8/14/2019 ISO Trg Module2

1/36

ISO 9001 and ISO 9000-3ISO 9001 and ISO 9000-3

StandardsStandards

Cybermate Infotek Limited

8/14/2019 ISO Trg Module2

2/36

ISO 9001 Quality systemISO 9001 Quality system

Model for quality assurance in design,development, production, installation andservicing

8/14/2019 ISO Trg Module2

3/36

ISO 9000-3 QualityISO 9000-3 Qualitymanagement and qualitymanagement and quality

assurance standardsassurance standardsPart 3 Guidelines for the application of ISO9001 : 1994 to the development, supply,installation and maintenance of computer software.

8/14/2019 ISO Trg Module2

4/36

Quality system requirementsQuality system requirements

Management responsibilityQuality systemContract reviewDesign control

Document and data controlPurchasingControl of customer supplied product

8/14/2019 ISO Trg Module2

5/36

Quality system requirementsQuality system requirements

(contd)(contd)Product identification and traceabilityProcess control

Inspection and testingControl of inspection, measuring and testequipment

Inspection and test statusControl of non conforming productCorrective and preventive action

8/14/2019 ISO Trg Module2

6/36

8/14/2019 ISO Trg Module2

7/36

8/14/2019 ISO Trg Module2

8/36

8/14/2019 ISO Trg Module2

9/36

4.2 Quality system (contd)4.2 Quality system (contd)

Quality planning consistsQuality requirementsLife cycle model to be usedCriteria for start and end of phase

Verification and validation activities -reviews, tests etc.,

8/14/2019 ISO Trg Module2

10/36

4.3 Contract review4.3 Contract review

Before submission of tender or acceptanceof order, reviews are done to ensure that -

Requirements are defined and documentedAny differences between contract andtender are resolved

Supplier has the capability to meetcontractual requirementsContract review records

8/14/2019 ISO Trg Module2

11/36

4.3 Contract review (contd)4.3 Contract review (contd)

Contract review issues -Customer relatedTechnicalManagerial

Legal, security and confidentiality

8/14/2019 ISO Trg Module2

12/36

8/14/2019 ISO Trg Module2

13/36

8/14/2019 ISO Trg Module2

14/36

8/14/2019 ISO Trg Module2

15/36

4.4 Design control (contd)4.4 Design control (contd)

Design inputSoftware Requirements Specification may

be provided by the customer or prepared bythe supplier.SRS to cover functionality, reliability,

usability, efficiency, maintainability, portability etc.,Hardware and software aspects.

8/14/2019 ISO Trg Module2

16/36

4.4 Design control (contd)4.4 Design control (contd)

Design outputShall meet design input requirementsRefer to the acceptance criteriaConsist of architectural design, detaileddesign, source code, user manual etc.,

8/14/2019 ISO Trg Module2

17/36

4.4 Design control (contd)4.4 Design control (contd)

Design reviewDesign verificationDesign validationDesign changes

8/14/2019 ISO Trg Module2

18/36

4.5 Document and data4.5 Document and data

controlcontrolDocuments - Quality system documents,Project documents (SRS, SDD, Test plan

etc.,)Document preparation, review and approvalRight documents at the right place.Document change control

8/14/2019 ISO Trg Module2

19/36

8/14/2019 ISO Trg Module2

20/36

4.7 Control of customer 4.7 Control of customer

supplied productsupplied productVerification, storage and maintenance of customer supplied products like software,

tools, test data, design documents etc.,

8/14/2019 ISO Trg Module2

21/36

4.8 Product identification and4.8 Product identification and

traceabilitytraceabilityIdentification of software items duringdevelopment phases

Configuration management plan for each projectVersion controlBuild status and BaselineChange control

8/14/2019 ISO Trg Module2

22/36

4.9 Process control4.9 Process control

ReplicationBackups and disaster recovery plans

Network controlHardware maintenance

Virus control

8/14/2019 ISO Trg Module2

23/36

4.10 Inspection and testing4.10 Inspection and testing

Test plans for unit, integration, system andacceptance tests.

Receiving inspection and testingUnit testingModule testingIntegration testingSystem testing

8/14/2019 ISO Trg Module2

24/36

4.10 Inspection and testing4.10 Inspection and testing

(contd)(contd)Tests to be performed - functional,

boundary, performance, usability etc.,

Acceptance testing as per acceptancecriteriaInspection and tests records

8/14/2019 ISO Trg Module2

25/36

4.11Control of inspection,4.11Control of inspection,

measuring and test equipmentmeasuring and test equipmentEnvironment used for testing softwareValidation of test tools used in testing

8/14/2019 ISO Trg Module2

26/36

4.12 Inspection and test status4.12 Inspection and test status

Untested, tested with error, testedsuccessfully or approved for release

Movement of software betweendevelopment and testing.

8/14/2019 ISO Trg Module2

27/36

4.13 Control of nonconforming4.13 Control of nonconforming

productproductTransfer non conforming product to aseparate environment

Review and disposition of non conforming product

8/14/2019 ISO Trg Module2

28/36

4.14 Corrective and4.14 Corrective and

preventive actionpreventive actionCorrective action

Handling of customer complaintsInvestigate causes of non conformitiesrelating to product, process and qualitysystem.Corrective action to eliminate cause of actual non conformities.

8/14/2019 ISO Trg Module2

29/36

4.14 Corrective and4.14 Corrective and

preventive action (contd)preventive action (contd)Preventive action

Analyse test, review, audit, service reportsto identify and eliminate potential causes of non conformities.Root cause analysis

8/14/2019 ISO Trg Module2

30/36

4.15 Handling, storage,4.15 Handling, storage,packaging, preservation andpackaging, preservation and

deliverydeliveryAvoid damage to mediaVirus controlStorage in protected environmentDelivery by physical media or electronictransfer.

8/14/2019 ISO Trg Module2

31/36

4.16 Control of quality records4.16 Control of quality records

Identification, collection, indexing, access,filing, storage, maintenance and disposition

of quality records.Quality records demonstrate conformanceto specified requirements and effective

operation of quality system.

8/14/2019 ISO Trg Module2

32/36

4.17 Internal quality audits4.17 Internal quality audits

Plan and implement internal quality auditsAuditors are independent of the area being

audited.Results of audits are recorded and broughtto the notice of the auditee.

Corrective action taken to closedeficiencies.Follow up audits

8/14/2019 ISO Trg Module2

33/36

4.18 Training4.18 Training

Training to enhance skills and knowledgeTraining needs are identifiedTraining provided as per plans

8/14/2019 ISO Trg Module2

34/36

4.19 Servicing4.19 Servicing

Maintenance and customer supportProblem resolutionInterface modificationsFunctional expansionPerformance improvement

8/14/2019 ISO Trg Module2

35/36

4.20 Statistical techniques4.20 Statistical techniques

Establishing, controlling and verifying process capability and product

characteristicsProduct characteristics - testability,usability, reliability, maintainability,

availability

8/14/2019 ISO Trg Module2

36/36

4.20 Statistical techniques4.20 Statistical techniques

(contd)(contd)Process capability - process maturity, defectdensity, defect removal efficiency,

milestone slippageMetric reporting and actions for improvement.