ISO 9000

ISO 9000
Presented by: Raushan Kumar Sandeep Kumar Shashank Sood

outlines
About ISO Quality management principles ISO 9000-Part3 for software Quality

ABOUT ISO

ISO's origins
In 1946, delegates from 25 countries met in London and decided to create a new international organization, of which the object would be "to facilitate the international coordination and unification of industrial standards". The new organization, ISO, officially began operations on 23 February 1947, in Geneva, Switzerland.

ISO's name
Because "International Organization for Standardization" would have different acronyms in different languages ("IOS" in English, "OIN" in French for Organisation internationale de normalisation), its founders decided to give it also a short, all-purpose name. They chose "ISO", derived from the Greek isos, meaning "equal". Whatever the country, whatever the language, the short form of the organization's name is always ISO.

Why standards matter

Standards make an enormous and positive contribution to most aspects of our lives Standards ensure desirable characteristics of products and services such as quality, environmental friendliness, safety, reliability, efficiency and interchangeability - and at an economical cost.

What standards do
make the development, manufacturing and supply of products and services more efficient, safer and cleaner facilitate trade between countries and make it fairer provide governments with a technical base for health, safety and environmental legislation, and conformity assessment

What standards do(cont)

share technological advances and good management practice disseminate innovation safeguard consumers, and users in general, of products and services make life simpler by providing solutions to common problems

ISO standards provide benefits.

Technological Economic societal

Technological benefits
For innovators of new technologies, International Standards on aspects like terminology, compatibility and safety speed up the dissemination of innovations and their development into manufacturable and marketable products.

economic benefits
For businesses, the widespread adoption of International Standards means that suppliers can develop and offer products and services meeting specifications that have wide international acceptance in their sectors. Therefore, businesses using International Standards can compete on many more markets around the world.

societal benefits
For everyone, International Standards contribute to the quality of life in general by ensuring that the transport, machinery and tools we use are safe.

How to recognize an ISO standard

In paper form, an ISO standard is published in A4 format. An ISO standard carries the ISO logo and the designation, "International Standard"

The scope of ISO's work

ISO has more than 19 000 International Standards ISO's work programme ranges from standards for traditional activities, such as agriculture and construction, through mechanical engineering, manufacturing and distribution, to transport, medical devices, information and communication technologies

Examples of the benefits standards provide

Standardization of screw threads helps to keep chairs, children's bicycles and aircraft together and solves the repair and maintenance problems caused by a lack of standardization that were once a major headache for manufacturers and product users.

Without the standardization of telephone and banking cards, life would be more complicated.

Who can join ISO

Membership of ISO is open to national standards institutes Full members, known as member bodies, each have one vote Correspondent members pay reduced membership fees , with no voting rights. Subscriber members also pay reduced membership fees

How the ISO system is managed

All strategic decisions are referred to the ISO members, who meet for an annual General Assembly. The proposals put to the members are developed by the ISO Council, drawn from the membership as a whole, which resembles the board of directors of a business organization. ISO Council meets twice a year and its membership is rotated to ensure that it is representative of ISO's membership.

How the ISO system is financed

ISO's national members pay subscriptions that meet the operational cost of ISO's Central Secretariat. The subscription paid by each member is in proportion to the country's Gross National Income and trade figures. Another source of revenue is the sale of standards.

How ISO decides to develop a standard

ISO launches the development of new standards in response to the sectors that express a clearly established need for them.

Who develops ISO standards

ISO standards are developed by technical committees comprising experts from the industrial, technical and business sectors These experts may be joined by representatives of government agencies, testing laboratories, consumer associations, non-governmental organizations and academic circles.

How ISO standards are developed

The national delegations of experts of a technical committee meet to discuss, debate and argue until they reach consensus on a draft agreement. This is circulated as a Draft International Standard (DIS) to ISO's membership as a whole for comment and balloting. Final Draft International Standard (FDIS)

QUALITY MANAGEMENT PRINCIPLES

The 8 quality management principles

The eight quality management principles are defined in ISO 9000:2005 The principles are derived from the collective experience and knowledge of the international experts who participate in ISO Technical Committee the quality management system standards of the ISO 9000:2000 and ISO 9000:2008 series are based on it.

Principle 1: Customer focus

Organizations depend on their customers and therefore should understand current and future customer needs, should meet customer requirements and strive to exceed customer expectations. Key benefits: Increased revenue and market share obtained through flexible and fast responses to market opportunities. Increased effectiveness in the use of the organization's resources to enhance customer satisfaction. Improved customer loyalty leading to repeat business.

Principle 2: Leadership
Leaders establish unity of purpose and direction of the organization. They should create and maintain the internal environment in which people can become fully involved in achieving the organization's objectives. Key benefits: People will understand and be motivated towards the organization's goals and objectives. Activities are evaluated, aligned and implemented in a unified way. Miscommunication between levels of an organization will be minimized.

Principle 3: Involvement of people

People at all levels are the essence of an organization and their full involvement enables their abilities to be used for the organization's benefit. Key benefits: Motivated, committed and involved people within the organization. Innovation and creativity in furthering the organization's objectives. People being accountable for their own performance. People eager to participate in and contribute to continual improvement.

Principle 4: Process approach

A desired result is achieved more efficiently when activities and related resources are managed as a process. Key benefits: Lower costs and shorter cycle times through effective use of resources. Improved, consistent and predictable results. Focused and prioritized improvement opportunities.

Principle 5: System approach to management

Identifying, understanding and managing interrelated processes as a system contributes to the organization's effectiveness and efficiency in achieving its objectives. Key benefits: Integration and alignment of the processes that will best achieve the desired results. Ability to focus effort on the key processes. Providing confidence to interested parties as to the consistency, effectiveness and efficiency of the organization.

Principle 6: Continual improvement

Continual improvement of the organization's overall performance should be a permanent objective of the organization. Key benefits: Performance advantage through improved organizational capabilities. Alignment of improvement activities at all levels to an organization's strategic intent. Flexibility to react quickly to opportunities.

Principle 7: Factual approach to decision making

Effective decisions are based on the analysis of data and information. Key benefits: Informed decisions. An increased ability to demonstrate the effectiveness of past decisions through reference to factual records. Increased ability to review, challenge and change opinions and decisions.

Principle 8: Mutually beneficial supplier relationships

An organization and its suppliers are interdependent and a mutually beneficial relationship enhances the ability of both to create value Key benefits: Increased ability to create value for both parties. Flexibility and speed of joint responses to changing market or customer needs and expectations. Optimization of costs and resources.

The next step

There are many different ways of applying these quality management principles. The nature of the organization and the specific challenges it faces will determine how to implement them. Many organizations will find it beneficial to set up quality management systems based on these principles.

ISO 90003

 ISO 9000-3 is OBSOLETE. It has been replaced by ISO 90003 2004 ISO 9001 was developed for the production industry but has a rather general structure ISO 90003 describes how to use ISO 9001 for software development ISO 90003 is a set of guidelines not a standard

ISO 90003
ISO 90003 contains the complete ISO 9001 but does not add extra items for all items in the standard We will only look at ISO 90003s comments for a few, selected parts of ISO 9001. The selection is partly random but is supposed to give an impression of what it is important to consider

Requirements for a QA system 1

Requirements for planning in the QA system should include requirements for Development process one for each type of project Documents such as requirements specification, architecture description, design description, code and user documentation Project plans, test plans and plans for training

Requirements for a QA system 2

How methods will be adapted to the organizations projects and development processes Tools and development environment Special conventions, e.g. coding standards and libraries Reuse of software components

Responsibility for training - 1

The need for training should be assessed based on what the company uses for development, e.g.
Methods and notations Programming languages and tools

The company should also provide training pertaining to the domain where the company operates e.g. banking or train control

Responsibility for training - 2

The company should continuously assess the need for new knowledge and techniques in the areas of
Development Operation Maintenance

Training does not need to be courses it may be arranged as seminars, workshops or self study activities

Development processes - 1
The processes we use must be adapted to the project at hand. When choosing development process we should take into consideration:
Project size Complexity Safety and security requirements Project risk

Development processes - 2
Design and development may be an evolutionary process. We might therefore need to change one or more procedures during the project The procedures shall focus on
What we shall develop How we shall develop it Who shall do what Why shall we do this

QA processes
When we have a development process, the QA process can be adapted to the development. The QA process has two parts: A generic part concerns all projects and can be reused. E.g. document templates A project specific part that needs to be adapted to each new project. E.g. test plans

QA plan - 1
The QA plan should contain
The project plan or a reference to this plan Quality requirements for product and process Project specific procedures Development process, chosen programming language, libraries etc. Criteria for start and acceptance for each activity or step in the process

QA plan - 2
The QA plan should contain
Methods used for verification e.g. inspections and testing Configuration management Who shall approve the results from each process step or activity Training needed What process info need to be generated

Product requirements - 1
According to ISO 90003 software may be developed for
A single customer A general market As a component for a larger product

In all cases, it is important to put a considerable amount of work into developing a set of requirements

Product requirements - 2
In order to develop a set of requirements we need procedures and methods that can help us to
Reach an agreement on requirements Change requirements Evaluate prototypes and demo versions Document the results from meetings and discussions involving one or more stakeholders

Product requirements - 3
The requirements should be developed in cooperation with the customers or users. In order to avoid misunderstandings we should develop a
Project dictionary that explains the domain specific terms used in this project A rationale for each requirements why do we need this

Product requirements - 4
The customer should approve the final set of requirements. It is important to be able to trace all requirements, e.g. by using a trace matrix. This matrix should show
How each requirement is realized from high level design down to code or procedure Why each chunk of code is written which requirement it helps to realize

Product requirements - 5
We need to control all changes to requirements. Changes to requirements may lead to changes in the contract The requirements specification may include non-functional requirements, e.g. requirements to reliability, usability etc. The requirements specification may contain requirements to interfaces to other software systems

Contract audit - 1
Important things to check:
Are we able to fulfill the requirements to
The product Development process, tools and hardware

How large is the risk for cost overruns or delays How do we cooperate with third party companies Legal obligations, e.g. guarantees

Contract audit - 2
The contract should be updated when time of delivery, costs or available resources are changed The contract should contain a section on the customers obligations to
Provide information Participate in discussions related to the requirements Make necessary decisions