As per this clause of ISO 9001:2008, there shall be Quality Management System addressing all aspects of the software development including support activities. The Quality management system of software producing organization should define and manage tasks related to the following processes:
The SQA / Internal audits should be planned very carefully to check or verify all of the software engineering, management, quality assurance processes and all of their products. The most common management processes would include project management process, status reporting, configuration management etc.
Defects are primarly classified into Product Defects and Process Defects:
Product Defects: Product Defects are the defects that are introduced and detected during the various stages of software development life cycle. While the defects get introduced during the various activities of the phase, the detection occurs during reviews and various types of testing efforts.
Date: 21-July-09
Location: Pune
Education & Experience: Any Graduate with 4-6 years of experience
Position: Asst Manager- Quality (Black Belt)
This control is related to Management.
Nothing is constant in this world. The environment, vulnerabilities and business models are continuously changing. So, it becomes important to continually review the information security policy.
This control is related to Management and Operations.
The management should provide support and a clear policy direction across the organization in the form of a written business document for information security. Management must communicate information security policy to all employees and relevant parties including consultants, contractors, vendors, business partners etc.
Family of ISO 9000 Standards:
1. ISO 9001: Quality Systems – Model for Quality assurance in design, development, production, installation and servicing. The requirement standard to use for assessment / certification and covers activities including design / development of the products/services, production, installation and servicing.