The Capability Maturity Model for Software, developed by the Software Engineering Institute, and the ISO 9000 series of standards, developed by the International Standards Organization, share a common concern with quality and process management. The purpose of this blog is to contrast the CMM and ISO 9001, showing their differences and simillarities.
Capability Maturity Model for Software:
The CMM for software, describes the principles and practices underlying software process maturity and is intended to help software organization improve the maturity of their software processes in terms of an evolutionary path from ad hoc, chaotic processes to mature. The CMM is organized into five maturity levels. A maturity level is a well defined evolutionary plateau toward achiving a mature software process.
Five Maturity Levels:
1)Initial: The software process is characterized as ad hoc, and even chaotic. Few processes are defined and success depends on indivisual effort and heroics.
2)Repeatable: Basic project management processes are established to track cost, schedule and functionality. The necessary process discipline is in place to repeat earlier successes on project with similar applications. The key process areas are Requirement Management, Software Project planning,Software project Tracking and Oversight, Software Subcontract Management, Software Quality Assurance,Software configuaration Management.
3)Defined: The software process for both management and engineering activities is documented, standardized and integrated into a standard software process for the organization. All projects use an approved, tailored version of the organization's standard software process for developing and maintaining software. The key process areas include Organization process focus, organization process Defination,Training programme, Integrated software management, software product engineering, Intergroup Co-ordination, Peer Reviews.
4)Managed: Detailed measures of the software process and product quality are collected. Both the software process and products are qualitatively understood and controlled. The key process areas include Quality Process Management(QP) Software Quality Management(QM)
5)Optimizing: Continuous process improvement is enabled by quantative feedback from process and from piloting innovative ideas and technologies. The key process areas include Defect Prevention, Technology change management, Process change management.
The ISO 9000 Series of Standards for Quality Management Systems
The ISO 9000 series of standards is a set of documents dealing with quality systems that can be used for external quality assuarnce purposes. They specify quality system requirements for use where a contract between two parties requires the demonstration of a suppliers's capability to design and supply a product.
The quality concepts addressed by these standards are:
1) An organization should achieve and sustain the quality of the product or service produced so as to meet continually the purchaser's stated or implied needs.
2)An organization should provide confidence to its own management that the intended quality is being achieved and sustained.
3)An organization should provide confidence to the purchaser that the intended quality is being, or will be, achieved in the delivered product or service provided. When contractually required, this provision of confidence may involove agreed demonstration requirement.
Mapping ISO 9001 to the CMM
1)Management Responsibility:Both ISO 9001 and CMM requires that the quality policy bedefined, documented, understood, implemented and maintained.
2)Quality System: ISO 9001 requires that a documented quality system, including procedures nad instructions be established. CMM also advocates same through its key process areas.
3)Contract Review:The CMM also explicitly addressed the acquisition of software through subcontracting by the software organization, as described in software subcontract management. Contracts may be with an external customer or with a subcontractor, although that description is not made in ISO 9001.
Clearly there are many strong correlations between ISO 9001 and the CMM, although some issues in ISO 9001 are not covered in the CMM, and vice versa.
The clauses in ISO 9001 with no strong relationship to the CMM key process areas, and which are not well addressed in the CMM, are purchaser-supplier product and handling, storing, packaging and delivery.
The biggest difference, however, between these two documents is the emphasis of CMM on continuosus process improvement. ISO 9001 addresses the minimum criteria for an acceptable quality system.
The biggest similarity is that for both the CMM and ISo 9001, the bottom line is "SAY WHAT YOU DO; DO WHAT YOU SAY"
No comments:
Post a Comment