Checklist Overview
The TQS certification checklist is a list of items for systematically verifying whether a project meets TQS specifications. This chapter defines the checklist's composition principles, classification criteria, evaluation methods, area-specific weights, and passing criteria.
32.1.1. Checklist Composition Principles
The TQS certification checklist is composed according to the following principles.
32.1.1.1. Objective Verifiability
All checklist items must be objectively verifiable. Items whose results vary depending on the auditor's subjective judgment are not included in the checklist. Each item defines clear compliance criteria and verification methods, and different auditors verifying the same project must produce identical results.
32.1.1.2. Automated Verification Priority
Items verifiable through automated tools are given priority for inclusion in the checklist. Automated verification items determine compliance based on tool execution results such as CI/CD pipeline execution results, static analysis tool output, and coverage reports. Items that cannot be verified automatically are verified through manual review or evidence verification.
32.1.1.3. Technology Stack Alignment
Checklist items must exactly match the technology stack defined in the TQS specifications. The backend checklist is based on Java 21, Spring Boot 3.x, Maven, PostgreSQL, jOOQ, and Flyway, while the frontend checklist is based on Vue 3, TypeScript, Vite, and Tailwind CSS.
32.1.1.4. Single Responsibility Principle
Each checklist item contains only one verification target. Multiple verification targets must not be combined into a single item, and the compliant/non-compliant verdict for each item must be determined independently.
32.1.2. Classification Criteria
Each checklist item is classified into 3 categories based on importance. These classifications correspond to the requirement level definitions in RFC 2119.
| Classification | Symbol | RFC 2119 Mapping | Description |
|---|---|---|---|
| Mandatory | O | MUST | Items that must be met to obtain certification |
| Recommended | R | SHOULD | Items strongly recommended for compliance |
| Optional | S | MAY | Items applicable depending on project characteristics |
32.1.2.1. Mandatory Items
Mandatory items are the minimum requirements for TQS certification. If even one mandatory item is non-compliant, the project fails regardless of certification grade. Mandatory items consist of items that ensure the project's fundamental quality, including code quality, security, testing, and builds.
32.1.2.2. Recommended Items
Recommended items are items for elevating project quality to a higher level. The compliance rate of recommended items directly affects the certification grade determination. Advanced certification requires 80% or above compliance with recommended items, and Premier certification requires 100% compliance with recommended items.
32.1.2.3. Optional Items
Optional items are items whose applicability can be determined based on the project's characteristics, scale, and domain. Optional items are not included in the certification grade calculation and, when applied, are recorded as additional achievements in the project quality report.
32.1.3. Evaluation Methods
The compliance of checklist items is verified through one or more of the following 3 evaluation methods.
| Evaluation Method | Description | Examples |
|---|---|---|
| Automated Verification | Verdict based on automated tool execution results | mvn spotless:check, JaCoCo report, ESLint execution results |
| Manual Review | Auditor directly examines source code or configuration | Naming convention compliance, architecture patterns, exception handling structure |
| Evidence Verification | Verification of evidence materials submitted by the project team | Screenshots, CI/CD build reports, Lighthouse results |
32.1.3.1. Automated Verification
Automated verification is the most objective and reproducible evaluation method. The TQS Committee directly triggers the CI/CD pipeline or reviews the tool execution results submitted by the project team. Automated verification items are judged as pass if the tool's output results meet the baseline values.
32.1.3.2. Manual Review
Manual review is the method where auditors directly verify items that cannot be verified by automated tools. It evaluates structural code quality, design pattern application, and security implementation appropriateness. Manual review is independently performed by a minimum of 2 auditors, and if verdicts differ, the final decision is made through consensus.
32.1.3.3. Evidence Verification
Evidence verification is the method of determining compliance through materials submitted by the project team, such as screenshots, reports, and logs. Evidence materials must be from within 1 week of the audit date, and formats that cannot be forged (CI/CD log URLs, auto-generated reports, etc.) are recommended.
32.1.4. Area-Specific Weights
The TQS-S/W certification checklist consists of 6 areas, each with assigned weights. The weights reflect the impact of each area on overall project quality.
| Area | Weight | Key Verification Content |
|---|---|---|
| Development Environment | 10% | IDE configuration, tool setup, runtime version |
| Backend Code | 25% | Java conventions, Spring Boot, database, build |
| Frontend Code | 25% | Vue 3, TypeScript, styling, testing |
| Operations | 15% | Configuration management, CI/CD, testing standards |
| Security | 15% | Authentication/authorization, encryption, vulnerability defense |
| API | 10% | RESTful design, documentation, error handling |
32.1.4.1. Weight Application Method
Each area's score is calculated based on the compliance rate of items within that area. The overall score is the sum of each area's score multiplied by its weight. Weights are periodically reviewed by the TQS Committee and may be adjusted in response to changes in the technology environment.
32.1.4.2. Adjustments by Project Type
For projects that include only a backend, the frontend code area's weight is redistributed to the backend code and operations areas. The same principle applies for projects that include only a frontend. Redistribution criteria are determined by the TQS Committee at the time of audit.
32.1.5. Passing Criteria Summary
The TQS certification passing criteria are defined as follows for each certification grade.
| Certification Grade | Mandatory Item Compliance Rate | Recommended Item Compliance Rate | Optional Items |
|---|---|---|---|
| Basic Certification | 100% | No restriction | Not reflected |
| Advanced Certification | 100% | 80% or above | Not reflected |
| Premier Certification | 100% | 100% | Not reflected |
32.1.5.1. Basic Certification Passing Criteria
Basic certification requires 100% compliance with all mandatory (O) items. If even one mandatory item is non-compliant, the project is judged as fail. Basic certification is the minimum standard for using the TQS Mark.
32.1.5.2. Advanced Certification Passing Criteria
Advanced certification requires 100% compliance with mandatory items plus 80% or above compliance with recommended (R) items. The recommended item compliance rate is calculated based on all recommended items overall, not separately by area.
32.1.5.3. Premier Certification Passing Criteria
Premier certification requires 100% compliance with both mandatory and recommended items. Premier certification is the highest grade of TQS certification, and it additionally requires passing an in-depth technical review by the TQS Committee.
32.1.5.4. Partial Certification
If a project includes only a backend or only a frontend, certification is performed using only the applicable area's checklist. The same passing criteria apply in this case as well.