How ISO 9001 Compares with CMM Mark C

  • Slides: 17
Download presentation
How ISO 9001 Compares with CMM Mark C. Paulk JAN, 1995 CMM version 1.

How ISO 9001 Compares with CMM Mark C. Paulk JAN, 1995 CMM version 1. 1 ISO 9001 July 1994 presented by Zhilan Zhou

CMM OVERVIEW CMM(Capability Maturity Model ) • Developed by Software Engineering Institute • Describes

CMM OVERVIEW CMM(Capability Maturity Model ) • Developed by Software Engineering Institute • Describes the principles and practices underlying softwareprocess maturity • Help organizations improve the maturity of their software processes • Help customers to identify the strengths, weakness and risks associated with their software suppliers

CMM Five Level Five levels • • • Initial Repeatable Defined Managed Optimizing Each

CMM Five Level Five levels • • • Initial Repeatable Defined Managed Optimizing Each level has a set of key process areas Each key process area comprises a set of key practices

Key process areas in the CMM level 5 Optimizing 4 Managed 3 Defined 2

Key process areas in the CMM level 5 Optimizing 4 Managed 3 Defined 2 Repeatable 1 Initial Key Process Areas Defect prevention Technology change management Process change management Quantitative process management Software quality management Organization process focus Organization process definition Training program Integrated software management Software product engineering Intergroup coordination Peer reviews Requirements management Software quality assurance Software project tracking and oversight Software project planning Software subcontract management Software configuration management

Organization of key practices Common features • Commitment to perform • Ability to perform

Organization of key practices Common features • Commitment to perform • Ability to perform • Activities performed • Measurement and analysis • Verifying implementation

CMM key practices Describe • what actions must the organization take to ensure that

CMM key practices Describe • what actions must the organization take to ensure that the process is established and will endure • what preconditions must exist to implement the software process competently • what roles and procedures are necessary to implement a key process area • what procedures are needed to measure the process and analyze the measurements • what steps are needed to ensure that activities are performed in compliance with the established process

ISO 9000 OVERVIEW ISO 9000 • Developed by Int’l Org. for Standardization • Specify

ISO 9000 OVERVIEW ISO 9000 • Developed by Int’l Org. for Standardization • Specify quality-system requirements • ISO 9000 -3 – guidelines for applying ISO 9001 • Demonstrate supplier’s capability to design and supply a product • Ensure that the supplier conforms to specified requirements during several stages of development

Mapping ISO 9001 with CMM ISO 9001 clause Strong Relationship Judgmental Relationship 4. 1:

Mapping ISO 9001 with CMM ISO 9001 clause Strong Relationship Judgmental Relationship 4. 1: Management responsibility Commitment to perform Software project planning(2) Software project tracking and oversight(2) Software quality assurance(2) 4. 2: Quality system Verifying implementation Software project planning(2) Software quality assurance(2) Software product engineering(3) 4. 3: Contract review Requirements management(2) Software project planning(2) 4. 4: Design control Software project planning(2) Software project tracking and oversight(2) Software configuration management(2) Software product engineering(3) Software quality management(4) 4. 5: Document and data control Software configuration management(2) Software product engineering(3) - Ability to perform Verifying implementation Software quality management(4) Organization process definition(3) Software subcontract management(2)

Mapping ISO 9001 with CMM ISO 9001 clause Strong Relationship Judgmental Relationship 4. 6:

Mapping ISO 9001 with CMM ISO 9001 clause Strong Relationship Judgmental Relationship 4. 6: Purchasing Software subcontract management(2) - 4. 7: Control of customer-supplied product - Software subcontract management(2) 4. 8: Product identification and traceability Software configuration management(2) Software product engineering(3) 4. 9: Process control Software project planning(2) Software quality assurance(2) Software product engineering(3) 4. 10: Inspection and testing Software product engineering(3) Peer reviews(3) Quantitative process management(4) Technology change management(5) -

Mapping ISO 9001 with CMM ISO 9001 clause 4. 11: Control of inspection, test

Mapping ISO 9001 with CMM ISO 9001 clause 4. 11: Control of inspection, test equipment and measuring Strong Relationship Software product engineering(3) 4. 12: Inspection and test status Software configuration management(2) Software product engineering(3) 4. 13 : Control of nonconforming product Software configuration management(2) Software product engineering(3) 4. 14: Corrective and preventive action 4. 15: Handling, storage, packaging, preservation, and delivery Software quality assurance(2) Software configuration management(2) - Judgmental Relationship - Defect prevention(5) Software configuration management(2) Software product engineering(3)

Mapping ISO 9001 with CMM ISO 9001 clause Strong Relationship Judgmental Relationship 4. 16:

Mapping ISO 9001 with CMM ISO 9001 clause Strong Relationship Judgmental Relationship 4. 16: Control of quality records Software configuration management(2) Software product engineering(3) Peer reviews(3) - 4. 17: Internal quality Verifying implementation Software quality assurance(2) audits 4. 18: Training Ability to perform Training program(3) - - 4. 19: Servicing Defect prevention(5) 4. 20: Statistical techniques Organization process definition(3) Quantitative process management(4) Software quality management(4) Measurement and analysis

Mapping Summary • Every CMM key process area is at least weakly related to

Mapping Summary • Every CMM key process area is at least weakly related to ISO 9001 in some way • Every CMM key process area at level 2 is strongly related to ISO 9001 • High degree of overlap • Rigid mapping is impractical • Although the CMM does not adequately address some specific issues, in general it encompasses the concerns of ISO 9001, but the converse is less true

Compare Conclusion Common • Similar issues quality and process management • Same bottom line

Compare Conclusion Common • Similar issues quality and process management • Same bottom line “Say what you do; Do what you say”

Compare Conclusion Difference • CMM * More detailed guidance and software specificity * Explicit

Compare Conclusion Difference • CMM * More detailed guidance and software specificity * Explicit emphasis of CMM on continuous process improvement * Focuses strictly on software • ISO 9001 * High level of abstraction * Address only the minimum criteria for an acceptable quality system * Has a much broader scope that encompasses hardware, software, processed material and services

Compliance Issues • At first glance, an organization with an ISO 9001 certificate would

Compliance Issues • At first glance, an organization with an ISO 9001 certificate would have to be at level 3 or 4 in the CMM. In reality, some level 1 organizations have been certified * ISO 9001’s high level of abstraction * ISO 9001 doesn’t address all the CMM practices. * An auditor may not require mastery to satisfy the corresponding ISO 9001 clause • Obtaining ISO 9001 certification should be relatively straightforward for a level 2 or higher organization.

CMM or ISO 9001 Whether software process improvement should be based on the CMM

CMM or ISO 9001 Whether software process improvement should be based on the CMM or ISO 9001? • CMM is the better choice for structuring a process- improvement program • In order to build a competitive advantage, we need consider both: continuous process improvement + total quality management

“This analysis is subjective, but I hope it is objective enough to be worthwhile……”

“This analysis is subjective, but I hope it is objective enough to be worthwhile……” (END)

ISO 9001 ISO 9001 ISO 9001 19942008 ISOISO 9001 ISO 9001 ISO 9001 19942008 ISO
ISO 9001 2015 Questce quISO 9001 ISO 9001ISO 9001 2015 Questce quISO 9001 ISO 9001
ISO 9001 2015 What is ISO 9001 ISOISO 9001 2015 What is ISO 9001 ISO
ISO 9001 2015 What is ISO 9001 ISOISO 9001 2015 What is ISO 9001 ISO
Eraikintzako mikroeteentzako ISO 9001 gidaliburua Gua ISO 9001Eraikintzako mikroeteentzako ISO 9001 gidaliburua Gua ISO 9001
ISO 9001 2015 A norma ISO 9001 utilizadaISO 9001 2015 A norma ISO 9001 utilizada
Eraikintzako mikroeteentzako ISO 9001 gidaliburua Gua ISO 9001Eraikintzako mikroeteentzako ISO 9001 gidaliburua Gua ISO 9001
ISO 9001 2008 REVZYONU Bu sunum ISO 9001ISO 9001 2008 REVZYONU Bu sunum ISO 9001
MSZ EN ISO 9001 2009 EN ISO 9001MSZ EN ISO 9001 2009 EN ISO 9001
ISO 9001 2008 to ISO 9001 2015 SummaryISO 9001 2008 to ISO 9001 2015 Summary
Vagner Jos Diegas ISO 9001 ISO 9001 CONCEITOVagner Jos Diegas ISO 9001 ISO 9001 CONCEITO
ISO 9001 ISO 9001 is among ISOs mostISO 9001 ISO 9001 is among ISOs most
ISO 9001 2015 STANDARD REVZYONU ISO 9001 2015ISO 9001 2015 STANDARD REVZYONU ISO 9001 2015
ISO 9001 2008 DEKLKLER Sara Danmanlk ISO 9001ISO 9001 2008 DEKLKLER Sara Danmanlk ISO 9001
ISO 9001 2000 ISO 9001 is the creationISO 9001 2000 ISO 9001 is the creation
Eraikintzako mikroeteentzako ISO 9001 gidaliburua Gua ISO 9001Eraikintzako mikroeteentzako ISO 9001 gidaliburua Gua ISO 9001