Archive for the ‘ISO’ Category

Tailoring Vs Waivers / Exceptions

April 13, 2011 2 comments
S.No Tailoring Exceptions / Waivers


Accounting of an SDLC activity in an alternate method. Justification and approval for required SDLC activities to not be performed on a project.


Allows the standard guidelines to be modified to fit the need of the individual project.

 Provides flexibility in standard processes.

A formal exemption from the specific activities beyond standard guidelines.

Allow software development processes to be adapted to meet the needs of individual projects.


Example of Process tailoring

Project request document is not documented in the standard SDLC template, instead documented in project inventory repository or part of the scope document.

Example of process waivers

 Unit test plans and cases will not be documented for the project. Team accepts the risk of not documenting the test plans and cases.


Mapping SCRUM Methodology with ISO 9001:2008 standard

September 3, 2010 7 comments

There is always a question in the forum, is it SCRUM methodology practices can be mapped to ISO 9001:2000 standard. The answer to the question is yes, we can. The mapping of the SCRUM Methodology to ISO 9001:2008 is as below (please correct me if am wrong in the mapping):

Role Duties Artifacts ISO 9001:2008
Product Owner Sprint Planning

Sprint Review

Product Backlog

User stories

Clauses: 4.2.3, 4.2.4, 5.2, 7.1, 7.2, 8.3, 8.5.2 & 8.5.3
SCRUM Master Sprint Planning

Daily Standup Meeting

Sprint Review

Retrospective Meeting

Sprint Backlog

Burn-down Chart

Clauses: 4.2.3, 4.2.4, 5.5.1 5.5.3, 7.1, 7.3.5, 8.2.1, 8.2.3,8.2.4,  8.3, 8.4 & 8.5
SCRUM Team Sprint Planning

Daily Standup Meeting

Sprint Review

Retrospective Meeting

Sprint Backlog

Burn-Down Chart

Clauses: 4.2.3, 4.2.4, 5.5.3, 7.1, 7.3, 8.2.1, 8.2.3, 8.2.4, 8.3, 8.4, 8.5.2 & 8.5.3

Establishment of QMS or ISMS or integration of both at your budget

May 23, 2010 Leave a comment

Dear friends,

Hereby we are happy to say that we happy to help you in establish the Quality Management System or Information Security Management System or integration of both.

We can help you to define, implement and assessment of the process at your budget. We do for small and middle firms, around the globe.

We have experts in traditional methodology as well as Agile in align with ISO and CMMI standards.

Approach us for your queries to

Audit Vs Assessment

January 10, 2010 Leave a comment

Audit Vs Assessment

S.No Audit Assessment
1 To verify the conformance of an entity to a given standard. It consists in gathering evidence of conformance or nonconformance. Evaluates the efficiency and/or effectiveness of an entity and results in a measure of its performance with regard to the scope of the assessment.
2 Verification and inspection are synonyms of audit. Appraisal and evaluation are synonyms of assessment.
3 An audit might explicitly point at specific people or groups of people as the cause for noncompliance (attribution). An assessment does not evaluate individuals (non-attribution). Of course, the result of an assessment might still be used to infer responsibility for failure or low scores
4 Example of audit: Verify all the practices established in the organization is followed or not. Example of assessment: Evaluate the CMMI level of an entity.
5 An audit results in a success or a failure An assessment usually provides a score that does not express success or failure

Implementation of QMS (Part4)

October 3, 2009 Leave a comment

Learn From Others & Share Your Experiences

As it was trail or test ride, implement the same across the organization at full fledge, since the procedures / process is matured one now. For implementation of the procedures / process to the full fledge the existing team which is already had used, need to spend time to share their experience with others and help them to get learned.

Quality is a team work rather than individual one.

Implementation of QMS (Part3)

October 3, 2009 Leave a comment

Have periodic reviews and Audit Trails

Before go for the audit, let have some pre-audits in terms of SQA reviews. Identify couple of resources of different teams to take up audit. Train them to the level of internal auditor and prepare a checklist for the reviews. This may help the organization to know the performance of the QMS as well the gaps in the QMS. Consolidate the SQA review report and send for analysis to the subject expert. If the identified gaps are addressed as risk in the procedures then rise PCR (Process Change Request) and make changes according as the direction of CCB ( Change Control Board). By this way the established procedures get maturity.

On maturity of the procedures, plan for audit. Have a deep discussion and identify the gaps in the practice (ground) and procedure (theory). Again consolidated it and review the same. If the identified gaps are risk then address them at high priority. Since it’s a continual process improvement, address the same with enthusiasm rather frustration.

Implementation of QMS (Part2)

October 3, 2009 Leave a comment

Define, establish and implement procedures

On avail of policy and objectives, define procedures across the organization. Procedures are nothing but the systematic way of doing something. As said it’s systematic, so rather you define the procedures / process allow the team who is going to work on to define. On definition of the process / procedures by the team, identify the gaps and analysis the same with the quality standards or models (ISO, CMMI & etc). Prepare review comments and go for discussion, so that procedures / Process get tuned. Once it’s been accepted on either side (You & team), incorporated the review comments with the existing procedures.

 On establishment of procedures we need to implement the same across the organization on different projects. For implementation, select one or more projects for the test ride. Once the projects are been selected, prepare a plan for the training to the required resources, so that they may effectively use the QMS. Allow the team to use the QMS for while with the plan stating that met up somewhere after three or fours months later for audit trail.