What is ISO 5055?
Much of the cost and associated business risk was caused by poorly constructed software. With the damage of some outages and breaches exceeding $100 million, industry and government must address the risks to which their systems expose the enterprise.
ISO 5055 is the first international standard to measure the risks inherent in the internal construction of a software system created by CISQ and OMG. It contains measures for the Reliability, Security, Performance Efficiency, and Maintainability of software.
ISO 5055's measures are developed from detecting and counting 138 severe structural weaknesses in the software that can affect each of these four areas. Only severe weaknesses are included in calculating the measures. These are weaknesses that need to be prioritized for elimination from the software.
Instead of reactive approaches, ISO 5055 enables proactive elimination of problems before they have a chance to affect operations.
Reliability
Reliability represents the extent a software system performs specific functions under specific conditions for a period.
ISO 5055's reliability measure evaluates the extent to which a software system is free of structural weaknesses that can cause downtime, outages, data corruption, excessive recovery time, and similar operational problems.
Security
Security is the extent an application can protect valuable information and data from outside attacks and unauthorized penetrations. It ensures verified end-users and systems have the correct access to their type and level of authorization.
Performance Efficiency
Performance efficiency represents an application's responsiveness and efficient use of resources.
Performance efficiency affects customer satisfaction, workforce productivity, response-time degradation, and efficient use of processing or storage resources.
Maintainability
Maintainability focuses on how well a system or product can be modified. It involves concepts such as changeability, modularity, understandability, testability, scalability, complexity, and reusability.
Maintainable software enables rapid response to market conditions while keeping IT costs under control. In 2020, $2.08 Trillion was spent on the cost of poor software quality, according to the CISQ webinar: Poor Software Quality Costs the United States How Much?
The more maintainable a software system, the easier it is to modernize.
How Does this affect your Supply Chain?
Start adopting ISO 5055 within your organization's supply chain processes to reduce the level of risk, failures, and flaws. It should be included in your statements of work, acquisition contracts, and acceptance criteria and processes.
The ability to readily detect and fix weaknesses in software before they are delivered for your deployment will improve the trustworthiness and dependability of your products and systems.
Start Using ISO 5055 now with the free downloadable version today: https://www.iso.org/standard/80623.html
CISQ Webinar: Managing Trustworthiness & Dependability of Systems Acquired Via Supply Chain
Written by:
Ethan Oilar, Marketing Coordinator, CISQ
Dr. Bill Curtis, Executive Director, CISQ