scope:

This International Standard is applicable to COTS software products.

In this International Standard, the term "COTS" is used as an adjective and stands for "Commercial Off-The- Shelf".

EXAMPLE Examples of COTS software products include but are not limited to text processors, spreadsheets, data base control software, graphics packages, software for technical, scientific or real-time embedded functions, such as real-time operating systems or local area networks for aviation/communication, automated teller machines, money conversion, human resources management software, sales management, and web software such as generators of web sites/pages.

This International Standard establishes:

a) Quality requirements for COTS software products;

b) Requirements for test documentation for the testing of COTS software products, including test requirements, test cases, and test reporting;

c) Instructions for conformity evaluation of COTS software products.

NOTE The collection of documents for test is called "test documentation".

It includes also recommendations for safety or business critical COTS software products.

This International Standard deals only with providing the user confidence that the COTS software product will perform as offered and delivered. It does not deal with the production process (including activities and intermediate products, e.g. specifications). The quality system of a supplier is outside the scope of this International Standard.

The intended users of this International Standard include:

a) suppliers when:

1) specifying requirements for a COTS software product;

2) advertising performance claims for their product (ISO 9127);

3) assessing their own software products against the claimed performance;

4) issuing declarations of conformity (ISO/IEC 17050);

5) applying for certificates or marks of conformity (ISO/IEC Guide 23);

b) certification bodies that may wish to establish a third-party certification scheme (international, regional or national) (ISO/IEC Guide 28);

c) testing laboratories which will have to follow the instructions for testing when testing for a certificate or a mark of conformity (ISO/IEC 17025);

d) accreditation bodies for accrediting registration or certification bodies and testing laboratories;

e) potential acquirers who may:

1) compare the requirements for the intended work task with the information in product descriptions of existing software products;

2) look for certified COTS software product;

3) check if the requirements are otherwise met;

f) end users who may profit from better software products;

g) organizations:

1) establishing management and engineering environments based on the quality requirements and methods of this international standard; and

2) managing and improving their quality processes and personnel;

h) regulatory authorities who may require or recommend the requirements of this International Standard for COTS software products used in safety or business-critical applications.

Annex C provides guidance on the use of this International Standard.