Why software quality managers should consider ISO 9001:2015
Today’s software quality assurance professionals are looking at quality issues that extend far beyond product inspection to cover all phases of definition, design, development, and maintenance. Those who are looking to improve performance and efficiency would be wise to consider the new ISO 9001:2015 standard, which sets criteria for a quality management system and can be used to assess an organization’s ability to meet customer and regulatory requirements.
Software organizations that are currently registered to the ISO 9001:2008 quality management standard will have until September 2018 to make the transition to the ISO 9001:2015 version. This provides time to transition to the new standard or acquire ISO 9001 registration and certification under the new standard. For more information visit ASQ Quality Management Standards.
Figure. Process-based quality management model showing links to sections in the ISO 9001:2008 standard. (Source: ISO)
Nearly all the sections of the ISO 9001:2015 standard link back to helping improve software quality priority areas:
Requirements are essential to the success of software quality, particularly since 50-60% of software quality issues are traceable directly to the quality of the system or software requirements. They also provide the initial artifacts for evaluation, and serve as the foundation of work upon which subsequent downstream phases or stages depend on for success.
Implementing ISO 9001:2015 can help interested parties influence the development and prioritization of requirements and help establish the validity and acceptance of requirements by key stakeholders. It can also help increase consistency and predictability by following expected processes.
Within the ISO 9001:2015, the emphasis on customer focus aggregates and prioritizes customer and regulatory requirements and considers risks and opportunities in order to achieve outcomes critical to customer satisfaction. ISO 9001:2015 supports the definition of business, functional, and technical requirements to enable and support design, development, and testing. For example, an Automated Teller Machine (ATM) must integrate usability, functionality, and financial compliance rules to have a workable solution that can be deployed and used. Since requirements change, the mechanism for reviewing, approving, and controlling such changes is essential to a sustainable solution.
Design and Code Reviews
Quality management is a key reviewer of design and code to ensure that it is complete, consistent, and testable. This is an important function, not only to assure the engineering components but also to involve the quality function at the earliest stages of design.
ISO 9001:2015 provides an initial review to validate alignment of designs to relevant quality objectives and conformance to requirements. This can help identify early software quality issues that might be overlooked and highlight requirements that may be complex or ambiguous.
Within the ISO 9001:2015, the emphasis on Awareness, Design and Development, and Control of External Components reviews and tracks scope of features and suitability of components prior to integration. ISO 9001:2015 supports the coverage and assurance of designed and acquired objects and code. This is particularly necessary if the design applies multiple coding languages and protocols into the overall solution.
Software Verification and Validation
Software quality is often synonymous with software testing, which itself comprises multiple levels of testing with respect to breadth, complexity, and techniques. Verification refers to the confirmation that systems and software align and fulfill explicit specifications, while validation confirms the proper operation with respect to the intended use of the system or software in its expected operating environment.
However, the resources conducting verification and validation must be properly trained with necessary testing techniques and system or application under test. ISO 9001:2015 can help reduce churn or delay from ‘tester error’ and provide assurance in testing validity and outcomes.
Within the ISO 9001:2015, the emphasis on resources and competence ensure that qualified and suitable people apply appropriate test techniques to reveal those design and functionality defects that would imperil successful use and deployment. ISO 9001:2015 supports the monitoring, measurement, analysis, and evaluation to ensure that desired levels of functionality, reliability, usability, maintainability, and performance are present. For example, an online tax preparation service that is intended for both computer and mobile platforms would require accuracy, usability, and functionality across all devices intended for use and deployment. Since customer satisfaction and risk management are affected, these would be essential drivers for this initiative.