A set of useful quality considerations that can be selected and applied during one or more steps in a software acquisition process is described in this recommended practice. The recommended practices can be applied to software that runs on any computer system regardless of the size, complexity, or criticality of the software. The software supply chain may include integration of off-the-shelf (OTS), custom, or free and open source software (FOSS). Each organization or individual using this recommended practice will need to identify the specific quality and activities that need to be included within its acquisition process.

This recommended practice describes a set of useful quality considerations that can be selected and applied during one or more steps in a software acquisition process. The recommended practices can be applied to software that runs on any computer system regardless of the size, complexity, or criticality of the software. The software supply chain may include integration of commercial-off-the-shelf (COTS), custom, or free and open source software (FOSS). Each organization or individual using this recommended practice will need to identify the specific quality and activities that need to be included within the organization's acquisition process. Security will b...

This recommended practice is designed to help organizations and individuals incorporate quality, including security considerations during the definition, evaluation, selection, and acceptance of supplier software for operational use. It will also help determine how supplier software should be evaluated, tested, and accepted for delivery to end users. This recommended practice is intended to satisfy the following objectives: - Promote consistency within organizations in acquiring software from software suppliers. - Provide useful practices on including quality, security, safety and data rights considerations during acquisition planning. - Provide useful pract...