Page 246 -
P. 246
CHAPTER 8 SOFTWARE QUALITY ASSURANCE 217
[ANS87]. Quality assurance systems are created to help organizations ensure their
products and services satisfy customer expectations by meeting their specifications.
These systems cover a wide variety of activities encompassing a product’s entire life
cycle including planning, controlling, measuring, testing and reporting, and improv-
ing quality levels throughout the development and manufacturing process. ISO 9000
describes quality assurance elements in generic terms that can be applied to any busi-
ness regardless of the products or services offered.
The ISO 9000 standards have been adopted by many countries including all mem-
WebRef bers of the European Community, Canada, Mexico, the United States, Australia, New
Extensive links to ISO Zealand, and the Pacific Rim. Countries in Latin and South America have also shown
9000/9001 resources interest in the standards.
can be found at
www.tantara.ab. After adopting the standards, a country typically permits only ISO registered com-
ca/iso_list.htm panies to supply goods and services to government agencies and public utilities.
Telecommunication equipment and medical devices are examples of product cate-
gories that must be supplied by ISO registered companies. In turn, manufacturers of
these products often require their suppliers to become registered. Private companies
such as automobile and computer manufacturers frequently require their suppliers
to be ISO registered as well.
To become registered to one of the quality assurance system models contained in
ISO 9000, a company’s quality system and operations are scrutinized by third party
auditors for compliance to the standard and for effective operation. Upon successful
registration, a company is issued a certificate from a registration body represented
by the auditors. Semi-annual surveillance audits ensure continued compliance to the
standard.
8.10.1 The ISO Approach to Quality Assurance Systems
The ISO 9000 quality assurance models treat an enterprise as a network of inter-
connected processes. For a quality system to be ISO compliant, these processes must
address the areas identified in the standard and must be documented and practiced
as described.
ISO 9000 describes the elements of a quality assurance system in general terms.
These elements include the organizational structure, procedures, processes, and
ISO 9000 describes
what must be done to resources needed to implement quality planning, quality control, quality assurance,
be compliant, but it and quality improvement. However, ISO 9000 does not describe how an organiza-
does not describe how tion should implement these quality system elements. Consequently, the challenge
it must be done.
lies in designing and implementing a quality assurance system that meets the stan-
dard and fits the company’s products, services, and culture.
8.10.2 The ISO 9001 Standard
ISO 9001 is the quality assurance standard that applies to software engineering. The
standard contains 20 requirements that must be present for an effective quality assur-
ance system. Because the ISO 9001 standard is applicable to all engineering
