ISO 9001:2000: Achieving Compliance and Continuous Improvement in Software Development Companies

This book interprets the generic ISO 9000: 2000 requirements for the software development industry. It also provides detailed guidance on how a software development organization can plan and implement the ISO 9000 project from inception to the selection of the registrar, preparation for the audit and how to manage the audit. These interpretations and guidance are based on ISO 9003 guideline document provided by ISO.

Vivek (Vic) Nanda, who has extensive experience in the software industry, has led the successful implementation of ISO 9000 in a number of companies including Ericsson is a Certified Software Quality Engineer and a trained ISO 9000 Lead Auditor.

This book comprises ten chapters and four appendices. Chapter 1 introduces the ISO 9000, its chief benefits, and the key terms are also defined in this chapter. Chapter 2 is devoted to describing and discussing the key changes from ISO 9001:1994 to ISO 9001:2000, especially, the shift to process management, increased emphasis placed on management commitment, customer satisfaction and continual improvement, measurement driven performance improvement, and revised document requirements.

Implementation strategy forms the topic of chapter 3. The three essential prerequisites for implementing a quality management system (QMS) are first described and then a detailed guidance on planning and managing an implementation project is provided. The prerequisites covered are management commitment, the selection of a management representative for defining, deploying, monitoring and continuously improving the organization's ISO 9000‐compliant QMS, and the implementation planning using project goals based on SMART (specific, measurable, acceptable, realistic, and time‐bound) criteria. Cost and time involved in implementation are also given in some detail.

Chapters 4 to 8 deal with what the standard's requirement are based on ISO 90003: 2004 Software Engineering – Guidelines for the Application of ISO 9001:2000 to Computer Software. General and documentation requirements are covered in chapter4. The following four chapters deal respectively with clauses pertaining to management responsibility requirements, resource (including human resources) management requirements, product realization (from planning to design and development, purchasing, and control of measuring and monitoring devices) and measurement, analysis and improvement requirements.

Chapter 9 provides a detailed insight into the overall registration process: preparing for the audit, selecting a registrar, the registration process itself, and tips for ensuring the smooth completion of the audit. The concluding chapter is very short (a page and a half) and is titled “Beyond registration”.

Outlines of process‐based and ISO 9001:2000‐based quality manual outlines are given in Appendix A. Sample QMS documentation and typical questions raised by auditors for each of the standard's requirements clauses covered in the previous chapters are included in Appendices B and C. Acronyms used in the book are described in Appendix D.

The CD‐ROM accompanying the book includes an outline of a quality manual, sample templates and forms, sample audit questions, and a list of acronyms.

This book helps to understand what ISO 9001:2000 requirements are and can be used both to improve the quality of work of software engineers, and, if certification to the requirements is desired, how to comply with the standard.