ISO/IEC TS 25025:2021

TECHNICAL ISO/IEC TS
SPECIFICATION 25025
First edition
2021-03
Information technology — Systems
and software Quality Requirements
and Evaluation (SQuaRE) —
Measurement of IT service quality
Technologies de l'information — Exigences de qualité et évaluation
des systèmes et du logiciel (SQuaRE) — Mesure de la qualité du
service informatique
Reference number
©
ISO/IEC 2021
© ISO/IEC 2021
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO/IEC 2021 – All rights reserved

Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 2
4 Conformance . 3
5 Use of IT service quality measures . 3
5.1 IT service quality measurement concepts . 3
5.2 Approach to IT service quality measurement . 3
6 Format used for documenting the IT service quality measures . 4
7 IT service quality measures . 4
7.1 General . 4
7.2 Suitability measures . 6
7.2.1 General. 6
7.2.2 Completeness measures . 6
7.2.3 Correctness measures . 6
7.2.4 Appropriateness measures . 7
7.2.5 Consistency measures . 7
7.3 Usability measures . 8
7.3.1 General. 8
7.3.2 Appropriateness recognizability measures . 8
7.3.3 Learnability measures . 8
7.3.4 Operability measures . 9
7.3.5 User error protection measures .10
7.3.6 Accessibility measures . .10
7.3.7 Courtesy measures .10
7.4 Security measures .11
7.4.1 General.11
7.4.2 Confidentiality measures .11
7.4.3 Integrity measures .12
7.4.4 Traceability measures .12
7.5 IT service reliability measures .12
7.5.1 General.12
7.5.2 Continuity measures . .12
7.5.3 IT service recoverability measures .13
7.5.4 Availability measures .14
7.6 Tangibility measures .14
7.6.1 General.14
7.6.2 Visibility measures .14
7.6.3 Professionalism measures .14
7.6.4 IT service interface appearance measures .15
7.7 Responsiveness measures .15
7.7.1 General.15
7.7.2 Timeliness measures .16
7.7.3 Reactiveness measures .16
7.8 IT service adaptability measures .16
7.8.1 General.16
7.8.2 Customizability measures .16
7.8.3 Initiative measures . . .17
7.9 IT service maintainability measures .18
7.9.1 General.18
7.9.2 Analysability measures .18
© ISO/IEC 2021 – All rights reserved iii

7.9.3 Modifiability measures .18
7.9.4 Testability measures .18
Annex A (Informative) Context of using the model and different IT service types .20
Bibliography .23
iv © ISO/IEC 2021 – All rights reserved

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that
are members of ISO or IEC participate in the development of International Standards through
technical committees established by the respective organization to deal with particular fields of
technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other
international organizations, governmental and non-governmental, in liaison with ISO and IEC, also
take part in the work.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for
the different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives or www .iec .ch/ members
_experts/ refdocs).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www .iso .org/ patents) or the IEC
list of patent declarations received (see patents.iec.ch).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/
iso/ foreword .html. In the IEC, see www .iec .ch/ understanding -standards.
This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 7, Software and systems engineering.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www .iso .org/ members .html and www .iec .ch/ national
-committees.
© ISO/IEC 2021 – All rights reserved v

Introduction
0.1  General
This document is a part of the Systems and software Quality Requirements and Evaluation(SQuaRE)
series of documents, which provides a set of measures for the quality characteristics of IT service that
are defined in ISO/IEC TS 25011. It can be used for specifying requirements, measuring and evaluating
the IT service quality, in conjunction with other SQuaRE series of documents.
The set of quality measures in this document are selected based on their practical value. They are not
intended to be exhaustive, therefore users of this document are encouraged to refine them if necessary.
0.2  Quality measurement division
This document is a part of the ISO/IEC 2502n division that currently consists of the following documents:
— ISO/IEC 25020 — Quality measurement framework: provides a reference model and guideline for
measuring the quality characteristics defined in ISO/IEC 2501n quality model division.
— ISO/IEC 25021 — Quality measure elements: provides a format for specifying quality measure
elements and some examples of quality measure elements that can be used to construct software
quality measures.
— ISO/IEC 25022 — Measurement of quality in use: provides measures including associated
measurement functions for the quality characteristics in the quality in use model.
— ISO/IEC 25023 — Measurement of system and software product quality: provides measures including
associated measurement functions for the quality characteristics in the product quality model.
— ISO/IEC 25024 — Measurement of data quality: provides measures including associated
measurement functions for the quality characteristics in the data quality model.
— ISO/IEC TS 25025 — Measurement of IT service quality: provides quality measures useful for
requirements and evaluation of IT service quality.
Figure 1 depicts the relationship between this document and the other documents in the ISO/IEC 2502n
division.
vi © ISO/IEC 2021 – All rights reserved

Figure 1 — Structure of the quality measurement division
0.3  Outline and organization of SQuaRE series
The SQuaRE series consists of five main divisions and an extension division. An outline of each division
within the SQuaRE series is as follows:
— ISO/IEC 2500n — Quality management division. The standards that form this division define all
common models, terms and definitions referred further by all other standards from the SQuaRE
series. The division also provides requirements and guidance for the planning and management of
a project.
— ISO/IEC 2501n — Quality model division. The standards that form this division provide quality
models for system/software products, quality in use, data and IT service. Practical guidance on the
use of the quality model is also provided.
— ISO/IEC 2502n — Quality measurement division. The standards that form this division include a
system/software product quality measurement reference model, definitions of quality measures,
and practical guidance for their application. This division presents internal measures of software
quality, external measures of software quality, quality in use measures, data quality measures
and IT service quality measures. Quality measure elements forming foundations for the quality
measures are defined and presented.
— ISO/IEC 2503n — Quality requirements division. The standards that form this division help to
specify quality requirements. These quality requirements can be used in the process of quality
requirements elicitation for a system/software product to be developed, designing a process for
achieving necessary quality, or as inputs for an evaluation process.
— ISO/IEC 2504n — Quality evaluation division. The standards that form this division provide
requirements, recommendations and guidelines for system/software product evaluation, whether
performed by independent evaluators, acquirers or developers. The support for documenting a
measure as an Evaluation Module is also presented.
© ISO/IEC 2021 – All rights reserved vii

ISO/IEC 25050 to ISO/IEC 25099 are reserved for SQuaRE extension International Standards, Technical
Specifications, Publicly Available Specifications (PAS) and/or Technical Reports.
viii © ISO/IEC 2021 – All rights reserved

TECHNICAL SPECIFICATION ISO/IEC TS 25025:2021(E)
Information technology — Systems and software Quality
Requirements and Evaluation (SQuaRE) — Measurement of
IT service quality
1 Scope
This document defines quality measures useful for requirements and evaluation of IT service quality in
terms of characteristics and sub-characteristics defined in ISO/IEC TS 25011.
This document contains a basic set of quality measures for each characteristic and sub-characteristic.
This document does not assign ranges of values of the quality measures to rated levels or to grades of
compliance. Such values are defined based on the nature of the IT service, and so depends on factors
such as category of the IT service or users' needs. Some attributes can have a desirable range of values,
which does not depend on specific user needs but generic factors, for example, service downtime. This
document includes, in Annex A, considerations for the selection and application of quality measures.
The quality measures in this document are primarily intended to be used for quality evaluation and
improvement of IT services during or after the development life cycle.
The main users of this document are people carrying out quality requirements specification and
evaluation activities for IT services as part of the following:
— development: including requirements analysis, design, implementation, testing and deployment
during the development life cycle;
— quality management: monitoring activities of quality assurance and performing quality control of
an IT service;
— supply: making a contract with the user for supplying an IT service under the terms of a contract;
— acquisition: including IT service selection, when acquiring or procuring an IT service from a service
provider;
— maintenance: improvement of an IT service based on quality measurement.
The relationship of this document to domain-specific IT service quality model and its precedence over
this document is determined by the user in a specific context of use.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO/IEC 25000, Systems and software engineering — Systems and software Quality Requirements and
Evaluation (SQuaRE) — Guide to SQuaRE
ISO/IEC TS 25011:2017, Information technology — Systems and software Quality Requirements and
Evaluation (SQuaRE) — Service quality models
ISO/IEC 25021:2012, Systems and software engineering — Systems and software Quality Requirements
and Evaluation (SQuaRE) — Quality measure elements
© ISO/IEC 2021 – All rights reserved 1

3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 25000 and the
following apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.1
quality measure
derived measure that is defined as a measurement function (3.5) of two or more values of quality
measure elements
[SOURCE: ISO/IEC 25021:2012, 4.13]
3.2
IT service
information technology service
service that makes use of IT systems as tools to provide value to an individual user or a business by
facilitating results the user or business wants to achieve
Note 1 to entry: IT services can be delivered remotely by people, or by an IT application that could be in a local or
remote location.
[SOURCE: ISO/IEC TS 25011:2017, 3.3.2, modified — "information technology service" has been changed
from a preferred term to an admitted term.]
3.3
IT service quality
degree to which an IT service (3.2) satisfies stated and implied needs when used under specified
conditions
[SOURCE: ISO/IEC TS 25011:2017, 3.3.10]
3.4
IT service function
collection of related steps performed as a part of an IT service (3.2), or features provided by an IT system
EXAMPLE The service status monitoring or data backup of an internet banking service.
Note 1 to entry: ISO/ IEC has software functionality identification, classification and sizing standard methods
that provides consistency identifying unique IT service functions; these include: ISO/IEC 20926 (IFPUG
method), ISO/IEC 19761 (COSMIC method), ISO/IEC 29881 (FiSMA method), ISO/IEC 20968 (MarkII method),
ISO/IEC 24570 (NESMA method).
3.5
measurement function
algorithm or calculation performed to combine two or more quality measure elements
[SOURCE: ISO/IEC 25021:2012, 4.7, modified — Note 1 to entry has been removed.]
3.6
service provider
organization that manages and delivers a service or services to customers
[SOURCE: ISO/IEC 20000-1:2018, 3.2.24]
2 © ISO/IEC 2021 – All rights reserved

3.7
service level agreement
SLA
documented agreement between the IT service (3.2) provider and the user that identifies services and
their agreed performance
Note 1 to entry: A service level agreement can be included in a contract or another type of documented agreement.
[SOURCE: ISO/IEC 20000-1:2018, 3.2.20, modified — "the organization and the customer" has been
changed to "the IT service provide and the user"; the original note 1 to entry has been removed; the
original note 2 to entry has become note 1 to entry.]
4 Conformance
Any quality requirements specification or quality evaluation that conforms to this document shall:
a) select the quality characteristics and/or sub-characteristics to be specified or evaluated as defined
in ISO/IEC TS 25011;
b) provide the rationale for any modifications of quality measures;
c) define any additional quality measures and quality measure elements from ISO/IEC 25021 that are
not included in this document.
5 Use of IT service quality measures
5.1 IT service quality measurement concepts
This document provides quality measures for the characteristics and sub-characteristics of the
service quality model defined in ISO/IEC TS 25011. IT service quality characteristics are defined in
ISO/IEC TS 25011 that categorizes IT service quality into 8 characteristics.
The quality of an IT service is the degree of satisfying the stated and implied needs of its users and thus
provides value. These stated and implied needs are represented in the SQuaRE series of standards by
quality models that categorize IT service quality into characteristics, which in most cases are further
subdivided into sub-characteristics.
The quality characteristic and sub-characteristic can be quantified by applying measurement
functions. The measurement function of a quality measure is defined using a mathematical formula
by combining quality measure elements. Quality measures enable us to quantify the quality of an IT
service. More than one quality measure can be used for the measurement of quality characteristics and
sub-characteristics.
5.2 Approach to IT service quality measurement
This document provides a possible, suggested set of IT service quality measures to be used with the
quality model in ISO/IEC TS 25011. The user of this document can select suitable quality measures for
a specific service and assign different weighting to these quality measures for different types of IT
services.
When selecting the appropriate IT service quality measures, the factors which can influence the
selection can include the following:
— the importance of the property to quantify;
— the type of the target IT service;
— the user requirements.
© ISO/IEC 2021 – All rights reserved 3

If necessary, the user can modify the quality measures defined in this document and can also define
new measures or use ones from the other documents.
When using a newly defined or modified quality measure, the user should specify how the measure
relates to the ISO/IEC TS 25011 quality model or any other substitute quality model that is being used.
Most of the quality measures defined in this document use measurement functions which provide
normalized values ranging from 0 to 1. The users can change the value range, for example, low or high,
if it is desirable.
6 Format used for documenting the IT service quality measures
The following information is given for each quality measure in Tables 1 to 27:
a) ID: identification code of the quality measure. Each ID consists of the following two parts:
— abbreviated alphabetic code representing the quality characteristics as one capital X and sub-
characteristics as one capital X followed by lower-case x (for example, “UUe” denotes “User
error protection” measures for “Usability”);
— serial number in sequential order within quality sub-characteristic.
b) Name: quality measure name.
c) Description: the information provided by the quality measure.
d) Measurement function: mathematical formula showing how the quality measure elements are
combined to produce the quality measure.
7 IT service quality measures
7.1 General
The quality measures in this clause are listed by quality characteristics and sub-characteristics, in the
order used in ISO/IEC TS 25011; and the word “measures” in this clause means quality measures.
NOTE 1 The list of quality measures shown in Table 1 is not final, and can be revised in future editions of this
document. Users of this document are invited to provide feedback.
Table 1 — IT service quality measures
Characteristics Sub-characteristics Measures
Functional coverage
Completeness Goals and objectives achievement
Data items populated
IT service function correctness
Correctness
Suitability Compliance of defined process
IT service function appropriateness for context of use
Appropriateness
IT service function appropriateness to service users
IT service consistency
Consistency
IT service process quality consistency
4 © ISO/IEC 2021 – All rights reserved

Table 1 (continued)
Characteristics Sub-characteristics Measures
Description completeness
Appropriateness
recognizability
Demonstration coverage
User guide completeness
Learnability User guide effectiveness
User guide efficiency
Message clarity
Understandable categorization of service
Usability Operability
IT service automation
Effort time estimability
Avoidance of user operation error
User error protection
User error correction
Accessibility for users with disabilities
Accessibility
Language supportability
Courtesy Courteous service language, behaviour and attitude
Access controllability
Completeness of access control methods to protect confi-
Confidentiality
dential information
Effectiveness of confidentiality protection
Security
Integrity Data integrity
User audit trail completeness
Traceability
Traceability completeness
Coverage of IT service continuity plan
Completeness of IT service risk prevention actions
Continuity
Completeness of IT service risk mitigation actions
IT service reliability Effectiveness of IT service risk mitigation actions
Effectiveness of recovery
IT service recoverability
Timely recovery
Availability IT service availability
Visibility of IT service functions delivery
Visibility
Visibility of IT service functions progress
Process adaption maturity
Tangibility professionalism Personnel qualification
IT service developer professionalism
User interface appearance satisfaction
IT service interface
appearance
IT service interface satisfaction
Timeliness IT service delivery timeliness
Response timeliness
Responsiveness
Reactiveness
Responsiveness of request for modification and en-
hancement
© ISO/IEC 2021 – All rights reserved 5

Table 1 (continued)
Characteristics Sub-characteristics Measures
IT service function customizability
Customizability
User interface customizability
Satisfaction of users’ goals
IT service
Proactive change suggestion
adaptability
Initiative
Change suggestion acceptance
Effectiveness of implementing accepted change
suggestions
Analysability IT service analysis effectiveness
Modifiability IT service function modifiability
IT service
maintainability
Completeness of testing criteria
Testability
Testing completion
7.2 Suitability measures
7.2.1 General
Suitability measures are used to assess the degree to which an IT service meets stated and implied
needs when used in a specified context of use.
7.2.2 Completeness measures
Completeness measures are used to assess the degree to which an IT service supports all the specified
goals, objectives and data specified by the user.
Table 2 — Completeness measures
ID Name Description Measurement function
a,b
SCp-1 Functional What proportion of specified X = 1 − A/B
coverage functions has been implemented?
A = Number of IT service functions missing
B = Number of IT service functions
specified
SCp-2 Goals and objec- What proportion of specified X = 1 − A/B
tives achievement goals and objectives has been
A = Number of goals and objectives that
achieved?
have not been achieved
B = Number of goals and objectives intend-
ed to be supported by the fully implement-
ed service
c
SCp-3 Data items What proportion of the specified X = A/B
Populated data items has been populated
A = Number of data items populated
with data?
B = Number of data items specified
a
Functions can be specified in SLA (service level agreement), the design specification, the user manual or all of these.
b
Missing service functions are detected when the service does not have the ability to perform a function that is specified.
c
“populated data” means a set of data to be inserted into database for each data item required to provide IT services.
7.2.3 Correctness measures
Correctness measures are used to assess the degree to which an IT service uses the correct process and
produces the correct results with accurate data.
6 © ISO/IEC 2021 – All rights reserved

Table 3 — Correctness measures
ID Name Description Measurement function
a,b,c
SCr-1 IT service func- What proportion of IT service X = 1 − A/B
tion correctness functions produces correct
A = Number of IT service functions that
results?
produce incorrect data
B = Number of IT service functions considered
SCr-2 Compliance of What proportion of IT service X = A/B
defined process functions uses the defined
A = Number of IT service functions using the
process?
defined process
B = Number of IT service functions
a
The service function is incorrect if it does not provide reasonable and acceptable results to achieve the specific
intended objective.
b
The service functions considered for evaluation can be all the functions provided by an IT service or a specific set of
functions required for a particular usage.
c
Service provider possibly examines an individual function by reviewing or testing and determines whether the
function successfully provides suitable outcomes to specific objectives as defined in the requirements specification or not.
7.2.4 Appropriateness measures
Appropriateness measures are used to assess the degree to which an IT service provides results that
are appropriate for the user needs.
Table 4 — Appropriateness measures
ID Name Description Measurement function
SAp-1 IT service function What proportion of IT service X = A/B
appropriateness for functions provided is appropri-
A = Number of IT service functions satisfied by
context of use ate for context of use?
service users
B = Number of IT service functions provided
SAp-2 IT service function What proportion of IT service X = A/B
appropriateness to functions is appropriate to the
A = Number of IT service functions appropriate
service users level of education, skills, exper-
to the level of education, skills, expertise and
tise and qualifications of users
qualifications of users receiving the IT service
receiving the IT service?
B = Number of IT service functions
7.2.5 Consistency measures
Consistency measures are used to assess the degree to which repeated or similar related IT services
provided consistent quality.
Table 5 — Consistency measures
ID Name Description Measurement function
a
SCs-1 IT service pro- What proportion of repeated or X = A/B
cess consistency similar IT service subprocess-
A = Number of IT service subprocesses that are
es is performed in a consistent
repeated or similar across the IT service func-
manner?
tions which perform in a consistent manner
B = Number of IT service subprocesses that
are repeated and similar across the IT service
functions
a
The process of IT service would consist of several subprocesses, and the subprocess should be provided in the same or
similar manner.
© ISO/IEC 2021 – All rights reserved 7

Table 5 (continued)
ID Name Description Measurement function
a
SCs-2 IT service out- What proportion of repeated or X = A/B
come quality similar IT service subprocesses is
A = Number of IT service subprocesses that
consistency performed in a consistent level of
are repeated or similar across the IT service
outcome quality?
functions which produce a consistent level of
outcome quality
B = Number of IT service subprocesses that
are repeated or similar across the IT service
functions
a
The process of IT service would consist of several subprocesses, and the subprocess should be provided in the same or
similar manner.
7.3 Usability measures
7.3.1 General
Usability measures are used to assess the degree to which an IT service can be used by specified users
to achieve specified goals with effectiveness, efficiency and satisfaction in a specified context of use.
7.3.2 Appropriateness recognizability measures
Appropriateness recognizability measures are used to assess the degree to which users can recognize
whether an IT service is appropriate for their needs.
Table 6 — Appropriateness recognizability measures
ID Name Description Measurement function
a
UAr-1 Description What proportion of IT service X = A/B
completeness functions is described in the service
A = Number of IT service functions
artifacts?
described in the service artefacts
B = Number of IT service functions specified
UAr-2 Demonstration What proportion of IT service func- X = A/B
coverage tions is covered by demonstration
A = Number of IT service functions that are
features to help users understand
covered by demonstration features
the appropriateness of the service
functions to their needs? B = Number of IT service functions requir-
ing demonstration features to help users un-
derstand the appropriateness of the service
functions to their needs
a
Service artifacts include service plan, service report etc.
7.3.3 Learnability measures
Learnability measures are used to assess the degree to which an IT service can be learned by users
to achieve a specified level of effectiveness, efficiency, freedom from risk and satisfaction within a
specified amount of time and context of use.
8 © ISO/IEC 2021 – All rights reserved

Table 7 — Learnability measures
ID Nam Name Description Measurement function
ULe-1 User guide What proportion of IT service X = A/B
completeness functions is described in a user
A = Number of IT service functions described in a
guide?
user guide
B = Number of IT service functions that should be
described in a user guide
ULe-2 User guide What proportion of user guide is X = A/B
effectiveness effective for users to operate IT
A = Number of IT service functions in a user
systems by themselves without
guide which enables users to operate IT systems
the support of an IT service
by themselves without the support of an IT ser-
provider?
vice provider
B = Number of IT service functions described in a
user guide
ULe-3 User guide What proportion of IT service X = A/B
efficiency functions can users learn in a
A = Number of IT service functions that users can
specified time period using a
learn in a specified time period
user guide?
B = Number of IT service functions described in a
user guide
7.3.4 Operability measures
Operability measures are used to assess the degree to which an IT service has attributes that make it
easy to operate and control.
Table 8 — Operability measures
ID Name Description Measurement function
a
UOp-1 Message clarity What proportion of messages X = A/B
from IT service functions is
A = Number of messages which are described
clearly described which enables
clearly enough to enable users to operate and
user to operate and control the
control the service without making trial and
service without trial and error?
error
B = Number of messages implemented
UOp-2 Understandable To what extent is the service X = A/B
categorization categorization understandable
A = Number of service categories that are under-
of service to the intended users
standable to the intended users
B = Number of service categories used
UOp-3 IT service What proportion of autom- X = A/B
automation atable IT service functions is
A = Number of fully-automated IT service
fully-automated without inter-
functions
vention of the service provider
or human support? B = Number of automatable IT service functions
UOp-4 Effort time What proportion of IT service X = A/B
estimability functions provides the infor-
A = Number of IT service functions providing
mation of human effort time
the information of human effort time estimates
estimates needed to complete
to complete the functions by users
the functions by users?
B = Number of IT service functions
a
Messages should provide all possible information that enables users to understand how to operate and control.
© ISO/IEC 2021 – All rights reserved 9

7.3.5 User error protection measures
User error protection measures are used to assess the degree to which an IT service protects users
against making errors.
Table 9 — User error protection measures
ID Name Description Measurement function
UUe-1 Avoidance of user What proportion of user ac- X = A/B
operation error tions and inputs is protected
A = Number of user actions and inputs that are
against causing any error?
actually protected from causing any errors
B = Number of user actions and inputs that
should be protected from causing any errors
UUe-2 User error What proportion of user errors X = A/B
correction can be corrected?
A = Number of user error which are corrected
B = Number of user error which could occur
during operation
7.3.6 Accessibility measures
Accessibility measures are used to assess the degree to which an IT service can be used by people with
the widest range of characteristics and capabilities to achieve a specified goal in a specified context of use.
Table 10 — Accessibility measures
ID Name Description Measurement function
a,b,c
UAc-1 Accessibility for To what extent can intended X = A/B
users with disa- users with specific disabilities
A = Number of IT service functions successfully
bilities successfully use the services
usable by users with specific disabilities
(with assistive technology if
appropriate)? B = Number of IT service functions provided
d
UAc-2 Language What proportion of languages X = A/B
supportability required is supported?
A = Number of languages actually supported
B = Number of languages specified in the speci-
fications to be supported
a
Specific disabilities include cognitive disability, motor disability, hearing/voice disability, visual disability and so on.
b
The range of capabilities includes disabilities associated with age.
c
Any person becomes possibly a user with limited cognitive, physical, hearing or visual ability under specific situations
or environments, for example, in darkness, in low atmospheric pressure at high altitude, in water and so on.
d
When users use an IT service in a language from other than native one, they often experience operational errors and
sometimes give up without achieving their intended goals. Such a case is one example of decreasing accessibility and causes
misunderstanding of the service outputs. Therefore, language support should be considered, specified and implemented
for users from various countries.
7.3.7 Courtesy measures
Courtesy measures are used to assess the degree to which the IT service is provided in a polite,
respectful and friendly way.
10 © ISO/IEC 2021 – All rights reserved

Table 11 — Courtesy measures
ID Name Description Measurement function
UCo-1 Courteous ser- What proportion of the IT X = A/B
vice language, service functions is delivered
A = Number of IT service functions that are de-
behaviour and using language, behaviour and
livered using language, behaviour and attitude
attitude attitudes that are courteous to
that are courteous to the user
the user?
B = Number of IT service functions
NOTE 1  ‘Courteous service language, behaviour, and attitude’ can be measured through user satisfaction surveys.
NOTE 2  ‘Courteous service language’ means using user-friendly words instead of IT specific terminologies.
7.4 Security measures
7.4.1 General
Security measures are used to assess the degree to which an IT service protects both user’s assets and
access to their information so that users have the degree of information access appropriate to their
levels of authorization.
NOTE This document focuses on security measures of the IT service, and security measures for software
product are in ISO/IEC 25023.
7.4.2 Confidentiality measures
Confidentiality measures are used to assess the degree to which an IT service ensures that data are
...