-
Notifications
You must be signed in to change notification settings - Fork 0
TTS QASP
Sarah Statz edited this page Apr 7, 2021
·
29 revisions
The government uses the QASP to monitor the quality of a vendor’s deliverables and performance. This helps the government measure vendor performance and ensure it reaches the required levels as specified in the contract. The QASP provides the government with a proactive way to identify and avoid deficient performance. The following chart sets forth the performance standards; quality levels the code and documentation provided by the Contractor must meet, and the methods [the agency] will use to assess the standard and quality levels of that code and documentation.
| Deliverable | Performance Standards | Acceptable Quality Level | Method of Assessment | What does it mean for our team? |
|---|---|---|---|---|
| Tested Code | Code delivered under the order must have substantial test code coverage and a clean code base Version-controlled Court GitHub repository of code that comprises product that will remain in the government domain | Minimum of 90% test coverage of all code | Combination of manual review and automated testing | Details Here: Tested Code |
| Properly Styled Code | GSA 18F Front End Guide | 0 linking errors and 0 warnings | Combination of manual review and automated testing | Details Here: Properly Styled Code |
| Accessible | Web Content Accessibility Guidelines 2.1 AA (WCAG 2.1 AA) standards | 0 errors reported for WCAG 2.1 AA standards using an automated scanner and 0 errors reported in manual testing | CodeSniffer or pa11y for CI/CD | Details Here: Accessible |
| Deployed | Code must successfully build and deploy into staging environment | Successful build with a single command | Combination of manual review and automated testing | Details Here: Deployed |
| Secure | OWASP Application Security Verification Standard 3.0 | Code submitted must be free of medium- and high-level static and dynamic security vulnerabilities | Clean tests from a static testing SaaS (such as Gemnasium) and from OWASP ZAP, along with documentation explaining any false positives | Details Here: Secure |
| User Research | Usability testing and other user research methods must be conducted at regular intervals throughout the development process (not just at the beginning or end). | Research plans and artifacts from usability testing and/or other research methods with end-users are available at the end of every applicable sprint, in accordance with the vendor’s research plan. | TTS will evaluate the artifacts based on a research plan provided by the vendor at the end of the second sprint and every applicable sprint thereafter. | Details Here: User Research |
TTS QASP for Software Development - Design and Research PDF
A New QASP in the Works... New Draft QASP
Contact the team at [email protected] or reach out to Sarah Statz.