Bora Demircan

Scope:

The scope of the document is the internationally accepted specification of requirements for customer satisfaction and meeting regulatory requirements in order to provide a quality software, in which inspite of the possibility of being N/A to different types of organizations with different structure, these requirements are intended to be applicable to general types of organizations.

Main topics of the document are as follows:

• Quality Management
• Management Responsibility
• Resource Management
• Product Realization
• Measurement, Analysis and Improvement

Quality Management:

General requirements: of the organization are to identify the processes, determine sequences and interactions of these processes, methods and criteria to ensure the effectiveness, availability of resources and information, monitor, measure and analyse these processes and take actions necessary for continuous improvement. The following topics gives guidance to quality management:

• Documentation requirements: that quality policies and objectives should be documented in addition to the quality manuals, document procedures and records required by this document and documentation for effective planning, operation and control.

o Quality Manuals: to be prepared should include the scope, procedures and detailed description between processes of the quality management system.

o Control of Documents: This includes variety of controls including the document approval, reviews and updates, identification changes and revision etc.

o Control of Records: The records also have to be maintained to be conformable to the requirements of the system. The evidence of this conformity can be checked by several techniques such as test results, problem reports and change requests. The quality management system will have the evidence of effective operation with the changes to resources, different types of estimates, the reasons on selecting the tools, methodologies and suppliers, software license agreements, minutes of meetings and software release records.

o Retention and Disposition: it should be taken into account the media degradation, availability of devices etc.

Management Responsibility:

• Management Commitment: With communication through the organization, establishing quality policy, ensuring quality objectives, management reviews and availability of resources are the ways of the evidence of management commitment.

• Consumer Focus: The management also has to ensure that consumer requirements and satisfaction has been maintained.

• Quality Policy: Top management should also consider the quality policy that it should meet some requirements such as conformity to the purpose of the organization and providing framework for establishing and reviewing quality objectives.

• Planning:

o Quality Objectives: The quality objectives should be measurable and consistent with the quality policy it self.

o Quality Management System Planning: For maintaining the quality objectives and requirements, including the definition of the appropriate life-cycle model, work products of development, content of software management plans, how methods are tailored, tools and environment for development, conventions for usage of programming languages and identifying the software reuse.

• · Responsibility, authority and communication:

o Responsibility and Authority: Top management should define the roles and responsibilities

o Management Representative: They should appoint a member responsible for establishing, implementing and maintaining processes, reporting the performance and ensuring the promotion awareness.

o Internal Communication

• Management Review:

o General Review: for continuing suitability, adequacy and effectiveness.

o Review Input: includes results of audits, customer feedbacks, performance, conformity, preventive and corrective actions, follow-up actions, changes and recommendations for improvement.

o Review Output: decisions and actions related to improvement of effectiveness, customer requirements and resource needs.

Resource Management:

• Provision of Resources: should determine the resources needed for customer satisfaction, improve effectiveness and continuous implementation and maintenance

• Human Resources: in the criteria of education, training, skills and experience.

o Competence, Awareness and Training: Competence for personel, training and other actions for personel satisfaction, maintain records for education, training, skills and experience.

• Infrastructure: determine, provide and maintain buildings, equipment and supporting services such as knowledge management, analyzing, designing, implementation tools, network tools, virus protection etc.

• Work Environment: should be maintained for conforming to product requirements.

Product Realization:

• Planning: it should be consistent with the requirements of the other processes

o Software life cycle: Processes, activities and tasks should be planned and performed using life cycle models suitable to the Project.

o Quality planning: conforming the quality management system to a specific project, product or contract which should be revised with the progress of design and development

• Customer-related processes:

o Determination of requirements related to the product: including customer requirements, requirements naturally intended or specified for use and regulatory requirements in addition to requirements defined by the organization.

o Review of requirements related to the product: Defining the organization concerns relevant in organization review, contracts or orders and risks related to the product.

§ Customer representative: Co-operation with the organization needed for providing necessary information and to resolve issues related to the customer itself.

o Customer communication: During development or operations and maintenance, for getting necessary product information, enquiries, contracts, orders and feedback. It may depend on the contractual agreement.

• Design and development

o Design and development Planning: to determine the design and development stages, review, validation, verification and responsibilities for design and development. The inputs and outputs of design and development stage should be determined with ease. Changes should be approved before implementation.

§ Interfaces: The organization may be in need of reviewing the design and development planning. Different kind of actors should involve in this stage who will be in direct relation with the software.

• Purchasing: The purchasing process should conform the requirements depending on the effects of the purchase to the system, which should be controlled in design and development stages. Purchasing information should be well documented and verified to meet the requirements

• Production and service provision: should be planned and controlled through out the Project, which includes release activities (release, replication), delivery actitivities (delivery, installation) and post-delivery activities (operations, maintenance).

• Control of monitoring and measuring devices: for evidence of conformity.

Measurement, analysis and improvement:

• Monitoring and measurement: to ensure and demonstrate conformity of the quality management system and continuous development.

o Customer satisfaction:

o Internal audit

o Monitoring and measurement of processes: measuring the planned and actual duration and cost of the process activity and measures on quality.

o Monitoring and measurement of product: for functionality, maintainability, efficiency, portability, usability and reliability.

• Control of nonconforming product: determining the nonconformity and taking necessary actions like elimination, authorization or acceptance of use or taking action the prevent it from being used.

• Analysis of data: should include information related to suppliers, customer satisfaction, conformity and characteristics of the processes or products. This may include problem reports and various levels of testing.

• Improvement: For continual improvement the organization should choose to take corrective or preventive actions by determining the noncomformities by their characteristics with the use of quality policy, quality objectives, audit results, analysis of data and management review.

References:

• ISO/IEC 90003 INTERNATIONAL STANDARD, Software engineering - Guidelines for the application of ISO 9001:2000 to computer software, International Organization for Standardization, 2004

No Comments