What, Why and how? Transition to TickITplus... Welcome and Introduction
|
|
- Domenic Park
- 6 years ago
- Views:
Transcription
1 Transition to TickITplus... What, Why and how? Welcome and Introduction Peter Lawrence MSc FBCS CITP FCQI CQP Chairman Joint TickIT Industry Steering Committee
2 Agenda Morning Welcome and benefits of TickITplus Overview and components Benefits from using the Business Process Library (BPL) Constructing your Process Reference Model (PRM) Break and Refreshments The Assessment Coverage Index (ACI)... Levelling the playing field Assessor and practitioners Lunch. Peter Lawrence JTISC Chairman David Wynn Lead TickITplus Capability Assessor David Wynn
3 Agenda Afternoon How to transition from TickIT to TickITplus using the Core Scheme Requirements (CSR) TickITplus case studies reflecting on experiences implementing TickITplus and lessons learnt: Nexor Ltd Irene Dovey IPL Information Processing Ltd Graham Gee Logica UK Ltd Bill Martin Break and Refreshments Finish. Question and Answers Session Summary and Close Phil Willoughby LRQA s ICT Technical Manager TickITplus panel Phil Willoughby
4 Transition to TickITplus... What, Why and how? Welcome and benefits of TickITplus Peter Lawrence MSc FBCS CITP FCQI CQP Chairman Joint TickIT Industry Steering Committee
5 TickIT Framework Established in 1992 to address growing concerns in the UK for the supply of dependable software and IT systems Specifies best practice, along with requirements for the formal qualification of ISO 9001 assessors within the IT sector Has been through five revisions, but is not perceived to have kept pace with the changes in the IT industry in particular the growing focus on services over software New approach to broaden appeal provide an integrated assessment framework regain lost credibility and customer confidence re-vitalise and re-energise auditors.
6 TickITplus Drivers Critical dependency on IT systems Changing IT landscape Emerging (converging) standards ISO (ITIL/Service Management) ISO (Security Risk Management) ISO (Software Lifecycle) ISO (System Lifecycle) Demand for a graded approach (ISO 15504, SPICE) Flexibility and graded costs Differentiation and competitive advantage.
7 TickITplus Enhancements Built on multiple international standards UKAS accredited Third party verified Straightforward migration Up-to-date and competent assessors Focuses on outcomes and business drivers Promotes positive and cooperative relationships with certification body (CB) Encourages systematic and ongoing improvement Provides a benchmarking framework.
8 Do We Need Quality? The project successfully rejected the established constricting and negative influences or prescriptive engineering, onerous quality requirements and outdated concepts of inspection and client control Petrobras 2001 (loss in excess $500M)
9 Where assessment and certification programmes fail? Lack of sponsorship and ownership from senior leaders Insufficient link to business goals and objectives Questionable business benefits Trophy hunting Spiralling costs with no returns Constrained by the standards and reference models It s all very well you bringing up these certification issues, but we ve got to deal with real business problems here EMEA Service Exec (during Services Board Meeting).
10 What are the Ingredients for Success? The CEO and top leadership is actively involved and committed The programme is linked to defined strategic goals Changes and improvements are linked to clear financial payback Don t adopt an off the shelf solution Customer focus is critical Fortune Magazine.
11 Summary TickITplus Principles From Conformance to Performance Conformance Processes are repeatable, but performance is poor ACTION Drive systematic improvement in the core process Processes are chaotic and out of control with poor and unpredictable performance with high cost of quality ACTION Apply Standard Process and robust Quality Assurance Processes are repeatable and yield consistently good performance with high productivity ACTION Drive continual improvement in the core process Results are good but processes are non-standard with sub-optimisation and poor leverage ACTION Identify best practices and apply to standard processes Performance To achieve excellence an organisation must standardise processes and drive improvement
12 ... cont TickITplus Principles FOUNDATION (Conformance) Establish standard processes across the organisation Integrated Management System (ex.qms) Continual Improvement Conformance Performance VISION (Performance) Characterise underlying performance and drive systematic improvement ENTRY Policy and working practices are formally documented BRONZE Processes are systematic and deployed with a managed framework SILVER Processes are measured and a baseline of repeatable performance is established GOLD Process Improvements are implemented through quantitative evaluations PLATINUM Processes are continuously improved Continual improvement achieved through standardization and active assessment
13 The Clock is Ticking... Existing TickIT approvals will expire by the end of 2014
14 Transition to TickITplus... What, Why and how? TickITplus Overview Dave Wynn Ceng BSc MBCS Lead TickITplus Capability Assessor Omniprove Ltd
15 Topics Overview and components Benefits from using the Base Process Library Constructing your Process Reference Model The Process Assessment Model The Assessment Coverage Index Levelling the playing field Assessors and Practitioners
16 So why TickITplus? Background TickIT was introduced in over 20 years ago Emphasis on process capabilities and improvement Today It was aimed primarily at software development The IT sector is now much more diverse It provided only guidance Organisations value clearly specified requirements Linked to ISO 9001 it provided only a pass/fail result Desire for better differentials in supplier selection.
17 Key Benefits For organisations: Encourage and promote continuous improvements Support process development to meet business needs Institutionalise good processes and practices Reduce business risk as capability increases Reduce assessment disruption Involving organisational staff in assessments For customers: Provide better criteria for supplier selection purposes Offer clear indications of suppliers process capabilities Allow better risk management For assessment organisations: Provide a clear, well defined structure for conduction assessments with consistent and repeatable results.
18 Key Differences and Changes Process orientated, using primarily ISO/IEC 12207:2007 FDIS (software lifecycle processes) ISO/IEC 15288:2007 FDIS (system life cycle processes) Process capability based on ISO/IEC :2003 Extended standards coverage Formal improvements required Changed from guidance to requirements based scheme Active organisational participation in assessments 3 key components Base Process Library (BPL) Process Reference Model (PRM) Process Assessment Model (PAM).
19 Process Capability Assessments Conducted to gain an appreciation of organisations processes against a defined measurement framework Characterises current practices in terms of the capability of the processes Examines processes to determine the effectiveness in achieving their goals (outcomes) Drives process improvements Using ISO part 2. leads to Process Improvement Process Assessment invokes motivates leads to Process Capability Determination
20 15504 Capability Dimension Level 5: Optimising Level 4: Predictable Platinum Gold The Measurement Framework Capability Level Process Attributes Rating Scale Level 3: Established Level 2: Managed Level 1: Performed Silver Level 0: Incomplete Bronze Foundation
21 Capability Dimension Level 0: Incomplete The process is not implemented or fails to achieve it Purpose Level 1: Performed The implemented process achieves its process purpose Level 2: Managed Level 3: Established The performed process is implemented in a managed fashion and its work products are appropriately established, controlled and maintained The managed process is now implemented using a defined process capable of achieving its process outcomes Level 4: Predictable The established process now operates within defined limits to achieve its process outcomes Level 5: Optimising The predictable process is continuously improved to meet relevant current project and business goals.
22 Capability Dimension Process Attributes & Generic Practices Level 2 Level 2: Managed PA 2.1 Performance management attribute: a) Objectives established b) Planned and monitored c) Adjusted to meet plans The performed process is implemented in a managed fashion and its work products are appropriately established, controlled and maintained d) Responsibilities and authorities defined, assigned and communicated e) Resources and information are identified, made available, allocated and used f) Interfaces between involved parties are managed.
23 Capability Dimension Process Attributes & Generic Practices Level 2 Level 2: Managed The performed process is implemented in a managed fashion and its work products are appropriately established, controlled and maintained PA 2.2 Work product management attribute: a) Requirements defined b) Requirements for documentation and control c) Appropriately identified, documented and controlled d) Reviewed in accordance with planned arrangements and adjusted as necessary.
24 Scheme Stakeholders Joint TickIT Industry Steering Committee (JTISC) Overall scheme control and direction Scheme Office Management Website Management General Administration Registration of Assessors and Practitioners Registration of Training Course Providers Provision of Examinations Standardisation, international harmonisation, certification, accreditation and general public interest requirements IT industry commercial requirements Accreditation of Certification Bodies for TickITplus Slide 24
25 Revised Documentation Requirements & Implementation Specification Outline Technical Specification TickITplus Project Documentation Administration Design Specification Technical Design Specification Assessor & Practitioner Qualification Criteria Training Course & Examination Criteria Delivering Quality in IT TickITplus Core Scheme Requirements TickITplus Base Process Library TickITplus Process Guidance TickITplus Requirements for Assessors and Practitioners TickITplus Requirements for Training and Examinations TickITplus Kick Start Guide TickITplus Scheme Documentation TickITplus Implementation Guidance Slide 25
26 Requirements Based Scheme ISO/IEC Service Management ISO 9001 Mandatory for Certification TickITplus Processes ISO/IEC Information Security Others Others Scope Reference Standards IEC System Safety BS Business Continuity Slide 26
27 Practitioners Important part of the TickITplus scheme Would typically manage the PRM implementation Drive organisational improvements using TickITplus concepts Covered by recognised training and qualification paths similar to the Assessor route Essential to running effective external assessments Can lead and be a team member on internal assessments Only team member on external assessments but require recognised internal auditor qualification Will have their qualifications and possible conflicts of interest assessed by external team lead Can transition to Assessor with required auditor prerequisites that satisfy national Accreditation Bodies Foundation training is available from LRQA and ITG.
28 Grade Qualifications Foundation Quality and IT Skills and Experience Min 5 years (or 4 with IT related degree) in IT related work Min 2 years quality related work Education and Professional Recognised national certificate in Secondary Education at primary level or above Recognised national certificate in an IT related subject at diploma level or above Recognised national quality Lead Auditor registration Assessor CPD Hours Min 25 CPD hours over last 2 years TickITplus qualifications Completion of the TickITplus Foundation Course and examination pass IT Skills Profile (BPL/SFIA) General level 4 across specialist profile (self declared) Level 5 on specialist profile as Lead Qualifying TickITplus Audits Foundation Assessments only None required for Team Member only 5 Assessment Credits and at least 1 assessment as Lead under supervision. (Exemptions for transferring TickIT Auditors) Quality and IT Skills and Experience Min 5 years (or 4 with IT related degree) in IT related work Min 2 years quality related work Education and Professional Recognised national certificate in Secondary Education at primary level or above Recognised national certificate in an IT related subject at diploma level or above Audit experience Recognised national Auditor registration (IRCA or equivalent) to be on an external assessment Practitioner CPD Hours Min 25 CPD hours over last 2 years TickITplus qualifications Completion of the TickITplus Foundation course and examination pass IT Skills Profile (BPL/SFIA) General level 3 across specialist profile (self declared) Level 5 on specialist profile as Internal Lead or External Member Qualifying TickITplus Audits Foundation Internal Assessments None required for Team Member or Lead Foundation External Assessments None required for Team Member
29 Key Components Base Process Library (BPL) Process Reference Model (PRM) Process Assessment Model (PAM)
30 BPL Overview It is maintained by JTISC It provides a set of all IT and IT related Processes It describes processes in terms of purpose, outcomes, base practices and work products Base Process Library (BPL) It defines the Scope Profiles and mappings between processes and requirements and reference standards It is used to create Process Reference Models.
31 TickITplus Processes TYPE A PROCESSES Human Resource Management Management Framework Corporate Management & Legal Infrastructure & Work Environment Management Improvement Measurement & Analysis Customer Focus Risk Management Data and Record Management TYPE M PROCESSES Quantitative Performance Management Quantitative Process Improvement Mandated at Gold and Platinum Level SCOPE DEPENDENT TYPE B/C PROCESSES Capacity Management Integration Management Verification Validation Operations Management Maintenance Management Disposal Requirements Analysis Stakeholder Requirements Definition Service Level Management Transition & Release Management Architecture Design Organisational Processes Technical Processes Development Implementation Continuity, Availability & Contingency Management Acquisition & Contracts Management Supply Management & Business Relationships Lifecycle Model Management Project Portfolio Management Resource Management Security Management Maturity Processes Agreement Processes Domain Engineering Asset and Program Management Project Management Configuration & Change Management Decision Management Information Management Problem & Incident Management IT Finance Management Management Reporting Project Processes IT Specific Processes
32 What is a Process? Controls Inputs Process Outputs Resources Outcomes S2 0800DP
33 Example BPL Process Risk Management Process ID ORG.8 Process Name Risk Management Process Category Organisational Processes Type A Process Purpose To avoid or mitigate potential future events that could adversely affect reaching business objectives Version v1r1 Process Outcomes Process Base Practice Input Work Products Risks are managed and business objectives are not adversely affected by unexpected conditions or events. ORG.8.BP.1 Define Risk Management Procedure The organisation s approach for managing risk is defined, reviewed, documented and controlled within the Integrated Management System (IMS). Output Work Products ISO 9001 Risk Management Procedure b) ISO c) ISO ORG.8.BP.2 Establish Risk Management Plan Risk management plans are defined for use by the organisation. This risk management plan includes the approach to be taken, roles and responsibilities, timescales and thresholds for triggering action. Business Plan Stakeholder Requirements Risk Management Procedure Risk Management Plan 5.1 a) A9.2.1 ORG.8.BP.3 Identify and Analyse Risks Risks, both internal and external, are identified, analysed and documented to determine the priority for action. Business Needs Business Objectives Risk Management Plan Risks d) A9.2.5 A ORG.8.BP.4 Track Risks The status of each risk is monitored and appropriate actions are taken to address risks, where planned triggers are activated or defined thresholds are exceeded. Actions are reviewed to ascertain their effectiveness and changes made. The risk management documentation is updated with the status of current risks. All actions are tracked to closure and records are maintained. Risk Management Plan Risks Risk Records d) ORG.8.BP.5 Report Status and Escalate The status of each risk, together with any actions, is reported to stakeholders. Where actions are not effectively addressing the risk they are escalated. Risk Records Risk Reports d) 4.2 d) ORG.8.BP.6 Analyse Risk Management Performance Data from across the organisation is reviewed and analysed in order to identify and address common or reoccurring risks. Risks Improvement Request a) S4 1000DP
34 Scope Profiles Legal and Compliance Service Management Systems & Software Development & Support Project & Programme Management Corporate Strategy Planning & Management Information Management & Security Product Validation, Quality & Measurement IT Systems Engineering & Infrastructure Dealing with the delivery of products or services within a legal and compliance framework; covering business analysis, corporate responsibility, risk and compliance audit Operations in a service management environment; delivering IT based services to clients either outsourced or internal All aspects of systems and software development, both traditional and new methodologies. Long term support and maintenance. Multidiscipline programme and project delivery as a specialist area: analysis, reporting, risk and general project management. Taking an organisational wide view of IT operations, long term planning, high level management. Delivery of information and systems to meet both data and security requirements. Independent testing and validation of product and services. Ensuring quantitative quality and measurements are applied to product development and delivery. Operations involving network and data handling systems, server farms, data centres and supporting infrastructure.
35 Scope Profiles and BPL Processes
36 PRM Overview It is produced and maintained by the organisation It is derived from the BPL but can be extended for organisational specific process needs Introduces defined processes through tailoring Process Reference Model (PRM) Maps Type-A, Type-B and any Type-C processes used to the organisational IMS Guidance on creating a PRM in ISO/IEC TR 24748, PAS 99 ISO/IEC TR Primary role of the Practitioner to create the PRM.
37 Example PRM Defined Process Risk Management
38 Process Assessment Model Produced by the assessor but involving the organisations Derived from the PRM Identifies the assessment Implemented Processes Sample It brings together process performance and process capability indicators Process Assessment Model (PAM) Records the Process Outcome ratings and identifies associated nonconformances Provides the basis for calculating Process Capability and Organisational Maturity Once completed provides the record of assessment.
39 Implementation and Assessment JTISC Base Process Library Creation & Maintenance Organisations Assessors Scope Determination and Defining Certification Requirements Certification Bodies BPL Process Reference Model Contract Org QMS Assessment Strategy Documentation and PRM Review Readiness Review Assessment Planning Process Assessment Model Report Assessment Schedule Corrective Action & Improvements Conduct Assessment Process Assessment Model Report TickITplus Certificate Technical Review and Certificate Award
40 Exploration or Confirmation Exploration Confirmation Evidence does not need to be made available at the start of the assessment Evidence of adequate implementation of Base Practices and Work Products must be sought by external assessment team members The evidence must be tested by correlation to other evidence Interview will be used and must include external assessor Evidence is expected to be made available at the start of the assessment Any team member can confirm the evidence The evidence must be tested by correlation with other evidence Multiple samples are not necessary Interviews must be held to confirm the prepared sample and must include external assessor.
41 Assessment Coverage Index A calculation based on: Number of people in the TickITplus Scope Number of people covered by the Implemented Process Sample Number of hours effort planned for the Assessment. Assessment Mode F dation Bronze Silver Gold Platinum Confirmation Exploration Slide 41
42 Transition to TickITplus... What, Why and how? How to transition from TickIT to TickITplus Certificate Renewal and Transitional Assessments Foundation Level Phil Willoughby LRQA ICT Technical Manager
43 TickITplus delivery process Contract Preparation PRM Review Assessment Planning Readiness Review The Assessment Technical review Certification
44 Contract Preparation Assessment Strategy Scope of Business Number of Staff TickITplus Grade Profile Number of Defined Processes Number and Size of Workgroups Contract Preparation Quotation in mandays.
45 TickITplus delivery process Contract Preparation PRM Review Assessment Planning Readiness Review The Assessment Technical review Certification
46 Documentation and PRM Review Assessment Strategy PRM Management System Documents Documentation & PRM Review Report Decision to proceed Non-conformities Versions of all documents.
47 Review Highlights Alignment of Strategy and PRM Complies with CSR requirements Carried out by the Lead Assessor Preferably on site Demonstrates the organisation understands Ensures the organisation is ready for the Stage 2 Assessment Organisations improvement plan.
48 TickITplus delivery process Contract Preparation PRM Review Assessment Planning Readiness Review The Assessment Technical review Certification
49 Assessment Planning Assessment Strategy Improvement Plan Previous PAMs Assessment Reports Assessment Planning Assessment Plan Schedule Resources.
50 Planning Highlights Can be initiated at any time in the pre-assessment activity Finalised after the Readiness Review Confirmation or exploration modes selected Creates the initial PAM Determines the Implemented Process Sample.
51 Assessment Readiness Review Has the organisation prepared for the Assessment? internal assessments and corrective action (at Foundation they can be TickIT type) improvement Plan is being implemented and monitored people allocated to plan activities (exploration mode) practitioner required evidence collected by the Practitioner (confirmation mode) assessment logistics arranged no significant changes since PRM Review or Assessment Planning activities Can be conducted on site or remotely.
52 TickITplus delivery process Contract Preparation PRM Review Assessment Planning Combined Review Readiness Review The Assessment Technical review Certification
53 The Assessment opening meeting process verification team agreement on the findings completion of the PAM (other than at a transitional assessment) report generation closing meeting.
54 Process Verification The defined processes are verified against the PAM by examining the IPS using the agreed assessment mode For Foundation level the single Process Attribute (PA), Process Performance needs to be assessed All defined processes assessed.
55 Findings Findings are graded following team discussion Positive and negative observations Major and minor non-conformities The characterisation (rating) of PA s is based on the number and type of nonconformities.
56 Converting findings to ratings Findings Comments and notes FI LI PI NI No findings Positive observations only Negative observations only Team decision based on the balance of positive and negative observation, risks, quantity of observations. Consideration should be given to raising a minor NC. 1 Minor NC Team decision based on the balance of any positive and negative observations and risks Multiple Minor NCs Team decision based on the balance of any positive and negative observations, risks, quantity of NCs. Consideration should be given to raising a major NC 1 Major NC Team decision based on the impact, risks, severity of any minor NCs, or positive and negative observations Multiple Major NCs
57 TickITplus delivery process Contract Preparation PRM Review Assessment Planning Readiness Review The Assessment Technical review Certification
58 Certification
59 Transitional Assessments Designed to be simpler than a full initial or certificate renewal visit: PRM review, Planning and Readiness Review combined PAM not required Only 50% of type B s require assessment Carried out by your regular Lead Assessor No characterisation required.
60 Transition Integrating with Existing Monthly Visits Visit Additional Visit Visit + 1 Request Transition PRM, Planning and Readiness Reviews Assessment Visit Additional visit Visit + 1
61 Summary Transitional Assessments are a gentler route to TickITplus The Core Scheme requirements document explains everything.
62 Transition to TickITplus... What, Why and how? TickITplus Conformance to performance Bill Martin Assurance and Improvement Manager Logica UK Ltd
63 Transition to TickITplus... What, Why and how? TickITplus... what it can do for you Graham Gee Quality and InfoSec Manager IPL
64 IPL Background Trusted, independent consulting & solutions house 30+ year track record 260 staff, 28m+ turnover Business/mission critical contexts Consistently exceed expectations Multiple market sectors Aerospace & Defence Banking & Finance Civil Government incl. Emergency Services Transport Telecoms & Utilities. Official Business Partner
65 IPL s focus on Quality IPL s origins more than 30 years ago in UK Aerospace & Defence Objective since 1979 to provide customers with high quality, high reliability software within timescale, budget and specification Quality is the responsibility of all individuals within the Company More than 20 years ago (before SEI s CMM existed) By 1988 IPL s QMS and processes were aligned to the international standard ISO 9001 and a few years later the TickIT software sector-specific scheme TickIT was largely adopted by the UK software development industry Especially in IPL s core market sector with high quality requirements.
66 Certifications & Affiliations ISO 9001:2008/TickIT ISO 27001:2005 ISO 14001:2004
67 TickITplus Was launched in year clock to migrate from TickIT started ticking in Dec 2011 Adds process capability assessment, with levels mapped to international standard ISO/IEC 15504, similar to CMMI So moves TickIT to same basis as CMMI but also Backed by UK plc (including BSI, BCS, Intellect, MoD) Integral part of certification to international standard ISO 9001 by certification bodies such as BSI, LRQA and DNV Requires mapping of project, technical, organisational, IT-specific, agreement and maturity processes to the Base Processes Library.
68 Steps to TickITplus: TickIT lead auditor course in 2006: Declining interest in the scheme; only one accredited trainer in the UK Auditor and company registrations dropping; only ever good practice guidance CMMI stolen march in India and elsewhere from its US origins Joined IPL in Oct 2007 aiming to bring QMS into 21 st century Long experience in Quality/TickIT and with BCS.
69 Steps to TickITplus: TickITplus coming soon as UK alternative to CMMI... But took a long time and there was chronic lack of communication Occasional pressure around CMMI in questionnaires and responses Happened again at end of 2010 around Thales preferred supplier selection Transition of Certification Body to LRQA December 2010.
70 Steps to TickITplus: during 2011 Kept the faith information sessions hosted at Intellect, early 2011 Speculative gap analysis cf. list of process titles March/April 2011 Assessor/practitioner training by Dave Wynn for IT Governance June 2011 Base Process Library (BPL) finally published also June 2011 Confirmed gap analysis (cf. BPL) > 1 st draft PRM July year clock to migrate from TickIT started ticking in Dec 2011 LRQA Stage 1 assessment end Sept > 3 Minor N/Cs LRQA Stage 2 assessment Dec > certification but raised 7 new Minor N/Cs (just before Christmas!) and Corrective Action Plan Continuing assessment end Mar 2012 closed all TickITplus N/Cs.
71 What does TickITplus involve? Eight scope profiles (currently two) 40 processes: original BPL had 22 (organisational, project and technical) Mapped to four international standards ISO 9001 ISO and ISO resp. Q2/Q ISO basis laid but rest later, possibly 2013 Combined assessor/practitioner training overseen by gasq Currently three UK Certification Bodies (BSI, DNV, LRQA) Run by Joint TickIT Industry Steering Committee (JTISC)
72 Measurement and Analysis Process ID ORG.6 Process Name Measurement and Analysis Category Organizational Processes Type A Process Purpose To provide information to enable better decision making. Version v1r0 Process Outcome Process Base Practices Input Work Products Output Work Products ISO 9001 OU.1 BP.1 Define Measurement and Analysis Policy and Procedures Business Plan Measurement Policy 4.2.1d) Measurements are used to demonstrate achievement of business objectives, to support decisions and identify improvement. Policies are established, approved and communicated to ensure that measures are identified, collected, analysed, reported and used, to support the achievement of the business plan. Procedures are established for developing measures against key business objectives, to understand performance. The procedures define the method for identifying, collecting, storing, analysing and using measures. Policies and procedures are periodically reviewed and updated in line with the business plan. The policies and procedures are maintained under the management framework. Measurement Procedures Measurement is embedded in the top-level documents for each management system. [Business Needs] Quality Policy There is a specific Integrated Management Procedure (IMP02) focussed on audit and improvement Strategy, Objectives, Targets, Key Performance Measures IS and ISMS Policies IMP02, Audit and Improvement BP.2 Identify Measurement Objectives and Data Business Plan Measurement Objectives The organization establishes where measures are necessary and identifies the objectives and data sources necessary to achieve them. Stakeholder Requirements Measurement Data Sources The objectives and data sources are reviewed and agreed by stakeholders. Company-level measurement objectives are defined for each management system. The top-level objectives Strategy, Objectives, Targets, for the services business are in the SBM. There are more detailed measurement objectives in a document for Key Performance Measures Operations which informs the specific objectives for each software project. Quality Policy These are reviewed and agreed by the Quality Review Board (QRB, comprising COO, CTO and Quality IS and ISMS Policies Manager) for Quality, and the IS Forum for InfoSec. Quality Objectives Services Business Manual Operations Quality Objectives Quality Plan: Quality Objectives ISMS Overview BP.3 Collect and Analyse Measurement Data Measurement data is collected and stored in line with the collection method. The measurement data is validated and any need for additional measurement is identified The measurement data is analysed to provide indicators and recommendations to stakeholders. Measurement Objectives Measurement Data Sources Measurement and Analysis Data Measurement And Analysis Report 8.4
73 Project Management Process ID PRJ.1 Process Name Project Management Category Project Procedures Type B/C Process Purpose To ensure that the projects meet their objectives. Version v1r0 Process Outcome Process Base Practices Input Work Products Output Work Products ISO 9001 OU.1 The organization achieves project objectives in a controlled manner, and delivery is on time, in budget and to quality. BP.1 Establish Project Management Policies and Procedures Business Plan Policies are established, approved and communicated that govern the project management methodology and the delivery of projects. Procedures are defined, approved and made available for use, to implement the project management policies. The procedures cover project planning, tailoring, estimating, monitoring and control, resourcing, reporting, escalation, together with supplier, stakeholder, risk and issue management The policies and procedures are maintained under the management framework. The Delivery Manual contains the processes related to project management. It was reviewed and approved by a subset of the Board and Exec Committee. Supporting documents provide additional procedures. They are made available via the intranet. Strategy Annual Business Plan Services Business Manual Project Management Policies 4.2.1d) Project Management Procedures Delivery Manual SCOP-R: Project Control Quality Objectives Management Procedure 2: Progress Reporting SCOP-P 9001, Risk Management BP.2 Scope the Project A scope statement is defined for the project with deliverables agreed by stakeholders. The quality objectives and the requirements for the project are established and documented. Objectives, constraints and assumptions are recorded and agreed before project initiation Projects select and tailor the appropriate lifecycle model, and the rationale is documented. Estimates are produced against the agreed scope, including any necessary contingency. A budget for the work to be undertaken is prepared. The scope, objectives, constraints, selected approach, estimates and budget are reviewed by stakeholders and approved by management. Stakeholder Requirements Scope Statement Project scope and estimates will have been defined as part of the proposal process. The Delivery Manual and SCOP-R describe how to initiate a project. The Project Plan and Quality Plan set out the key aspects for the project to be delivered. Invitation to Tender/Request for Proposal Proposal Delivery Manual: Initiate Project SCOP-R: Project Control Operations Quality Objectives Project Plan Quality Plan: Project Lifecycle
74 Architectural Design Process ID TEC.13 Process Name Architectural Design Category Technical Processes Type B/C Process Purpose To produce a top-level design that identifies the major components and interfaces of the product. Version v1r0 Process Outcome Process Base Practices Input Work Products Output Work Products ISO 9001 OU.1 BP.1 Establish Development Approach The top-level design Different development approaches are considered in formulating the architecture design, and an approach addresses all the is selected that best meets the system requirements. system requirements, The selection decision and supporting rationale is documented, reviewed and approved. with no defects found in development. Initial development approach is captured in quality plan. Refined during requirements and design stages. Lifecycle Model Description and Assets SCOP-P 800x, Software Development Methods ETC Agile Framework Selected Lifecycle Quality Plan BP.2 Create Architectural Design The top-level design is created taking into account the architectural standards of the organization. The major components and interfaces necessary to meet the system requirements are identified. System requirements are traceable to the major components. Interfaces include interactions between system components, and between the system and the external environment. Design constraints, assumptions and dependencies are documented. System Requirements Top Level Design Traceability Report 4.2.1d) The system is designed to ensure that it meets the system requirements, external interfaces and selected design standards. Design specifications are produced in line with the design methodology selected. SCOP-P 2001 provides the default format and content for design specs. The approach to traceability depends upon customer requirements, the nature of system under development and any applicable standards (e.g. higher levels of DO-178B) plus the design methodology and modelling tools being used. System Requirements Spec High Level Design Quality Plan: Design Process Traceability Matrix SCOP-P 200x, design standards BP.3 Review Architectural Design The top-level design is reviewed by stakeholders to ensure all system requirements have been adequately addressed. The customer is advised of any adverse impact on cost, schedule and customer needs arising from the proposed top-level design, along with possible alternatives. Top Level Design Review Records Top Level Design Customer Notifications The review approach is defined in the Quality Plan. Detailed reviews can include Preliminary and Critical Design Reviews with customer involvement. High Level Design Quality Plan: Review Process SCOP-P 4001, Review Standards High Level Design Review Records BP.4 Manage Architecture Changes Changes to the top-level design are formally controlled through the change control process. Changes to the top-level design are reviewed by stakeholders for their impact on cost, schedule and customer needs. The results of the review are communicated to stakeholders, and records maintained. Change Request Change Record b) 7.3.7
75 What has TickITplus done for us?
76 So where do you want to be? From Everett Rogers, Diffusion of Innovations, 1962
77 TickITplus lessons/benefits Modern, pragmatic, detailed process/practice requirements NOT good practice guidance (cf. TickIT) and less bureaucratic than CMMI TickITplus Foundation level (BPL v1.0 with 22 processes) is equivalent to CMMI Levels 2/3 (resp. 7/11 processes) Based on international standards - ISO 9001 with ISO (aka. SPICE) capability maturity dimension to be added Regular, professional and independently assured assessments by certification bodies - currently BSI, DNV and LRQA in the UK cf. CMMI Initially external assessment costs are higher (number of processes) BUT combined assessments across ISO and ISO will help.
78 IPL where next with TickITplus? Some processes were initially challenging and may need improving/redefining/discussing with LRQA Configuration/change management Integration management Transition/release management Stakeholder requirements Lifecycle model management Improvement LRQA s recertification visit at end of August 2012 Extension to cover ISO later in 2012? Could consider adding additional scope profiles? Move up to Bronze (OK) and Silver (difficult) when available Share the good news with the UK IT community via BCS, LRQA, Intellect, with Omniprove and Nexor.
79 Questions? Dr Graham Gee FBCS CITP TSSF Quality & InfoSec Manager Eveleigh House Grove Street Bath BA1 5LR
80 Transition to TickITplus... What, Why and how? Nexor s TickITplus Journey Irene Dovey Business Improvement Manager Nexor Ltd
81 connect transform protect TickITplus and Nexor
82 Company Profile
83 Our Positioning TS Secret Confidential High Assurance Impact levels 4-6 Specialised requirements Baseline components Tailored, accreditable solutions Medium Assurance Impact level 3 Specialist COTS product Scheme assessment Nexor Capability Acknowledged domain expertise End-to-end service Accreditation ready OTS framework Process maturity Nexor COTS products Microsoft ready Full professional services package Restricted Unclassified Standard Assurance Low impact levels Commodity COTS products Wide choice
84 Our Customers and Partners End Customers Bulgarian MOD Canadian DND CSEC European Defence Agency French MOD GCHQ Government of Canada Italian Navy NATO Netherlands Navy Niteworks Slovak Army UK MOD System Integrators Cassidian CSC Elta-R Force Vision Fujitsu GD HP Interactive sbc Logica QinetiQ Scientia Selex Steria Ultra Electronics Partners Accuvant Ascentor BAE Systems Boldon James FOX-IT IPL Microsoft Red Hat RJD Technology Titus Labs Tresys
85 Our Maturity
86 Our TickITplus journey... ISO9001 / TickIT and ISO in place for a number of years Became interested in CMMI around 2006 Used the CMMI framework to widen and deepen the scope of improvement activities Came to a point where we felt ready for formal CMMI Scampi appraisal but just could not justify the cost (money and effort!).
87 So, how did we get to TickITplus? Attended a business improvement workshop at Intellect in 2009 and first heard of TickITplus Liked the sound of what we heard and volunteered to get involved in the Pilot Scheme Slow start and not a lot happened for a while... Then things started to move with changes to the Committee (JTISC) and we became involved in producing the Base Process Library (BPL).
88 So, how did we get to TickITplus? Liked what we saw of the BPL and internally decided to use it as a tool to undertake a gap analysis confirming which practices we were doing and identifying ones which we weren t! Where possible, we involved staff relevant to the particular area From this, we developed an improvement action plan capturing areas where we could improve and also where we could do things more simply.
89 Improvement Action Plan example... Action No Improvement Activity 1 Risk Management Framework procedure does not differentiate sufficiently between business and project risks 2 Size measurement in estimation Action Benefits Owner Date Created Procedure to be updated and circulated for review. Comments / suggestions requested by 05/11/2010. Currently collecting requirements vs actual effort metrics as a starting point. A generic risk management approach across the Business. To improve and validate estimation IHD 01/11/201 AJK 01/11/201 By When 05/11/2010 Reviewed, updated and published on the 0 Intranet Action complete. 31/01/ : Current requirements size 0 measure is not effective. Further size measures are currently being reviewed : Consideration to reviewing GQM for this area - maybe incorporate complexity or number of user stories. 3 Product Lifecycle Management 7 Measurement and Analysis needs reviewing Need to clarify our approach to new lifecycles in the PMF. Policy will be updated and consideration will be given to whether a dedicated procedure is required. Note: M&A is currently incorporated in Developing and Improving Policies and Procedures procedure. To aid understanding of approach to Agile development which is new to the business. To aid identification of key areas where metrics may prove useful in monitoring and improving performance. AJK 01/11/201 IHD 01/11/ : Ongoing. 30/11/ : PMF updated to include this. 0 Action complete. 31/01/ : Policy updated : AMP will review and update the current Metrics spreadsheet. IHD will review the Developing and Improving Processes and Procedures procedure and make recommendation on what is required : AMP to upload revised List of Metrics spreadsheet for comment. IHD to update D&IPP procedure in line with recommendations. 24 QA, Documentation and Record Control would benefit from an approval matrix for each type of document Update the procedure Ensure clarity for document approval DEF 01/11/ : Metrics re-circulated for comment (to AJK, KJB, IHD) : Procedure update. 0 Action complete
90 So, how did we get to TickITplus? Then decided to formally adopt TickITplus In preparation: undertook Practitioner training in April 2010 started working on our Process Reference Model (PRM) liaised with LRQA and sought guidance from Dave Wynn Stage 1 Foundation-level assessment early December 2010 Stage 2 Foundation-level assessment mid-december and became the first to become certified to TickITplus.
91 What have we gained? Basically, TickITplus has reinvigorated our improvement activities! BPL offers good practice over and above the Standards it incorporates Mapping existing practices to BPL is a good way of doing a gap analysis to identify areas for improvement Provides sound basis if the Process Area is new or is not currently effective Opportunity to get the people who do the work to complete their Process Area (collaboration) Demonstrates a commitment to quality to customers.
92 What have we learned? External assessments are more rigorous initially and on an on-going basis no places to hide! More time-consuming and does require preparation initially and on an on-going basis Because more time is required, there is a cost implication transition and tri-annual assessments (not surveillance visits).
93 Now and where to next? Since initial assessment, three surveillance visits Momentum keeps going Getting smarter (BPL becoming leading rather than lagging) Looking to adopt the next phase of TickITplus which incorporates ISO To help in developing our service offering Plan to progress TickITplus through the capability route.
94 Nexor Ltd Any queries or for more information on how we approached TickITplus Irene Dovey Business Improvement Manager Nexor Ltd Tel:
95 Transition to TickITplus... What, Why and how? Question and Answer Session
96 Transition to TickITplus... What, Why and how? Summary and Close
What, Why and how? Transition to TickITplus... Welcome and Introduction
Transition to TickITplus... What, Why and how? Welcome and Introduction Peter Lawrence MSc FBCS CITP FCQI CQP Chairman Joint TickIT Industry Standards Committee Agenda Morning Welcome and benefits of TickITplus
More informationTickITplus Webinar. The Essentials Made Clear
TickITplus Webinar The Essentials Made Clear TickITplus The Essentials of Getting Started Paul Breslin, DNV Business Assurance UK Copyright 2012 THEN AND NOW THEN/NOW TickIT scheme introduced over
More informationBase Process Library. The TickITplus scheme. Version Release
Base Process Library The TickITplus scheme Version 1.2.0 Release International TickITplus Association 2016 You are free to use this publication in the progress of developing an IT quality management system
More informationWhat are the top ten benefits of adopting TickITplus?
What are the top ten benefits of adopting TickITplus? By Dave Wynn, Omniprove Ltd Introduction The TickITplus scheme is a significant enhancement of the TickIT scheme which has been running successfully
More informationKick Start Guide. TickITplus. Dave Wynn Reviewed by JTISC
Kick Start Guide TickITplus Dave Wynn Reviewed by JTISC First published in the UK in 2011 by BSI 389 Chiswick High Road London W4 4AL British Standards Institution 2011 All rights reserved. Except as permitted
More informationTickIT Plus the Future of TickIT!
TickIT Plus the Future of TickIT! by Derek Irving As indicated in the last issue of TickIT International, the Joint TickIT Industry Steering Committee (JTISC) have embarked on a project to redevelop the
More informationCMMI V2.0 MODEL AT-A-GLANCE. Including the following views: Development Services Supplier Management. CMMI V2.0 outline BOOKLET FOR print.
CMMI V.0 MODEL AT-A-GLANCE Including the following views: Development Services Supplier Management CMMI V.0 outline BOOKLET FOR print.indd CMMI V.0 An Integrated Product Suite Designed to meet the challenges
More informationTranslate stakeholder needs into strategy. Governance is about negotiating and deciding amongst different stakeholders value interests.
Principles Principle 1 - Meeting stakeholder needs The governing body is ultimately responsible for setting the direction of the organisation and needs to account to stakeholders specifically owners or
More informationISACA All Rights Reserved.
Tichaona Zororo CIA, CISA, CISM, CRISC, CRMA, CGEIT, COBIT 5 Certified Assessor B.Sc. Honours Information Systems, PGD Computer Auditing Accredited COBIT 5 Trainer ISACA 2016. Business Value Value
More informationPG&E Gas Operations. Gas Safety Excellence API 1173
PG&E Gas Operations Gas Safety Excellence API 1173 Gas Safety Excellence Framework PG&E Confidential 2 Our Strategic Drivers Why did PG&E Gas Operations launch and sustain Gas Safety Excellence? Provide
More informationUSING PILOTS TO ASSESS THE VALUE AND APPROACH OF CMMI IMPLEMENTATION. Goddard Space Flight Center (GSFC)
USING PILOTS TO ASSESS THE VALUE AND APPROACH OF CMMI IMPLEMENTATION Goddard Space Flight Center (GSFC) Sally Godfrey, James Andary, Linda Rosenberg SEPG 2003 2/03 Slide 1 Agenda! Background " NASA Improvement
More informationProcedure 11 Recruitment and Training
Procedure 11 Recruitment and Training Table of Contents 1 Introduction... 2 2 Head Office Personnel... 2 3 Auditors and Technical Expert Recruitment... 4 3.1 Flowchart of Recruitment Process... 4 3.2 Auditors
More informationThe following Standard reflects employers requirements for the skills, knowledge and behaviours expected from someone to be competent in the job role.
Apprenticeship Standard for: Post Graduate Engineer The following Standard reflects employers requirements for the skills, knowledge and behaviours expected from someone to be competent in the job role.
More informationThe Chartered Project Professional Standard
The Chartered Project Professional Standard Contents Page 3 1. Introduction Page 4 Page 4 Page 5 Page 6 Page 9 Page 9 Page 9 Page 9 Page 10 2. Achieving the chartered standard 2.1. Eligibility 2.2. Requirements
More informationMoving to the AS9100:2016 series. Transition Guide
Moving to the AS9100:2016 series Transition Guide AS9100-series - Quality Management Systems for Aviation, Space and Defense - Transition Guide Successful aviation, space and defense businesses understand
More informationSWEN 256 Software Process & Project Management
SWEN 256 Software Process & Project Management Understanding existing processes Introducing process changes to achieve organisational objectives which are usually focused on quality improvement, cost reduction
More informationSCAF Workshop Recruitment, Retention and Professional Development
The following presentation was given at: SCAF Workshop Recruitment, Retention and Professional Development Tuesday 13th June 2017 The Conference Centre, Ribby Hall Village, Preston Released for distribution
More informationSoftware Project Management Sixth Edition. Chapter Software process quality
Software Project Management Sixth Edition Chapter 13.2 Software process quality 1 Product and Process Quality A good process is usually required to produce a good product. For manufactured goods, process
More informationMoving to the AS/EN 9100:2016 series. Transition Guide
Moving to the AS/EN 9100:2016 series Transition Guide AS/EN 9100 series - Quality Management Systems for Aviation, Space and Defence - Transition Guide Successful aviation space and defence businesses
More informationMoving from ISO/TS 16949:2009 to IATF 16949:2016. Transition Guide
Moving from ISO/TS 16949:2009 to IATF 16949:2016 Transition Guide IATF 16949:2016 - Automotive Quality Management System - Transition Guide An effective Quality Management System is vital for organizations
More informationPart II: Requirements for the Management of Schemes
Version 6.4 Contact address: Global Food Safety Initiative Foundation c/o The Consumer Goods Forum 22/24 rue du Gouverneur Général Eboué 92130 Issy-les-Moulineaux FRANCE Secretariat email: gfsinfo@theconsumergoodsforum.com
More informationInsurance Professional
Assessment plan: Insurance Professional ST0241/AP 1. Introduction and Overview This Apprenticeship is designed as a progression route for those having completed the Insurance Practitioner or for higher
More informationDORNERWORKS QUALITY SYSTEM
DORNERWORKS QUALITY SYSTEM ALIGNMENT WITH CMMI INTRODUCTION Since its beginning, DornerWorks has had quality as one of our main goals. We have delivered solutions for over a dozen aircraft, including several
More informationCMMI-DEV V1.3 CMMI for Development Version 1.3 Quick Reference Guide
processlabs CMMI-DEV V1.3 CMMI for Development Version 1.3 Quick Reference Guide CMMI-DEV V1.3 Process Areas Alphabetically by Process Area Acronym processlabs CAR - Causal Analysis and Resolution...
More informationSoftware technology 3. Process improvement models. BSc Course Dr. Katalin Balla
Software technology 3. Process improvement models BSc Course Dr. Katalin Balla Contents Process improvement models. Popular SPI models: CMM, SPICE, CMMI The Personal Software Process (PSP) and the Team
More informationTransitioning from TickIT to TickITplus at the National Physical Laboratory
Transitioning from TickIT to TickITplus at the National Physical Laboratory Keith J. Lines 1, Ewan Vizard 2, David A. Hall 3 1 Software Developer, Mathematics, Modelling and Simulation Group, National
More informationDoes a strategic approach to asset management make a difference?
Does a strategic approach to asset management make a difference? Warren Bradley CEng MEng MICE DipIS MSc MIAM Highways UK, 9 November 2017 Why a strategic approach worked for BalfourBeattyMottMacDonald
More informationPost Graduate Engineer End Point Assessment Plan
Post Graduate Engineer End Point Assessment Plan Covering the following occupational roles: 1. Research and Development Engineer 2. Design and Development Engineer 3. Systems Integration Engineer 4. Quality
More informationISC: UNRESTRICTED AC Attachment. Environmental & Safety Management- EnviroSystem Oversight Audit
Environmental & Safety Management- EnviroSystem Oversight Audit September 9, 2016 THIS PAGE LEFT INTENTIONALLY BLANK ISC: UNRESTRICTED Table of Contents Executive Summary... 5 1.0 Background... 7 2.0 Audit
More informationHealth and Safety Management Profile (HASMAP)
Health and Safety Management Profile (HASMAP) Contents Introduction 02 HASMAP overview 03 Getting started 04 Indicator summaries A Leadership 07 B Planning for emergencies 15 C Health and safety arrangements
More informationPractical Process Improvement: the Journey and Benefits
Practical Process Improvement: the Journey and Benefits 27-29 September 2004 Colin Connaughton AMS Metrics Consultant CMM, Capability Maturity Model, and Capability Maturity Modeling are registered in
More informationAssessment plan: Paraplanner
Assessment plan: Paraplanner 1. Introduction and Overview This is an apprenticeship in paraplanning; a professionally qualified technical support role in Financial Adviser businesses. The role of the Paraplanner
More informationHighlights of CMMI and SCAMPI 1.2 Changes
Highlights of CMMI and SCAMPI 1.2 Changes Presented By: Sandra Cepeda March 2007 Material adapted from CMMI Version 1.2 and Beyond by Mike Phillips, SEI and from Sampling Update to the CMMI Steering Group
More informationReport. Quality Assessment of Internal Audit at <Organisation> Draft Report / Final Report
Report Quality Assessment of Internal Audit at Draft Report / Final Report Quality Self-Assessment by Independent Validation by Table of Contents 1.
More informationIHE PROFESSIONAL CERTIFICATE IN
IHE PROFESSIONAL CERTIFICATE IN ASSET MANAGEMENT Introduction Asset Management assumes greater professional and political significance in ensuring that highway assets are managed effectively to achieve
More informationInternal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017)
Internal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017) Assessor 1: Assessor 2: Date: Date: Legend: Generally
More informationAsset Management Policy
Asset Management Policy January 2018 Introduction Our Asset Management Policy was last published in 2014. It is being updated to reflect our commitment to regularly review and improve all of our Asset
More informationDigital Industries Apprenticeship: Assessment Plan. Unified Communications Technician. Published in November 2016
Digital Industries Apprenticeship: Assessment Plan Unified Communications Technician Published in November 2016 1 Digital Industries Apprenticeships: Assessment Plan General Introduction and Overview The
More informationSoftware Project & Risk Management Courses Offered by The Westfall Team
Software Project & Risk Management is a 5-day course designed to provide a knowledge base and practical skills for anyone interested in implementing or improving Software Project and Risk Management techniques
More informationGeneral requirements for the competence of testing and calibration laboratories. In this presentation:
General requirements for the competence of testing and calibration laboratories ISO/IEC 17025:2017 In this presentation: Explanation New requirement Interpretation / Examples / Questions Agenda Welcome
More informationThis resource is associated with the following paper: Assessing the maturity of software testing services using CMMI-SVC: an industrial case study
RESOURCE: MATURITY LEVELS OF THE CUSTOMIZED CMMI-SVC FOR TESTING SERVICES AND THEIR PROCESS AREAS This resource is associated with the following paper: Assessing the maturity of software testing services
More informationWhat is ISO/IEC 20000?
An Introduction to the International Service Management Standard By President INTERPROM September 2018 Copyright 2018 by InterProm USA. All Rights Reserved www.interpromusa.com Contents INTRODUCTION...
More informationAudit of Weighing Services. Audit and Evaluation Services Final Report Canadian Grain Commission
Audit and Evaluation Services Final Report Canadian Grain Commission November 2016 Table of Contents 1. EXECUTIVE SUMMARY... 2 Conclusion... 2 Statement of Assurance... 2 2. INTRODUCTION... 3 Authority
More informationCEPA Certified and European Standard EN 16636:2015
CEPA Certified and European Standard EN 16636:2015 Presentation to Skadedyrdagene 2016 Oslo, Norway, March 10 th 2016 By: Dr Peter Whittall Executive Director of Tripod Consulting Ltd Agenda A brief introduction
More informationCMMI-SVC V1.3 CMMI for Services Version 1.3 Quick Reference Guide
processlabs CMMI-SVC V1.3 CMMI for Services Version 1.3 Quick Reference Guide CMMI-SVC V1.3 Process Areas Alphabetically by Process Area Acronym processlabs CAM - Capacity and Availability Management...
More informationISO Your implementation guide
ISO 55001 Your implementation guide Optimize the value from your assets with ISO 55001 Don t let the management of costly and complex assets become a burden to your organization.. ISO 55001 can help you
More informationAn EMS is a management tool to improve environmental performance by providing a systematic way of managing an organization s environmental affairs.
ISO 14001 The ISO 14001 standard provides organizations with the framework for an effective environmental management system (EMS) focused on achieving their environmental and economic goals and objectives.
More information9100 revision Changes presentation clause-by-clause. IAQG 9100 Team November 2016
Changes presentation clause-by-clause IAQG 9100 Team November 2016 INTRODUCTION In September 2016, a revision of the 9100 standard has been published by the IAQG (International Aerospace Quality Group)
More informationISO 14001:2015 Your implementation guide
ISO 14001:2015 Your implementation guide ISO 14001 reduces environmental impacts and grows your organization Updated in 2015 to make sure it reflects the needs of modern day business, ISO 14001 is used
More informationBLUE NILE VERIFIER. Compliance and Certification Support
BLUE NILE VERIFIER Compliance and Certification Support Management System Certification Consulting, ISO Training ISO Audit Support, Supply Chain Management Business Process Management Compliance Management
More informationThe PAS55 journey in Highways England Area 10
Asset Management The PAS55 journey in Highways England Area 10 CIHT NW Annual Highway Maintenance Conference 2016 Steve Pate, Project Director, Mott MacDonald Asset Management Leader, BBMM 19 May 2016
More informationIs a BCM Capability Enough for Developing a Resilient Organisation?
Emergency Planning College Occasional Papers New Series Number December 2012 4 Is a BCM Capability Enough for Developing a Resilient Organisation? Martin W Fenlon Associate Course Director Emergency Planning
More informationPROJECT DESIGN GUIDE A00.1 COMPETENCE STATEMENT AND ASSESSMENT
PDG PROJECT DESIGN A00.1 GUIDES PROJECT DESIGN GUIDE A00.1 COMPETENCE STATEMENT AND ASSESSMENT Project Name: Name Project No.: Number Date: Date Document No.: PDG-PDG-PRO-A00.1 Date Created: 30 th Mar
More informationTop 10 Signs You're Ready (or Not)
Top 10 Signs You're Ready (or Not) For an Appraisal Gary Natwick Harris Corporation Gary Natwick - 1 Government Communications Systems Division DoD s Strategic and Business Development CMMI Technology
More informationISO 9001:2015 Overview
Improving performance, reducing risk ISO 9001:2015 Overview Introduction The purpose of this handout is to give LRQA training delegates an insight into the next issue of the international Quality Management
More informationBank of Ireland. Service Integration as a means to govern a multivendor. 11 th October 2013
Bank of Ireland Integration as a means to govern a multivendor IT estate 11 th October 2013 Gerry Flanagan (Accenture) Sharon Donnelly (Bank of Ireland) Agenda Introductions What is Introduction and why
More informationData Warehousing provides easy access
Data Warehouse Process Data Warehousing provides easy access to the right data at the right time to the right users so that the right business decisions can be made. The Data Warehouse Process is a prescription
More informationSQS Performance Testing
SQS Performance Testing Service Overview sqs.com Your reputation, growth and compliance elevated IT change is more complex than ever; SQS performance test services reduce exposure to your risks, increasing
More informationSoftware Quality Engineering Courses Offered by The Westfall Team
Building Skills is a 3-day course that is a subset of our course. The course is designed to provide a fundamental knowledge base and practical skills for anyone interested in implementing or improving
More informationISO 9001:2015 Revision Frequently Asked Questions
ISO Revisions Latest update New and revised ISO 9001:2015 Revision Frequently Asked Questions Introduction ISO 9001, the world s leading international quality standard has helped millions of organizations
More informationUsing assessment & benchmarking techniques as a strategic approach to drive Continual Service Improvement
Using assessment & benchmarking techniques as a strategic approach to drive Continual Service Improvement Ian MacDonald Function Leader, Group Technology Co-operative Group IT Session Outline What you
More informationSelf-assessment Exemplar 2
Self-assessment Exemplar 2 XYZ Awards Self-assessment Report & Plan 2015 This document represents the formal submission to SQA Accreditation from XYZ Awards of its 2015 Self-assessment in accordance with
More informationISO 14001:2015 Your implementation guide
ISO 14001:2015 Your implementation guide ISO 14001 reduces environmental impacts and grows your organization Updated in 2015 to make sure it reflects the needs of modern day business, ISO 14001 is used
More informationSoftware Quality Engineering Courses Offered by The Westfall Team
Courses is a 2-day course that is a subset of our course. The course is designed to provide an overview of techniques and practices. This course starts with an overview of software quality engineering
More informationImplementation of the CO BIT -3 Maturity Model in Royal Philips Electronics
Implementation of the CO BIT -3 Maturity Model in Royal Philips Electronics Alfred C.E. van Gils Philips International BV Corporate Information Technology Eindhoven, The Netherlands Abstract: Philips has
More informationEX0-114_Wins_Exam. Number: Passing Score: 800 Time Limit: 120 min File Version: 1.0
EX0-114_Wins_Exam Number: 000-000 Passing Score: 800 Time Limit: 120 min File Version: 1.0 http://www.gratisexam.com/ 20000 IT Service Management Foundation Bridge based on ISO/IEC Total Questions: 78
More informationManaging a Project and Keeping Sane While Wrestling Elegantly With PMBOK, Scrum and CMMI (Together or Any Combination)
Managing a Project and Keeping Sane While Wrestling Elegantly With PMBOK, Scrum and CMMI (Together or Any Combination) Neil Potter The Process Group neil@processgroup.com 1 Agenda Summary of PMBOK, CMMI
More informationDigital Industries Apprenticeship: Assessment Plan. IS Business Analyst. March 2017
Digital Industries Apprenticeship: Assessment Plan IS Business Analyst March 2017 1 DIGITAL INDUSTRIES APPRENTICESHIPS: ASSESSMENT PLAN FOR IS BUSINESS ANALYST General Introduction and Overview The apprenticeship
More informationNuclear Health Physics Monitor Apprenticeship Assessment Plan
Introduction This document focusses predominantly on the end-point assessment that must be carried out to enable a Nuclear Health Physics Monitor (NHPM) apprentice to be tested in a consistent and fair
More informationWORK PLAN AND IV&V METHODOLOGY Information Technology - Independent Verification and Validation RFP No IVV-B
1. Work Plan & IV&V Methodology 1.1 Compass Solutions IV&V Approach The Compass Solutions Independent Verification and Validation approach is based on the Enterprise Performance Life Cycle (EPLC) framework
More informationIT Service Management Foundation based on ISO/IEC20000
IT Service Management Foundation based on ISO/IEC20000 Number: EX0-115 Passing Score: 60 Time Limit: 90 min File Version: 4.0 http://www.gratisexam.com/ Exin EX0-115 IT Service Management Foundation based
More informationAPM Registered Project Professional (RPP) 2 nd Edition ) Process 2) Support. Provek Ltd Tel: Version 2-1.
APM Registered Project Professional (RPP) 2 nd Edition 2017 1) Process 2) Support Provek Ltd Tel: 01635 524610 www.provek.co.uk Version 2-1 Welcome Contents APM Registered Project Professional (RPP) What
More informationThe CMMI Product Suite and International Standards
Pittsburgh, PA 15213-3890 The Product Suite and International Standards Dave Kitson, Jeanie Kitson, Terry Rout and Pedro Sousa is registered in the US Patent & Trademark Office by Carnegie Mellon University
More informationRole and person profile
Role and person profile Post title: Technical Programme Manager Location: Guildford/Manchester Division: Qualifications and Markets Department: QPPOP Reports to: Head of QPPOP Programme Responsible for:
More informationProject Execution Approach
Project Execution Approach July 2016 2016 Affinity Digital (Technology) Ltd 1 Project Execution Approach Affinity Project Management Affinity is in an excellent position with its multiple methodology offerings.
More informationPROMOTE A SAFE WORKING ENVIRONMENT WITH ISO 45001: THE NEW OCCUPATIONAL HEALTH AND SAFETY STANDARD
PROMOTE A SAFE WORKING ENVIRONMENT WITH ISO 45001: THE NEW OCCUPATIONAL HEALTH AND SAFETY STANDARD ABOUT SGS INTRODUCTION THE ISO 45001 DEVELOPMENT PROCESS THE IMPORTANCE OF LEADERSHIP THE BENEFITS OF
More informationCapability Maturity Model the most extensively used model in the software establishments
International Journal of Scientific and Research Publications, Volume 6, Issue 5, May 2016 710 Capability Maturity Model the most extensively used model in the software establishments Ajith Sundaram Assistant
More informationJob Description and Person Specification
Job Description Directorate/Group: Corporate and Business Support (CBS) Location: Southampton Post Title: Grade: Project Delivery Lead NERC Band 4 Post responsible to: Chief Operating Officer Posts responsible
More informationQuality Assurance and Improvement Program
Internal Audit Foundations Standards 1000, 1010, 1100, 1110, 1111, 1120, 1130, 1300, 1310, 1320, 1321, 1322, 2000, 2040 There is an Internal Audit Charter in place Internal Audit Charter is in place The
More informationLevel 4 NVQ Diploma in Customer Service. Qualification Specification
Qualification Specification ProQual 2014 Contents Page Introduction 3 The Qualifications and Credit Framework (QCF) 3 Qualification profile 4 Rules of combination 5 Credit transfer / Exemptions / Recognition
More informationLeeds Roadshow what CIPS can do for you
Leeds Roadshow what CIPS can do for you September 13 th 2012 1 Content Introducing the Business Development Team Customer s change drivers How we can help you Develop people in the way that best fits your
More informationChartered Project Professional (ChPP) Application Guidance
Chartered Project Professional (ChPP) Application Guidance Helping you to understand, decide and prepare for the Chartered Project Professional (ChPP) standard Becoming a Chartered Project Professional
More informationHOW AN INDUSTRIAL BASELINE SURVEY CAN INFORM LONG-TERM STRATEGIC PLANNING AND FACILITATE CREATION OF SUSTAINABLE ECONOMIC LINKAGES
HOW AN INDUSTRIAL BASELINE SURVEY CAN INFORM LONG-TERM STRATEGIC PLANNING AND FACILITATE CREATION OF SUSTAINABLE ECONOMIC LINKAGES Framework Step: STEP 2 - Build an empirical basis to inform decision-making
More informationHow to manage the transition successfully ISO 9001:2015 TOP MANAGEMENT - QUALITY MANAGERS TECHNICAL GUIDE. Move Forward with Confidence
How to manage the transition successfully ISO 9001:2015 TOP MANAGEMENT - QUALITY MANAGERS Move Forward with Confidence 2 ISO 9001:2015 TOP MANAGEMENT - QUALITY MANAGERS WHAT ARE THE MAIN CHANGES IN ISO
More informationhandbook Level 5 NVQ Diploma in Management (QCF) MD05
Skillsfirst Awards handbook Level 5 NVQ Diploma in Management (QCF) MD05 Suite 215 Fort Dunlop Fort Parkway Birmingham B24 9FD www.skillsfirst.co.uk Contents Page Section 1 Introduction 1.0 Introduction
More informationJob description and person specification
Job description and person specification Position Job title Knowledge Management Facilitator Directorate Operations and Information Pay band AFC Band 8a Responsible to NHS RightCare Knowledge Management
More informationCMMI Version 1.2. Model Changes
Pittsburgh, PA 15213-3890 CMMI Version 1.2 Model Changes SM CMM Integration, IDEAL, and SCAMPI are service marks of Carnegie Mellon University. Capability Maturity Model, Capability Maturity Modeling,
More informationEnsuring Food Safety. Through Accredited Third-Party Conformity Assessment. An ANSI-ASQ National Accreditation Board White Paper
Ensuring Food Safety Through Accredited Third-Party Conformity Assessment An ANSI-ASQ National Accreditation Board White Paper Executive Summary According to a February 2007 Government Accountability Office
More informationYOUR CERTIFICATION PROCESS EXPLAINED
ISO 22000 FOOD SAFETY MANAGEMENT SYSTEMS FSSC 22000 FOOD SAFETY SYSTEM CERTIFICATION This document outlines the audit process for the above referenced standard. It outlines the stages to audit and gives
More informationManagement System Manual International Compliance Group
Granting, refusing, maintaining, renewing, suspending, restoring or withdrawing certification. Page 1-1 Initial certification audit General - ICG s auditing work is conducted in two stages: Stage 1 and
More informationYou Already Have It. Looking for cash? Realizing Business Benefits from SAP
Looking for cash? You Already Have It. 2008: By changing the way they use SAP, 10 Large enterprises realized $2.5 Bncashable benefits. Realizing Business Benefits from SAP 2 of 10 Applies to: Any size
More informationLevel 4 NVQ Diploma in Customer Service. Qualification Specification
Qualification Specification ProQual 2017 Contents Page Introduction 3 Qualification profile 3 Qualification structure 4 Centre requirements 6 Support for candidates 6 Assessment 6 Internal quality assurance
More informationA MATURITY MODEL THAT S RIGHT AND READY
Project Services Pty Ltd A MATURITY MODEL THAT S RIGHT AND READY OPM3 - PAST, PRESENT AND FUTURE Presented at Hotel Grand Chancellor, Christchurch, New Zealand 4 th 6 th October 2006 Dr. Lynda Bourne DPM,
More informationInternational Civil Aviation Organization FIRST INFORMATION MANAGEMENT PANEL (IMP/1) Montreal, Canada January, 25 30, 2015
International Civil Aviation Organization WORKING PAPER 15/01/2015 rev. 0 FIRST INFORMATION MANAGEMENT PANEL (IMP/1) Montreal, Canada January, 25 30, 2015 Agenda Item 5: Review and elaborate on concepts,
More informationHead of Business Strategy
Empower Limited Job Description empower.co.tz info@empower.co.tz +255 758 778 886 9th Floor Tanzanite Park, Victoria, Dar es Salaam, Tanzania Roles and Responsibilities Head of Business Strategy Strategic
More informationIAF Mandatory Document. for the Audit and Certification of a Management System Operated by a Multi-Site Organization (IAF MD 1:2018)
IAF Mandatory Document IAF Mandatory Document for the Audit and Certification of a Management System Operated by a Multi-Site Organization Issue 2 (IAF MD 1:2018) Issued: 29 January 2018 Application Date:
More information