A Checklist for Assessing Software Supplier Compliance with ISO/IEC 90003:2014

Abstract: Available
Author: Andy Coster, CCP
Cover: Available
Customer Set for this product: A checklist to use with software suppliers to determine if they meet the requirements of Standard “ISO/IEC 90003
Format: Word® (To save money, click here for our PDF version)
ISBN Numbers: 978-0-9859732-3-0
Language: English
Page count of document: 35
Provider: SEPT
Sample Pages: Available
Shipping: Available for download - Link will be provided in My ComplianceOnline section

Price: $330.00
Product Details

The purpose of this document (Checklist) is to assist a company to determine if their “software” supplier(s) meet the requirements of Standard ISO/IEC 90003:2014 Software engineering: Guidelines for the application of ISO 9001:2008 to computer software. This document is designed to be used to:

  • Determine if a potential supplier has in place the key software process (artifacts),
  • Qualify a supplier as approved for use,
  • Provide a checklist for audit or review of a supplier.

The steps we used to develop this document are very similar to the ones used to produce the base line evidence product document.

The process of defining what is necessary for compliance with a quality management process standard such as “ISO/IEC 90003:2014” is often confusing and laborious because the directions contained in the standards are unclear or ambiguous. To aid in determining what is actually “required” by the document in the way of physical evidence of compliance, the experts at SEPT have produced this checklist. All our checklists are constructed around a classification scheme of physical evidence comprised of policies, procedures, plans, records, documents, audits, and reviews. There must be an accompanying record of some type when an audit or review has been accomplished. This record would define the findings of the review or audit and any corrective action to be taken. For the sake of brevity this checklist does not call out a separate record for each review or audit. In these checklists, “manuals, reports, scripts and specifications” are included in the document category. When the subject standard references another standard for physical evidence, the checklist does not call out the full requirements of the referenced standard, only the expected physical evidence that should be available.

The author has carefully reviewed the document “ISO/IEC 90003:2014 Software Engineering: Guidelines for the application of ISO 9001:2008 to computer software " and defined the physical evidence required based upon this classification scheme. If a document is called out more than one time, only the first reference is stipulated. Additionally, there are many references to ISO/IEC 12207 in ISO/IEC 90003:2014 so ISO/IEC 12207 required items have been included and are denoted by a (#).

There are occasional situations in which a procedure or document is not necessarily separate and could be contained within another document. For example, the "Design and Development Verification Procedure" could be a part of the "Design and Development Procedure". The author has called out these individual items separately to ensure that the organization does not overlook any facet of physical evidence. If the organization does not require a separate document, and an item can be a subset of another document or record, then this fact should be denoted in the detail section of the checklist for that item. This should be done in the form of a statement reflecting that the information for this document may be found in section XX of Document XYZ. If the vendor organizational requirements do not call for this physical evidence for a particular item, this should also be denoted with a statement reflecting that this physical evidence is not required and why. The reasons for the evidence not being required should be clearly presented in this statement.

General principles of this requirements Checklist.

This checklist was prepared by analyzing each clause of this document for the key words that signify a policy, procedure, plan, record, document, audit, or review.

Artifact Number required by 90003 Number required by 12207
Policy 1 0
Procedure 8 36
Plan 2 40
Record 24 60
Document ( Including Manuals, Reports, Scripts and Specifications) 15 31
Audit 1 8
Review 21 38

The checklist is available in PDF or Word format. The latter format allows you to more easily tailor it to your specific organization or project. It also facilitates migration to other formats, such as a spreadsheet.

For 60 days after purchase of this product, SEPT experts provide up to 4 hours of free consultation to answer your questions about the checklist and the standards it addresses.

This product supports these Software Engineering processes

  • Configuration Management
  • Documentation
  • Life Cycle
  • Quality
  • Verification And Validation

Customers of this product:

  • Baxter Healthcare
  • BICG, Cambodia
  • Foster & Associates Inc
  • Kubotek USA
  • LogicaCMG
  • Lumina Engineering
  • M&M Precision Systems
  • Network Resources, Inc.
  • Novartis
  • NP Associates Ltd
  • Reline, Germany
  • Sensytech, Inc.
  • Smsocs
  • Sonicleads
  • Tyonek Fabrication Corp
  • Verizon
  • Willamette Consulting, Inc

Note: “International Standards (ISO) define the best of practices for Medical Device and Software firms in producing a quality product. This checklist that SEPT produces will ensure that all of the best of practices are adhered to.”

Best Sellers
You Recently Viewed