Checklist for Audits of the Framework of a Quality Management System
This document contains questions for systematically reviewing the framework of the project's quality management system.
- Have the policy and the objectives for and the commitment to quality been determined and documented by the (senior) management?
- Is ist assured that this policy is understood, implemented, and maintained at all levels in the organization?
- Have the responsibilities, authorities and interrelations of all personnel who manage, perform and verify work affecting quality of the software product and the development process been defined?
Who has responsibility and authority to:
- set up processes to prevent errors?
- identify and record any product quality problems?
- make sure solutions are provided and implemented?
- control further processing until problem is resolved?
- Have all verification requirements been identified?
- Is it assured that adequate resources are provided and trained personnel is assigned for verification activities?
- Do the verification activities include inspection, test and monitoring of the design, production, installation and servicing processes and/or product?
- Are design reviews and audits of the quality system, processes and/or product been carried out by personnel independent of those having direct responsibility for the work being performed?
- Have you planned for regular joint reviews involving the purchaser to cover the following aspects, as appropriate:
- conformance of the software to the purchaser's agreed specification?
- verification results?
- acceptance test results?
- Are the results of such reviews agreed and documented?
- Does the purchaser corporate with the software project to provide all necessary information and to resolve pending terms?
- Has the purchaser assigned a representative with the authority to
- define the purchaser's requirements on the software product,
- answer questions,
- conclude agreements,
- define acceptance criteria and procedures?
- Have you (or your business division) established a documented quality management system?
- Do you ensure the effective implementation of the quality system? Do you ensure that the quality management system is an integrated process throughout the entire life cycle?
- Do you emphasize quality problem prevention rather than depending on correction after occurrence?
- Has a quality plan been documented to implement quality activities for each software development project on the basis of the quality system?
- Have you implemented any procedures for:
- investigating the cause for incorrect software results and
- corrective action needed to prevent recurrence?
- analysing all processes, activities, and quality records and customer complaints to detect and eliminate potential causes of incorrect results?
- applying controls to ensure that corrective actions are taken and that they are effective?
- implementing and recording changes in procedures resulting from corrective actions?
- Do you and the (senior) management regularly ascertain and document the development progress of your software project?
Internal Quality Audits
- Does the (senior) management periodically review the quality management system in respect of its suitability and effectiveness?
- Do you at least once annually perform systematically planned and documented quality audits to verify the compliance of quality activities and to determine the effectiveness of the quality management system?
- Have you planned for audits in your project schedule?
- Do you take corrective actions on the deficiencies found by the quality audit?
IEEE 1991, IEEE Standard for Developing Software Life Cycle Processes. IEEE Std. 1074-1991, IEEE Standards Collection Software Engineering. IEEE 1993 Edition, New York 1993.