ISO/IEC 24773-4:2023
(Main)Software and systems engineering — Certification of software and systems engineering professionals — Part 4: Software engineering
Software and systems engineering — Certification of software and systems engineering professionals — Part 4: Software engineering
This document elaborates requirements and recommendations for certifications schemes based on ISO/IEC 24773-1, which are specific to the domain of software engineering.
Ingénierie du logiciel et des systèmes — Certification des professionnels de l'ingénierie du logiciel et des systèmes — Partie 4: Ingénierie du logiciel
General Information
Buy Standard
Standards Content (Sample)
INTERNATIONAL ISO/IEC
STANDARD 24773-4
First edition
2023-07
Software and systems engineering —
Certification of software and systems
engineering professionals —
Part 4:
Software engineering
Ingénierie du logiciel et des systèmes — Certification des
professionnels de l'ingénierie du logiciel et des systèmes —
Partie 4: Ingénierie du logiciel
Reference number
ISO/IEC 24773-4:2023(E)
© ISO/IEC 2023
---------------------- Page: 1 ----------------------
ISO/IEC 24773-4:2023(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2023
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
© ISO/IEC 2023 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC 24773-4:2023(E)
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Conformity . . 2
5 Requirements for certification of software engineering professionals .2
5.1 General . 2
5.2 Fundamental components of a conformant scheme . 2
5.3 Knowledge . 3
5.4 Skill . 4
5.5 Competence . 4
Annex A (Informative) Elaboration of software engineering knowledge areas .5
Annex B (Informative) Examples of software engineering skills . 7
Annex C (Informative) Examples of software engineering competencies .9
Annex D (Informative) Exemplar mapping of competencies to related skills and knowledge .12
Bibliography .14
iii
© ISO/IEC 2023 – All rights reserved
---------------------- Page: 3 ----------------------
ISO/IEC 24773-4:2023(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work.
The procedures used to develop this document and those intended for its further maintenance
are described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria
needed for the different types of document should be noted. This document was drafted in
accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives or
www.iec.ch/members_experts/refdocs).
ISO and IEC draw attention to the possibility that the implementation of this document may involve the
use of (a) patent(s). ISO and IEC take no position concerning the evidence, validity or applicability of
any claimed patent rights in respect thereof. As of the date of publication of this document, ISO and IEC
had not received notice of (a) patent(s) which may be required to implement this document. However,
implementers are cautioned that this may not represent the latest information, which may be obtained
from the patent database available at www.iso.org/patents and https://patents.iec.ch. ISO and IEC shall
not be held responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see
www.iso.org/iso/foreword.html. In the IEC, see www.iec.ch/understanding-standards.
This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information Technology,
Subcommittee SC 7, Software and systems engineering.
A list of all parts in the ISO/IEC 24773 series can be found on the ISO and IEC websites.
Any feedback or questions on this document should be directed to the user’s national standards
body. A complete listing of these bodies can be found at www.iso.org/members.html and
www.iec.ch/national-committees.
iv
© ISO/IEC 2023 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC 24773-4:2023(E)
Introduction
The ISO/IEC 24773 series addresses the certification of professionals in software and systems
engineering. ISO/IEC 24773-1 contains general requirements for such certification schemes.
This document contains requirements specific to certification schemes for software engineering
professionals.
The concepts, and requirements for certification schemes contained in ISO/IEC 24773-1 and
ISO/IEC 17024 apply to this document.
v
© ISO/IEC 2023 – All rights reserved
---------------------- Page: 5 ----------------------
INTERNATIONAL STANDARD ISO/IEC 24773-4:2023(E)
Software and systems engineering — Certification of
software and systems engineering professionals —
Part 4:
Software engineering
1 Scope
This document elaborates requirements and recommendations for certifications schemes based on
ISO/IEC 24773-1, which are specific to the domain of software engineering.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO/IEC/IEEE 12207, Systems and software engineering — Software life cycle processes
ISO/IEC 17024, Conformity assessment — General requirements for bodies operating certification of
persons
ISO/IEC TS 17027, Conformity assessment — Vocabulary related to competence of persons used for
certification of persons
ISO/IEC/TR 19759, Software Engineering — Guide to the software engineering body of knowledge
(SWEBOK)
ISO/IEC 24773-1:2019, Software and systems engineering — Certification of software and systems
engineering professionals — Part 1: General requirements
Software Engineering Competency Model, version 1.0, IEEE Computer Society 2014
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 17024, ISO/IEC TS 17027,
ISO/IEC 24773-1 and the following apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
knowledge area
KA
identified group of knowledge
1
© ISO/IEC 2023 – All rights reserved
---------------------- Page: 6 ----------------------
ISO/IEC 24773-4:2023(E)
3.2
software engineering
systematic application of scientific and technological knowledge, methods, and experience to the
design, implementation, testing, and documentation of software
[SOURCE: ISO/IEC/IEEE 24765:2017, 3.3810, definition 1, modified — The abbreviated terms "SE" and
"SWE" have been removed.]
4 Conformity
This document contains requirements for conformity certification schemes which are specific to
software engineering. General requirements for conformant schemes defined in ISO/IEC 24773-1 also
apply.
A certification scheme (the Scheme) for professionals in software engineering may claim conformance
to this document if it satisfies all the requirements contained in this document, ISO/IEC 24773-1 and
ISO/IEC 17024.
5 Requirements for certification of software engineering professionals
5.1 General
This clause contains requirements and recommendations specific to the certification of software
engineering professionals. The following requirements, recommendations and associated criteria may
also be used to compare certification and qualification schemes of software engineering professionals.
5.2 Fundamental components of a conformant scheme
5.2.1 This clause contains additional requirements for fundamental components defined in
ISO/IEC 24773-1:2019, 6.3.
5.2.2 The Scheme shall contain a description of software engineering professionals to be certified or
targeted by that scheme.
5.2.3 A list of skills that the professional to be certified in software engineering is expected to exhibit
shall be mapped by the Scheme to the knowledge areas of the reference body of knowledge (BOK), and
to the defined competencies.
NOTE Examples of skills and competencies are shown in Annex B and C respectively. An exemplar mapping
is shown in Annex D.
5.2.4 Each task or activity associated with the Scheme shall be “mapped” to at least one of the
following:
— KA of the Guide to the SWEBOK, ISO/IEC TR 19759;
— Process, activity or task of ISO/IEC/IEEE 12207;
— Technical skill area of IEEE Software Engineering Competency Model (SWECOM) V1.
The Scheme may define tasks at a different abstraction level of the tasks defined in ISO/IEC/IEEE 12207.
Tasks and their descriptions are associated with any certification scheme. ISO/IEC 17024 contains the
requirements that the scheme declares a scope and describe the targeted individuals who would be
certified. Part of the required scope and target description includes a list of tasks which represent the
activities performed by certificants within the professional scope of that certification. These tasks are
2
© ISO/IEC 2023 – All rights reserved
---------------------- Page: 7 ----------------------
ISO/IEC 24773-4:2023(E)
high-level activity descriptions and not a comprehensive set of details of technical tasks which may be
included within structure of the knowledge, skills or competencies of the scope.
5.2.5 The Scheme should require a minimum level of formal engineering education, where “formal
engineering education” is defined as an engineering or computing degree from an accredited program,
and where “computing degree” is one of the following: computer science (CS), computer engineering
(CE), software engineering (SE), information systems (IS) and information technology (IT).
NOTE ISO/IEC 24773-1 contains a requirement that all conformant schemes define and document a minimum
level of education, but this additional requirement is more specific regarding that minimum.
While minimum formal education requirements allow for various computing degrees, the requirements
related to knowledge and coverage of KAs by the BOK (5.3.3) used by the Scheme still apply.
5.2.6 If formal engineering education is required as part of the certification scheme, the requirements
shall be clearly stated.
The engineering degree does not have to be in software engineering, but shall be followed by software
engineering work/experience.
5.2.7 If on-the-job experience in software engineering is to be acceptable as part or total replacement
for formal engineering education, the experience defined by the Scheme shall be objectively described
and the verifiable criteria shall be made explicit. The verifiable on-the-job experience in software
engineering should be at least as long in years as the formal engineering education, and twice as long
(at least eight years) if no formal university engineering degree is required.
5.3 Knowledge
5.3.1 The reference body of knowledge is ISO/IEC 19759 (SWEBOK).
The reference body of knowledge defines the following knowledge areas:
— software requirements;
— software design;
— software construction;
— software testing;
— software maintenance;
— software configuration management;
— software engineering management;
— software engineering process;
— software engineering models and methods;
— software quality;
— software engineering professional practice;
— software engineering economics;
— computing foundations;
— mathematical foundations;
— engineering foundations.
3
© ISO/IEC 2023 – All rights reserved
---------------------- Page: 8 ----------------------
ISO/IEC 24773-4:2023(E)
NOTE An elaboration of software engineering knowledge areas is shown in Annex A.
5.3.2 The Scheme shall include requirements for knowledge of ISO/IEC/IEEE 12207.
5.3.3 If the Scheme contains another BOK (i.e. “alternative BOK”) other than the reference BOK
identified in 5.3.1, the knowledge areas of the “alternative BOK” identified in the Scheme shall be
mapped to knowledge areas of the reference BOK. The Scheme shall demonstrate that the “alternative
BOK” covers the scope of the reference BOK as defined by the knowledge areas in 5.3.1, with rationale
supporting any reduction in depth of coverage.
5.4 Skill
5.4.1 The Scheme shall define software engineering related skills covered by the Scheme, where they
are specifically assessed or evaluated.
Skills covered by the Scheme should be placed into groups or categories, where skills are related, and
where there are a large number of skills in one group or category.
NOTE Examples of software engineering skills are shown in Annex B.
5.4.2 The skills defined by the Scheme should be mapped to one or more competencies (5.5) defined
and covered by the Scheme.
5.4.3 The Scheme should define performance levels for each skill so that various levels of ability are
defined and can be measured objectively.
5.5 Competence
5.5.1 The Scheme shall identify software engineering specific competencies required for the software
engineering professional to be certified. The competencies defined/required should be consistent with
the activities of the professional defined as the target of the scheme (See ISO/IEC 24773-1:2019, 5.5,
footnotes 1 and 2, and ISO/IEC 17024).
NOTE Examples of software engineering competencies are shown in Annex C.
5.5.2 Each competency associated with the Scheme shall be defined in terms of outcomes, deliverables,
results or activities associated with that competency.
Competencies may be grouped into competency areas or groups. The Scheme may define its own
competency groups and competencies within them.
5.5.3 The reference life cycle process is ISO/IEC/IEEE 12207.
NOTE This is an elaboration of the recommendation defined in ISO/IEC 24773-1:2019, 6.5.2.
5.5.4 Proficiency levels should be defined at least for the levels required to accomplish the tasks or
activities undertaken by the targeted professional.
4
© ISO/IEC 2023 – All rights reserved
---------------------- Page: 9 ----------------------
ISO/IEC 24773-4:2023(E)
Annex A
(Informative)
Elaboration of software engineering knowledge areas
Table A.1 lists and provides some elaboration regarding the knowledge areas contained in the reference
body of knowledge as defined in 5.3.
The source document (ISO/IEC TR 19759) contains detailed information regarding sub-topics and
supporting literature for each knowledge area.
Table A.1 — Elaboration of software engineering knowledge areas
Software engineering knowl-
Sub-areas and sub-topics
edge areas
Software requirements Software requirements fundamentals, requirements process, requirements
elicitation, requirements analysis, requirements specification, requirements
validation, requirements management, requirements tools.
Software design General design concepts, software design process, software design principles,
key issues in software design (concurrency, control and handling of events, data
persistence, distribution of components, error and exception handling and fault
tolerance, user interaction and presentation, security), software structure and
architecture, user interface design, software design quality analysis and eval-
uation, quality attributes, software design description and notations, software
design strategies and methods, software design tools.
Software construction Construction principles and objectives, reuse, complexity, construction stand-
ards, managing construction (planning and measurement), Integration, con-
struction technologies, software construction tools.
Software testing Testing-related concepts and terminology, test techniques, test-related meas-
ures, test process, software testing tools.
Software maintenance Software maintenance fundamentals definitions and terminology, software
evolution, maintenance costs, maintenance process, techniques for mainte-
nance, software maintenance tools.
Software configuration man- Management of the SCM process, software configuration identification, soft-
agement (SCM) ware configuration control, software configuration status accounting, software
configuration auditing, software release management and delivery, software
building, software configuration management tools.
Software engineering man- Project initiation and scope definition, software project planning, risk manage-
agement ment, software project enactment, software acquisition and supplier contract
management, implementation of measurement process, project review and
evaluation, project closure, software engineering measurement, software engi-
neering management tools.
Software engineering process Software lifecycles, software process definition, software process assessment
and improvement, software process and product measurement, software pro-
cess measurement techniques, software engineering process tools.
Software engineering meth- Models and modelling principles, analysis of models, software engineering
ods methods, formal methods, agile methods.
Software quality Software quality fundamentals, costs of quality, models and quality charac-
teristics, software safety, software quality management processes, software
quality assurance, verification & validation, reviews and audits, software
quality requirements, defect characterization, software quality management
techniques, software quality measurement, software quality tools.
5
© ISO/IEC 2023 – All rights reserved
---------------------- Page: 10 ----------------------
ISO/IEC 24773-4:2023(E)
TTabablele A A.11 ((ccoonnttiinnueuedd))
Software engineering knowl-
Sub-areas and sub-topics
edge areas
Software engineering profes- Professionalism concepts, codes of ethics and professional conduct, nature
sional practice and role of professional societies, nature and role of software engineering
standards, legal issues, team/group dynamics and psychology, interacting with
stakeholders, communication skills.
Software engineering eco- Economics concepts and principles, software lifecycle economics, risks, esti-
nomics mates and uncertainty, economic analysis methods.
Computing foundations Problem solving techniques, abstraction, programming fundamentals, pro-
gramming language basics, debugging tools and techniques, data structure
and representation, algorithms and complexity, concepts of a system, systems
engineering, computer organization, compiler basics, operating systems basics,
database basics and data management, network communication basics, parallel
and distributed computing, parallel and distributed computing models, human
factors, secure software development and maintenance, software security
guidelines.
Mathematical foundations Set, relations, functions, basic logic, proof techniques, graphs and trees, discrete
probability, finite state machines, grammars, numerical precision, accuracy and
errors, algebraic structures.
Engineering foundations Empirical methods, statistical analysis, measurement, reliability, validity, en-
gineering design, modelling simulation and prototyping, standards, root cause
analysis.
6
© ISO/IEC 2023 – All rights reserved
---------------------- Page: 11 ----------------------
ISO/IEC 24773-4:2023(E)
Annex B
(Informative)
Examples of software engineering skills
Examples of software engineering skills are presented in this annex. Table B.1 provides examples of
software engineering skills, activities, work products and outputs. Some external frameworks may be
useful for certification body when defining software engineering skills in their scheme.
[3]
e-CF : The skills defined in e-CF provide examples of software engineering skills.
[4]
SFIA : The skills defined in SFIA provide examples of software engineering skills.
[5]
iCD : The skill items and performance levels defined in iCD skill dictionary provide examples of skills
and performance levels.
Specific performance level definitions for the skills are not addressed in Table B.1. See ISO/IEC 24773-1
and ISO/IEC 24773-2 for definition and guidance regarding skills and performance levels.
Table B.1 — Examples of software engineering skills
Skill area Specific skills, outputs, activities
Software requirements Requirement elicitation, definition. Requirement validation, definition of use
cases, scenarios, stakeholder identification, requirements analysis. Identifica-
tion of quality attribute / characteristic or non- functional requirement. Con-
straint identification. Use of tools related to requirements modelling, analysis
models, domain models. Use of tools related to requirements management.
Software design Module level design, class and component design, module interfaces and de-
pendencies, algorithm selection, data structure definition. Design review. Use
of tools related to software module and component design.
Software architecture Problem analysis and architectural / solution objectives. Analysis of system
level context, design alternatives, data flows, system boundaries. Analysis
of platforms components and technologies, prototype and proof of concept
development. Specification of system boundaries and interfaces. Specification
of technology platforms and conventions to be used as a basis for module level
design and implementation. Use of architectural analysis tools, understanding
and application of various technologies and frameworks at the system level.
Software systems engineering System level attributes definition, non-functional requirements specification.
(merge with software architec- Analysis, specification, design and verification of interfaces between (sub)
ture skill area) systems. Distributed systems analysis. Definition of system performance
measures and metrics. Technical risk analysis in integration. Special analysis
of security aspects (requirements, design, implementation and verification)
across integrated systems.
Software construction and Code and unit testing, code review, refactoring. Tools for code development,
implementation unit testing, debugging, and source code analysis.
Software testing Test case definition, test scenario definition, integration test definition, test
implementation and verification, regression test, use of test tools and frame-
works.
Software maintenance Defect detection, reporting, analysis and classification. Impact assessment.
Proposed design change or defect correction. Defect fix implementation, in-
cluding unit testing and documentation. Defect submission to change control.
Integration and regression testing of change or change set.
7
© ISO/IEC 2023 – All rights reserved
---------------------- Page: 12 ----------------------
ISO/IEC 24773-4:2023(E)
TTabablele B B.11 ((ccoonnttiinnueuedd))
Skill area Specific skills, outputs, activities
Software configuration man- Define configuration items, define version and identification policies. Identify
agement change control policy and trace to individual configuration items. Implement
source code control and repository mechanisms. Implement change history
report generation mechanism and differences summary mechanisms.
Software build, integrate, de- Define configuration and automated build scripts and tools. Define and imple-
ploy – transition ment integration scripts, processes and incorporate integration level tests and
scans. Define deployment format and automate deployment.
Operations, sustainment, main- Configure and automate controls over operational environment settings,
tenance, support including automated scaling, failure recovery, and system health / telemetry.
Define problem and error reporting. Perform error and failure analysis. Iden-
tify maintenance requirements. Identify operational controls and mechanism
for deploying updates (patches or new release) as appropriate.
Software process and lifecycle Define basic lifecycle process and implementation. Implement process and tai-
lor with respect to project requirements and objectives. Define lifecycle stage
transitions, integrated with risk management, reviews, change control. Define
process performance measures. Define process quality measures.
Software quality assurance Define quality assurance standards, activities, criteria. Define measures for
quality (processes, work products, overall project or aggregate)
Software security Identify security vulnerabilities in system context and environment. Identify
security practices and standards for design and construction.
Software safety Define Hazards, failure modes. Define safety functional requirements.
Software measurement Define source code measures, define process measures, implement meas-
urement data collection tools and utilities, produce analysis and summary
reports.
Human computer interaction / Define user information needs, define interaction modes, define graphic lay-
UI / UX out, analyse accessibility, define help or warnings scheme, define usability test
scenarios.
Software project management Define project specific objectives, activities, resources. Establish tracking
mechanisms for work, schedule. Establish project monitoring and control as
per organizational project methodology.
8
© ISO/IEC 2023 – All rights reserved
---------------------- Page: 13 ----------------------
ISO/IEC 24773-4:2023(E)
Annex C
(Informative)
Examples of software engineering competencies
Examples of software engineering competencies are presented in this annex. Table C.1 provides
examples of software engineering competencies. Some external frameworks may be useful for
certification body when defining software engineering competencies in their scheme.
[3]
e-CF : e-CF framework contains ICT competencies, some of which are related to software engineering
competencies.
[4]
SFIA : The SFIA framework contains examples of various ICT skills, and some of these are related to
software engineering competencies.
[5]
iCD : iCD framework contains examples of various ICT tasks and skills, some of these are related to
software engineering competencies.
Specific proficiency level definitions for the competencies are not addressed in Table C.1. See
ISO/IEC 24773-1 and ISO/IEC 24773-2 for definition and guidance regarding competency and
proficiency levels.
Table C.1 — Examples of software engineering competencies
Competency area /
Description
competency
Software requirements At basic proficiency, able to properly elicit, identify, document and analyse indi-
vidual software requirements. At higher levels of proficiency able to form models,
review sets of requirements for consistency, and perform requirements control and
management. Highest le
...
DRAFT INTERNATIONAL STANDARD
ISO/IEC DIS 24773-4
ISO/IEC JTC 1/SC 7 Secretariat: BIS
Voting begins on: Voting terminates on:
2022-08-09 2022-11-01
Software and Systems Engineering — Certification of
software and systems engineering professionals —
Part 4:
Software engineering
ICS: 35.080
THIS DOCUMENT IS A DRAFT CIRCULATED
FOR COMMENT AND APPROVAL. IT IS
THEREFORE SUBJECT TO CHANGE AND MAY
This document is circulated as received from the committee secretariat.
NOT BE REFERRED TO AS AN INTERNATIONAL
STANDARD UNTIL PUBLISHED AS SUCH.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL,
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
STANDARDS MAY ON OCCASION HAVE TO
BE CONSIDERED IN THE LIGHT OF THEIR
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
Reference number
NATIONAL REGULATIONS.
ISO/IEC DIS 24773-4:2022(E)
RECIPIENTS OF THIS DRAFT ARE INVITED
TO SUBMIT, WITH THEIR COMMENTS,
NOTIFICATION OF ANY RELEVANT PATENT
RIGHTS OF WHICH THEY ARE AWARE AND TO
PROVIDE SUPPORTING DOCUMENTATION. © ISO/IEC 2022
---------------------- Page: 1 ----------------------
ISO/IEC DIS 24773-4:2022(E)
DRAFT INTERNATIONAL STANDARD
ISO/IEC DIS 24773-4
ISO/IEC JTC 1/SC 7 Secretariat: BIS
Voting begins on: Voting terminates on:
Software and Systems Engineering — Certification of
software and systems engineering professionals —
Part 4:
Software engineering
ICS: 35.080
COPYRIGHT PROTECTED DOCUMENT
THIS DOCUMENT IS A DRAFT CIRCULATED
FOR COMMENT AND APPROVAL. IT IS
© ISO/IEC 2022
THEREFORE SUBJECT TO CHANGE AND MAY
This document is circulated as received from the committee secretariat.
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
NOT BE REFERRED TO AS AN INTERNATIONAL
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on STANDARD UNTIL PUBLISHED AS SUCH.
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
IN ADDITION TO THEIR EVALUATION AS
or ISO’s member body in the country of the requester. BEING ACCEPTABLE FOR INDUSTRIAL,
TECHNOLOGICAL, COMMERCIAL AND
ISO copyright office
USER PURPOSES, DRAFT INTERNATIONAL
CP 401 • Ch. de Blandonnet 8
STANDARDS MAY ON OCCASION HAVE TO
BE CONSIDERED IN THE LIGHT OF THEIR
CH-1214 Vernier, Geneva
POTENTIAL TO BECOME STANDARDS TO
Phone: +41 22 749 01 11
WHICH REFERENCE MAY BE MADE IN
Reference number
Email: copyright@iso.org
NATIONAL REGULATIONS.
Website: www.iso.org ISO/IEC DIS 24773-4:2022(E)
RECIPIENTS OF THIS DRAFT ARE INVITED
Published in Switzerland
TO SUBMIT, WITH THEIR COMMENTS,
NOTIFICATION OF ANY RELEVANT PATENT
RIGHTS OF WHICH THEY ARE AWARE AND TO
ii
© ISO/IEC 2022 – All rights reserved
PROVIDE SUPPORTING DOCUMENTATION. © ISO/IEC 2022
---------------------- Page: 2 ----------------------
ISO/IEC DIS 24773-4:2022(E)
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative References .1
3 Terms and Definitions .1
4 Conformance . 2
5 Requirements for Certification of Software Engineering Professionals .2
5.1 General . 2
5.2 Fundamental Components of a Conformant Scheme . . 2
5.3 Knowledge . 3
5.4 Skill . 4
5.5 Competence . 4
Annex A (Informative) Elaboration of Software Engineering Knowledge Areas .5
Annex B (Informative) Elaboration of Software Engineering Skills . 7
Annex C (Informative) Elaboration of Software Engineering Competencies .9
Annex D (Informative) Exemplar Mapping of Competencies to Related skills and knowledge .12
Bibliography .14
iii
© ISO/IEC 2022 – All rights reserved
---------------------- Page: 3 ----------------------
ISO/IEC DIS 24773-4:2022(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting.
Publication as an International Standard requires approval by at least 75 % of the national bodies
casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
ISO/IEC 24773 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information Technology,
Subcommittee SC 7, Software and Systems Engineering.
iv
© ISO/IEC 2022 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC DIS 24773-4:2022(E)
Introduction
ISO/IEC 24773 (all parts) is a series which addresses the certification of professionals in software and
systems engineering. ISO/IEC 24773-1 contains general requirements for such certification schemes.
This document contains requirements specific to certification schemes for software engineering
professionals.
The concepts, and requirements for certification schemes contained in ISO/IEC 24773-1 and
ISO/IEC 17024 apply to this document.
v
© ISO/IEC 2022 – All rights reserved
---------------------- Page: 5 ----------------------
DRAFT INTERNATIONAL STANDARD ISO/IEC DIS 24773-4:2022(E)
Software and Systems Engineering — Certification of
software and systems engineering professionals —
Part 4:
Software engineering
1 Scope
This document elaborates requirements and recommendations for certifications schemes based on
24773-1, which are specific to the domain of software engineering.
2 Normative References
The following normative documents contain provisions which, through reference in this text, constitute
provisions of this standard.
ISO/IEC 17024:2012, Conformity assessment — General requirements for bodies operating certification of
persons
ISO/IEC/IEEE 12207:2017, Systems and software engineering — Software life cycle processes
ISO/IEC 24773-1:2019, Software and systems engineering — Certification of software and systems
engineering professionals — Part 1: General requirements
3 Terms and Definitions
For the purposes of this document, unless superseded by definitions included within this section,
the terms and definitions already defined in ISO/IEC 17024:2012, ISO/IEC TS 17027:2014,
ISO/IEC 24773-1:2019, ISO/IEC 19759:2015 and ISO/IEC/IEEE 12207:2017 apply.
3.1
Knowledge Area
KA
An identified group of knowledge
3.2
software
computer programs, procedures, and possibly associated documentation and data pertaining to the
operation of a computer system
[SOURCE: IEEE 828]
3.3
software engineering
systematic application of scientific and technological knowledge, methods, and experience to the
design, implementation, testing, and documentation of software
[SOURCE: ISO/IEC/IEEE 24765]
1
© ISO/IEC 2022 – All rights reserved
---------------------- Page: 6 ----------------------
ISO/IEC DIS 24773-4:2022(E)
4 Conformance
This document contains normative requirements for conformant certification schemes which are
specific to Software Engineering. General requirements for conformant schemes also apply, and these
are defined in ISO/IEC 24773-1:2019 and incorporated by reference into this document.
A certification scheme (the Scheme) for professionals in software engineering may claim conformance
to this standard if it satisfies all requirements contained in this document; ISO/IEC 24773-1:2019; and
ISO/IEC 17024:2012.
The following requirements, recommendations and associated criteria may also be used to compare
certification and qualification schemes for professionals in software engineering.
5 Requirements for Certification of Software Engineering Professionals
5.1 General
This clause contains requirements and recommendations specific to the certification of Software
Engineering professionals. The following requirements, recommendations and associated criteria may
also be used to compare certification and qualification schemes of Software Engineering professionals.
5.2 Fundamental Components of a Conformant Scheme
This clause contains additional requirements for fundamental components defined in clause 6.3 of
ISO/IEC 24773-1:2019.
5.2.1 The Scheme shall contain a description of software engineering professionals to be certified or
targeted by that scheme.
5.2.2 A list of skills that the professional to be certified in software engineering is expected to exhibit
shall be mapped by the Scheme to the knowledge areas of the reference body of knowledge (BOK), and
to the defined competencies.
NOTE A sample list of skills and competencies are shown in Annex B and C respectively. An exemplar
mapping is shown in Annex D.
5.2.3 Each task or activity associated with the Scheme shall be “mapped” to at least one of the
following:
[1]
— KA of the Guide to the SWEBOK, ISO/IEC TR 19759:2015 ;
— Process, activity or task of ISO/IEC/IEEE 12207:2017;
[2]
— Technical skill area of IEEE Software Engineering Competency Model (SWECOM) V1
NOTE The Scheme may define tasks at a different abstraction level of the tasks defined in
ISO/IEC/IEEE 12207:2017.
NOTE Tasks and their descriptions are associated with any certification scheme. Each scheme must declare
a scope and describe the targeted individuals who would be certified in order to meet the requirements of
ISO 17024. Part of the required scope and target description includes a list of tasks which represent the activities
performed by certificants within the professional scope of that certification. These tasks are high level activity
descriptions and not a comprehensive set of details of technical tasks which may be included within structure of
the knowledge, skills or competencies of the scope.
5.2.4 The Scheme should require a minimum level of formal engineering education, where “formal
engineering education” is defined as an engineering or computing degree from an accredited program,
2
© ISO/IEC 2022 – All rights reserved
---------------------- Page: 7 ----------------------
ISO/IEC DIS 24773-4:2022(E)
and where “computing degree” is one of the following: computer science (CS), computer engineering
(CE), software engineering (SE), information systems (IS) and information technology (IT).
NOTE ISO/IEC 24773-1 contains a requirement that all conformant schemes define and document a minimum
level of education, but this additional requirement is more specific regarding that minimum.
While minimum formal education requirements allow for various computing degrees, the requirements
related to knowledge and coverage of Kas by the BOK (clause 5.3.3) used by the Scheme still apply.
5.2.5 If formal engineering education is required as part of the certification scheme, the requirements
shall be clearly stated.
NOTE The engineering degree does not have to be in software engineering, but must be followed by software
engineering work/experience.
5.2.6 If on-the-job experience in software engineering is to be acceptable as part or total replacement
for formal engineering education, the experience defined by the Scheme shall be objectively described
and the verifiable criteria shall be made explicit. The verifiable on-the-job experience in software
engineering should be at least as long in years as the formal engineering education, and twice as long
(at least eight years) if no formal university engineering degree is required.
5.3 Knowledge
[1]
5.3.1 The reference body of knowledge is ISO/IEC 19759:2015 (SWEBOK) .
The reference body of knowledge defines the following knowledge areas:
— Software Requirements
— Software Design
— Software Construction
— Software Testing
— Software Maintenance
— Software Configuration Management
— Software Engineering Management
— Software Engineering Process
— Software Engineering Models and Methods
— Software Quality
— Software Engineering Professional Practice
— Software Engineering Economics
— Computing Foundations
— Mathematical Foundations
— Engineering Foundations
NOTE An elaboration of software engineering knowledge areas is shown in Annex A.
3
© ISO/IEC 2022 – All rights reserved
---------------------- Page: 8 ----------------------
ISO/IEC DIS 24773-4:2022(E)
5.3.2 The Scheme shall include requirements for knowledge of the following software engineering
standards:
ISO/IEC/IEEE 12207:2017 Systems and Software Engineering – Software Life Cycle Processes
5.3.3 If the Scheme contains another BOK (i.e. “alternative BOK”) other than the reference BOK
identified in 5.3.1, the knowledge areas of the “alternative BOK” identified in the Scheme shall be
mapped to knowledge areas of the reference BOK. The Scheme shall demonstrate that the “alternative
BOK” covers the scope of the reference BOK as defined by the knowledge areas in 5.3.1, with rationale
supporting any reduction in depth of coverage.
5.4 Skill
5.4.1 The Scheme shall define software engineering related skills covered by the Scheme, where they
are specifically assessed or evaluated.
Skills covered by the scheme should be placed into groups or categories, where skills are related, and
where there are a large number of skills in one group or category.
NOTE An elaboration of software engineering skills is shown in Annex B.
5.4.2 The skills defined by the Scheme should be mapped to one or more competencies (5.5) defined
and covered by the Scheme.
5.4.3 The Scheme should define performance levels for each skill so that the competencies defined by
the Scheme can be achieved.
5.5 Competence
5.5.1 The Scheme shall identify software engineering specific competencies required for the
software engineering professional to be certified. These may be drawn from the competencies defined
[2]
in SWECOM 1.0 or sample competencies listed in Annex C.
NOTE An elaboration of software engineering competencies is shown in Annex C.
5.5.2 The competencies associated with the Scheme shall define outcomes, deliverables or results
from various software engineering tasks associated with that competency.
NOTE Competencies may be grouped into competency areas or groups. The Scheme may define its own
competency groups and competencies within them.
5.5.3 The reference life cycle process is ISO/IEC/IEEE 12207:2017.
5.5.4 The Scheme should define proficiency levels for each competency so that the tasks or activities
defined by the Scheme can be achieved.
4
© ISO/IEC 2022 – All rights reserved
---------------------- Page: 9 ----------------------
ISO/IEC DIS 24773-4:2022(E)
Annex A
(Informative)
Elaboration of Software Engineering Knowledge Areas
Table A.1 lists and provides some elaboration regarding the Knowledge Areas contained in the
Reference Body of Knowledge as defined in Clause 5.3.
The source document (ISO/IEC TR 19759:2015) contains detailed information regarding sub-topics and
supporting literature for each Knowledge Area.
Table A.1 — Elaboration of Software Engineering Knowledge Areas
Software Engineering Knowl-
Sub-Areas and Sub-Topics
edge Areas
Software Requirements Software Requirements Fundamentals, Requirements Process, Requirements
Elicitation, Requirements Analysis, Requirements Specification, Requirements
Validation, Requirements Management, Requirements tools.
Software Design General Design Concepts, Software Design Process, Software Design Principles,
Key Issues in Software Design (Concurrency, Control and Handling of Events,
Data Persistence, Distribution of Components, Error and Exception Handling
and Fault Tolerance, User Interaction and Presentation, Security), Software
Structure and Architecture, User Interface Design, Software Design Quality
Analysis and Evaluation, Quality Attributes, Software Design Description and
Notations, Software Design Strategies and Methods, Software Design tools.
Software Construction Construction principles and objectives, reuse, complexity, construction stand-
ards, managing construction (planning and measurement), Integration, con-
struction technologies, software construction tools.
Software Testing Testing-Related Concepts and Terminology, Test Techniques, Test-Related Meas-
ures, Test Process, Software Testing tools.
Software Maintenance Software Maintenance Fundamentals Definitions and Terminology, software
evolution, maintenance costs, maintenance process, techniques for mainte-
nance, software maintenance tools.
Software Configuration Man- Management of the SCM Process, Software Configuration Identification,
agement Software Configuration Control, Software Configuration Status Accounting,
Software Configuration Auditing, Software Release Management and Delivery,
Software Building, Software Configuration Management tools.
Software Engineering Man- Project Initiation and Scope Definition, Software Project Planning, Risk Man-
agement agement, Software Project Enactment, Software Acquisition and Supplier Con-
tract Management, Implementation of Measurement Process, Project Review
and Evaluation, Project Closure, Software Engineering Measurement, Software
Engineering Management tools.
Software Engineering Pro- Software Lifecycles, Software Process Definition, Software Process Assessment
cess and Improvement, Software Process and Product Measurement, Software Pro-
cess Measurement Techniques, Software Engineering Process tools.
Software Engineering Meth- Models and Modeling Principles, Analysis of Models, Software Engineering
ods Methods, formal methods, agile methods.
Software Quality Software Quality Fundamentals, Costs of Quality, Models and Quality Charac-
teristics, Software Safety, Software Quality Management Processes, Software
Quality Assurance, Verification & Validation, Reviews and Audits, Software
Quality Requirements, Defect Characterization, Software Quality Management
Techniques, Software Quality Measurement, Software Quality tools.
5
© ISO/IEC 2022 – All rights reserved
---------------------- Page: 10 ----------------------
ISO/IEC DIS 24773-4:2022(E)
Table A.1 (continued)
Software Engineering Knowl-
Sub-Areas and Sub-Topics
edge Areas
Software Engineering Profes- Professionalism Concepts, Codes of Ethics and Professional Conduct, Nature and
sional Practice Role of Professional Societies, Nature and Role of Software Engineering Stand-
ards, Legal Issues, Team / Group Dynamics and Psychology, Interacting with
Stakeholders, Communication Skills.
Software Engineering Eco- Economics Concepts and Principles, Software Lifecycle economics, Risks, Esti-
nomics mates and Uncertainty, Economic Analysis methods.
Computing Foundations Problem Solving Techniques, Abstraction, Programming Fundamentals, Pro-
gramming Language Basics, Debugging Tools and Techniques, Data Structure
and Representation, Algorithms and Complexity, Concepts of a System, Systems
Engineering, Computer Organization, Compiler Basics, Operating Systems
Basics, Database Basics and Data Management, Network Communication Basics,
Parallel and Distributed Computing, Parallel and Distributed Computing Mod-
els, Human Factors, Secure Software Development and Maintenance, Software
Security Guidelines.
Mathematical Foundations Set, Relations, Functions, Basic Logic, Proof Techniques, Graphs and Trees,
Discrete Probability, Finite State Machines, Grammars, Numerical Precision,
Accuracy and Errors, Algebraic Structures.
Engineering Foundations Empirical Methods, Statistical Analysis, Measurement, Reliability, validity, En-
gineering design, Modelling Simulation and Prototyping, Standards, Root Cause
Analysis.
6
© ISO/IEC 2022 – All rights reserved
---------------------- Page: 11 ----------------------
ISO/IEC DIS 24773-4:2022(E)
Annex B
(Informative)
Elaboration of Software Engineering Skills
Examples of Software Engineering skills are presented in this Annex. Table B.1 provides examples of
Software Engineering skills, activities, work products and outputs. Some external frameworks may be
useful for certification body when defining software engineering skills in their scheme.
[3]
e-CF : The skills defined in e-CF provide examples of software engineering skills.
[4]
SFIA : The skills defined in SFIA provide examples of software engineering skills.
[5]
iCD : The skill items and performance levels defined in iCD skill dictionary provide examples of skills
and performance levels.
Specific performance level definitions for the skills are not addressed in Table B.1. See ISO/IEC 24773-1
and ISO/IEC 24773-2 for definition and guidance regarding skills and performance levels.
Table B.1 — Software engineering skills
Skill Area Examples of specific skills, outputs, activities
Software Requirements Requirement elicitation, definition. Requirement validation, definition of Use
Cases, Scenarios, stakeholder identification, requirements analysis. Identifica-
tion of Quality Attribute / characteristic or Non- Functional requirement. con-
straint identification. Use of tools related to requirements modelling, analysis
models, domain models. Use of tools related to requirements management.
Software Design Module level design, class and component design, module interfaces and de-
pendencies, algorithm selection, data structure definition. Design review. Use
of tools related to software module and component design.
Software Architecture Problem analysis and architectural / solution objectives. Analysis of system
level context, design alternatives, data flows, system boundaries. Analysis
of platforms components and technologies, prototype and proof of concept
development. Specification of system boundaries and interfaces. Specification
of technology platforms and conventions to be used as a basis for module level
design and implementation. Use of architectural analysis tools, understanding
and application of various technologies and frameworks at the system level.
Software Systems Engineering System level attributes definition, non-functional requirements specification.
(merge with Software Archi- Analysis, specification, design and verification of interfaces between (sub)
tecture skill area) systems. Distributed systems analysis. Definition of system performance
measures and metrics. Technical risk analysis in integration. Special analysis
of security aspects (requirements, design, implementation and verification)
across integrated systems.
Software Construction and Code and unit testing, Code review, refactoring. Tools for code development,
Implementation unit testing, debugging, and source code analysis.
Software Testing Test case definition, test scenario definition, integration test definition, test
implementation and verification, regression test, use of test tools and frame-
works.
Software Maintenance Defect detection, reporting, analysis and classification. Impact assessment.
Proposed design change or defect correction. Defect fix implementation, in-
cluding unit testing and documentation. Defect submission to change control.
Integration and regression testing of change or change set.
7
© ISO/IEC 2022 – All rights reserved
---------------------- Page: 12 ----------------------
ISO/IEC DIS 24773-4:2022(E)
Table B.1 (continued)
Skill Area Examples of specific skills, outputs, activities
Software Configuration Man- Define configuration items, define version and identification policies. Identify
agement change control policy and trace to individual configuration items. Implement
source code control and repository mechanisms. Implement change history
report generation mechanism and differences summary mechanisms.
Software Build, Integrate, De- Define configuration and automated build scripts and tools. Define and imple-
ploy - Transition ment integration scripts, processes and incorporate integration level tests and
scans. Define deployment format and automate deployment.
Operations, Sustainment, Main- Configure and automate controls over operational environment settings,
tenance, Support including automated scaling, failure recovery, and system health / telemetry.
Define problem and error reporting. Perform error and failure analysis. Iden-
tify maintenance requirements. Identify operational controls and mechanism
for deploying updates (patches or new release) as appropriate.
Software Process and Lifecycle Define basic lifecycle process and implementation. Implement process and tai-
lor with respect to project requirements and objectives. Define lifecycle stage
transitions, integrated with risk management, reviews, change control. Define
process performance measures. Define process quality measures.
Software Quality Assurance Define quality assurance standards, activities, criteria. Define measures for
quality (processes, work products, overall project or aggregate)
Software Security Identify security vulnerabilities in system context and environment. Identify
security practices and standards for design and construction.
Software Safety Define Hazards, failure modes. Define safety functional requirements.
Software Measurement Define source code measures, define process measures, implement meas-
urement data collection tools and utilities, produce analysis and summary
reports.
Human Computer Interaction / Define user information needs, define interaction modes, define graphic lay-
UI / UX out, analyze accessibility, define help or warnings scheme, define usability test
scenarios.
Software Project Management Define project specific objectives, activities, resources. Establish tracking
mechanisms for work, schedule. Establish project monitoring and control as
per organizational project methodology.
8
© ISO/IEC 2022 – All rights reserved
---------------------- Page: 13 ----------------------
ISO/IEC DIS 24773-4:2022(E)
Annex C
(Informative)
Elaboration of Software Engineering Competencies
Examples of Software Engineering competencies are presented in this Annex. Table C.1 provides
examples of Software Engineering competencies. Some external frameworks may be useful for
certification body when defining software engineering competencies in their scheme.
[3]
e-CF : The competency defined and e-CF levels defined in e-CF provide examples of software
engineering competencies and proficiency levels.
[4]
SFIA : The competency and SFIA levels defined in SFIA provide examples of software engineering
competencies and proficiency levels.
[5]
iCD : The tasks and task diagnostic criteria of the tasks defined in iCD task dictionary provide
examples of software engineering competencies and proficiency levels.
Specific proficiency level definitions for the competencies are not addressed in Table C.1. See
ISO/IEC 24773-1 and ISO/IEC 24773-2 for definition and guidance regarding competency and
profic
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.