Software Assurance Plan Outline (from NASA-STD-8739.8)3
This template is for use in the development of an Acquirer Software Assurance Plan. The purpose of this plan is to document the software assurance activities to be performed by the acquirer as outlined in the NASA Software Assurance Standard.
Describe the purpose and objectives for this plan.
Describe the scope for this plan. Include the contract name (if contract exists), project name, and list of software items.
1.3) Document Organization
Briefly describe the contents of each major section within this document and the contents of each appendix.
2) Reference Documents
Provide a complete list of documents referenced elsewhere in the text of this document. Include policies, standards, and similar documents used in the development of this plan. Include dates and version numbers for each document.
3) Abbreviations and Acronyms
Provide an alphabetized list of the definitions for abbreviations and acronyms used in this document.
4) Organization and Management
Provide a description of the software assurance organizational structure, including the relationship to project management and the provider(s). Identify delegated organizations performing software assurance activities.
5) Software Assurance Program
5.1) Contract Award Activities
Provide a description of the software assurance planning activities leading up to contract award (if a contract exists).
5.1.1) Initialization, Pre-Award
5.1.2) Post RFP (Request for Proposal), Pre-Award
5.1.3) Post-Award, Pre-Development
5.2) Implementation Activities by Discipline
Provide a description of the software assurance activities for each of the software assurance disciplines throughout the life cycle.
5.2.1) Software Quality
126.96.36.199) Product Assurance
188.8.131.52) Process Assurance
5.2.2) Software Safety
5.2.3) Software Reliability
5.2.4) Software Verification and Validation
5.2.5) Independent Verification and Validation
Identify the documentation governing the development, acceptance, operation, maintenance, and retirement of the software.
7) Problem Reporting and Corrective Action
Provide a description of the practices and procedures for reporting, tracking, and resolving problems or issues.
8) Risk Management
Provide a description of the methods and procedures employed to identify, assess, monitor, and control areas of risk arising during the software assurance activities.
9) Software Assurance Program Metrics
Provide a description of the software assurance program metrics to be developed and maintained.
10) Software Assurance Records
Provide a description of the software assurance documentation to be retained and the methods and facilities to assemble, file, safeguard, and maintain this documentation, including the retention period.
Provide a description of the training activities necessary to meet the needs for implementing this plan.
This section contains the glossary of terms that are unique to this plan.
13) Document change procedure and history
Provide a description of the procedures for modifying this plan and maintaining a history of the changes, including a history of all modifications.