Skip to content
IRC-Coding IRC-Coding
ISO 25010 ISO 27001 ISO 9241 Software Quality Information Security

Software Standards and Norms: Guide and Exam Prep

Essential software standards explained: ISO/IEC 25010, ISO 27001, ISO 9241, 12207, GDPR. Exam-relevant overview.

S

schutzgeist

2 min read

Software Standards and Norms

Internet Relay Chat und Linux-FAQs

IRC-Mania Die Seite rund um Sicherheit und Programmierung

Internet, Sicherheit , Internet Relay Chat

This article is a definition of terms for software standards and norms – with exam-relevant examples, typical key points, and tags for quick revision.

What are norms and standards (in IT)?

Norms and standards define binding or recognized rules, terms, quality criteria, and processes. In software development, they help you to:

  • Make quality measurable
  • Implement security requirements in a traceable manner
  • Structure processes and responsibilities
  • Standardize communication (terms, models, artifacts)

Important norms (explained concisely)

ISO/IEC 25010 (Software and System Quality)

Defines a quality model for software and systems (e.g., functionality, reliability, usability, performance efficiency, maintainability, compatibility, security, portability). Particularly useful for justifying quality objectives cleanly in the project report.

ISO/IEC 27001 (Information Security Management)

Framework for an ISMS (Information Security Management System). Relevant when you want to structure security processes, risk analyses, or measure concepts.

DIN EN ISO 9241 (Usability / Human-System Interaction)

Very exam-relevant when developing interfaces. Central concepts include, for example, principles of dialogue design (e.g., conformity with expectations, controllability, error tolerance).

ISO/IEC/IEEE 12207 (Software Lifecycle Processes)

Describes processes throughout the entire lifecycle: planning, development, operation, maintenance.

DSGVO / BDSG (legal framework)

Not a norm, but practically always relevant: data protection, privacy by design, technical and organizational measures (TOM), contract processing (AVV).

IRC-Security.de - Cybersecurity Portal

IRC-Security.de

Cybersecurity Artikel und Tutorials

Exam-relevant key points

  • Norms are rarely asked “just by number” – what matters more is the concept behind them.
  • Good phrasing in the expert discussion is, for example:
    • “We orient ourselves on the quality objective maintainability based on the model according to ISO/IEC 25010.”
    • “Security measures are structured via an ISMS according to ISO/IEC 27001.”
    • “The UI meets fundamental usability principles according to ISO 9241.”

Mini-example: Mention norms meaningfully in the project

If you develop a web application, you can write in the documentation, for example:

  • Quality objectives: ISO/IEC 25010 (maintainability, security)
  • UX objectives: ISO 9241 (dialogue principles)
  • Data protection: DSGVO (TOM, data minimization)

Typical exam questions (with brief answer)

  1. Why are norms important in software development? They make quality, processes, and security requirements comparable and traceable.
  2. Which norm is central to software quality? ISO/IEC 25010.
  3. Which norm is known for information security / ISMS? ISO/IEC 27001.
  4. Which norm helps with usability? DIN EN ISO 9241.

Conclusion

In practice, norms are less about “memorization” and more about a tool for justification, structure, and traceability – that’s exactly what counts in exams too.

VPS Hosting Angebot

Premium VPS Hosting

Schnelle und sichere VPS Server
Back to Blog
Share:

Related Posts