Presentation on theme: "International Software Quality Models ISO"— Presentation transcript:
1 International Software Quality Models ISO 9000-3 SQA – SWE 333Software Quality AssuranceInternational Software Quality Models ISOProf. Dr. Mohamed BATOUHEDept. of Software EngineeringCCIS – King Saud University
2 Quality Management Standards The scope of quality management standards
3 The Benefits of using Standards * The ability to apply methodologies and procedures of the highest professional level. * Better mutual understanding and coordination among development teams but especially between development and maintenance teams. * Greater cooperation between the software developer and external participants in the project. * Better understanding and cooperation between suppliers and customers, based on the adoption of standards as part of the contract.
4 Organizations involved in SQA Standards Development Most prominent developers of SQA standards:IEEE (Institute of Electric and Electronic Engineers) Computer SocietyISO (International Standards Organization)DOD (US Department of Defense)ANSI (American National Standards Institute)IEC (International Electrotechnical Commission)EIA (Electronic Industries Association)
5 Scope of quality management standards – Certification Standards * Enable a software development organization to demonstrate consistent ability to assure acceptable quality of its software products or maintenance services. Certification is granted by an external body.* Serve as an agreed-upon basis for customer and supplier evaluation of the supplier’s quality management system. Accomplished by performance of a quality audit by the customer.* Support the organization's efforts to improve its quality management system through compliance with the standard’s requirements.→ One indication of the importance of standards is the current trend of software development tenders, which require certification of participants …
7 ISO 9000In 1946, delegates from 25 countries met in London and decided to create a new international organization, of which the object would be "to facilitate the international coordination and unification of industrial standards". The new organization, ISO, officially began operations on 23 February 1947, in Geneva, Switzerland.ISO 9000 is a series of documented standards prescribing quality management.ISO 9000 has a broad scope: hardware, software, processed materials and services.The standard outlines the basic elements of a good quality management system. These elements are good business practice.
8 ISO 9000ISO 9000 is a written set of standard which describe and define the basic elements/clauses of the quality system needed to ensure that an organization’s products/or services meet or exceed customer needs and expectationsISO 9000 is based on documentation and is based on the following:- Document what you do;- Do what your document;- Prove it and improve itISO 9000 emphasizes prevention.
9 ISO 9000ISO 9000 and ISO 9004 are guidelines for quality management and are not Mandatory for certification.ISO 9001, ISO 9002, and ISO 9003 are Quality system standards.ISO 9001 is the broadest standard and provides a model for design, development, production, installation and servicingISO 9002 is limited to production, installation and servicingISO 9003 is further limited to inspection and testingA company should first use ISO to design and to implement a quality system. Once the quality has been installed, the company may use the quality assurance models of ISO 9001, ISO 9002, or ISO 9003 to demonstrate the adequacy of the quality system.
10 Why ISO 9000 Certification? Better organizational definition greater quality awarenessbetter documentation of processesincreased control of operationsOngoing analysis of and solution to problemsPositive cultural changeImproved customer satisfaction and increased market opportunities
11 The criteria for getting ISO 9000/9001 certification Review the current operation and business structure of your facility.Provide an introductory session in ISO 9000/9001 requirements and instruct in the preparation of job descriptions and work instruction style documentation.Audit the completed job descriptions and work instructions and prepare the structure for the policies and procedures manual.Write the first draft of the policy and procedures manual to meet ISO 9000/9001 standards incorporating the existing documented work instructions.
12 The criteria for getting ISO 9000/9001 certification Submit first draft of manuals for review and approval. Prepare final draft of documentation and audit manuals for compliance to ISO 9000/9001 requirements.Train staff on the policies, procedures and work instruction manuals and receive feedback as to the accuracy of the documentation.Conduct a simulated third party audit of the implemented Quality System utilizing qualified auditors.Make final adjustments to the Quality System to prepare for certified third party audit.
14 ISOISO , the guidelines offered by ISO, represent implementation of the ISO 9000 standards to the special case of software development and maintenance.ISO is a standard for quality software systems.It is very short (approximately 30 pages) and very high level (abstraction).It explains what to do and not how to do !!
15 ISO 9000-3: An Excerpt ISO 9000-3 4.4 Software development and design GeneralDevelop and document procedures to control the product design and development process. These procedures must ensure that all requirements are being met.Software developmentControl your software development project and make sure that it is executed in a disciplined manner.Use one or more life cycle models to help organize your software development project.Develop and document your software development procedures. These procedures should ensure that:Software products meet all requirements.Software development follows your:Quality plan.Development plan.From
16 ISO 9000-3 The 8 guiding quality management principles: Principle 1 Customer focusPrinciple 2 LeadershipPrinciple 3 Involvement of peoplePrinciple 4 Process approachPrinciple 5 System approach to managementPrinciple 6 Continual improvementPrinciple 7 Factual approach to decision makingPrinciple 8 Mutually beneficial supplier relationships
17 Principle 1 Customer focus Organizations depend on their customers and therefore should understand current and future customer needs, should meet customer requirements and strive to exceed customer expectations.
18 Principle 2 LEADERSHIPLeaders establish unity of purpose and direction of the organization (the organization’s vision). They should create and maintain the internal environment in which people can become fully involved in achieving the organization's objectives.
19 Principle 2 LEADERSHIP Key benefits People will understand and be motivated towards the organization's goals and objectives.Activities are evaluated, aligned and implemented in a unified way.Miscommunication between levels of an organization will be minimized.
20 Principle 3 Involvement of people People at all levels are the essence of an organization and their full involvement enables their abilities to be used for the organization's benefit.
21 Principle 4 Process approach A desired result is achieved more efficiently when activities and related resources are managed as a process.
22 How is a Process Managed? Monitor & Measure the Processmake sure the inputs are right, the transformationactivities consistently work, and the desired resultsare achieved, then - improve the process as neededActivityINPUTOUTPUTEfficientNo WasteEffectiveDesired Results AchievedRight Resources:Qualified PeopleRight Facilities/EquipmentCorrect MaterialsProven MethodsDesired Results:Quality ProductsQuality ServicesCustomer SatisfactionEmployee Satisfaction
23 Principle 5 System approach to management Identifying, understanding and managing interrelated processes as a system contributes to the organization's effectiveness and efficiency in achieving its objectives.
24 Principle 6 Continual improvement Continual improvement of the organization's overall performance should be a permanent objective of the organization.
25 Improve Process through PDCA Cycle Improvement Objective The Quality Management System (QMS) must be used for continuous improvement ...Improve Process through PDCA CycleResultsBaseline PerformancePlan DoAct CheckMeasure/Monitor Results Against Objectives - Improve Process and Change QMS as Needed to Achieve and Sustain Desired ResultsQMSImprovement Objective
26 QUALITY MANAGEMENT SYSTEM Continual improvement of theQuality management systemManagementresponsibilityCustomersCustomersMeasurement,analysis andimprovementResourcemanagementSatisfactionRequirementsThe ISO 9001:2000 Requirements:ScopeGeneralApplicationNormative referenceTerms and definitionsQuality management systemGeneral requirementsDocumentation requirementsQuality manualControl of documentsControl of recordsManagement responsibilityManagement commitmentCustomer focusQuality policyPlanningQuality objectivesQuality management system planningOutputInputProductrealizationProductInformation flowValue-adding activities
27 Principle 7 Factual approach to decision making Effective decisions are based on the analysis of data and information
28 Principle 8 Mutually beneficial supplier relationships An organization and its suppliers are interdependent and a mutually beneficial relationship enhances the ability of both to create added value
29 ISO : RequirementsThe ISO includes about 20 requirements that relate to various aspects of software quality management classified into the following five groups:Quality management systemManagement responsibilitiesResource managementProduct realizationMeasurement, analysis and improvement
30 ISO 9000-3: Principal areas of quality focus • management responsibility • quality system requirements • contract review requirements • product design requirements • document and data control • purchasing requirements • customer supplied products • product identification and traceability • process control requirements • inspection and testing• control of inspection, measuring, and test equipment• inspection and test status• control of nonconforming products• corrective and preventive actions• handling, storage, and delivery• control of quality records• internal quality audit requirements• training requirements• servicing requirements• statistical techniques
32 ISO 9000-3 Certification Development of the organization’s SQA system: Development of a quality model and SQA proceduresDevelopment of other SQA infrastructureStaff trainingPreventive and corrective actions proceduresConfiguration management servicesDocumentation and quality record controlDevelopment of a project progress control system
33 ISO CertificationImplementation of the organization’s SQA system:Setting up a staff instruction programLeaders and managers are expected to follow up and support the implementation efforts made by their units.Internal quality audits are carried out to verify the success in implementation.The findings will determine of whether the organization has reached a satisfactory level of implementation.
34 ReferencesWilliaw E. Lewis, “Software Testing And Continuous Quality Improvement”, Third Edition, CRC Press, 2009.K. Naik and P. Tripathy: “Software Testing and Quality Assurance”, Wiley, 2008.Ian Sommerville, Software Engineering, 8th edition, 2006.Aditya P. Mathur,“Foundations of Software Testing”, Pearson Education, 2009.D. Galin, “Software Quality Assurance: From Theory to Implementation”, Pearson Education, 2004David Gustafson, “Theory and Problems of Software Engineering”, Schaum’s Outline Series, McGRAW-HILL, 2002.Michael R. Liu, Handbook of Software Reliability Engineering, IEEE Computer Society Press, McGraw-Hill, 2005.