Iso 9000 and sei cmm
This presentation is the property of its rightful owner.
Sponsored Links
1 / 34

ISO 9000 and SEI CMM PowerPoint PPT Presentation


  • 38 Views
  • Uploaded on
  • Presentation posted in: General

ISO 9000 and SEI CMM. What ISO 9000 Mandates.

Download Presentation

ISO 9000 and SEI CMM

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Iso 9000 and sei cmm

ISO 9000and SEI CMM


What iso 9000 mandates

What ISO 9000 Mandates

The requirements for a quality system have been standardized - but many organizations like to think of themselves as unique. So how does ISO 9001:2008 allow for the diversity of say, on the one hand, a "Mr. and Mrs." enterprise, and on the other, to a multinational manufacturing company with service components, or a public utility, or a government administration?

The answer is that ISO 9001:2008 lays down what requirements your quality system must meet, but does not dictate how they should be met in any particular organization. This leaves great scope and flexibility for implementation in different business sectors and business cultures, as well as in different national cultures.

-- ISO


Insuring compliance

Insuring Compliance

  • The standard requires the organization itself to audit its quality system to verify that it is managing its processes effectively - or, to put it another way, to check that it is fully in control of its activities.

  • In addition, the organization may invite its clients to audit the quality system in order to give them confidence that the organization is capable of delivering products or services that will meet their requirements.

  • Lastly, the organization may engage the services of an independent quality system certification body to obtain an ISO 9001:2008 Certificate of Conformity. This last option has proved extremely popular in the market-place because of the perceived credibility of an independent assessment.

    -- ISO


Iso 9001 contents

ISO 9001 Contents

  • Section 4 General Requirements

  • Section 5 Management Responsibility

  • Section 6 Resource Management

  • Section 7 Product Realization

  • Section 8 Measurement, Analysis and Improvement


Iso 9000 and sei cmm

ISO 90003

Section 7 - Product Realization

7.1 Product Realization Planning

7.2 Customer Processes

7.2.2 Review of Software Product Requirements

7.2.2.1 Review Product Requirements related to Customer Contract

7.3 Software Design and Development

7.4 Purchasing Parts and Components

7.5 Product and Service Provisions

  • tracking builds, deliveries, releases

    7.6 Monitoring and Measuring

http://www.praxiom.com/iso-90003.htm


Iso 9000 and sei cmm

ISO 90003

Section 8 - Measurement, Analysis, and Improvement

8.1 Carry out remedial processes

  • Plan how monitoring, measuring, and analytical processes will be used to demonstrate conformity.

  • Use monitoring, measuring, and analytical processes to demonstrate conformance.

    8.2 Monitor and measure quality

    8.2.1 Monitor and measure customer satisfaction.

    8.2.2 Plan and perform regular internal audits.

    8.2.3 Monitor and measure quality processes.

    8.2.4 Monitor and measure product characteristics.

    8.3 Control your nonconforming software products

  • Prevent the delivery or use of nonconforming software products.

    8.4 Analyze quality information

    8.5 Take required remedial actions

http://www.praxiom.com/iso-90003.htm


9001 required documents

9001 Required Documents

  • Quality Policy

  • Control of Documents

  • Control of Records

  • Internal Audits

  • Control of Nonconforming Product / Service

  • Corrective Action

  • Preventive Action

    These may go in a single "Quality Manual".

http://en.wikipedia.org/wiki/ISO_9000


Iso 9000 and sei cmm

  • Quality Policy

    • intended for all levels of employees

    • linked to business plan, marketing plan, customer needs

    • measurable objectives

  • Records

    • allows problems to be traced back to causes

    • includes

      • test results, customer comments, etc.

      • actions taken to improve

  • Internal Audits

    • is the system working?

    • what improvements can be made?


Reality check

Reality Check

  • Does ISO 9001 actually improve software quality?

    • independent studies indicate yes

    • ISO 9001 creates a climate of quality

  • or is this a self-selecting group that only applied for ISO certification because they were already interested in and doing QA?


Not always a good idea

Not always a good idea

  • Good business judgment is needed to determine ISO9001's proper role for a company.

  • Is certification important to the marketing plans of the company? If not, do not rush to certification.

  • Even without certification, companies should utilize the ISO 9001 model as a benchmark to assess the adequacy of its quality programs.

    -- Frank Barnes


Capability maturity model

CapabilityMaturityModel


Cmm history

CMM History

  • 1986 - Effort started by SEI and MITRE Corporation

    • assess capability of DoD contractors

  • First version published in 1991

  • closely related to TQM

    • goal is customer satisfaction

      • not required that customer be "delighted"


Some fundamental ideas

Some Fundamental Ideas

  • Process improvement is based on small steps, rather than revolutionary innovation.

  • CMM is not exhaustive or dictatorial.

  • CMM focuses on processes that are of value across the organization.


Levels

Levels

  • Initial

  • Repeatable

  • Defined

  • Managed

  • Optimizing

http://www.estylesoft.com/pictures/cmm_level3.CCC6E28B8902407D8B1AA608D92EF004.gif


Level 1 the initial level

Level 1 : The Initial Level

  • ad hoc, sometimes chaotic

  • overcommitment leads to a series of crises

  • during a crisis, projects abandon plans

  • capability is characteristic of individuals, not the organization

    • when a good manager leaves, the success leaves with them


Level 2 the repeatable level

Level 2 : The Repeatable Level

  • Planning is based on experience with similar projects

    • past successes can be repeated

  • Policies for Managing and Implementation

    • installed basic management controls

    • track costs and schedules

    • notice and deal with problems as they arise


Level 3 the defined level

Level 3 : The Defined Level

  • Standard Processes defined across the organization and used by all projects

    • standard set of roles, activities, quality tracking, etc

    • each project uses a tailored version of this standard process

  • Training Program is in place to ensure everyone has the skills required for their assigned role


  • Level 4 the managed level

    Level 4 : The Managed Level

    • Quantitative Quality Goals

      • for both Products and Processes

  • Organization-wide Process Database

    • meaningful variations in process performance can be distinguished from random noise

      • actions are then taken to correct the situation

  • Products are of predictably high quality


  • Level 5 the optimizing level

    Level 5 : The Optimizing Level

    • Organization has the means to identify weaknesses and strengthen the process proactively

    • teams analyze defects to determine their cause, and disseminate lessons learned throughout the organization

    • major focus on eliminating waste

      • e.g. reduce amount of rework


    Iso 9000 and sei cmm

    Defect prevention

    Technology change management

    Process change management

    Key Process Areas

    by maturity level

    Quantitative process management

    Software Quality Management

    Organization process focus

    Organization process definition

    Training program

    Integrated software management

    Software product engineering

    Intergroup coordination

    Peer Reviews

    Requirements management

    Software project planning

    Software project tracking and oversight

    Software subcontract management

    Software quality assurance

    Software Configuration management

    This is a

    somewhat handy

    hierarchy of activities.


    Don t skip levels

    Don't skip levels

    • For example,

      • collecting detailed data (level 4) is meaningless unless the data is from projects that use a consistent process (level 3)


    Level comparison risk

    Level Comparison - Risk

    • Level 1

      • Just do it

    • Level 2

      • problems are recognized and corrected as they occur

    • Level 3

      • problems are anticipated and prevented, or impacts minimized

    • Levels 4 and 5

      • sources of problems are understood and eliminated


    Level comparison people

    Level Comparison - People

    • Level 1

      • success depends on individual heroics

      • fire fighting is the way of life

    • Level 2

      • success depends on individuals

      • efforts are supported by management

    • Level 3

      • people are trained for their role(s)

      • groups work together

    • Levels 4

      • strong sense of teamwork in every project

    • Level 5

      • strong sense of teamwork across the organization

      • everyone does process improvement


    Level comparison measurement

    Level Comparison - Measurement

    • Level 1

      • ad hoc (if any) data collection and analysis

    • Level 2

      • individual projects use planning data

    • Level 3

      • data collected for all processes

      • data shared across projects

    • Levels 4

      • data standardized across the organization

    • Level 5

      • data used for process improvement


    Iso 9000 and sei cmm

    Defect prevention

    Technology change management

    Process change management

    Key Process Areas

    by maturity level

    Quantitative process management

    Software Quality Management

    Organization process focus

    Organization process definition

    Training program

    Integrated software management

    Software product engineering

    Intergroup coordination

    Peer Reviews

    Requirements management

    Software project planning

    Software project tracking and oversight

    Software subcontract management

    Software quality assurance

    Software Configuration management


    Software project planning goals

    Software Project Planning Goals

    • Goals

      • Software estimates are documented for use in planning and tracking the software project.

      • Software Project activities and commitments are planned and documented.

      • Affected groups and individuals agree to their commitments related to the software project.


    Software project planning 1 commitment to perform

    Software Project Planning1. Commitment to Perform

    • Commitment 1 -- A project software manager is designated to be responsible for negotiating commitments and developing the project's software development plan.

    • Commitment 2 -- The project follows a written organizationalpolicyfor planning a software project.


    Iso 9000 and sei cmm

    This policy typically specifies that:

    • The system requirements allocated to software are used as the basis for planning the software project.

    • The software project's commitments are negotiated between:

      • the project manager,

      • the project software manager, and

      • the other software managers.

    • Involvement of other engineering groups in the software activities is negotiated with these groups and is documented.

    • Affected groups review the software project's:

      • software size estimates,

      • effort and cost estimates,

      • schedules, and

      • other commitments.

    • Senior management reviews all software project commitments made to individuals and groups external to the organization.

    • The project's software development plan is managed and controlled.


    Software project planning 2 ability to perform

    Software Project Planning2. Ability to Perform

    • Ability 1 -- A documented and approved statement of work exists for the software project.

    • Ability 2 -- Responsibilities for developing the software development plan are assigned.

    • Ability 3 -- Adequate resources and funding are provided for planning the software project.

    • Ability 4 -- The software managers, software engineers, and other individuals involved in the software project planning are trained in the software estimating and planning procedures applicable to their areas of responsibility.


    Iso 9000 and sei cmm

    • The statement of work covers:

      • scope of the work,

      • technical goals and objectives,

      • identification of customers and end users,

      • imposed standards,

      • assigned responsibilities,

      • cost and schedule constraints and goals,

      • dependencies between the software project and other organizations,

      • resource constraints and goals, and

      • other constraints and goals for development and/or maintenance.

    • The statement of work is reviewed by:

      • the project manager,

      • the project software manager,

      • the other software managers, and

      • other affected groups.

    • The statement of work is managed and controlled.


    Software project planning 3 activities performed

    Software Project Planning3. Activities Performed

    Activity 1 --The software engineering group participates on the project proposal team.

    Activity 2 --Software project planning is initiated in the early stages of, and in parallel with, the overall project planning.

    Activity 3 --The software engineering group participates with other affected groups in the overall project planning throughout the project's life.

    Activity 4 --Software project commitments made to individuals and groups external to the organization are reviewed with senior management according to a documented procedure.

    Activity 5 --A software life cycle with predefined stages of manageable size is identified or defined.

    Activity 6 --The project's software development plan is developed according to a documented procedure.

    Activity 7 --The plan for the software project is documented.

    Activity 8 --Software work products that are needed to establish and maintain control of the software project are identified.

    Activity 9 --Estimates for the size of the software work products (or changes to the size of software work products) are derived according to a documented procedure.

    Activity 10 -- Estimates for the software project's effort and costs are derived according to a documented procedure.

    Activity 11 -- Estimates for the project's critical computer resources are derived according to a documented procedure.

    Activity 12 -- The project's software schedule is derived according to a documented procedure.

    Activity 13 -- The software risks associated with the cost, resource, schedule, and technical aspects of the project are identified, assessed, and documented.

    Activity 14 -- Plans for the project's software engineering facilities and support tools are prepared.

    Activity 15 -- Software planning data are recorded.


    Software project planning 4 measurement and analysis

    Software Project Planning4. Measurement and Analysis

    • Measurement 1 -- Measurements are made and used to determine the status of the software planning activities.

      • Examples of measurements include:

        • completions of milestones for the software project planning activities compared to the plan; and

        • work completed, effort expended, and funds expended in the software project planning activities compared to the plan.


    Software project planning 5 verifying implementation

    Software Project Planning5. Verifying Implementation

    • Verification 1 -- The activities for software project planning are reviewed with senior management on a periodic basis.

    • Verification 2 -- The activities for software project planning are reviewed with the project manager on both a periodic and event-driven basis.

    • Verification 3 -- The software quality assurance group reviews and/or audits the activities and work products for software project planning and reports the results.


    And on it goes

    and on it goes…

    The full lists of activities can be found at

    http://www2.umassd.edu/swpi/sei/tr25f/tr25.html


  • Login