Software Assurance Plan Outline (from NASA-STD-8739.8)3

This template is for use in the development of an Acquirer Software Assurance Plan. The purpose of this plan is to document the software assurance activities to be performed by the acquirer as outlined in the NASA Software Assurance Standard.


1) Introduction

     1.1) Purpose

     Describe the purpose and objectives for this plan.

     1.2) Scope

     Describe the scope for this plan. Include the contract name (if contract exists), project name, and list of software items.

     1.3) Document Organization

     Briefly describe the contents of each major section within this document and the contents of each appendix.


2) Reference Documents

Provide a complete list of documents referenced elsewhere in the text of this document. Include policies, standards, and similar documents used in the development of this plan. Include dates and version numbers for each document.


3) Abbreviations and Acronyms

Provide an alphabetized list of the definitions for abbreviations and acronyms used in this document.


4) Organization and Management

Provide a description of the software assurance organizational structure, including the relationship to project management and the provider(s). Identify delegated organizations performing software assurance activities.


5) Software Assurance Program

     5.1) Contract Award Activities

     Provide a description of the software assurance planning activities leading up to contract award (if a contract exists).

          5.1.1) Initialization, Pre-Award

          5.1.2) Post RFP (Request for Proposal), Pre-Award

          5.1.3) Post-Award, Pre-Development

     5.2) Implementation Activities by Discipline

     Provide a description of the software assurance activities for each of the software assurance disciplines throughout the life cycle.

          5.2.1) Software Quality

      Product Assurance

      Process Assurance

          5.2.2) Software Safety

          5.2.3) Software Reliability

          5.2.4) Software Verification and Validation

          5.2.5) Independent Verification and Validation


6) Documentation

Identify the documentation governing the development, acceptance, operation, maintenance, and retirement of the software.


7) Problem Reporting and Corrective Action

Provide a description of the practices and procedures for reporting, tracking, and resolving problems or issues.


8) Risk Management

Provide a description of the methods and procedures employed to identify, assess, monitor, and control areas of risk arising during the software assurance activities.


9) Software Assurance Program Metrics

Provide a description of the software assurance program metrics to be developed and maintained.


10) Software Assurance Records

Provide a description of the software assurance documentation to be retained and the methods and facilities to assemble, file, safeguard, and maintain this documentation, including the retention period.


11) Training

Provide a description of the training activities necessary to meet the needs for implementing this plan.


12) Glossary

This section contains the glossary of terms that are unique to this plan.


13) Document change procedure and history

Provide a description of the procedures for modifying this plan and maintaining a history of the changes, including a history of all modifications.