Quality Assurance & Standards

Similar documents
ISO/IEC overview

What is BS 7799? BS 7799 is the most influential, globally recognised standard for information security management.

IAF Mandatory Document KNOWLEDGE REQUIREMENTS FOR ACCREDITATION BODY PERSONNEL FOR INFORMATION SECURITY MANAGEMENT SYSTEMS (ISO/IEC 27001)

ISO / IEC 27001:2005. A brief introduction. Dimitris Petropoulos Managing Director ENCODE Middle East September 2006

Standard Glossary of Terms used in Software Testing. Version 3.2. Foundation Extension - Usability Terms

IECEx Guide Guidance for Applications from Service Facilities seeking IECEx Certification

SPECIFIC PROVISIONS FOR THE ACCREDITATION OF CERTIFICATION BODIES IN THE FIELD OF INFOR- MATION SECURITY MANAGEMENT SYSTEMS (ISO/IEC 27001)

EVALUATION AND APPROVAL OF AUDITORS. Deliverable 4.4.3: Design of a governmental Social Responsibility and Quality Certification System

ISO/IEC TR TECHNICAL REPORT. Software engineering Product quality Part 4: Quality in use metrics

IPC Certification Scheme IPC QMS/EMS Auditors

Framework for building information modelling (BIM) guidance

ISO/ IEC (ITSM) Certification Roadmap

Prot. DC2018SSV120 Milano, To all Certification Bodies (CBs) with OH&S accreditation. To the associations of Conformity Assessment Bodies

ISO Certification For Laboratory Accreditation. Dr Amadou TALL Consultation

GUIDELINE. of the European Committee for Welding of Railway Vehicles (ECWRV) ( ) PART 1

ISO/IEC Software Engineering Lifecycle profiles for Very Small Entities (VSEs) Part 2-1: Framework and taxonomy

UKAS Guidance for Bodies Offering Certification of Anti-Bribery Management Systems

IECEx Scheme for Certification of Personnel Competence for Explosive Atmospheres Malaysia Experience

PROTERRA CERTIFICATION PROTOCOL V2.2

Kriteriji za osoblje Dio-147 organizacije / Criteria for Part-147 organisation personnel

PRODUCT CERTIFICATION SCHEME FOR MECHANICAL-CUSTOMIZED VEHICLES

EXAM PREPARATION GUIDE

ISO/IEC INTERNATIONAL STANDARD

ISO/IEC TS Conformity assessment Guidelines for determining the duration of management system certification audits

IT Governance ISO/IEC 27001:2013 ISMS Implementation. Service description. Protect Comply Thrive

ECQA Certified EU Project Manager

IPC Certification Scheme IPC Management Systems Auditors

ISO INTERNATIONAL STANDARD. Ergonomics of human-system interaction Part 110: Dialogue principles

EXAM PREPARATION GUIDE

EXAM PREPARATION GUIDE

EXAM PREPARATION GUIDE

ISO/IEC INTERNATIONAL STANDARD. Systems and software engineering Requirements for designers and developers of user documentation

EXAM PREPARATION GUIDE

ISO/TR TECHNICAL REPORT. Ergonomics of human-system interaction Part 100: Introduction to standards related to software ergonomics

PECB Change Log Form

AUDITOR / LEAD AUDITOR PHARMACEUTICAL AND MEDICAL DEVICE INDUSTRY

IAF Informative Document. Information on the Transition of Management System Accreditation to ISO/IEC :2015 from ISO/IEC 17021:2011

Frequently Asked Questions

Conformity Assessment Schemes and Interoperability Testing (1) Keith Mainwaring ITU Telecommunication Standardization Bureau (TSB) Consultant

SPECIFIC PROVISIONS FOR THE ACCREDITATION OF CERTIFICATION BODIES IN THE FIELD OF FOOD SAFETY MANAGEMENT SYSTEMS

ISTQB Expert Level. Improving the Testing Process. Erik van Veenendaal. Vice-President ISTQB.

ISO/IEC TR TECHNICAL REPORT. Information technology Security techniques A framework for IT security assurance Part 2: Assurance methods

SAAS Procedure 201B. SAAS Competence and Maintenance Requirements for SA8000 Social Accountability Program Managers, Auditors and Allied Experts

Professional Evaluation and Certification Board Frequently Asked Questions

EXAM PREPARATION GUIDE

Product certification scheme requirements. Solar Photovoltaic Modules

Quality Management System (QMS)

Conformity assessment Requirements for bodies providing audit and certification of management systems. Part 6:

GUIDE ON APPLICATION FOR ROUNDTABLE FOR SUSTAINABLE PALM OIL PRINCIPLES AND CRITERIA (RSPO P & C) INCLUDING GROUP CERTIFICATION

Information Security Management System (ISMS) ISO/IEC 27001:2013

COLLEGE OF COMPUTER SCIENCE AND INFORMATION TECHNOLOGY (CSIT) COURSE OUTLINE SEMESTER /2018

Implementation of Business Continuity Management System (BCMS) based on ISO 22301:2012 requirements

PRODUCT CERTIFICATION SCHEME FOR ORGANIC PRODUCTS

CPD ACTIVITY GUIDELINES AND REQUIREMENTS

National Accreditation Scheme

ISO/IEC INTERNATIONAL STANDARD. Software engineering Lifecycle profiles for Very Small Entities (VSEs) Part 2: Framework and taxonomy

ISO INTERNATIONAL STANDARD. Ergonomics of human-system interaction Part 171: Guidance on software accessibility

ISO INTERNATIONAL STANDARD. Ergonomics of human system interaction Part 210: Human-centred design for interactive systems

WELCOME ISO/IEC 27001:2017 Information Briefing

Introduction to UKAS Accreditation Fire Scene Development Programme. David Compton November 2017

2.1. Scope of environmental site assessment

DEMO OF ISO/IEC 17025:2017 AWARENESS AND AUDITOR TRAINING PPT PRESENTATION KIT

ISO/IEC INTERNATIONAL STANDARD. Information technology Security techniques Information security management systems Overview and vocabulary

Securing Digital Applications

Global Wind Organisation CRITERIA FOR THE CERTIFICATION BODY

Procedures for nomination and involvement of EQUASS auditors

Frequently Asked Questions and Answers

With the successful completion of this course the participant will be able to:

BCS Higher Education Qualifications. Level 6 Computer Services Management

PRODUCT CERTIFICATION SCHEME FOR WATER PRODUCTS

ETHIOPIAN NATIONAL ACCREDITATION OFFICE. Minimum Requirements For The Operation Of Product Certification Bodies

Accreditation of Product Certification Scheme for Construction Materials By Ir C K Cheung Hong Kong Accreditation Service

Static and dynamic Testing

Scheme Document SD 003

IMPLEMENTATION COURSE (MODULE 1) (ISO 9001:2008 AVAILABLE ON REQUEST)

Overview of conformity assessment programs and ASTM International s related activities

ITU Asia-Pacific Centres of Excellence Training on Conformity and Interoperability. Session 2: Conformity Assessment Principles

Description of the certification procedure MS - ISO 9001, MS - ISO 14001, MS - ISO/TS and MS BS OHSAS 18001, MS - ISO 45001, MS - ISO 50001

IAF Information Document (draft)

CRITERIA FOR CERTIFICATION BODY ACCREDITATION IN THE FIELD OF RISK BASED INSPECTION MANAGEMENT SYSTEMS

ISO INTERNATIONAL STANDARD. Ergonomics of human-system interaction Part 300: Introduction to electronic visual display requirements

What is ISO/IEC 27001?

ISO INTERNATIONAL STANDARD. Ergonomic requirements for office work with visual display terminals (VDTs) Part 16: Direct manipulation dialogues

BCS, The Chartered Institute for IT Candidate Guidelines for Oral Examinations Diploma in Solution Development

Master the Audit of Information Security Management Systems (ISMS) based on ISO/IEC 27001

Testing Standards for Land-based Casino

Chapter 8: SDLC Reviews and Audit Learning objectives Introduction Role of IS Auditor in SDLC

APM Accreditation for training providers Application Guidance Notes

PECB Certified ISO Lead Auditor. Master the Audit of Occupational Health and Safety Management System (OHSMS) based on ISO 45001

New International Health and Safety Standard ISO 45001

Global Specification Protocol for Organisations Certifying to an ISO Standard related to Market, Opinion and Social Research.

Post-accreditation monitoring report: British Computer Society (BCS) September 2006 QCA/06/2926

AWS Presentation to ASME Section IX, SG Qualification Houston January 26, 2015 by John Gayler Senior Associate Executive Director

Qualification Specification. Suite of Internal Quality Assurance Qualifications

ISO Lead Auditor Training

IS Audit and Assurance Guideline 2001 Audit Charter

KENYA ACCREDITATION SERVICE

ISO INTERNATIONAL STANDARD. Ergonomics of human-system interaction Part 305: Optical laboratory test methods for electronic visual displays

PECB Certified ISO Lead Implementer

A80F300e Description of the SA8000:2014 certification procedure

Transcription:

Quality Assurance & Standards PSD3 Nov 2013 1

Overview Quality Assurance (QA)» checking what we are producing QA standards» checking the checking 2

Further Reading Sommerville» 9 th Edition, Chap. 24» 7 th & 8 th Editions, Chap. 27 3

Capability Maturity Model framework for improving software engineering processes Recommended set of best practices Organizations are appraised 4

5

CMM and Quality Key feature of CMM is centrality of process and product quality" How is this achieved?" Answer: Quality Assurance or QA" 6

What is Quality Assurance? Quality Assurance is the process of defining how software quality can be achieved and how the development organisation knows that the software has the required level of quality. [Sommerville]" 7

What Kinds of Problem defect failure to meet requirements fault condition that lead to a system failure bug error, mistake or omission in the software which are faults (lead to failure or unexpected behaviour) Note: quality is not simply the absence of faults 8

Sommerville on Quality Assurance for Sommerville:"» Quality Assurance framework of procedures and standards"» Quality Plan selection and adaptation of procedures and standards for a project!» Quality Control carrying out processes that ensure procedures and standards are followed" the term Quality Assurance sometimes refers to all of the above" 9

What s involved in software quality assurance? At the level of an institution, company or standards body"» Develop procedures and standards"» Perform certification" to prove that the QA mechanism used is acceptable and effective 10

What s involved in software quality assurance? At the level of a particular project"» Prepare a quality plan" specifying processes, deliverables, measures of quality (metrics, standards)"» Carry out quality control" Collect data" Metrics" Compared to standards" Conducting reviews" checking reality against plan and against standards" 11

What s involved in software quality assurance? At all levels"» Change attitudes" convince staff that quality is important" develop a quality culture " 12

Techniques for Assessing Quality progress review» examination of progress with respect to plans quality review» examination of project artefacts with respect to attributes of quality» more or less structured Inspection» a (technical) review that tries to identify faults and lack of conformity to standards» not led by author» often applies to code code walkthrough» less formal than inspection» author leads pair programming deskcheck or passaround ad hoc review 13

Review Dos and Don ts DO make it peer group review, applicable to all stages of software development"» method of finding faults cheaply"» method of training and learning"» method of control"» method of encouraging egoless teamwork " IT IS NOT"» a problem-solving session faults should be identified, but solutions should not be patched together in committee "» a managerial appraisal of personnel" 14

Code Review 15

Standards for Assessment Lots of sources of standards"» Standards Bodies"» Professional Associations"» Technology and Service Providers"» Company Standards (e.g., House Style )" Can be based on"» Objective Software Metrics"» Conventions and Agreements"» Informal Professional Judgements" 16

reviewing the inspection process statistics collected on"» details of items inspected"» list of faults found & classification"» resources required for re-working"» number of people involved & time" analysis provides"» fault checklists"» management reports on effectiveness of inspections" It s the process being assessed, not the authors or inspectors" 17

What is a Standard? "A standard is a document approved by a recognized body, that provides, for common and repeated use, rules, guidelines, or characteristics for products, processes or services with which compliance is not mandatory. " "A Guide to Project Management Body of Knowledge, 1996" 18

Standards Organisations International Organization for Standardization (ISO)"» non-governmental"» develops standards for various technical fields (more than 11000)"» 120 national members, which are themselves standards organisations" 19

Standards Organisations BSI (UK)" ANSI (USA)" DIN (Germany)" IEC (International)" Other standard setting bodies include"» IET"» BCS"» EU"» W3C"» OMG" 20

Software Engineering/IT Standards ISO/IEEE/IET/W3C/EU have specific standards that can be used for measuring product and process quality E.g.,» ISO/IEC TR 14471:1999 : Information Technology Software Engineering Guidelines for the adoption of CASE tools» ISO 9241: Ergonomics of Human System Interaction Includes requirements for keyboard and non-keyboard input devices, workstation layout, displayed colours, menu/command/ direct manipulation and form-filling dialogues» W3C Standard = recommendation currently includes: XML 1.1 (plus XQuery, XPath), XSLT, HTML, XHTML, SOAP, SSML, VoiceXML, OWL, RDF, P3P, SMIL, 21

ISO 9000 international standard for quality management and quality assurance"» states what must be in a quality management system"» first established in 1987"» derived from BS 5750, a British standard" ISO 9001"» applies to products involving design"» Latest version is ISO 9001:2008"» 90003 interprets 9001 for software development" 22

ISO 9000 (cont d) certification is not carried out by ISO"» carried out by independent certification bodies"» organisation is awarded a Certificate of Conformity" 23

What s in ISO 9000? covers 20 topics, including"» Quality System"» Design Control"» Process Control"» Inspection & Testing"» Contract Review"» Quality Records"» Internal Quality Audits"» Training" 24

What s in ISO 9000? (cont d) standard is abstract; it sets ends not means" for example," " The supplier shall establish and maintain a documented quality system as a means of ensuring that product confirms to specified requirements. [from Section 4.2 of ISO 9001]" 25

TickItPlus developed by UK and Sweden" provides a nationally accredited software quality certification scheme" interpretation of ISO 9000 and related standards" 26

www.tickitplus.org 27

TickItPlus (cont d) gives concrete guidelines on how software development should conform to the standard"» based on developing a scheme of internal audits"» audits related to standards compliance"» auditors require training"» audits involve document reviews and staff interviews" 28

QA Standards: A Good Thing? pro"» makes quality assurance assessable"» as of the end of 2009, 1,064,785 organisations in 161 countries held ISO 9001:2000 certificates"» US survey" 89% reported greater operational efficiency" 48% reported increased profitability" 29

QA Standards: A Good Thing? con"» fosters command & control style of management" emphasises inflexible compliance with a set of rigid written rules"» standards rely heavily on assessors judgements" standards are not completely objective" 30

QA Standards: A Good Thing?» staff will pay attention to controls, not the things affected by the controls" attention to quality inspection and monitoring can deflect from attention to quality itself" like the problem of exams distorting education" 31

Tutorial this afternoon Please sit in teams Each team will split in half the inspectors and the inspected Inspect outcomes from other team s prototyping sprint last week Inspection checklist will be available 32

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback