1/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley CMM vs. ISO David S. Craft CIRM, PMP Engineering & Manufactuing Services.

Slides:



Advertisements
Similar presentations
Chapter 10 Accounting Information Systems and Internal Controls
Advertisements

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Welcome to ISO 9000 for Managers
How ISO9001 Compares with CMM Mark C. Paulk JAN,1995 CMM version 1.1 ISO9001 July 1994 presented by Zhilan Zhou.
Comparative Analysis of IT Control Frameworks in the Context of SOX By: Malik Datardina, CA, CISA University of Waterloo.
Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense © 1998 by Carnegie Mellon.
Low Defect Potentials (< 1 per function point)
Sarbanes Oxley & CMMI Mazars / Lamri
CPIS 357 Software Quality & Testing I.Rehab Bahaaddin Ashary Faculty of Computing and Information Technology Information Systems Department Fall 2010.
1 Sarbanes-Oxley Section 404 June 29,  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.
Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.
Sarbanes-Oxley Compliance Process Automation
1 Quality Management Standards. 2 THE ISO 9000 FAMILY ISO 9000: 2005 Identifies the fundamentals and vocabulary for Quality Management Systems (QMS) ISO.
11 April 2007 CMM vs. ISO David S. Craft CIRM, PMP.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Quality Management Systems Chapter 10. Introduction ISO- International Organization for Standardization Founded in 1946, in Geneva, Switzerland Main function.
TERMINOLOGY OF ISO 9001:2000 By KOESWIDIJONO. ISO ISO : THE INTERNATIONAL ORGANIZATION FOR STANDARDIZATION IS A WORLDWIDE FEDERATION OF NATIONAL STANDARDS.
1 HUMAN RESOURCES: SOCIAL RESPONSIBILITY AND BUSINESS ETHICS.
1/ November 2007 / EDS INTERNAL 11 April 2007 CMM, ISO, Sarbanes Oxley CMM vs. ISO David S. Craft CIRM, PMP Engineering & Manufacturing Services.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
CMMI Overview Quality Frameworks.
1/ Spring 2008 / EDS INTERNAL 11 April 2007 CMM, ISO, Sarbanes Oxley CMM vs. ISO David S. Craft CIRM, PMP Engineering & Manufacturing Services.
ISO 9000:2000 Quality system standards adopted in 1987 by International Organization for Standardization; revised in 1994 and 2000 Technical specifications.
Agenda Review homework Final Exam requirments ISO 9000 Baldridge
How ISO 9001 Fits Into The Software World? Management of Software Projects and Personnel CIS 6516 March 6, 2006 Prepared by Olgu Yilmaz Swapna Mekala.
“The Impact of Sarbanes Oxley, An Evolving Best Practice” Ellen C. Wolf Senior Vice President & Chief Financial Officer American Water National Association.
Standardization. Introduction A standard is a document. It is a set of rules that control how people should develop and manage materials, products, services,
Software Process Improvement Initiative
FALL 2007EIN 5322 ENGINEERING MANAGEMENT ISO 9001:2000  José Ockerman  Marco A. Soto.
OHT 2.1 Galin, SQA from theory to implementation © Pearson Education Limited 2004 Software Quality assurance (SQA) SWE 333 Dr Khalid Alnafjan
Internal Auditing and Outsourcing
University of Sunderland CIFM03Lecture 3 1 QMS / Standards CIFM03 Lecture 3.
ISO 9001 Quality Management System
CMM vs. ISO David S. Craft CIRM, PMP Title Slide
ISO Initiatives & CSR in the EU Deborah Evans Business Manager: Corporate Reporting & Assurance LRQA A member of the Lloyd’s Register Group.
CMM vs. ISO David S. Craft. Agenda Who Am I EDS CMM ISO Similarities And Differences.
Chapter 9: Introduction to Internal Control Systems
1 Quality Management in Software Engineering. 2 Why do we need a QMS on a Project? To try to ensure that the project runs smoothly and we produce a quality.
Software Quality Assurance Lecture 4. Lecture Outline ISO ISO 9000 Series of Standards ISO 9001: 2000 Overview ISO 9001: 2008 ISO 9003: 2004 Overview.
CMMi What is CMMi? Basic terms Levels Common Features Assessment process List of KPAs for each level.
OHT 23.1 Galin, SQA from theory to implementation © Pearson Education Limited 2004 The benefits of use of standards The organizations involved in standards.
Introduction to ISO 9001:2000.
TickIT Standard1 Advanced Software Engineering COM360 University of Sunderland.
GRC - Governance, Risk MANAGEMENT, and Compliance
Implementation Issues of Sarbanes-Oxley CASE Presentation September 23, 2004 By Denise Farnan.
1 Today’s Presentation Sarbanes Oxley and Financial Reporting An NSTAR Perspective.
1 Information Technology (IT) Auditing & Control Instructor: Dr. Princely Ifinedo Cape Breton University (CBU)
Quality Concepts within CMM and PMI G.C.Reddy
Georgia Institute of Technology CS 4320 Fall 2003.
SEI CMM Robert Johnson Bobby Kolski Rafi Seddiqi Kumeel Alsmail.
QUALITY. QUALIDOC Web site: Telephone: 44+ (0) JEAN WHITE.
Requirements Development in CMMI
It was found in 1946 in Geneva, Switzerland. its main purpose is to promote the development of international standards to facilitate the exchange of goods.
Pittsburgh, PA CMMI Acquisition Module - Page M5-1 CMMI ® Sponsored by the U.S. Department of Defense © 2005 by Carnegie Mellon University This.
SE513 Software Quality Assurance Lecture12: Software Reliability and Quality Management Standards.
Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.
Auditors’ Dilemma – reporting requirements on Internal Financial Controls under the Companies Act 2013 and Clause 49 of the Listing agreement V. Venkataramanan.
UNDERSTANDING ISO 9001:2008.
IIASA Governance Review
CS4311 Spring 2011 Process Improvement Dr
CMMI Overview Quality Frameworks.
ISO 9000.
What are ISO 9000 Standards? ISO 9000 Standards
Need for ISO 9000 & other Q Systems Swamynathan.S.M AP/ECE/SNSCT
CMMI Overview.
Quality management standards
Agenda Review homework Final Exam requirments ISO 9000 Baldridge
An overview of Internal Controls Structure & Mechanism
Requirements Development in CMMI
Presentation transcript:

1/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley CMM vs. ISO David S. Craft CIRM, PMP Engineering & Manufactuing Services

2/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley Agenda Who Am I CMM ISO Similarities And Differences Sarbanes Oxley

3/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley Who Am I VISTA Volunteer Industrial Engineer Chief Industrial Engineer Manager Production Planning & Control Inventory Control Manager Shift Supervisor Materials Manager Consultant Project Manager Information Specialist, Senior Team Leader Managing Consultant Engineering and Manufacturing Services Applications Service Delivery Internal ISO Auditor

4/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

5/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

6/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

7/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

8/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley Federal government cannot distinguish between competing bids for software development Early 1980’s - Federal Government (Congress) awards a contract to establish the Software Engineering Institute (SEI) at Carnegie Mellon University (sponsored by the DOD) SEI begins work on a Process Maturity Framework for judging a company’s capability to produce software The Process Maturity Framework evolves into the Capability Maturity Model (CMM) August 1991 – SW-CMM Version 1 released SE-CMM developed by the Enterprise Process Improvement Collaboration (EPIC) CMM Version 1.1 released Begin developing CMMI (CMM Integrated) 2002 – CMMI SE/SW/IPPD/SS Version 1.1 introduced 200? - CMMI Version 1.2 Released CMMI History

9/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

10/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

11/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

12/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

13/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

14/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

15/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

16/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

17/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

18/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

19/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

20/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

21/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

22/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

23/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

24/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

25/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

26/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

27/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley Began with British Military standards ISO organization was established in 1947 Headquartered in Geneva, Switzerland Currently composed of 148 National Standard Bodies and 2,981 technical bodies As of 12/31/05 there are 15,649 International Standards embodied in 573,494 pages of English text ISO History

28/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley What are standards? Standards are documented agreements containing technical specifications or other precise criteria to be used consistently as rules, guidelines, or definitions of characteristics, to ensure that materials, products, processes and services are fit for their purpose. For example, the format of the credit cards, phone cards, and "smart" cards that have become commonplace is derived from an ISO International Standard. Adhering to the standard, which defines such features as an optimal thickness (0,76 mm), means that the cards can be used worldwide. International Standards thus contribute to making life simpler, and to increasing the reliability and effectiveness of the goods and services we use. Last modified

29/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley SectorStandard s Pages Generalities, Infrastructure and Sciences1,40649,761 Health, Safety and Environment65820,252 Engineering Technologies4,099169,843 Electronics, Information Technology and Telecommunications 2,447161,132 Transport and Distribution of Goods1,71044,918 Agriculture and Food Technology95420,335 Materials Technology3,94393,121 Construction31111,068 Special Technologies1213,064 Total15,649573,494 Where are the Standards (12/31/05)

30/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley The ISO family includes: ISO 9000:2000 – Quality Management Systems – Fundamentals and vocabulary ISO 9001:2000 – Quality Management Systems - Requirements ISO 9004:2000 – Quality Management Systems – Guidelines for performance improvement ISO – Guidelines on quality and/or environmental management systems auditing. ISO Measurement control system Which ISO Standards

31/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley Quality System Documentation Procedures Records/Documentation QualityManual Work/JobInstructions Level 1 Defines Approach and Responsibility Level 2 Defines Who, What, When Level 3 Answers How Level 4 Results: shows that the system is operating

32/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley ISO 9001:2000 Structure 4.Quality Management System 4.1 General requirements 4.2 Document requirements 5. Management Responsibility 5.1 Management commitment 5.2 Customer focus 5.3 Quality policy 5.4 Planning 5.5 Responsibility, authority, communication 5.6 Management review 6.Resource Management 6.1 Provision of resources 6.2 Human resources 6.3 Infrastructure 6.4 Work environment 7.Product realization 7.1 Planning of product realization 7.2 Customer-related processes 7.3 Design and development 7.4 Purchasing 7.5 Production and service provision 7.6 Control of monitoring and measuring devices 8.Measurement, Analysis & Improvement 8.1 General 8.2 Monitoring and measurement 8.3 Control of nonconforming product 8.4 Analysis of data 8.5 Improvement

33/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley Both require the organization be explicit about what their processes and quality systems are Say what you do; do what you say The organization records and tracks data for objective analysis Require strong management support to succeed Provide a structured and measured approach to quality improvement Require an outside audit for “certification” Both are refined/improved over time Similarities

34/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley Differences ISO 9000SW-CMMI Outwardly focusedInwardly focused Minimum requirements with implied continuous improvements Explicit continuous quality improvement Not specific to any one industry or service Software focus Registration DocumentNo documentation Continual AuditsNo follow up audits

35/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley Sarbanes-Oxley Implications With its more than 300 discrete points of enforceable law, this is the most significant piece of account legislation passed since the formation of the SEC in 1933 SOX was passed with the specific intent of increasing accountability and attempting to install ethical behavior in financial reporting and business operations. With this increase spotlight on reporting, companies must invest resources and focus into their internal control process The Act created the Public Company Accounting Oversight Board (PCAOB) to oversee the activities of the auditing profession and mandated reforms to enhance corporate and criminal fraud accountability. A goal of SOX legislation is to continually improve the transparency of financial and business events that can impact the accuracy and future validity of financial statements. Projects to improve processes and regular review of controls will become common-place activities as compliance evolves. Tools that simplify project completion and track status will better enable organization to cost-effectively undertake these projects.

36/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.