You are here

Quality Assurance

19 January, 2016 - 12:35

Project management frameworks apply to any project. To ensure that Information Systems will meet the needs of customers, projects involving the creation or modification of Information Systems must include elements that specifically address the quality of the system being developed. Quality assurance (QA) addresses the prevention and detection of errors, especially defects in software that may occur during the system development process. By focusing on the procedures employed during the systems development process, QA activities are directed at preventing errors that may occur. QA activities are also directed at testing developed systems to eliminate defects—to ensure that they meet the users’ requirements—before systems are implemented. Two prominent sources of guidance for QA are ISO 9000-3 and the Capability Maturity Model (CMM) developed by the Software Engineering Institute (SEI) at Carnegie Mellon University.

Table 6.4 Project Management Elements
  • User participation in defining and authorizing the project.
  • Assignment of appropriate staff to the project and definition of their responsibilities and authorities.
  • A clear written statement of project nature and scope.
  • A feasibility study that is the basis for senior management approval to proceed with the project.
  • A project master plan, including realistic time and cost estimates, for control of the project.
  • A risk management program to identify and manage risks associated with each project.
  • Division of the project into manageable pieces—often called phases.
  • Approval of work accomplished in one phase before working on the next phase.
  • Integration of the systems development life cycle (SDLC) methodology, the quality assurance plan, and the project master plan.

ISO 9000-3

ISO 9000-3 is a set of standards developed by The International Organization for Standards (ISO), that describe what an organization must do to manage their software development processes. The assumption, as with all ISO standards, is that if the ISO 9000-3 standards are followed, the development process will produce a “quality” software “product.” ISO defines a quality product as one that conforms to customer requirements. Notice that the ISO concepts of quality “products” and “processes” parallel our two systems development objectives. Table 6.5 contains examples of the ISO 9000-3 standards. Review those examples and identify the elements that are common among project management, a systems development methodology, and the ISO standards.

Capability Maturity Model

The Capability Maturity Model® for Software(SW-CMM) is a model that helps organizations evaluate the effectiveness of their software development processes and identifies the key practices that are required to increase the maturity of those processes. Table 6.6 describes the five SW-CMM maturity levels and the key principles and practices for each. Notice, for example, that project management is a key indicator that an organization has attained level 2. The Software Engineering Institute believes that predictability, effectiveness, and control of an organization’s software processes improve as the organization moves up the five levels. However, moving from level 1 to level 2 may take an organization 2 years or more. Moving from level 2 to 3 may take another 2 years.

Review Question

What are the five maturity levels of the Capability Maturity Model (CMM)?


A recent study found that achievement of a Level 3 SW-CMM maturity by an organization, along with the implementation of a structured systems development methodology, contributes to the quality and cost-effectiveness of the software development process. In fact, there was significant improvement on 11 of 14 measures after Level 3 was attained. Improvements included communication and teamwork, lower maintenance costs, and lower levels of system defects. 1

Table 6.5 Sample Elements from the ISO 9000-3 Guidelines
  • Develop quality plans to control all software development projects.
  • Make sure that you and your software customer agree on how products will be accepted, how customers participate, how users will be trained, and how changes in requirements will be handled.
  • Prepare a software development plan that includes project: definition, objectives, schedule, inputs, outputs, risks, assumptions, and control strategies.
  • Verify software design outputs by performing design reviews, demonstration, and tests.
  • Develop procedures to control software replication, release, and installation.
  • Perform software validation and acceptance tests.
  • Develop procedures to control your software maintenance.

Source: Adapted from “ISO 9000-3 1997 Guidelines in Plain English: Guidelines for Applying the ISO 9001 1994 Computer Software,” Praxiom Research Group Limited, (November 30, 2001).

Table 6.6 The Five Maturity Levels of the Capability Maturity Model (CMM)
  1. Initial. The software process is characterized as ad hoc, and occasionally even chaotic. Few processes are defined, and success depends on individual effort and heroics.
  2. Repeatable. Basic project management processes are established to track cost, schedule, and functionality. The necessary process discipline is in place to repeat earlier successes on projects with similar applications.
  3. Defined. The software process for both management and engineering activities is documented, standardized, and integrated into a standard software process for the organization. All projects use an approved, tailored version of the organization’s standard software process for developing and maintaining software.
  4. Managed. Detailed measures of the software process and product quality are collected. Both the software process and products are quantitatively understood and controlled.
  5. Optimizing. Continuous process improvement is enabled by quantitative feedback from the process and from piloting innovative ideas and technologies.

Source: “Capability Maturity Model (SW-CMM) for Software,” Carnegie Mellon Software Engineering Institute, (May 11, 2001).