Presentation is loading. Please wait.

Presentation is loading. Please wait.

TickITplus – what it can do for you Talk to BCS Hants March 2012 Graham Gee Quality & InfoSec Manager.

Similar presentations

Presentation on theme: "TickITplus – what it can do for you Talk to BCS Hants March 2012 Graham Gee Quality & InfoSec Manager."— Presentation transcript:

1 TickITplus – what it can do for you Talk to BCS Hants March 2012 Graham Gee Quality & InfoSec Manager

2 Graham Gee BSc in Astrophysics and PhD in Submillimetre Astronomy at Queen Mary College, University of London 26+ years in IT industry Wide range of employers, clients, market sectors Previously 10 years in mainland Europe (NL, CH, B, D) 20+ years in quality assurance, consultancy and management Last 4.5 years Quality & InfoSec Manager at IPL in Bath 20 years as MBCS, <1 as FBCS BCS Council member/trustee in early 00’s – change programme

3 Use this layout for text on top of a vertically striped picture. IPL background Trusted, independent consulting & solutions house 30 year track record 260 staff, £28m+ turnover Business/mission critical contexts Consistently exceed expectations Multiple market sectors Re-defined strategy (MBO April ‘08) Intelligent Business Four service offerings Business and technical consulting Solution delivery, managed services Raising our profile Official Business Partner

4 IPL Differentiators Quality & adaptability of staff Depth of business & technical knowledge Execution & delivery Quality of output Value for money Long term business relationships Commercial flexibility Transparency & trust Size & scale

5 Aerospace & Defence Ministry of Defence Flight Refuelling EADS Thales Logica GE Aviation Avionics systems Mission planning Crypto key management Secure communications Network management In-flight refuelling

6 Banking & Finance Nationwide Clydesdale Bank Bank of England Barclays Bristol & West Investments Online financial product applications Core banking systems Asset & unit pricing control Liquidity reporting Data migration & integration Pensions policy administration

7 Emergency Services EADS FiReControl Hertfordshire Constabulary Kent Police Northamptonshire Police NPIA Wiltshire Police Core policing systems ISS4PS compliance Collision recording ANPR data analysis GIS & crime mapping Mobile data solutions

8 Government Local Authorities Audit Commission Met Office Government Ombudsmen Technology Strategy Board Web portals Web-enabled Information Complaints handling “Digital Britain” testing GIS & mapping applications

9 Industry A Global Energy Company Imperial Tobacco Group IBM GlaxoSmithKline Fertility Focus Data warehouse & applications Management information systems Information management & SOA Clinical drug trials data archive Medical devices

10 Telecoms, Broadcast & Media Nokia Music Ericsson NSN Aepona O 2 Orange Ubiquisys GSM core network systems Transmission and QoS management Intelligent Networks Multimedia services Network/Service Management Systems Technical Launch Services

11 Transport Amey Atkins Highways Agency Mouchel TfL Wincanton Traffic control centre systems Managed motorways Intelligent transport systems Transport logistics Asset management

12 IPL’s origins more than 30 years ago in UK Aerospace and Defence Range of market sectors/customers, business/mission critical contexts Objective since 1979 “to provide customers with high quality, high reliability software within timescale, budget and specification” “Quality is the responsibility of all individuals within the Company” More than 20 years ago (before SEI’s CMM existed) By 1988 IPL’s QMS and processes were aligned to the international standard ISO 9001 and a few years later the TickIT software sector-specific scheme TickIT was largely adopted by the UK software development industry Especially in IPL’s core market sector with high quality requirements IPL’s Focus on Quality

13 TickIT Built into certification to ISO 9001 with regular external assessment by specially qualified auditors (in IPL’s case this is six-monthly by BSI and now LRQA) Was mandatory for many years for software companies working directly or indirectly for MoD Is a best practice guide aligned with international standards ISO 9001, ISO 9000-3 and ISO 12207

14 QMS Pressures 2010-2012 Wide range of market sectors, systems, applications and technologies Increasing emphasis on business processes rather than detailed technical procedures QMS not kept pace with changing world – needs modern approach, flexible, responsive, look-and-feel Process-based approach and measurement: Services Business Manual, TickITplus Managed services: Application take-on, support, ITIL, ISO20000? IP generation: Product development

15 Accreditations & Affiliations ISO 9001:2008/TickIT ISO 27001:2005 ISO 14001:2004

16 Was due to launch in January 2011 3-year “clock” to migrate from TickIT started ticking in Dec 2011 Adds process capability assessment, with levels mapped to international standard ISO/IEC 15504, similar to CMMI So moves TickIT to same basis as CMMI but also Backed by UK plc (including BSI, BCS, Intellect, MoD) Integral part of certification to international standard ISO 9001 by certification bodies such as BSI, LRQA and DNV Requires mapping of project, technical, organisational, IT-specific, agreement and maturity processes to the Base Processes Library TickITplus

17 IPL’s 1 st plan v. TickITplus levels ISO 15504 process levelsTickITplusTarget 1. PerformedFoundation2011 2. ManagedBronze2011 3. EstablishedSilver2011 4. PredictableGold2012 5. OptimizingPlatinum2013

18 TickIT lead auditor course in 2006: Declining interest in the scheme; only one accredited trainer in the UK; Auditor and company registrations dropping; only ever good practice guidance; CMMI stolen march in India and elsewhere from its US origins Joined IPL in Oct 2007 aiming to bring QMS into 21 st century Long experience in Quality/TickIT and with BCS TickITplus coming “soon” as UK alternative to CMMI… Occasionally we get pressure around our plans w.r.t. CMMI in questionnaires and responses Happened again at end of 2010 around Thales preferred supplier selection TickITplus was a long time coming – chronic lack of communication Steps to TickITplus: 2006-2010

19 Transition of Certification Body to LRQA – December 2010 Kept the faith –> information sessions hosted at Intellect, early 2011 Speculative gap analysis cf. list of process titles – March/April 2011 Assessor/practitioner training by Dave Wynn for IT Governance – June Base Process Library (BPL) finally published – also June 2011 Confirmed gap analysis (cf. BPL) –> 1 st draft PRM – July 2011 3-year “clock” to migrate from TickIT started ticking in Dec 2011 LRQA Stage 1 assessment – end Sept 2011 -> 3 Minor N/Cs LRQA Stage 2 assessment – Dec 2011 -> certification but 7 new Minor N/Cs (just before Christmas!) and Corrective Action Plan Steps to TickITplus: during 2011

20 Eight scope profiles (currently two) 40 processes (currently 22): organizational, project and technical Mapped to four international standards (currently one and a half) ISO 9001 ISO 20000 and ISO 27001 – resp. Q2/Q3 2012 ISO 15504 – basis laid but rest later, possibly 2013 Combined assessor/practitioner training – overseen by gasq Currently three UK Certification Bodies (BSI, DNV, LRQA) Run by Joint TickIT Industry Steering Committee (JTISC) What does TickITplus involve?

21 What does TickITplus look like?

22 Currently Systems and Software Development and Support Product Validation, Quality and Measurement To come Information Management and Security Service Management Project and Programme Management Corporate Strategy Planning and Management Legal and Compliance IT Systems Engineering and Infrastructure Scope profiles

23 Human Resource Management Management Framework Corporate Management and Legal Infrastructure and Work Environment Management Improvement Measurement and Analysis Customer Focus Risk Management Lifecycle Model Management Organizational processes

24 Measurement and Analysis

25 Currently Project Management Configuration and Change Management Problem and Incident Management To come Decision Management Information Management IT Finance Management Management Reporting Project processes

26 Project Management

27 Data and Record Management Integration Management Verification Validation Transition and Release Management Maintenance Management Stakeholder Requirement Definition Requirements Analysis Architectural Design Development Implementation Technical processes

28 Architectural Design

29 What has TickITplus done for us?

30 Modern, pragmatic, detailed process/practice requirements NOT good practice guidance (cf. TickIT) Based on international standards - ISO 9001 and ISO 15504 (aka. SPICE) Scheme to be extended to allow combined assessment with ISO 20000 and ISO 27001 Regular, professional and independently assured assessments by certification bodies - currently BSI, DNV and LRQA in the UK cf. CMMI Much less bureaucratic than CMMI BUT TickITplus Foundation level (currently 22 processes) is only equivalent to CMMI Levels 2/3 (resp. 7/11 processes) with capability maturity dimension based on ISO 15504 to be added TickITplus lessons/benefits

31 LRQA surveillance visit – end March 2012 Some processes clearly need improving/redefining Configuration/change managementIntegration management Lifecycle model managementImprovement LRQA’s recertification visit at end of August 2012 Extension to cover ISO 27001 later in 2012? Could consider adding additional scope profiles? Move up to Bronze (OK) and Silver (difficult) when available Share the good news with the UK IT community via BCS, LRQA, Intellect, with Omniprove and Nexor IPL – where next with TickITplus?

32 Questions? Dr Graham Gee FBCS CITP TSSF Quality & InfoSec Manager 01225 475287 Eveleigh House Grove Street Bath BA1 5LR 01225 475000

33 Additional slides To be used as required

34 Customers Government Aerospace & Defence Banking & Finance Emergency Services

35 Customers Transport Telecoms, Broadcast & Media Industry A Global Energy Company A Global Energy Company

36 Engagement Models Managing risk Time-boxed Risk/reward Fixed price Flexibility Time & materials Gain share IPR ownership Partnership Bid-stage engagement Teaming agreement Long term relationship via a range of engagement models Staffing Single consultant Managed team of >50 Location Your premises IPL’s offices Availability Quick commercial response Start within days

37 Business Consulting Identifying the business need Information management Business analysis Business process management Business case preparation IS strategy Programme management

38 Technical Consulting Analysing the technical options Client-side - procurement support, technical project management, design authority Project specific - rapid prototyping, requirements capture, architecture design Subject matter expertise – eg telecoms technologies, secure communications, geospatial technologies Bid support - expert advice and technology recommendations

39 Solution Delivery Delivering the solution Full life-cycle implementation Software development Systems integration Mitigating risk and sharing development burden Reducing development timescales 3rd party product expertise Accredited quality methodology Predictable, reliable, transparent delivery

40 Managed Services Supporting commercial solutions On-going support and maintenance services 3 rd party application support System hosting Reducing overall cost of ownership Freeing organisation to focus on core skills and strategic projects Secure, modern premises UK facilities & staff

41 Working with IPL “IPL is our strategic software partner...track record of delivering high quality, leading edge software...” Commercial Director “IPL brought a fresh and independent look at the way we develop systems...helped us to take a valuable step back from the day-to-day detail...together, we will develop more successful solutions...” CIO “...a first class and dependable software development service... contributed value at many levels in the design and development cycle” CTO

42 Working with IPL “Actually appear to live the culture of customer support and commitment. Deliver what they say they are going to deliver when they say they are going to deliver” Programme Manager “They are a reliable, professional hard to understand the clients requirements and deliver against them” Application Support Manager “Very competent, very proactive, willing to assist, reliable and effective.” Programme Manager

Download ppt "TickITplus – what it can do for you Talk to BCS Hants March 2012 Graham Gee Quality & InfoSec Manager."

Similar presentations

Ads by Google