provision. Design and development validations confirm that
products meet the requirements which define their intended use or application while production and service provision validations
confirm that processes meet the requirements which define
their intended use or application.

Verification

Verification is a process. It uses objective evidence to confirm
that specified requirements have been met. Whenever specified
requirements have been met, a verified status is achieved.

In the context of this standard, the term verification is used in at
least two different situations: design and development and purchasing.
Design and development verifications use objective evidence to confirm
that design and development outputs meet specified input requirements.
Similarly, objective evidence must be used to verify or confirm that
purchased products meet specified purchasing requirements.

There are many ways to verify that requirements have been met.
For example, you could do tests, perform demonstrations, carry out
alternative calculations, compare a new design specification with a
proven design specification, or you could inspect documents
before you issue them.

Work breakdown structure

The work breakdown structure (WBS) is the foundation of project
planning. WBS is used to break complex projects into detailed phases
and tasks and often defines specific outcomes and deliverables.

Work environment

The term work environment refers to working conditions. It refers
to all of the conditions and factors that influence work. In general,
these include physical, social, psychological, and environmental
conditions and factors.

Work environment includes lighting, temperature, and noise factors,
as well as the whole range of ergonomic influences. It also includes
things like supervisory practices as well as reward and recognition
programs. All of these things influence work.

MORE ISO IEC 90003 2014 PAGES

Introduction to ISO IEC 90003 2014 Standard

ISO IEC 90003 2014 versus ISO IEC 90003 2004

Outline of ISO IEC 90003 2014 Software Standard

Overview of ISO IEC 90003 2014 Software Standard

ISO IEC 90003 2014 Translated into Plain English

ISO IEC 90003 2014 Software Quality Management Checklist

ISO IEC 90003 2014 Software Quality Management Audit Tool

How to Perform a Software Quality Management Gap Analysis

RELATED RESOURCES

ISO 19011 2011 Internal Auditing Library

ISO 31000 2009 Risk Management Library

ISO 9001 2015 Quality Management Library

ISO 22301 2012 Business Continuity Library

ISO IEC 20000 IT Service Management Library

ISO IEC 27001 2014 Information Security Library

ISO IEC 27002 2014 Information Security Library

AS9100D Aerospace Quality Management Library

Home Page

Our Libraries

A to Z Index

Our Customers

How to Order

Our Products

Our Prices

Our Guarantee

Praxiom Research Group Limited       help@praxiom.com       780-461-4514

 Updated on August 28, 2017. First published on December 15, 2016.

Legal Restrictions on the Use of this Page
Thank you for visiting this webpage. You are welcome to view our material as often as
you wish, free of charge. And as long as you keep intact all copyright notices, you are also
welcome to print or make one copy of this page for your own personal, noncommercial,
home use. But, you are not legally authorized to print or produce additional copies or to
copy and paste any of our material onto another web site or to republish it in any way.

Copyright © 2016 - 2017 by Praxiom Research Group Limited. All Rights Reserved.

Praxiom Research Group Limited