How ISO 9001 Compares with CMM Mark C
- Slides: 17
How ISO 9001 Compares with CMM Mark C. Paulk JAN, 1995 CMM version 1. 1 ISO 9001 July 1994 presented by Zhilan Zhou
CMM OVERVIEW CMM(Capability Maturity Model ) • Developed by Software Engineering Institute • Describes the principles and practices underlying softwareprocess maturity • Help organizations improve the maturity of their software processes • Help customers to identify the strengths, weakness and risks associated with their software suppliers
CMM Five Level Five levels • • • Initial Repeatable Defined Managed Optimizing Each level has a set of key process areas Each key process area comprises a set of key practices
Key process areas in the CMM level 5 Optimizing 4 Managed 3 Defined 2 Repeatable 1 Initial Key Process Areas Defect prevention Technology change management Process change management Quantitative process management Software quality management Organization process focus Organization process definition Training program Integrated software management Software product engineering Intergroup coordination Peer reviews Requirements management Software quality assurance Software project tracking and oversight Software project planning Software subcontract management Software configuration management
Organization of key practices Common features • Commitment to perform • Ability to perform • Activities performed • Measurement and analysis • Verifying implementation
CMM key practices Describe • what actions must the organization take to ensure that the process is established and will endure • what preconditions must exist to implement the software process competently • what roles and procedures are necessary to implement a key process area • what procedures are needed to measure the process and analyze the measurements • what steps are needed to ensure that activities are performed in compliance with the established process
ISO 9000 OVERVIEW ISO 9000 • Developed by Int’l Org. for Standardization • Specify quality-system requirements • ISO 9000 -3 – guidelines for applying ISO 9001 • Demonstrate supplier’s capability to design and supply a product • Ensure that the supplier conforms to specified requirements during several stages of development
Mapping ISO 9001 with CMM ISO 9001 clause Strong Relationship Judgmental Relationship 4. 1: Management responsibility Commitment to perform Software project planning(2) Software project tracking and oversight(2) Software quality assurance(2) 4. 2: Quality system Verifying implementation Software project planning(2) Software quality assurance(2) Software product engineering(3) 4. 3: Contract review Requirements management(2) Software project planning(2) 4. 4: Design control Software project planning(2) Software project tracking and oversight(2) Software configuration management(2) Software product engineering(3) Software quality management(4) 4. 5: Document and data control Software configuration management(2) Software product engineering(3) - Ability to perform Verifying implementation Software quality management(4) Organization process definition(3) Software subcontract management(2)
Mapping ISO 9001 with CMM ISO 9001 clause Strong Relationship Judgmental Relationship 4. 6: Purchasing Software subcontract management(2) - 4. 7: Control of customer-supplied product - Software subcontract management(2) 4. 8: Product identification and traceability Software configuration management(2) Software product engineering(3) 4. 9: Process control Software project planning(2) Software quality assurance(2) Software product engineering(3) 4. 10: Inspection and testing Software product engineering(3) Peer reviews(3) Quantitative process management(4) Technology change management(5) -
Mapping ISO 9001 with CMM ISO 9001 clause 4. 11: Control of inspection, test equipment and measuring Strong Relationship Software product engineering(3) 4. 12: Inspection and test status Software configuration management(2) Software product engineering(3) 4. 13 : Control of nonconforming product Software configuration management(2) Software product engineering(3) 4. 14: Corrective and preventive action 4. 15: Handling, storage, packaging, preservation, and delivery Software quality assurance(2) Software configuration management(2) - Judgmental Relationship - Defect prevention(5) Software configuration management(2) Software product engineering(3)
Mapping ISO 9001 with CMM ISO 9001 clause Strong Relationship Judgmental Relationship 4. 16: Control of quality records Software configuration management(2) Software product engineering(3) Peer reviews(3) - 4. 17: Internal quality Verifying implementation Software quality assurance(2) audits 4. 18: Training Ability to perform Training program(3) - - 4. 19: Servicing Defect prevention(5) 4. 20: Statistical techniques Organization process definition(3) Quantitative process management(4) Software quality management(4) Measurement and analysis
Mapping Summary • Every CMM key process area is at least weakly related to ISO 9001 in some way • Every CMM key process area at level 2 is strongly related to ISO 9001 • High degree of overlap • Rigid mapping is impractical • Although the CMM does not adequately address some specific issues, in general it encompasses the concerns of ISO 9001, but the converse is less true
Compare Conclusion Common • Similar issues quality and process management • Same bottom line “Say what you do; Do what you say”
Compare Conclusion Difference • CMM * More detailed guidance and software specificity * Explicit emphasis of CMM on continuous process improvement * Focuses strictly on software • ISO 9001 * High level of abstraction * Address only the minimum criteria for an acceptable quality system * Has a much broader scope that encompasses hardware, software, processed material and services
Compliance Issues • At first glance, an organization with an ISO 9001 certificate would have to be at level 3 or 4 in the CMM. In reality, some level 1 organizations have been certified * ISO 9001’s high level of abstraction * ISO 9001 doesn’t address all the CMM practices. * An auditor may not require mastery to satisfy the corresponding ISO 9001 clause • Obtaining ISO 9001 certification should be relatively straightforward for a level 2 or higher organization.
CMM or ISO 9001 Whether software process improvement should be based on the CMM or ISO 9001? • CMM is the better choice for structuring a process- improvement program • In order to build a competitive advantage, we need consider both: continuous process improvement + total quality management
“This analysis is subjective, but I hope it is objective enough to be worthwhile……” (END)
- Used il acl 9000
- Ohsas 18001 iso 14001 comparison
- Iso 9002 wikipedia
- Norma iso 9001 2008
- Matriz de riesgos y oportunidades iso 14001
- Klausul 5 iso 9001
- Iso 9001 date format
- Iso tc 176 sc 2
- Iso is not an acronym
- Iso 9001 vs cmmi
- Iso 9001:2015 risk assessment example
- Nsf iso 9001
- Laros iso 9001
- Efqm
- Norma tecnica colombiana iso 9001
- änderungsmanagement iso 9001
- Iso 9000 2015 pdf
- Controle de informação documentada iso 9001