Most of us agree to the fact that if we brought a product with some kind of assurance that it will meet a given need.
Customers has the right to expect that product should meet its need.
This fact is the driving force for Quality Assurance (QA): ensuring that the user is given a product that lives up to its standard and specified needs.
A mis-conceptation is that QA is equal to testing
In fact, Quality Assurance (QA) is a lot more than just testing. It makes sure the product is following a process in all phases of the development process
In the context of software development, is there any standard software developers can follow ?
The answer is Yes. The ISO 9000 series of standard is a series of international quality standards, developed by the International Organization for Standardization.
The standards are applied to different quality management system and the process used to produce a product.
In other words, the ISO standard set a way to produce quality products by building quality into the products rather than testing quality into the products.
It is used to ensure that defects do not occur in the first place.
In this information resource page, we will explore some of the most common software development cycles and techniques. Topics such as software development cycle, testing cycle, defect tracking process, skill/training needs analysis, general process management process, etc. will be discussed. We will then explore how the actual processes map to ISO standards. Real working sample standards as well as process will be provided as example in this resource page. We hope executives, software developers, and customers will benefit from the information provided in this page. Happy quality products building !
Remember that the Waterfall Model is as follows:
Requirement Analysis and Specification
Design
Architecture Design
Module Design
Coding
Testing
Maintenance and evolution
While the model shows a very good sense of what to follow, almost no company will follow a strict Waterfall model
One "stage" is missing .... "Business", in software engineering, we would like to build the best product on the market in the lowest-cost manner. In some cases, a common four phases model is used:
Business
Analysis
Design and Test
Packaging
<--------------------------------------------------------------
Business -> |
|
-> Analysis ("Exploratory" / Top Down) |
|
-> Design and Test ("Build it" / Botton Up) |
|
-> Packaging to a driver or final product ---------------------
(Reusable Components Added)
Business Phase
Prerequisites
User demand for a new system
Customer willingness to participate in a system development effort
Activities
Identify and document types of users
Identify and document initial user requirements
Contact customers interested in a development partnership
Deliverables
Initial cusomter requirements document draft - this document will contain the inital system requirements
Statement of target customer - this includes a statement of the type of customer as well as a list of customers willing to participate in the development effort
Analysis Phase
This phase uses an iteractive prototyping technique to develop its deliverables (it is like a mini design and implementation of iterative development)
It focus a "top-down" identification of new reusable business components
This phase will produce a prototype (which will not directly used to develop the final product, the design and test phase deliverable will)
The coding in here is usually "quick and dirty" (supposingly, prototype is throwaway)
One to two months iterations will be used
Prerequistes
Requirements specification draft
Customer definition
Customer partner list
Activities
Write use cases (how to use the product, one use case for one major user function, you want to model the customer application, not yours ... use all the term from the customers)
Verify use cases with customers
Extract and document requirements from use cases
Extract nouns from use cases
Identify and document application classes from the noun list
Walk through use cases, using application classes
Prototype use cases
Update use cases and requirements as needed
Document customer requirements
Document the draft system architecture
Document the draft user's manual
Deliverables
Detailed requirements specification
The functional requirements
The customer type
The target language and hardware
System architecture draft
User manual draft
Throwaway prototype code
Design and Test Phase
This phase uses an iterative development technique to develop subsystems
The code evolves into the final product code with emphasis during iterations correspondingly changed from the analysis phase
Three to four month iterations will be typical
Scheduling will be driven by the detailed requirements from the analysis
Design is still exploratory and design patterns should be used if possible
Design Steps
Produce a development plan
Review the Analysis-Phase Deliverables
Document the target language, hardware, and software platforms
Search the reuse library for applicable off-the-shelf components (patterns ?)
Look for overlap of responsibilities, similarity of types of objects
Draw Class Diagrams
Draw Scenario Diagrams
Walk through the design diagrams and documentation
Implement subsystems
Test Steps
Assess Performance, Quality, Reusability: The emphasis is on meeting final product assessment criteria.
Iterate until requirements met
Subsystem testing
Reuse library testing
Document final subsystem designs
Document final architecture
Document final user manual
System test the complete system
Deliverables
1. Quality product code for each subsystem
2. Design documentation
Packaging Phase
Prerequistes
Quality product code for each subsystem
System design documentation
User manual
Activities
Search for reusable components
Translate product
Deliverables
Final product code
New reuse-library components
Making sure your employee get the right education to perform their jobs is very important
Survery for available classes
Do education requirement (At least twice a year is recommended)
Finalize on classes offered
Managers / Employee do education plan
Signup classes (and trace class information)
Update plan as education need is fullfilled
Close plan once or twice a year and document changes (no class taken or education need switch also needed to be documented)
Info on process such as IPD (Not covered in here)
If you are a market/customer driven person, then the answer is simple.
Customers demand it. With company like IBM and Microsoft, there is at least 25% of the customers demand ISO 9000 certified products. Most of these customers are big corporations or government related companies. Some manufacturers are taking a hit of losing business because they are not ISO 9000 certification. The basic reason bebind the ISO 9000 certification demand is due to the fact that Customer wants quality products.
Contact the agent that will do certification
Here are some of them:
What is your mission ?
(As a company or department)
Normally during an audit, you will be given a chance to present what processes and tools
you are using in your company (department). And the auditors will use these processes and
tools to start off some questions. The following are common questions that will be asked:
What is your key process ?
(ABC development process - A process own by a single department (QA Dept) and
used by the whole company)
Do you (your department) own any process ?
(If yes - It better be well documented and always updated as needed)
How do you measure your company (department) effectiness ?
(Use pointers to the process you use, show traceabiliy in different stage of the
development cycle)
What kind of meetings are used ?
(Examples are formal weekly meeting with attendance, agenda, minutes, etc
Informal meeting with no tracking record. If your process states that there will be formal
review meetings, please make use you trace all the attendance, agenda, minutes, results,
etc.)
How do you track your progress ?
(Review meetings, defect report, etc)
What kind of operation controls are used ?
(Team meetings, department meetings, Web, other documentation tool, etc)
How do you track improvement ?
(Review meeting, report tools, Reports on the web, suvery, etc)
What is your Quality records ?
(Formal Development Documents, Documents on the web, etc)
What about training need, how do you identify there is a need ?
(Skills Survey - Do a survery to your employee to find out what they want and map
that into the business need. Keep track of all the records/results with the survery. Also,
track all the way how you are going to close the results. For example, a class is
scheduled for all employee, or due to change in business mission, no action taken. A trace
with "no action" is a valid way to close a training item. Not saying anything is
not.)
(Use of video tape, web, seminars, mentor, etc. Please stay whether that is formal or not)
Specific Quesitons on Training
(There are basic two types of training: Formal and Informal. Formal requires
documentation traceability, Informal does not needed to be traced in detail.)
Where is your trace for training records ?
(Class attendence, on the job university course training, etc)
Do you keep track of attendence when there is a training meeting ?
(A hard copy of names is fine; if the training is informal, say so in your
education documentation)
Is there any way to track on job training ?
(Education record for each employee)
(Note: A education/training plan should include 3 phases:
+ve close: For example, a class is scheduled, etc
-ve close: Due to change in business need, this specific training not need
+ve or -ve, we need some closing action
Can you tell us something about project improvement plan ?
(Team meeting, Project end internal feedback session, Notes/Web discussion
database, External beta program for feedback)
How often do you review your company (department) master process document ?
(A master process document is a document that will contain all the process
information on a company (department). For example, mission statement, processes used,
etc)
The following is a sample of it:
Mission / Responsibilities
Department X is an internet software development company which produces different
internet digital business products. The department is made up almost entirely of interent
system programmers. The department is responsible for products: Remote Internet Printing,
Internet Process Management, Host Connect Java Tool Kit, and Internet Development
Framework.
Processes / Procedures
The following are the processes owned and used:
Quality Improvement Plan (Q.I.P)
Review Approach |
Improvement Item |
Date Completion |
| Using WWW as the major vehicle to track information under the second-line area | TBD | On-going |
| Using Lotus Notes as the main groupware under the second-line area to improve productivity | TBD | On-going |
| Management Quality | Opinion Surveys and Executive Interviews and Roundtables are the vehicles for improvement | On-going |
Operational Controls/Quality Records
| Activity | Approach | Level | Frequency |
| Process Controls | |||
| Weekly Staff Meeting | Meeting | 2nd line managers | Weekly |
| Weekly Project Meeting | Meeting (one on one with 1st line managers) | 2nd line managers | Weekly |
| Management Controls | |||
| Lab Quality Meeting | Meeting | 3rd line managers | Quarterly (4 times a year) |
Quality Records Plan
| Quality Record | Process | Media Type | Where Stored | Storage Owner | Collection Owner | Retention |
| Internal Audits (Completion Management Reports) | Quality System Management Audtion Procedure | Soft Copy | Defect Database | IS Department | Defect Owner / ISO Area Coordinator | Current Defect Database |
| Department Training Records | N/A | Soft Copy | Personel | Personel | Department Manager | Company Personel handles |
| Software Design Document | N/A | Soft Copy | Design Database | Design Database | Department Manager | Current Design Database |
| Quality System Management Reviews - Review of this document | N/A | Soft Copy | Department Web Page | Department Manager | Department Manager | Anually |
Training
The education rep for this department is Employee XYZ.
Department X uses the Company X Site Skills Planning Guide to determine training requirements. The process is described in the Company X Procedures Guide. More details on education information can be obtained from the education rep.
TRAINING for all managers is provided in 4 steps...
| Position/Job | Requirements | Comments |
| Step1: Qualification | ||
| For new managers, or managers moving to a position with significantly higher levels of responsibility | Initial qualification is determined by management review of the individual's:
|
|
| For all managers | Ongoing ability to perform assigned tasks is ensured through the planning counselling and project evaluation process | Based on job performance, documented in reviews and appraisals |
| Step 2: Training Needs | ||
| For all managers | Required training is defined by Personel Department Management Guide | |
| Step 3: Providing Training | ||
| For all managers | Training is provided by Personel Department. Records tracked online by immediate manager | |
| Step 4: Training Records | ||
| For all managers | Appropriate records of completed training and job experience are maintained under the tracking tool by Personnel Department | Note: All Person records are confidential |
TRAINING for all non-manager jobs is provided in 4 steps...
| Position/Job | Requirements | Comments |
| Step 1: Qualification | ||
| For all new hire candidates, non-regulars, and for all other people being considers for transfer into the department | Initial qualification is determined by management review of the individual's
|
|
| For all department members | Ongoing ability to perform assigned tasks is ensured through project reviews and appraisals | |
| Step 2: Training Needs | ||
| For all department members who require training | Training needs are identified by one or more of the following
|
|
| Step 3: Provide Training | ||
| For all department members who require training | Individuals are responsible for enrolling in appropriate training classes through
universities or by attending seminars. Experience (on the job) training is provided by
|
|
| Step 4: Training Records | ||
| Training records for all department members | Appropriate records for completed training and job experience are maintained under Personel Department | Note: All person records are confidential |
QCB Self Reviews
Date Comments / Action Required or Taken Manager
Change History
Date Change Description Entered By
Delegate Authorization List
userID001
userID007
Special Note
This QCB is the most updated master copy. Any other soft or hard copies should be considered as not under formal control.
Do ISO help in work load or bad in general since it does somehow create additional paper work ?
It helps to create a basis for quality products, the image of the company is also improved due to the fact that we are ISO certified. Some customers also require us to be ISO certified. The additional documents are actually useful in doing our job and keep our process dynamic and sound.
It is a great thing. It helps building great processes. We can tun our plan process, software development process as well as a lot of things that is useful to our job. We use process (the core of ISO) in our day to day job. It does not take too much time and help building good business.
Copyright 1996-2001 OpenLoop Computing. All rights reserved.