Relationship to Software Engineering Standards

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Relationship to Software Engineering Standards"

Transcription

1 Chapter3 Relationship to Software Engineering Standards STANDARDS ORGANIZATIONS Standards organizations are bodies, organizations, and institutions that produce standards. These organizations develop standards to provide stability and consistency, with the hope oflowering costs in any industry or enterprise. Software standards play an important role as they can be used to reduce costs and complexity when buying software systems and they can be used to monitor the quality of the systems and products that are produced. Software standards are also an excellent reference on what is considered good practice by the international community of professionals that work in these areas. ISO Technical Committee 176 on Quality Management and Quality Assurance lim Organization for 9Jii I International Stondordization The International Organization for Standardization (ISO) is a network ofthe national standards institutes ofover 150 countries, formed on the basis ofone member per country. The United States is representedby the AmericanNational Standards Institute (ANSI). The hallmark ofiso standards are that they are consensus-based, market driven, voluntary, and are used in worldwide agreements. ISO has numerous Technical Committees (TCs). TC 176 on Quality Management and Quality Assurance is responsible for developing the ISO 9000 series of standards and guidance documents. The TC 176 scope is standardization in the field ofgeneric quality management, including quality systems, quality assurance, and generic supporting technologies, including standards that provide guidance on the selection and use of these standards. Member nations maintain and revised the Quality Management and Practical Supportfor ISO 9001 Software Project Documentation. By S. Land and J. Walz IEEE Computer Society

2 16 Chapter 3 Relationship to Software Engineering Standards Quality Assurance Standards. TC 176 produced the ISO 9001:2000 in December 2000 and expects its revisions to be published by year end International Electrotechnical Commission The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes international standards for all electrical, electronic, and related technologies. Together, ISO, IEC, and ITU (International Telecommunication Union) have built a strategic partnership with the WTO (World Trade Organization) with the common goal of promoting a free and fair global trading system. ISOIIEC Joint Technical Committee 001 ISO.lye 1 rrc -::;- =====. NF MATI N T HN Y NOA For software and system standards, ISO and IEC created the ISO/IEC Joint Technical Committee 001 "Information technology" (JTC 1) for standardization in the field ofinformation technology. JTCI Information Technology includes the specification, design, and development of systems and tools dealing with the capture, representation, processing, security, transfer, interchange, presentation, management, organization, storage, and retrieval of information. ISOIIEC JTC1 SC7 Software and Systems Engineering Standards Committee One JTC 1 subcommittee (SC) is SC7 Software and Systems Engineering. This SC was created in 1997, with the scope ofthe standardization ofprocesses, supporting tools, and supportingtechnologies for the engineering ofsoftware products and systems. Figure 3-1 illustrates how SC7 scope interacts with other SCs and disciplines. ISO TC176 transferred ISO 9001 software guidance responsibilities to ISOIIEC JTC1/SC7. Thus, JTC1/SC7 published the ISO/IEC Software and System Engineering-Guidelines for the Application ofiso 9001:2000 to Computer Software in JTCl/SC7 has published almost 90 standards and 25 are currently under development. Due to the large collection of software engineering standards developed by the IEEE Software and Systems Engineering Standards Committee, JTCl/SC7 has an active liaison with IEEE Computer Society.

3 Standards Organizations 17 Project Management SOFTWARE and SYSTEMS ENGINEERING Safety OECTC65}, Security, other mission-critical Figure 3-1. Interaction ofsc7 scope with other TCs and disciplines. American National Standards Institute ~rds The American National Standards Institute (ANSI) is a private, nonprofit organization [501(c)3] that administers and coordinates the U.S. voluntary standardization and conformity assessment system. The Institute's mission is to enhance both the global competitiveness of U.S. business and the U.S. quality of life by promoting and facilitating voluntary consensus standards and conformity assessment systems, and safeguarding their integrity. 1 ANSI facilitates the development of American National Standards (ANS) by accrediting the procedures of standardsdeveloping organizations (SDOs). These groups work cooperatively to develop voluntary national consensus standards. Accreditation by ANSI signifies that the procedures used by the standards body in connection with the development of American National Standards meet the Institute's essential requirements for openness, balance, consensus, and due process. ANSI has over 200 SDOs, with the 20 largest SDO producing 90% of the standards. One of the largest SDO is IEEE-SA. '

4 18 Chapter 3 Relationship to Software Engineering Standards Institute of Electrical and Electronics Engineers +IEEE The Institute of Electrical and Electronics Engineers, Inc. (IEEE) is a nonprofit technical professional association of more than 360,000 individual members in approximately 150 countries. IEEE promotes the engineering process of creating, developing, integrating, sharing, and applying knowledge about electronic and information technologies and sciences for the benefit of humanity and the profession. The Institute provides groups the opportunity to take part in shaping the direction of technology and its marketplace application by developing industry-driven standards. IEEE holds annually more than 300 major conferences and produces 30% of the world's published literature in electrical engineering, computers, and control technology." The Institute provides wide technology coverage over 40 societies. The largest is the IEEE Computer Society (IEEE CS). The IEEE CS is a leading international provider of technical information and services in computer and information processing technology and was founded in Today, with nearly 100,000 members, the IEEE CS is the world's leading organization of computer professionals. IEEE CS is dedicated to advancing the theory, practice, and application of computer and information processing technology. The Society is considered to be the leading provider of technical information and services to the world's computing professionals. It fosters international communication, cooperation, and information exchange, as over 40% of the members live and work outside the United States.' The IEEE SDO is the Standards Association (IEEE-SA). The IEEE-SA is a world-renowned, independent American National Standards Institute (ANSI) accredited SDO. The IEEE-SA is an independent professional and credible standardssetting body that develops industry-driven standards based on current scientific consensus, either through individual experts or corporate entities. IEEE-SA is an honest information broker for resolving issues and developing consensus to find industry solutions. They provide benefits for corporate growth and exposure, and to help provide business initiatives with lower risk through use of IEEE standards. IEEE-SA maintains a large portfolio ofmore than 900 active standards and 700 indevelopment projects. These standards and development projects are managed by over 140 Standards Committees. One such Standards Committee is the Software and Systems Engineering Standards Committee (S2ESC). IEEE standards are internationally implemented in an array of environments, all resulting in the improved competitiveness ofcompanies incorporating them and adding value to industry and the marketplace. 2www.ieee.org 3www.computer.org

5 IEEE S2ESC Software and Systems Engineering Standards Committee [~/ EeE s~.::.~.'4.. I. E~ Standards Organizations 19 The IEEE Software and Systems Engineering Standards Committee (S2ESC) is rapidly approaching its 30th anniversary. In 1976, this arm of the IEEE Computer Society was chartered to develop the first standards for software engineering. S2ESC was chartered with the vision to develop a family of products and services based on software engineering standards for use by practitioners, organizations, and educators to: (1) improve the effectiveness and efficiency of their software engineering processes; (2) improve communications between acquirers and suppliers, and (3) to improve the quality of delivered software and systems containing software. This section describes S2ESC, the contribution it has made to the software engineering community over these last 30 years, and how S2ESC continues to ensure that its products are relevant, valued, and reflect best current practice [69]. From a narrow perspective, S2ESC manages the scope and direction of IEEE Software and Systems Engineering and Standards. S2ESC is the standards arm of the IEEE Technical Council on Software Engineering (TCSE), and has worked to provide a standards collection that: Provides a consistent view ofthe state ofthe practice Is aligned with the Software Engineering Body ofknowledge (SWEBOK) Addresses practitioner concerns Is affordable From a broader perspective, in addition to the development of standards, S2ESC develops supporting knowledge products and sponsors or cooperates in annual conferences and workshops in its subject area. S2ESC also participates in international standards making as a member of the U.S. Technical Advisory Group (TAG) to ISO/IEC JTC I/SC7 and as a direct liaison to SC7 itself. The mission of the S2ESC is: 1. To develop and maintain a family of software and systems engineering standards that is relevant, coherent, comprehensive, and effective in use. These standards are for use by practitioners, organizations, and educators to improve the effectiveness and efficiency of their software engineering processes, to improve communications between acquirers and suppliers, and to improve the quality of delivered software and systems containing software.

6 20 Chapter 3 Relationship to Software Engineering Standards 2. To develop supporting knowledge products that aid practitioners, organizations, and educators in understanding and applying our standards. 3. To support and promote a Software Engineering Body of Knowledge, certification mechanisms for software engineering professionals, and other products contributing to the profession ofsoftware engineering. ISO/IEC JTC1 SC7 Software and Systems Engineering Standards Committee (S2ESC) At the center of software engineering standardization in the United States is the Software and Systems Engineering Standards Committee (S2ESC) of the IEEE Computer Society. This IEEE CS standards development sponsor maintains over 40 standards that directly support the practice of software and systems engineering. The counterpart of S2ESC in the international forum is ISO/IEC JTC 1 SC7 S2ESC participates in SC7 through the Computer Society's membership in the U.S. Technical Advisory Group (TAG) that formulates national positions and selects the delegation for meetings of SC7. The CS also has a category A liaison to SC7, permitting direct participation with the exception of voting. Figure 3-2 shows the relationship ofthe IEEE CS to other SOOs. RELATIONSHIPS AMONG ISO 9001, ISO 90003, IEEE 12207, AND ISOnEC There are relationships among quality assurance, life cycle processes, and process assessment standardizations. ISO 9001, ISO/IEC 90003, IEEE 12207, and ISO/IEC are all important to completely understand the requirements ofiso 9001 for a software engineering organization. ISO 9001 represents quality assurance at the system level. ISO/IEC gives the SE organization guidance on how to apply ISO 9001 on a software project. IEEE represents the processes employed throughout the life cycle of a software product. Each one of the ISO/IEC Figure 3-2. Relationship of S2ESC to other snos.

7 Software Engineering Body of Knowledge (SWEBOK) 21 clauses that are software unique point to the applicable process in IEEE software development life cycle to provide more details on implementation considerations. ISO/IEC represents process assessment as applied in SE organizations. IEEE provides the baselines oflife cycle processes to the ISO/IEC assessment process. ISO 9001 provides the basis for quality assurance to both IEEE and ISO/IEC as described by Figure 3-3. SOFTWARE ENGINEERING BODY OF KNOWLEDGE (SWEBOK) The purpose of the Guide to the Software Engineering Body of Knowledge (SWE BOK) is to provide a consensually validated characterization of the bounds of the software engineering discipline and to provide a topical access to the Body of Knowledge supporting that discipline. Software Quality is one of the ten SWEBOK Knowledge Areas (KA) and deals with software quality considerations that transcend the software life cycle processes. As software quality is a ubiquitous concern in software engineering, it is also considered in many of the other SWEBOK KAs, including Software Engineering Management and Software Engineering Process. The Software Engineering Management KA can be defined as the application of management..... : ~.iiii~l&... -r,:i...' - "'II ~....." Figure 3-3. ISO 9001 as a basis for quality assurance.

8 22 Chapter 3 Relationship to Software Engineering Standards activities-planning, coordinating, measuring, monitoring, controlling, and reporting-to ensure that the development and maintenance of software is systematic, disciplined, and quantified. The Software Engineering Process KA is concerned with the definition, implementation, assessment, measurement, management, change, and improvement of the software life cycle processes themselves. ISO 9001 implementation and usage will directly contribute to these three SWEBOK KAs. In order to circumscribe software engineering, it is necessary to identify the disciplines with which software engineering shares a common boundary. Two of the eight SWEBOK Related Disciplines of Software Engineering cover the usage of ISO 9001 as described by Table 3-1. Quality Management is one of the eight Related Disciplines and is defined in ISO as "coordinated activities to direct and control an organization with regard to quality." The main reference on quality management is ISO 9001:2000 Quality Management Systems Requirements. Project Management (PM) is another Related Disciplines. Project Management is defined in the Guide to the Project Management Body of Knowledge" (PMBOK Guide). PMBOK has nine Knowledge Areas, one is Project Quality Management, which is intended to be compatible with that ofthe ISO 9001 and has three major project quality management processes: Quality Planning, Quality Assurance, and Quality Control. CAPABILITY MATURITY MODEL INTEGRATED (CMMI) The Software Engineering Institute (SEI) developed the Capability Maturity Model Integrated (CMMI) framework in Portions ofthis framework are described as Table 3-1. SWEBOK relationship to ISO 9001 Knowledge areas Topical areas Topics related to ISO 9001 Software Quality Software Quality Software Engineering Fundamentals Process Quality Software Quality Management Processes Practical Considerations Quality Improvement Software Quality Assurance Software Quality ManagementTechniques Software Engineering Software Project Planning Quality Management Management Software Engineering Process Definition Software Life Cycle Processes Process Process Assessment Process Assessment Models

9 Capability Maturity Model Integrated (CMMI) 23 generic practices (GP) and are applicable to all CMMI process areas. Generic practices provide institutionalization to ensure that the processes associated with the process area will be effective, repeatable, and lasting. In a similar purpose, ISO 9001 requires institutionalization to ensure that all business processes will be effective, repeatable, and lasting. Table 3-2 provides a cross-reference of CMMI GP to ISO 9001 requirement clauses and shows good coverage for most of ISO Table 3-2. CMMI generic practices and ISO 9001 cross reference Abbreviation GGI GP 1.1 GG2 GP 2.1 GP 2.2 GP 2.3 GP2.4 GP2.5 GP2.6 GP2.7 GP2.8 GP2.9 GP 2.10 GG3 GP3.1 GP 3.2 CMMI generic goals and practices Achieve Specific Goals Perform base practices. Institutionalize a Managed Process Establish and maintain an organizational policy for planning and performing the processes. Establish and maintain the plan for performing the processes. Provide adequate resources for performing the processes, developing the work products, and providing the services of the process. Assign responsibility and authority for performing the process, developing the work products, and providing the services of the processes. Train the people performing or supporting the processes as needed. Place designated work products of the processes under appropriate levels of configuration management. Identify and involve the relevant stakeholders of the processes as planned. Monitor and control the processes against the plan for performing the process and take appropriate corrective action. Objectively evaluate adherence of the processes against its process description, standards, and procedures, and address noncompliance. Review the activities, status, and results ofthe processes with higher-level management and resolve issues. Institutionalize a Defined Process Establish a defined process. Collect improvement information. ISO 9001 clauses ,4.2.1,5.1,5.5.3, 7.6, , 4.2.2, 5.4.2, 7.1,7.3,7.5.1,7.6, 8.1, ,6.1, , , 4.2.3, 4.2.4, 7.3.7, ,7.2.3,7.3.2, ,7.5.1,7.6, , 7.6, , 5.6.2, 5.6.3, 7.2.2, 7.3.2, ,

Corporate Program. Consensus WE BUILD IT. Giving Industry a Direct Voice in the IEEE Standards Association

Corporate Program. Consensus WE BUILD IT. Giving Industry a Direct Voice in the IEEE Standards Association Corporate Program Giving Industry a Direct Voice in the IEEE Standards Association Consensus WE BUILD IT. 445 Hoes Lane, Piscataway, NJ 08854 USA standards.ieee.org Tel. +1 732-981-0060 Fax +1 732-562-1571

More information

American National Standards. value of the ANS designation

American National Standards. value of the ANS designation American National Standards value of the ANS designation accreditation and approval The American National Standards Institute (ANSI) coordinates, facilitates, and promotes the development of voluntary

More information

ISO/IEC Information & ICT Security and Governance Standards in practice. Charles Provencher, Nurun Inc; Chair CAC-SC27 & CAC-CGIT

ISO/IEC Information & ICT Security and Governance Standards in practice. Charles Provencher, Nurun Inc; Chair CAC-SC27 & CAC-CGIT ISO/IEC Information & ICT Security and Governance Standards in practice Charles Provencher, Nurun Inc; Chair CAC-SC27 & CAC-CGIT June 4, 2009 ISO and IEC ISO (the International Organization for Standardization)

More information

International Software & Systems Engineering. Standards. Jim Moore The MITRE Corporation Chair, US TAG to ISO/IEC JTC1/SC7 James.W.Moore@ieee.

International Software & Systems Engineering. Standards. Jim Moore The MITRE Corporation Chair, US TAG to ISO/IEC JTC1/SC7 James.W.Moore@ieee. This presentation represents the opinion of the author and does not present positions of The MITRE Corporation or of the U.S. Department of Defense. Prepared for the 4th Annual PSM Users Group Conference

More information

Standards & Practices for the software and system engineers /

Standards & Practices for the software and system engineers / Standards & Practices for the software and system engineers / professionals John Walz J.Walz@computer.org IEEE Computer Society 1 st VP IEEE Software & Systems Engineering i Standards d Committee Systems

More information

82-03-10 Development and Implementation of Security Standards John P. Hopkinson Payoff

82-03-10 Development and Implementation of Security Standards John P. Hopkinson Payoff 82-03-10 Development and Implementation of Security Standards John P. Hopkinson Payoff This article describes the groups involved in the process of developing standards for information security. The method

More information

A COMPARISON OF FIVE APPROACHES TO SOFTWARE DEVELOPMENT. David J. Schultz. January 21, 2000

A COMPARISON OF FIVE APPROACHES TO SOFTWARE DEVELOPMENT. David J. Schultz. January 21, 2000 A COMPARISON OF FIVE APPROACHES TO SOFTWARE DEVELOPMENT David J. Schultz January 21, 2000 1. Introduction This white paper addresses five approaches, or methodologies, for software engineering (SWE): The

More information

Selection and use of the ISO 9000 family of standards

Selection and use of the ISO 9000 family of standards Selection and use of the ISO 9000 family of standards ISO and international standardization ISO/TC 176, Quality management and quality assurance ISO is the International Organization for Standardization.

More information

Guidance for ISO liaison organizations Engaging stakeholders and building consensus

Guidance for ISO liaison organizations Engaging stakeholders and building consensus Guidance for ISO liaison organizations Engaging stakeholders and building consensus ISO in brief ISO is the International Organization for Standardization. ISO has a membership of 163* national standards

More information

Identity Management Initiatives in identity management and emerging standards Presented to Fondazione Ugo Bordoni Rome, Italy

Identity Management Initiatives in identity management and emerging standards Presented to Fondazione Ugo Bordoni Rome, Italy Identity Management Initiatives in identity management and emerging standards Presented to Fondazione Ugo Bordoni Rome, Italy November 18, 2008 Teresa Schwarzhoff Computer Security Division Information

More information

IEEE Computer Society and Certified Software Development Professional

IEEE Computer Society and Certified Software Development Professional IEEE Computer Society and Certified Software Development Professional Vision Statement...to be the leading provider of technical information, community services, and personalized services for the world

More information

The SWEBOK Initiative and Software Measurement Intentions

The SWEBOK Initiative and Software Measurement Intentions The SWEBOK Initiative and Software Measurement Intentions Abstract ALAIN ABRAN Executive Co-editor, SWEBOK Project Pierre Bourque, Robert Dupuis (Co-editors) Articulating a body of knowledge is an essential

More information

Systems and software engineering Lifecycle profiles for Very Small Entities (VSEs) Part 5-6-2:

Systems and software engineering Lifecycle profiles for Very Small Entities (VSEs) Part 5-6-2: TECHNICAL REPORT ISO/IEC TR 29110-5-6-2 First edition 2014-08-15 Systems and software engineering Lifecycle profiles for Very Small Entities (VSEs) Part 5-6-2: Systems engineering Management and engineering

More information

IEEE/EIA 12207 AS THE FOUNDATION FOR ENTERPRISE SOFTWARE PROCESSES

IEEE/EIA 12207 AS THE FOUNDATION FOR ENTERPRISE SOFTWARE PROCESSES IEEE/EIA 12207 AS THE FOUNDATION FOR ENTERPRISE SOFTWARE PROCESSES James W. Moore The MITRE Corporation 1820 Dolley Madison Blvd., W534 McLean, VA 22102, USA Work Phone: +1.703.883.7396 Fax: +1.703.883.5432

More information

ISO, CMMI and PMBOK Risk Management: a Comparative Analysis

ISO, CMMI and PMBOK Risk Management: a Comparative Analysis ISO, CMMI and PMBOK Risk Management: a Comparative Analysis Cristine Martins Gomes de Gusmão Federal University of Pernambuco / Informatics Center Hermano Perrelli de Moura Federal University of Pernambuco

More information

ISO/IEC JTC 1 Information technology. Business plan 2014

ISO/IEC JTC 1 Information technology. Business plan 2014 Information technology Business plan 2014 Our vision To be the world s leading provider of high quality, globally relevant International Standards through its members and stakeholders. Our mission ISO

More information

Capability Maturity Model Integration (CMMI SM ) Fundamentals

Capability Maturity Model Integration (CMMI SM ) Fundamentals Capability Maturity Model Integration (CMMI SM ) Fundamentals Capability Maturity Model Integration and CMMI are are service marks of Carnegie Mellon University 2008, GRafP Technologies inc. 1 What is

More information

The Emerging ISO International Standard for Certification of Software Engineering Professionals

The Emerging ISO International Standard for Certification of Software Engineering Professionals The Emerging ISO International Standard for Certification of Software Engineering Professionals Juan Garbajosa jgs at eui.upm.es Universidad Politécnica de Madrid Technical University of Madrid (Known)

More information

xxxxx Conformity assessment Requirements for third party certification auditing of environmental management systems - competence requirements

xxxxx Conformity assessment Requirements for third party certification auditing of environmental management systems - competence requirements NEW WORK ITEM PROPOSAL Date of presentation 2011-02-25 Reference number (to be given by the Secretariat) Proposer ISO/TC 207/SC 2 ISO/TC 207 / SC 2 N 251 Secretariat NEN A proposal for a new work item

More information

Software Project Management and Support - Practical Support for CMMI -SW Project Documentation: Using IEEE Software Engineering Standards

Software Project Management and Support - Practical Support for CMMI -SW Project Documentation: Using IEEE Software Engineering Standards Software Project Management and Support - Practical Support for CMMI -SW Project Documentation: Using IEEE Software Engineering Standards John Walz The Sutton Group IEEE Computer Society Standards Activities

More information

An Overview of the ANSI/ASA Standards Program

An Overview of the ANSI/ASA Standards Program An Overview of the ANSI/ASA Standards Program Christopher J. Struck a) CJS Labs - San Francisco, CA 94114 - USA Acoustical Society of America - Melville, NY 11747 - USA An overview of the standards program

More information

The Emerging ISO International Standard for Certification of Software Engineering Professionals

The Emerging ISO International Standard for Certification of Software Engineering Professionals The Emerging ISO International Standard for Certification of Software Engineering Professionals Juan Garbajosa Universidad Politécnica de Madrid - Technical University of Madrid (UPM). E.U. Informática.

More information

Treasury Board of Canada Secretariat (TBS) IT Project Manager s Handbook. Version 1.1

Treasury Board of Canada Secretariat (TBS) IT Project Manager s Handbook. Version 1.1 Treasury Board of Canada Secretariat (TBS) IT Project Manager s Handbook Version 1.1 December 12, 1997 Table of Contents Navigating the Handbook Content...1 Introduction...4 About the Handbook...9 Adaptability

More information

Project Management Professional (PMP) Examination Content Outline

Project Management Professional (PMP) Examination Content Outline Project Management Professional (PMP) Examination Content Outline Project Management Institute Project Management Professional (PMP) Examination Content Outline June 2015 Published by: Project Management

More information

Standardising the Internet of Things Is Today s System Adequate?

Standardising the Internet of Things Is Today s System Adequate? Standardising the Internet of Things Is Today s System Adequate? Kai Jakobs A Bit of Motivation The IoT represents another paradigm shift in communication initially, communication occurred between humans,

More information

ISO Strategic Plan 2011-2015. Solutions to Global Challenges

ISO Strategic Plan 2011-2015. Solutions to Global Challenges ISO Strategic Plan 2011-2015 Solutions to Global Challenges ISO the International Organization for Standardization ISO has a membership of 163* national standards bodies from countries large and small,

More information

A Report on The Capability Maturity Model

A Report on The Capability Maturity Model A Report on The Capability Maturity Model Hakan Bayraksan hxb07u 29 November 2009 G53QAT Table of Contents Introduction...2 The evolution of CMMI...3 CMM... 3 CMMI... 3 The definition of CMMI... 4 Level

More information

Capability Maturity Model Integrated (CMMI)

Capability Maturity Model Integrated (CMMI) When the Outcome Matters Capability Maturity Model Integrated (CMMI) Configuration Management Considerations Gerard Dache Gerard.dache@psgs.com 703-560-9477 Agenda SEI Overview Capability Maturity Models

More information

Information Security ISO Standards. Feb 11, 2015. Glen Bruce Director, Enterprise Risk Security & Privacy

Information Security ISO Standards. Feb 11, 2015. Glen Bruce Director, Enterprise Risk Security & Privacy Information Security ISO Standards Feb 11, 2015 Glen Bruce Director, Enterprise Risk Security & Privacy Agenda 1. Introduction Information security risks and requirements 2. Information Security Management

More information

Software Quality Assurance: VI Standards

Software Quality Assurance: VI Standards Software Quality Assurance: VI Standards Room E 3.165 Tel. 60-3321 Email: hg@upb.de Outline I Introduction II Software Life Cycle III Quality Control IV Infrastructure V Management VI Standards VII Conclusion

More information

Reviewers of proposed revision to ISO/IEC 19770 1:2006 SAM Processes. Call for feedback on draft of revised 19770 1 Tiered SAM Processes

Reviewers of proposed revision to ISO/IEC 19770 1:2006 SAM Processes. Call for feedback on draft of revised 19770 1 Tiered SAM Processes To: From: Reviewers of proposed revision to ISO/IEC 19770 1:2006 SAM ISO/IEC JTC1 SC7 WG21 Software Date: 30 November 2010 Re: Call for feedback on draft of revised 19770 1 ed SAM On 30 November 2010,

More information

Distributed and Outsourced Software Engineering. The CMMI Model. Peter Kolb. Software Engineering

Distributed and Outsourced Software Engineering. The CMMI Model. Peter Kolb. Software Engineering Distributed and Outsourced Software Engineering The CMMI Model Peter Kolb Software Engineering SEI Trademarks and Service Marks SM CMM Integration SCAMPI are service marks of Carnegie Mellon University

More information

Introduction and Overview

Introduction and Overview 1 Introduction and Overview INTRODUCTION Many companies, in their push to complete successful Level 2 Capability Maturity Model (CMM ) 1 or Capability Maturity Model Integration (CMMI ) 2 appraisals, have

More information

Software Process Maturity Model Study

Software Process Maturity Model Study IST-1999-55017 Software Process Maturity Model Study Deliverable A.3 Owner Michael Grottke Approvers Eric David Klaudia Dussa-Zieger Status Approved Date 02/07/01 Contents 1 Introduction 3 1.1 Project

More information

SC7-ISO20000 Alignment issues Aligning ITIL to existing ISO JTC1- SC7 Software Engineering Standards

SC7-ISO20000 Alignment issues Aligning ITIL to existing ISO JTC1- SC7 Software Engineering Standards SC7-ISO20000 Alignment issues Aligning ITIL to existing ISO JTC1- SC7 Software Engineering Standards Dr. A.April ETS University Table of Contents Objectives Audience Current clash An ITIL overview ISO

More information

International Standardization Activities Supporting Global Deployment of Social Infrastructure Systems

International Standardization Activities Supporting Global Deployment of Social Infrastructure Systems Hitachi Review Vol. 62 (2013), No. 7 402 International Standardization Activities Supporting Global Deployment of Social Infrastructure Systems Kiyoshi Mizukami Hisanori Mishima OVERVIEW: The scope of

More information

Software Quality Standards and. from Ontological Point of View SMEF. Konstantina Georgieva

Software Quality Standards and. from Ontological Point of View SMEF. Konstantina Georgieva SMEF 10-11 June, 2010 Software Quality Standards and Approaches from Ontological Point of View Konstantina Georgieva Otto-von-Guericke University Magdeburg Department of Computer Science, Software Engineering

More information

The Configuration Management process area involves the following:

The Configuration Management process area involves the following: CONFIGURATION MANAGEMENT A Support Process Area at Maturity Level 2 Purpose The purpose of is to establish and maintain the integrity of work products using configuration identification, configuration

More information

INTERNATIONAL STANDARD

INTERNATIONAL STANDARD INTERNATIONAL STANDARD ISO/IEC 14662 First edition Information Technologies - Open-edi reference model Technologie de l'information - Modèle de référence EDI-ouvert Reference number Page 2 Contents Foreword...

More information

The Emergence of Software Engineering Professionalism

The Emergence of Software Engineering Professionalism The Emergence of Software Engineering Professionalism The Role of Professional Societies in the Emergence of Software Engineering Professionalism in the United States and Canada Stephen B. Seidman University

More information

Engineering Standards in Support of

Engineering Standards in Support of The Application of IEEE Software and System Engineering Standards in Support of Software Process Improvement Susan K. (Kathy) Land Northrop Grumman IT Huntsville, AL susan.land@ngc.com In Other Words Using

More information

ISO/IEC 90003:2004 covers all aspects

ISO/IEC 90003:2004 covers all aspects Huge potential user base for ISO/IEC 90003 the state of the art for improving quality in software engineering ISO/IEC 90003:2004, Software engineering Guidelines for the application of ISO 9001: 2000 to

More information

Standards for the Professional Practice of Internal Auditing

Standards for the Professional Practice of Internal Auditing Standards for the Professional Practice of Internal Auditing THE INSTITUTE OF INTERNAL AUDITORS 247 Maitland Avenue Altamonte Springs, Florida 32701-4201 Copyright c 2001 by The Institute of Internal Auditors,

More information

CMMI KEY PROCESS AREAS

CMMI KEY PROCESS AREAS CMMI KEY PROCESS AREAS http://www.tutorialspoint.com/cmmi/cmmi-process-areas.htm Copyright tutorialspoint.com A Process Area is a cluster of related practices in an area that, when implemented collectively,

More information

Practical Support for ISO 900 1 Software Project Documentation

Practical Support for ISO 900 1 Software Project Documentation Practical Support for ISO 900 1 Software Project Documentation IEEE~ COMPUTER SOCIETY +IEEE Press Operating Committee Chair Roger U. Fujii, Vice President Northrop Grumman Mission Systems Editor-in-Chief

More information

V Simpósio Internacional de Recife, PE - Brasil 3-5/11/2003

V Simpósio Internacional de Recife, PE - Brasil 3-5/11/2003 ! " # $ " % & ('*)*+$, ) -. / 0. 11 2+0. / 3. 4 576 1 8 9: ; 3 9(=? @ A+B CD Prof. François Coallier ISO/IEC JTC 1/SC7 Chairman fcoallier@ele.etsmtl.ca SIMPROS 2003 EGF HJIGKLHMI What is a standard?

More information

ISA Security Compliance Institute ISASecure IACS Certification Programs

ISA Security Compliance Institute ISASecure IACS Certification Programs ISA Security Compliance Institute ISASecure IACS Certification Programs This paper describes how international industrial cybersecurity standards and complementary conformance certification programs should

More information

Quality assurance in an Agile delivery method

Quality assurance in an Agile delivery method Quality assurance in an Agile delivery method Guy Nelson (Quality Manager, Fidelity International) Barbara Roberts (Accredited DSDM Consultant) April 2006 Agenda The Challenges to Quality Assurance CMMi

More information

TS/P 247: Proposal to transform ISO/PC 251 Asset management into a TC

TS/P 247: Proposal to transform ISO/PC 251 Asset management into a TC ISO/TMB/TS/P 247 2014-10-30 TS/P 247: Proposal to transform ISO/PC 251 Asset management into a TC Dear ISO Members, Please find attached a proposal for a new field of technical activity on Asset management,

More information

Interpreting the Management Process in IEEE/EIA 12207 with the Help of PMBOK

Interpreting the Management Process in IEEE/EIA 12207 with the Help of PMBOK Interpreting the Management Process in IEEE/EIA 12207 with the Help of PMBOK Lewis Gray, Ph.D., PMP Abelia Fairfax, Virginia USA www.abelia.com Copyright 2002 by Abelia Corporation. All rights reserved

More information

An Overview of IEEE Software Engineering Standards and Knowledge Products

An Overview of IEEE Software Engineering Standards and Knowledge Products Paul R. Croll Chair, IEEE SESC Computer Sciences Corporation pcroll@csc.com An Overview of IEEE Software Engineering Standards and Knowledge Products Objectives Provide an introduction to The IEEE Software

More information

IEEE SESC Architecture Planning Group: Action Plan

IEEE SESC Architecture Planning Group: Action Plan IEEE SESC Architecture Planning Group: Action Plan Foreward The definition and application of architectural concepts is an important part of the development of software systems engineering products. The

More information

Reprisal: Types of Requirements

Reprisal: Types of Requirements Standards, d Certification and Regulations Reprisal: Types of Requirements Functional requirements: requirements that specify a function that a system or system component must be able to perform The watch

More information

SOFTWARE QUALITY & SYSTEMS ENGINEERING PROGRAM. Quality Assurance Checklist

SOFTWARE QUALITY & SYSTEMS ENGINEERING PROGRAM. Quality Assurance Checklist SOFTWARE QUALITY & SYSTEMS ENGINEERING PROGRAM Quality Assurance Checklist The following checklist is intended to provide system owners, project managers, and other information systems development and

More information

Analysis and Comparison of Project Management Standards and Guides

Analysis and Comparison of Project Management Standards and Guides Analysis and Comparison of Project Management Standards and Guides Rui XUE 1, a *, Claude Baron 1, b, Philippe ESTEBAN 1,c and Li ZHENG 1,d 1 CNRS, LAAS, 7 av. du colonel. Roche, F-31400 Toulouse, France

More information

ELE 400 Chapter 1: Introduction to Professional Practice

ELE 400 Chapter 1: Introduction to Professional Practice ELE 400 Chapter 1: Introduction to Professional Practice It is useful to begin a discussion on the subject of professional practice with a definition of the word profession. When meeting someone for the

More information

International standards on technical. documentation. documentation. International Electrotechnical Commission

International standards on technical. documentation. documentation. International Electrotechnical Commission International standards on technical documentation documentation International Electrotechnical Commission The whole life cycle of a product, system or installation needs documentation. International standards

More information

The Emergence of Software Engineering Professionalism

The Emergence of Software Engineering Professionalism The Emergence of Software Engineering Professionalism The Role of Professional Societies in the Emergence of Software Engineering Professionalism in the United States and Canada Stephen B. Seidman University

More information

Enterprise Risk Management: COSO, New COSO, ISO 31000. Review of ERM

Enterprise Risk Management: COSO, New COSO, ISO 31000. Review of ERM Enterprise Risk Management: COSO, New COSO, Dr. Hugh Van Seaton, Ed. D., CSSGB, CGMA, CPA Review of ERM COSO a process, effected by an entity's board of directors, management and other personnel, applied

More information

IA Metrics Why And How To Measure Goodness Of Information Assurance

IA Metrics Why And How To Measure Goodness Of Information Assurance IA Metrics Why And How To Measure Goodness Of Information Assurance Nadya I. Bartol PSM Users Group Conference July 2005 Agenda! IA Metrics Overview! ISO/IEC 21827 (SSE-CMM) Overview! Applying IA metrics

More information

This is a preview - click here to buy the full publication TECHNICAL REPORT INFORMATION TECHNOLOGY HOME ELECTRONIC SYSTEM (HES) APPLICATION MODEL

This is a preview - click here to buy the full publication TECHNICAL REPORT INFORMATION TECHNOLOGY HOME ELECTRONIC SYSTEM (HES) APPLICATION MODEL TECHNICAL REPORT ISO/IEC TR 15067-4 First edition 2001-06 INFORMATION TECHNOLOGY HOME ELECTRONIC SYSTEM (HES) APPLICATION MODEL Part 4: Security system for HES ISO/IEC 2001 All rights reserved. Unless

More information

Process Improvement -CMMI. Xin Feng

Process Improvement -CMMI. Xin Feng Process Improvement -CMMI Xin Feng Objectives History CMMI Why CMMI CMMI representations 4/11/2011 Software Engineering 2 Process Improvement Achieve both qualityand productivity ( 生 产 力 ) It is not necessary

More information

ISO/TMB/JTCG N 359. N0359 JTCG FAQ to support Annex SL. Document type: Other committee document. Date of document: 2013-12-03.

ISO/TMB/JTCG N 359. N0359 JTCG FAQ to support Annex SL. Document type: Other committee document. Date of document: 2013-12-03. ISO/TMB/JTCG N 359 ISO/TMB/JTCG Joint technical Coordination Group on MSS (TAG 13) Email of secretary: Convenorship: N0359 JTCG FAQ to support Annex SL Document type: Other committee document Date of document:

More information

ASAE s Job Task Analysis Strategic Level Competencies

ASAE s Job Task Analysis Strategic Level Competencies ASAE s Job Task Analysis Strategic Level Competencies During 2013, ASAE funded an extensive, psychometrically valid study to document the competencies essential to the practice of association management

More information

SW Process Improvement and CMMI. Dr. Kanchit Malaivongs Authorized SCAMPI Lead Appraisor Authorized CMMI Instructor

SW Process Improvement and CMMI. Dr. Kanchit Malaivongs Authorized SCAMPI Lead Appraisor Authorized CMMI Instructor SW Process Improvement and CMMI Dr. Kanchit Malaivongs Authorized SCAMPI Lead Appraisor Authorized CMMI Instructor Topics of Presentation Why improvement? What is CMMI? Process Areas and Practices in CMMI

More information

ANSI Healthcare Informatics Board (HISB)

ANSI Healthcare Informatics Board (HISB) ANSI Healthcare Informatics Board (HISB) Update to the National Committee on Vital and Health Statistics (NCVHS) Presented by Robert L. Owens June 30, 2005 1 ANSI and the Voluntary Consensus Standards

More information

NEW MEXICO ECONOMIC DEVELOPMENT DEPARTMENT STATE EXPENDITURES FOR BUSINESS INCUBATORS ACT REQUEST FOR INCUBATOR CERTIFICATION

NEW MEXICO ECONOMIC DEVELOPMENT DEPARTMENT STATE EXPENDITURES FOR BUSINESS INCUBATORS ACT REQUEST FOR INCUBATOR CERTIFICATION NEW MEXICO ECONOMIC DEVELOPMENT DEPARTMENT STATE EXPENDITURES FOR BUSINESS INCUBATORS ACT REQUEST FOR INCUBATOR CERTIFICATION 1. Requesting Agency: 2. Address: 3. Phone: Fax: Email: 4. Type of entity:

More information

This document is a preview generated by EVS

This document is a preview generated by EVS INTERNATIONAL STANDARD ISO 22004 First edition 2014-09-01 Food safety management systems Guidance on the application of ISO 22000 Systèmes de management de la sécurité des denrées alimentaires Recommandations

More information

Competency Requirements for Executive Director Candidates

Competency Requirements for Executive Director Candidates Competency Requirements for Executive Director Candidates There are nine (9) domains of competency for association executives, based on research conducted by the American Society for Association Executives

More information

CMS Policy for Capability Maturity Model Integration (CMMI)

CMS Policy for Capability Maturity Model Integration (CMMI) Chief Information Officer Office of Information Services Centers for Medicare & Medicaid Services CMS Policy for Capability Maturity Model Integration (CMMI) December 2006 Document Number: CMS-CIO-POL-CMMI01-01

More information

Version: January 2008 ASTM E-31: EHR and Informatics Standards Education For Health Professional Disciplines. Background

Version: January 2008 ASTM E-31: EHR and Informatics Standards Education For Health Professional Disciplines. Background Version: January 2008 ASTM E-31: EHR and Informatics Standards Education For Health Professional Disciplines Background Work on standards for the EHR in the context of all such standards for the Health

More information

Optimizing Organizational Measurement and Analysis ROI for Small Diverse Projects. Susanna Schwab July 2007

Optimizing Organizational Measurement and Analysis ROI for Small Diverse Projects. Susanna Schwab July 2007 Optimizing Organizational Measurement and Analysis ROI for Small Diverse Projects Susanna Schwab July 2007 Introduction EITS Measurement Program Objective: Define and deploy an integrated cost effective

More information

Software and IT Asset Management Standards: Benefits for Organizations and Individuals

Software and IT Asset Management Standards: Benefits for Organizations and Individuals Note: This article first appeared in ITAK, the journal of the International Association of IT Asset Managers see www.iaitam.org. The author is David Bicket, Convener of ISO/IEC JTC1 SC7 WG21. The views

More information

Evaluation and Integration of Risk Management in CMMI and ISO/IEC 15504

Evaluation and Integration of Risk Management in CMMI and ISO/IEC 15504 Evaluation and Integration of Risk Management in CMMI and ISO/IEC 15504 Dipak Surie, Email : ens03dse@cs.umu.se Computing Science Department Umea University, Umea, Sweden Abstract. During software development,

More information

Project Management Professional (PMP) Examination Content Outline

Project Management Professional (PMP) Examination Content Outline Project Management Professional (PMP) Examination Content Outline Project Management Institute Project Management Professional (PMP ) Examination Content Outline Revised August 2011 Published by: Project

More information

1918-2008 ANSI: A HISTORICAL OVERVIEW

1918-2008 ANSI: A HISTORICAL OVERVIEW 1918-2008 ANSI: A HISTORICAL OVERVIEW 1918-2008 ANSI: A HISTORICAL OVERVIEW The history of the American National Standards Institute (ANSI) and the U.S. voluntary standards system is dynamic and evocative

More information

Can Complement PMBOK and Your PMP

Can Complement PMBOK and Your PMP How PRINCE2 Can Complement PMBOK and Your PMP JAY M. SIEGELAUB PMI/ Westchester Chapter January 8, 2004 What is PRINCE2? PROJECTS IN CONTROLLED ENVIRONMENTS! Registered trademark! UK Government recognized

More information

ISO/IEC/IEEE 29119 The New International Software Testing Standards

ISO/IEC/IEEE 29119 The New International Software Testing Standards ISO/IEC/IEEE 29119 The New International Software Testing Standards Stuart Reid Testing Solutions Group 117 Houndsditch London EC3 UK Tel: 0207 469 1500 Fax: 0207 623 8459 www.testing-solutions.com 1 Stuart

More information

Small tech firms. Seizing the benefits of software and systems engineering standards

Small tech firms. Seizing the benefits of software and systems engineering standards Small tech firms Seizing the benefits of software systems engineering stards by Claude Y. Laporte, Norm Séguin, Gisele Villas Boas Sanyakorn Buasung The ability of organizations to compete, adapt, survive

More information

Frameworks for IT Management

Frameworks for IT Management Frameworks for IT Copyright protected. Use is for Single Users only via a VHP Approved License. For information and printed versions please see www.vanharen.net 7 CMMI Capability Maturity Model Integration

More information

Mapping A Knowledge Areas of The SWEBOK Standard With The CBOK in Software Engineering Field Using A Set Theory

Mapping A Knowledge Areas of The SWEBOK Standard With The CBOK in Software Engineering Field Using A Set Theory Advances in and s Mapping A Knowledge Areas of The Standard With The in Field Using A Set Theory Kenza Meridji Department of Petra University kmeridji@uop.edu.jo Abstract The purpose of this paper is to

More information

The SWEBOK Guide A Curriculum Analysis Tool

The SWEBOK Guide A Curriculum Analysis Tool The SWEBOK Guide A Curriculum Analysis Tool SWEBOK ÉTS Le Guide SWEBOK Un outil d analyse de cursus Pierre Bourque ICSSEA 2005 Paris, France 30 November 2005 Corporate Support by: Project managed by: 2

More information

Lecture 8 About Quality and Quality Management Systems

Lecture 8 About Quality and Quality Management Systems Lecture 8 About Quality and Quality Management Systems Kari Systä 10.03.2014 10.03.2014 TIE-21100/21106; K.Systä 1 Content of today s lecture Two weeks ago we discussed about testing and inspections, that

More information