| Standard id | Standard | Clasification |
|---|---|---|
| ARM.SDLC.001 | Define the appropriate Software Development Life Cycle (SDLC) model. | Mandatory |
| ARM.SDLC.002 | Selection and use of one application development methodology for the entire duration of the project. | Mandatory |
| ARM.SDLC.003 | To change the selected methodology, a proper change request procedure should be followed. | Mandatory |
| ARM.SDLC.004 | Follow ISO/IEC/IEEE 24765 standard for systems and software engineering. | Recommended |
| ARM.SDLC.005 | Follow IEEE standard 12207 for software life cycle processes. | Recommended |
| ARM.SDLC.006 | Follow IEEE standard 1517 to reuse SDLC processes. | Recommended |
| Standard id | Standard | Clasification |
|---|---|---|
| ARM.REQ.001 | Gather business and system requirements. | Mandatory |
| ARM.REQ.002 | Establish and document business requirements. | Mandatory |
| ARM.REQ.003 | A requirement should be traceable back-ward to requirements and the stakeholders that motivated it. | Mandatory |
| ARM.REQ.004 | On successful completion and acceptance, both vendor and client must sign-off requirements document. | Mandatory |
| Standard id | Standard | Clasification |
|---|---|---|
| ARM.SDD.001 | Follow IEEE standard 1016 for Information technology - system design. | Recommended |
| ARM.SDD.002 | Document the software design as per IEEE 1016. | Recommended |
| ARM.SDD.003 | Follow ISO/IEC 42010 for architecture description. | Recommended |
| ARM.SDD.004 | Use notations for static and dynamic views. | Recommended |
| ARM.SDD.005 | On successful completion and acceptance, both vendor and client must sign-off design document. | Mandatory |
| Standard id | Standard | Clasification |
|---|---|---|
| ARM.COS.001 | Select programming languages and frameworks appropriately to meet the documented requirements of the system. | Mandatory |
| ARM.COS.002 | Indent code for better readability as of used technology. | Mandatory |
| ARM.COS.003 | Establish a maximum line length for comments and code to avoid horizontal scrolling of editor window. | Recommended |
| ARM.COS.004 | Use space after each comma, operators, values and arguments. | Recommended |
| ARM.COS.005 | Break large, complex sections of code into smaller comprehensible modules/ functions. | Recommended |
| ARM.COS.006 | Arrange and separate source code between files. | Recommended |
| ARM.COS.007 | Use naming convention as of selected technology. | Recommended |
| ARM.COS.008 | Avoid elusive names that are open to subjective interpretation. | Recommended |
| ARM.COS.009 | Do not include class names in the name of class properties. | Recommended |
| ARM.COS.010 | Use the verb-noun method for naming routines. | Recommended |
| ARM.COS.011 | Append computation qualifiers (Avg, Sum, Min, Max, Index) to the end of a variable name where appropriate. | Recommended |
| ARM.COS.012 | Use customary opposite pairs in variable names. | Recommended |
| ARM.COS.013 | Use mixed-case formatting to simplify reading. | Recommended |
| ARM.COS.014 | Boolean variable names should begin with is, are, was, were or a modal verb. Modal verbs include can, could, may, might, must, shall, should, will or would. | Recommended |
| ARM.COS.015 | Avoid using terms such as Flag when naming status variables, which differ from Boolean variables in that they may have more than two possible values. | Recommended |
| ARM.COS.016 | Even for a short-lived variable that may appear in only a few lines of code, still use a meaningful name. Use single-letter variable names, such as i, or j, for short-loop indexes only. | Recommended |
| ARM.COS.017 | Develop a list of standard prefixes for the project to help developers consistently name variables. | Recommended |
| ARM.COS.018 | For variable names, include notation that indicates the scope of the variable. | Recommended |
| ARM.COS.019 | Constants should be used as naming convention as of selected technology. | Recommended |
| ARM.COS.020 | Wrap built-in functions and third-party library functions with your own wrapper functions. | Recommended |
| ARM.COS.021 | Report error message and recover or fail gracefully. | Recommended |
| ARM.COS.022 | Provide useful error messages. | Recommended |
| ARM.COS.023 | When modifying code, always keep the commenting around it up to date. | Recommended |
| ARM.COS.024 | At the beginning of every routine, it is helpful to provide standard, boilerplate comments, indicating the routine's purpose, assumptions, and limitations. | Recommended |
| ARM.COS.025 | Avoid adding comments at the end of a line of code. | Recommended |
| ARM.COS.026 | To conserve resources, be selective in the choice of data type to ensure the size of a variable is not excessively large. | Recommended |
| ARM.COS.027 | Keep the scope of variables as small as possible to avoid confusion and to ensure maintainability. | Recommended |
| ARM.COS.028 | When writing classes, avoid the use of public variables. Instead, use procedures to provide a layer of encapsulation and also to allow an opportunity to validate value changes. | Recommended |
| ARM.COS.029 | Do not open data connections using a specific user's credentials. Connections that have been opened using such credentials cannot be pooled and reused, thus losing the benefits of connection pooling. | Recommended |
| ARM.COS.030 | For secured coding standard, follow Secure Coding Guidelines of BCC https://bcc.gov.bd/site/page/f64470aa-1f1d-406c-a7a9-54125efb2ed3/- |
Mandatory |
| Standard id | Standard | Clasification |
|---|---|---|
| ARM.TST.001 | Follow ISO/IEC/IEEE standard 29119-4:2021 for software testing. | Mandatory |
| ARM.TST.002 | Follow ISO/IEC standard 15288 and 12207 for system engineering standards include process for verification and validation. | Recommended |
| ARM.TST.003 | Follow IEEE 1008, BS 7925 standard for testing. | Recommended |
| ARM.TST.004 | Follow IEEE 829, 1028 for software review techniques. | Recommended |
| ARM.TST.005 | Follow ISO/IEC AWI TS 29119-11:2020 to test AI based system. | Mandatory |
| ARM.TST.006 | Software testing to be done by minimum TMMI level 3 certified lab. | Mandatory |
| Standard id | Standard | Clasification |
|---|---|---|
| ARM.SOM.001 | Follow ISO/IEC standard 14764:2022 for software maintenance. | Mandatory |
| ARM.SOM.002 | Follow IEEE standard 14764:2022 for process of software maintenance. | Mandatory |
| ARM.SOM.003 | Follow ISO/IEC 23053:2022 for ML based system. | Mandatory |
| Standard id | Standard | Clasification |
|---|---|---|
| ARM.AI.001 | Follow ISO/IEC TR 24028 to mitigate AI system vulnerabilities that relate to trustworthiness. | Mandatory |
| ARM.AI.002 | To assess and achieve availability, resiliency, reliability, accuracy, safety, security and privacy of AI based systems, follow ISO/IEC TR 24028. | Mandatory |
| ARM.AI.003 | Follow ISO/IEC TR 24372 to describe main computational characteristics, main algorithms and approaches used in AI systems. | Mandatory |
| Standard id | Standard | Clasification |
|---|---|---|
| ARM.IoT.001 | Follow ISO/IEC 21823 to implement interoperability for IoT systems in an efficient way. | Mandatory |
| ARM.IoT.002 | For a standardized IoT Reference Architecture, follow ISO/IEC 30141 which gives a standardization using a common vocabulary, reusable designs and industry best practices. | Mandatory |
| ARM.IoT.003 | Follow ISO/IEC TR 30166 to get characteristics, technical aspects and functional as well as non-functional elements of the Industrial IoT structure. | Mandatory |
| Standard id | Standard | Clasification |
|---|---|---|
| ARM.BLKCHN.001 | Enterprise Blockchain implementation should consider permissioned networks to ensure that only trusted entities can interact with the network. | Mandatory |
| ARM.BLKCHN.002 | Enterprise Blockchain should have Strong Governance System in place so that no one can abuse the network for their interest. | Mandatory |
| ARM.BLKCHN.003 | Government Application systems should consider private or permissioned implementation to ensure privacy & security of government data. | Mandatory |
| ARM.BLKCHN.004 | Suitable Use-Cases should be considered for integrating Blockchain in existing applications. | Mandatory |
| Standard id | Standard | Clasification |
|---|---|---|
| ARM.AS.001 | Follow standard MVC pattern. | Recommended |
| ARM.AS.002 | For N-Tier application mention tiers clearly in architecture document. | Mandatory |
| ARM.AS.003 | For micro service, follow Section 9 of ISO/IEC TS 23167:2020. | Recommended |
| ARM.AS.004 | If there is a mix of architecture Models, then it should be documented with reference. | Recommended |
| Standard id | Standard | Clasification |
|---|---|---|
| WEB.DES.001 | Website should be registered under '.bd' domain. | Mandatory |
| WEB.DES.002 | The link to other websites and portal should open in a new tab or a new window. | Mandatory |
| WEB.DES.003 | Content should be free from spelling and grammatical errors. | Mandatory |
| WEB.DES.004 | The content should not be discriminative/ offensive. | Mandatory |
| WEB.DES.005 | A policy should be prevalent in department for review of content to be published on website. | Mandatory |
| WEB.DES.006 | The website should support bangla and provide option for content translated in at least English language. | Mandatory |
| WEB.DES.007 | The website design should be responsive | Mandatory |