1 / 29

ISO9001

ISO9001. Devi Annisetty Hemalatha Dama. Introduction. ISO9001 Evolution & History Importance Statistics Implementation In IT Relation to CMM. ISO9001. "International Organization for Standardization" Equal (Greek) network of the national standards institutes of 148 countries

erikjones
Download Presentation

ISO9001

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ISO9001 Devi Annisetty Hemalatha Dama

  2. Introduction • ISO9001 • Evolution & History • Importance • Statistics • Implementation In IT • Relation to CMM

  3. ISO9001 • "International Organization for Standardization" • Equal (Greek) • network of the national standards institutes of 148 countries • Central Secretariat in Geneva • non-governmental organization • position between the public and private sectors • bridging organization between requirements of business and broader needs of society

  4. History • voluntary technical standards for sectors of business, industry and technology since 1947 • documented agreements containing technical specifications or other precise criteria to be used consistently as rules, guidelines, or definitions of characteristics to ensure that materials, products, processes and services are fit for their purpose. • ISO brought to the attention of a much wider business in 1987 • Generic management system standards • ISO 9000 is primarily concerned with "quality management".

  5. Benefits to the Society from Standards • For businesses • suppliers can base the development of their products and services on specifications that have wide acceptance in their sectors • free to compete on many more markets around the world • For customers • worldwide compatibility of technology • wide choice of offers & competitor prices • For governments • health, safety and environmental legislation • For trade officials • level playing field for all competitors • technical barriers to trade • For developing countries • international consensus of technological know-how • right decisions in investing their scarce resources • For consumers • provides assurance about their quality, safety and reliability • For everyone • quality of life in general • For the planet • International Standards on air, water and soil quality, and on emissions of gases and radiation

  6. Examples of Benefits • Standardization of screw threads helps to keep chairs, children's bicycles and aircraft together • freight containers, international trade would be slower and more expensive without standards • public transport and buildings is a problem if the dimensions of wheel-chairs and entrances are not standardized • Standardized symbols to provide danger warnings and information across linguistic frontiers. • Standardized protocols allow computers from different vendors to "talk" to each other • More than half a million organizations in more 60 countries are implementing ISO

  7. Administration of ISO • Membership of ISO is open to national standards institutes or similar organizations most representative of standardization in their country • Member bodies • Correspondent members • Subscriber members • individuals or enterprises are not eligible for membership • ISO's national members pay subscriptions that meet the operational cost of ISO's Central Secretariat • ISO standards are developed by technical committees comprising experts on loan from the industrial, technical and business sectors which have asked for the standards, and which subsequently put them to use.

  8. Statistics • Members • 148 national standards bodies •  97 member bodies  • 36 correspondent members • 15 subscriber members • Technical Committee structure • 2981 technical bodies • 188 technical committees  • 546 subcommittees  • 2224 working groups and  • 23 ad hoc study groups • StaffTechnical secretariats • 37 member bodies provide the administrative and technical services for the secretariats of technical committees (TC) and subcommittees (SC)  These services equal a full-time staff of 500 persons Central Secretariat Geneva • 151 full-time stafffrom  24 countries coordinate • 140 million CHF per year is estimated as the operational expenditure for the ISO work

  9. Definitions • Certification : refers to the issuing of written assurance (the certificate) by an independent, external body that has audited an organization's management system and verified that it conforms to the requirements specified in the standard. • Registration: means that the auditing body then records the certification in its client register • Accreditation: refers to the formal recognition by a specialized body - an accreditation body • Certification is not compulsory

  10. Committees(JCT1) for IT • SO/IEC 2382-7:2000 Information technology -- Vocabulary -- Part 7: Computer programming • ISO/IEC 2382-20:1990 Information technology -- Vocabulary -- Part 20: System development • ISO/IEC 9126:1991 Software engineering -- Product quality • ISO/IEC 12207:1995 Information technology -- Software life cycle processes • ISO/IEC TR 14471:1999 Information technology -- Software engineering -- Guidelines for the adoption of CASE tools • ISO/IEC 14764:1999 Information technology -- Software maintenance • ISO/IEC 15026:1998 Information technology -- System and software integrity levels

  11. Applicability of ISO 9001 to Software Development • ISO 9001's focus is on all factors except "technology". • ISO 9000-3 provides "guidance" on implementing an ISO 9001 compliant set of processes (QMS) • Guidance is for software development, supply and maintenance environments

  12. Quality Totality of characteristics of an entity that bear on its ability to satisfy stated and implied needs. Quality system requirements The quality system requirements for ISO 9001 consist of twenty standards. In each case, the people involved specify who does what, how, and who is responsible. • Management responsibility • Quality policy • Defined by executive management • Establishes objectives and commitment to quality • Considers organizational goals and customer needs • Understood and carried out throughout the organization. • Organization • Responsibility and authority is defined for people whose work affects product and service quality

  13. Resources • Adequate resources are provided ,including qualified people, materials, equipment and internal quality auditors • Management representative • Appointed by executive management • Ensures the requirements of Iso9001 are met • Reports on the performance of the Quality system • Acts as liaison with the registration agency • Management review • To ensure the continuing suitability in satisfying: • The iso9001 requirements • The quality policy • At defined intervals • Maintain review records

  14. Quality system • Quality manual: • Defines the scope of the quality system • Outlines documentation related to the standard • Documented Procedures: • Meet all the requirements of the Standard. • Describe which tasks affecting product and service quality each process must carry out. • Quality plan • To improve overall performance

  15. Contract Review Reviewed to ensure that: • Requirements are clearly defined and documented • Verbal order requirements are agreed before being accepted any differences from the original offer are resolved • you have the capability to meet the contract requirements carry out amendments to the contract in a prescribed manner and communicate the changes within your organization. • Maintain records of contract review

  16. Design Control System • Carry out design projects according to established procedures • Plan design projects • Assign each design and development task to qualified personnel • Identify the organizations involved, and describe the information flow to carry out the design project. • Transmit the necessary information among organizations • Create clear design input requirements: • written, complete, clear, reviewed • Create design output that meets design stage input requirements • Review design results with representatives concerned with the design stage • Verify the design to establish that design output meets design input requirements • Validate that the product meets defined user needs and requirements • Review and approve all design changes • Document and Data control: • The documents and data shall be reviewed and approved for adequacy by authorized personnel prior to issue

  17. Purchasing: • Purchasing procedures ensure that purchased products and services conform to requirements • Select vendors based on their ability to meet requirements, including quality requirements. • define controls over vendors based on the type of product, it's impact on the final product , and the vendor performance record. • maintain records of acceptable vendors. • Purchasing documents clearly describe the product ordered: • Clearly specified type, class, grade, etc. • Identification of product, applicable drawings, technical data, approval requirements, etc. • Relevant quality system standard. • Reviewed prior to release • Arrangements may be made for you or your customer to verify the product at the vendor's site.

  18. Control of customer-supplied product: • Verify, store and maintain customer-supplied product provided for incorporation into the final product. Record and report to the customer any lost and damaged product. • Product identification and traceability: • Identify the product from receipt and during all stages of production, delivery and installation. • process control: Carry out processes under control conditions. • Documented procedures define the manner of production, installation and servicing. • Suitable production, installation and servicing equipment • Suitable working environment • Compliance with : • reference standards and codes • quality plans or procedures • Monitoring and control of suitable process parameters and product characteristics

  19. Approval of processes and equipment • Criteria for workmanship stipulated in the clearest practical manner. • Suitable maintenance of equipment • Inspection and testing: • Verify incoming material before use • Identify and maintain inspection and test status • Maintain inspection and test records • Complete testing before releasing the product • Control of inspection ,measuring and test equipment : • All equipment used for inspection, measurement and testing, has to fulfill the specified quality requirements( for instance, calibration of measuring instruments, or verifying software dependability). • Inspection and test status: • The firm ensures that the article concerned has passed all the specified inspections and tests in(10) , and that the tests have been satisfactorily conducted and completed.

  20. Control of nonconforming product: • This standard involves the recognition that no matter how tight the firm's control systems are, something may go wrong. What is important is to establish that the error has occurred, and to have procedures to deal with the situation. • Corrective and preventive action: • For non-conformities, the firm specifies how it determines what went wrong, who should fix it, how that person is to be accurately informed, when the problem is to be solved, how it controls that the problem is solved, and how to prevent reoccurence. • Handling, storage, packaging, preservation and delivery: • Prevent damage during product handling • Prevent damage or deterioration during product storage • Control product packaging • Preserve the product • Protect product during delivery

  21. Control of quality records: • The firm defines what documents are classified as quality records, as well as how, and by whom, a record should be stored. This includes all records that provide evidence that the quality system itself is functioning as it should. • Internal quality audits: • Verify whether quality activities and related results comply with planned arrangements. .Determine the effectiveness of the quality system • Schedule on the basis of status and importance of the activity being audited Auditors: • Observe work practices • Examine quality records • Identify non compliances Audit results are: • recorded • brought to the attention of those having responsibility for the area audited. • Executive management reviews the effectiveness of the quality system

  22. Training • Identify training needs • Quality workers before assigning them to tasks • Maintain training records • Servicing: • Perform, verify and report servicing to meet specified servicing requirements • Statistical techniques: • Identify the need for statistical techniques to establish, control and verify process capability and product characteristics • Carry out and control the application of identified statistical techniques

  23. Similarities between ISO9001 & SEICMM • Management Responsibility • ISO: Quality Policy be define, documented, understood, implemented and Maintained. • CMM:Management responsibility for quality policy and verification activities primarily addresses in Software Quality Assurance. • Quality System • ISO: Documents quality system, including procedure and instructions be established • CMM: Quality primarily addressed in Software Quality Assurance distributed thru KPA’s • Contract Review • ISO:contracts be reviewed to determine whether the requirements are adequately defined, agree with bid and can be implemented • CMM: Review customer requirement is spanned in Requirement mgnt. • Design Control • ISO: Procedure to control& verify Design be established(planning, Inputs, outputs, design) • CMM:Life cycle activities , design , code, test are described in Software Project Planning

  24. Continued.. • Document Control • ISO:Distribution & modification of documents be controlled • CMM:Document control are described in configurationmgmt • Purchasing • ISO:purchased products conform their specified requirements(assessment of subcontractors, verification of purchased products) • CMM:Addressed in Activity 2 & 12 of acceptance testing of subcontracted software • Purchaser -supplied product • ISO: purchaser supplied material verified and maintained • CMM:Activity 6.3 in integrated software mgmt in using purchased software • Product identification & Traceability • ISO: during all stages of production delivery & installation • CMM:covering Software Configuration Mgmt • Process Control • ISO:Production process be defined & planned • CMM: Software Production process controlled in thru KPA’ in various actvites

  25. Continued.. • Inspection & Test Status • ISO:Inspection and test be maintained for items as they progress through various processing steps • CMM: Testing practices in software product Engineering • Corrective Action • ISO: causes of non conforming product be identified,products eliminated, procedures are changed from corrective action • CMM: Analysis, updates, patches • Training • ISO:Training needs be identified and training provided • CMM:Training program, Orientation practices • Servicing • ISO:servicing activities be performed as specified • CMM:maintenance

  26. Summary • What is ISO and its benefits • How is it applicable in IT industry • Detail explanation of Quality management system • Its comparison to CMM

  27. Reference • http://www.palaulive.com/iso/ • http://www.asq.org/stand/types/iso9000.html • http://www.iso9000data.com/ISO9000.html • http://www.tantara.ab.ca/iso_list.htm • http://www.tantara.ab.ca/iso90003.htm • http://www.sei.cmu.edu/pub/documents/94.reports/pdf/tr12.94.pdf

  28. No Questions please :-)

More Related