New Page 1

Continuous Quality Improvement (CQI)
Embedded QA
ISO Consulting
Size Modelling

 
ISO Consulting

A suggested methodology to Implementing ISO 9001 in a software development and support organization:

Having acquired experience in implementing ISO 9001 in several software development organizations, CybrQ has developed a methodology and framework that enables organizations to quickly and effectively develop and deploy processes aligned to the requirements of ISO 9001. In addition, CyberQ has developed a set of critical success factors for such a program.

Critical Success Factors

  1. Management commitment: The decision to go ahead with development and deployment of these processes is a crucial one and one that needs intense management commitment. In fact, we believe that the single most critical factor influencing the success of this program is continued management commitment to be a quality organization - there are several temptations and pitfalls and it is only the leadership drive and vision that takes an organization along the quality path. Incidentally, one of the milestones on this path would be ISO 9001 but this would, by no means, be the end of the journey.

  2. Resource availability: Organizations need to develop processes which are effective, easy to use and fulfill the requirements of ISO 9001. These are best done by dedicated resources within the organization. A consulting organization like ours can provide a lot of inputs and guidance, but it is highly recommended that the processes are developed internally. Hence, human resources need to be made available.

  3. Adequate guidance and support: This is where a consultant is most useful. The consultant brings not only his knowledge of ISO 9000 and quality but also how these should be implemented to ensure that the organization does not become burdened with undue bureaucratic processes. He also brings his knowledge of the way that similar organizations implement these processes. It is important therefore for the consultant to be experienced in both quality and Information Technology.

However, this resource may be available within the organization. We have seen though that value is still imparted with the perception of an "outsider and impartial view" being attached to outside consultants.

Methodology

  • Launch ISO 9001
    This consists mainly of training with the objective of motivating, educating and charting out a project plan for the ISO 9001 program. Identification of Management Representative and Quality Coordinator
     
    Client Organization identifies a Management Representative (MR) as well as a Quality Coordinator (who may be the same person). This would be done during the launch period or before.

  • Process Writing
         The Process Writing activity as defined in the project plan is carried out, supervised by the MR (the process writing normally would take about 3 months). CyberQ consultants may be involved for 2-3 days a month for reviewing the documents.

    Very often, client organizations require training on various subjects during this period - e.g. Project Management, Software Testing, S/W Internal Auditor training etc. CyberQ consultants will be able to provide these. CyberQ may also advise other sources from where these training may be taken.

  • Internal Audit - Process Modification Cycle
    The Internal Audits are carried out -- modifications to processes are suggested and carried out (we would expect about 4 internal audits at monthly intervals -- while we would normally do the 1st, 2nd and 4th audits the client could do the 3rd internal audit themselves. Each Internal Audit would last 2-3 days).

  • Apply for certification
    CyberQ will help the client in identifying the certifying agency as well as in preparing the application.

  • Pre-assessment audit
    Pre-assessment audit carried out by the certifying agency.

  • Internal Audit
    Internal audit by CyberQ before the assessment audit by the certifying agency.

  • Assessment audit
    Generally, this is carried out approximately 6 weeks after the pre-assessment audit.
    Assessment audit carried out by the certifying agency.

  • Post ISO 9001 support
    CyberQ will continue to support the client to embark upon a continuous improvement program. This will include training, consultancy and internal audits.

  • Surveillance audits
    The certification agency will conduct these audits every 6 months till a recertification audit which will be done three years from the date of the first certification audit.
 
New Page 1
© Copyright 2006, CyberQ Consulting | All Rights Reserved

designed by: cross section