International Standards and Information Systems Quality Management - Literature review Example

?International Standards and Information Systems Quality Management Quality Management System Quality has been defined by various experts from different aspects and has been assigned different meanings to this term. Juran defined quality as customer satisfaction or fitness for use, while Crossby defined quality as conformance to specifications. Taguchi defined quality as loss to society while Deming defined quality as predictable degree of uniformity (Chua et al., 2007). ISO 9000 : 2005 (E) defined quality as degree to which a set of inherent characteristics fulfills requirements (Peach, 2003). Similarly, a quality system is defined as interaction of organizational processes and resources to implement a quality management system (Hoyle, 2009). Quality Management System is defined as a “set of coordinated activities to direct and control an organization in order to continually improve effectiveness and efficiency of its performance.” These activities are well integrated and synchronized that the understanding of one would not lead to understanding of the entire system as a whole (Gitlow, 2001). The basic purpose is not to detect the defective products after production rather than focusing in producing quality products free of any defects. Implementation of an effective quality management system would benefit an organization whether in manufacturing, service industry or public sector. These companies generally employ some information system to communicate within the organization and to supplier and customers external to the organization. The underlying concept is customer, supplier and the organization working together for their mutual interest. To implement said concept, efforts are required to integrate and strengthen interfaces not only between immediate customers and suppliers but also beyond that are linked to any organization. An efficient and effective quality management system would help in building customer’s confidence on organization’s ability to produce quality products and services, and deliver desired objectives while meeting their wants, needs and expectations. In similar way, quality management system enables an organization to achieve its objectives defined in its policy and strategy with minimum and effective utilization of resources at an optimum cost. Quality management system interfaces all activities of the organization in a coordinated manner starting from identification of customer requirements to meeting customer’s satisfaction at every step of the process. It can be compared to a wedge that ensures consistency of gains along the quality journey by preventing good practices from sliding back as shown below (Business Balls, 2008). An effective quality management system would improve process control, reduce waste, decrease costs, increase market share and help to meet customer’s expectations. Quality and Evaluation of Information Systems Evaluation of information systems is a crucial subject for the researchers and practitioners aiming for improvements in the processes of designing and developing the information systems (Checkland & Holwell, 1998). The evaluation of an information system is generally conducted from different aspects like performance, usability, functionality, cost benefit ratio, acceptability, reliability and efficiency. While designing a new information system or endeavoring to make it better than the existing system especially when the expectations are not specified, it is appropriate to compare the current information system with the existing or intended system as a bench mark. Efficiency of an information system can be measured in operational terms by identifying the areas requiring improvements (Avison & Fitzgerald, 2003). In addition, an information system designer needs to know the objectives and goals of the system and a customer would like to know if the information system fulfills all the intended objectives (Liew, 2007). One such way to evaluate and compare an efficiency of an information system would be through passing through a check list based on a set of measurable operational criteria as defined by a standard that is internationally accepted and is in form of a compendium describing good practices (Gupta, 2011). There are several international standards that encompass the subject area domain; however, most relevant of these that are concerned with quality management system and software development / designing and are developed by International Standards Organization and similar Standard Bodies. Indeed, there would be other quality related ISO standards, but these would be peripheral having less implication with regard to information systems (Horsch, 2003). Standards are developed by national and international bodies that are free of governmental influence expect for registration of the institution and for financial assistance. In UK, British Standards Institution is the national standard body with a royal charter to set standards and receives annual financial assistance from Department for Business Innovation and Skills for its activities. This national body collaborates and coordinates with other national bodies like those for Germany (DIN), France (AFNOR), US (ANSI) and Japan (JISC). Above the national level, these bodies participate with International Standards Organization (ISO) for development of standards at international level. The national bodies submit their standards to ISO for endorsement of their standards as international by ISO. Forexample, British Standard BS 5750 forQuality Systems developed into ISO 9001, British Standard BS 7799 for Information Security formed ISO/IEC 17799 that later became ISO/IEC 27002 Standard, and British Standard BS 15000 forIT service management was translated into ISO/IEC 20000 Standard. According to LeGSB (2005), a standard can be described as an agreed-upon convention, specification, or way of doing things. A standard is, in fact, codification of knowledge into documented form that facilitate to convert the implicit knowledge into its more explicit form(Nonaka & Hirotaka, 1995).Hedlund (1994) is of the view that forming a Standards is an endeavor to cope with the challenge of effectively utilizing the implicit non-verbalized or even unarticulated knowledge. Standards are agreed upon and approved under some simplified accepted process. A standard before its adoption always complies with the implementation Guidelines issued that helps to convert the explicit knowledge back to implicit or tacit knowledge. International Standards on Information Systems There are six international standards that are related to evaluation of information systems, information technology and integrated systems. It is important to see how these international standards provide guidelines for conducting the evaluation of information systems from user’s perspective, technology and the lifecycle of the system. These standards provide common technical language that enables practitioners to develop, acquire, and evaluate information systems capable of communicating internal and external to the organization while ensuring desired quality of the end product. These six standards are ISO 9000 : 2008 ISO/IEC 9126 ISO/IEC 25000 Series ISO 9241 ISO 18529 ISO 9000 Standard provides information on terms and fundamentals, and management of quality. The standard is not specific to information systems but is general in nature as there are numerous terms that are directly transferable to information systems. This standard deals with designing and implementation of quality management system and related terminologies in any organization. The studies conducted by Taormina (1996), Sun (1999), and Quazi and Padibjo (1998), Elmuti and Kathawala (1997) maintained that gaining ISO Certification on Quality and adopting other related ISO standards help an organization to benefit from formalized and standardized processes and procedures, higher quality of product, reduced errors, reduction in rework and positive impact on corporate culture. In ISO 9126-1 (ISO 9126-1, 2003), a quality model was described to assure quality of software products with more focus on maintainability and functionality. External quality metrics were given in ISO 9126-2 (ISO 9126-2, 2004) which helped to develop understanding how a software is likely to behave when put to practical use. In the same context, internal quality metrics are described in ISO 9126-3 (ISO 9126-3, 2004) that how a software under study is likely to behave. ISO 9126-4 (ISO 9126-4, 2004) explained the use of metrics and models for a quality software work. ISO 25000 : 2005 (Software Product Quality Requirements and Evaluation – SquaRE) mainly consists of two parts which describe different aspects of quality and software development. ISO 25010, released in 2011, superseded much of guidelines in ISO/IEC 9126, which mainly consisted of four parts. In contrast to ISO 9126’s six product quality characteristics, ISO 25000 emphasized on eight characteristics and 31 sub-characteristics. ISO 25000 mainly focuses on terminologies and definitions related to software quality, quality model, individual division guides and standards for requirements, software specifications, planning, measuring and evaluation of the software and related interactive systems. ISO/IEC 25010 : 2011 provides information on quality model for a particular product in use in a particular context. It also contains a product quality model including eight characteristics related to both static and dynamic properties of software and hardware. A model of data quality is given in ISO/IEC 25012 that helps to identify software and system requirements, design and testing objectives, quality control and quality assurance criteria for the system and acceptance criteria. Guidelines for measurement reference model and quality characteristics are defined in ISO/IEC 25020 : 2007. This standard also discusses criteria for selecting software quality, measuring reliability, and documentation for quality measures. ISO/IEC 25030 : 2007 explains specification requirements for software quality for both buyers and suppliers. It includes specifications, planning, development and evaluation for objective assessment of software product quality. ISO/IEC 25040:2011 elaborates requirements for the evaluation of software product quality. It also describes the relationship between the reference model and SQuaRE during the evaluation process. This standard is appropriate for developers, buyers and evaluators, for which approaches are explained in ISO/IEC 14598. Framework for software quality requirements and its evaluation is explained in ISO/IEC 25045 : 2010. It is applicable to information systems supporting single or multiple users. Besides, quality requirements for off the shelf software product are given in ISO/IEC 25051 : 2005. Requirements for human centered principles for design and development of computer based interactive systems are elaborated in ISO 9241. It is mainly focused on activities and processes employed by the design process managers and help to improve the human system interaction throughout the lifecycle of the product. In addition, this standard provides information on requirements for forms and related entries to be used in design and evaluation. This standard provides guidance on design interfaces of the forms, independent of their modality i.e., visual, spatial or vocal during the entire design and development process and procurement process. However, this standard does not cover hardware aspects and requirements for the forms. The designing, use and evaluation of a system’s lifecycle is given in ISO 18529 standard where the other standards discussed designing, use and evaluation of software, hardware and related systems. Below is the table that summarizes the scope of these international standards Standard Focus Stakeholder Lifecycle Phase ISO 9000 Quality Management Everybody from customer to supplier and the producer Entire lifecycle of the product ISO 25000 Series Software People involved in Design, Development, Evaluation and Buying Design, Development, Evaluation and Buying, maintenance, auditing and assuring quality ISO 9241 Both Software and hardware forming an interactive system People involved in Design, Development, Evaluation and Buying evaluator, acquirer Design, Development, Evaluation, Buying during the entire lifecycle of the product ISO 18529 Life-cycle processesfor interactive systems People involved in Design, Use, and Evaluation of Lifecycle processes. Design, Use, and Evaluation of Lifecycle processes Framework for International Standards on Information Quality Management Based on the review of the standards studied above, it was deemed essential to propose a framework listing processes for utilization of above discussed standards in effective implementation of the quality management system in information system organizations. This frame work is proposed in line with guidelines suggested by Margescu (2008). Processes Standards Identify and establish requirements for the quality management of information system ISO 9000 ISO 9241 ISO 18529 Identify the area for establishing quality in product lifecycle development ISO 9000 ISO/IEC 25040:2011 ISO 9241 ISO 9241-210:2010 ISO 18529 Scope of information system ISO/IEC 25000 Identify characteristics and sub-characteristics of quality attributes ISO/IEC 25000 Identify or create metrics to measure system quality attributes and relative importance of each ISO/IEC 25000 Conducting Process design ISO 9000 ISO/IEC 25000 Planning inspection of design / product ISO 9000 ISO/IEC 25000 Pre testing of design or process ISO/IEC 25051:2005 Carry out process measurement and control ISO 9000 ISO/IEC 25045:2010 Quality improvement Guidelines ISO 9000 ISO/IEC 25012:2008 ISO/IEC 25030:2007 Benefits of Adopting ISO Standards Benefits of adopting ISO standards for quality are both internal and external to the organization (ISO, 2013). First of all, documentation processes and procedures are formalized if not earlier held and are standardized in the company. This, in turn, increases efficiency of the production processes and reduces wastes and reworks, thus saving costs to the company. Adopting these standards help to change the mindset of company employees and managers making them more aware of quality and quality of management. This provides company a competitive edge in market place. Also morale of employees improves. Involving employees in quality processes makes them more acceptable to responsibility for quality. Further, cooperation and communication improves as a result of standardized and improved documentation processes. This, in turn, results in greater coordination, less down time and increased inter departmental efficiency. Finally, better quality means few defects, less rework and scrap resulting in lower production costs. This increases the organizational efficiency towards the productivity. In terms of external benefits, adopting to ISO standards provides customer with assurance of quality product and perception of efficient organization. This results in increased customer satisfaction and trust. In addition, requirements for customer audits reduces since the company adopting the ISO standards usually attains the ISO certification. As a result, there may be no need to conduct an audit of company every time prior to establishing the business contracts. This results in major cost savings for both the manufacturer and the customer. Finally, companies adopting the ISO standards gain more access to market, allowing them to respond to market demands, thus increasing their market share. Being the first to access a market results in greater opportunities and higher profits for the company. From the perspective of information systems organization, adopting to ISO standards would enable a company to devise and standardize processes for developing new software. Project management clause of ISO 9000 would allow producers to adopt a project management methodology to the software development process in parallel with routine functions of organization. Also standardization would help to finalize and manage varied stakeholders demands in any software development project. Similarly, ISO 25000 Series provides guidelines in design, development, lifecycle, evaluation and buying, maintenance, auditing and quality assurance of the software. In addition, aspects of information systems encompassing interactive systems for communication and data transfer within and outside the company are standardized. Conclusion High quality of software is critical for use of information technology in any organization specially those employing information systems across the entire organizational network. Largely, research has mainly been focused on technical aspects of the software development rather than organizational aspects (Tsim et al., 2002). One key is the implementation of the international standards that allow assurance of quality management of information systems in the organization. The review of the international standards on quality management and information systems suggest that these standards complement each other (Wilkinson & Dale, 2002). ISO 9000 QMS mainly focuses on establishing quality management system in any given context. ISO 9126 and ISO/IEC 25040:2011 emphasize on software products while others focus on hardware and software parts forming whole of an interactive system. Similarly, ISO 25010 also discusses software part but much of its contents are relevant to quality of entire interactive system. Responsibilities of stakeholders in all the phases of software product lifecycle development including maintenance after product release are elaborated in ISO 9126 and ISO/IEC 25012, while other standards do not consider maintenance aspects of the software product. Also ISO 18529 takes into consideration not only software, hardware or interactive system but also modelling of processes for lifecycle development. Besides differences in the scope of these international standards, other differences include the role these standards play in establishment and implementation of quality management system. In this context, ISO 9000 QMS provides general but detailed guidelines for establishing quality management system in any company’s information system. In addition, ISO 14598 provides extensive guidelines on processes and activities for proceeding with quality evaluation of varied aspects of information systems that are related to technology, users and systems. Whereas, ISO/IEC 9126 provides detailed quality model on six characteristics to address evaluation of software product from perspectives of systems, technology and users. This standard has now been superseded by ISO 25000, released in 2011, that provides quality model based on eight characteristics and 31 sub characteristics. Processes and requirements for evaluation of interactive systems are elaborated in ISO 9241. Involvement of users in lifecycle development of a product is discussed in ISO 18529 and ISO 9241. References Avison, E. and Fitzgerald, G. (2003) Information Systems Development: Methodologies, Techniques and Tools. 3rd ed. London: Mc-Graw Hill. Business Balls (2008) Quality Management Systems. [online] Available at: http://www.businessballs.com/dtiresources/quality_management_systems_QMS.pdf [Accessed: 15 Jan 2013]. Checkland, P. and Holwell, S. (1998) Information Systems and Managing Fields. New Jersey: John Willey & Sons. Chua, H. et al. (2007) Juran’s Quality Planning and Analysis for Enterprise Quality. New York: Mc-Graw Hills. Elmuti, D. (1997) An Investigation into The Effects of ISO 9000 on Participants’ Attitudes And Job Performance. Production and Inventory Management Journal, 38 (2). Gitlow, H. (2001) Quality Management Systems: A Practical Guide. Florida: St. Lucie Press. Gupta, H. (2011) Management Information System. New Delhi: International Book House. Hedlund, G. (1994) A Model of Knowledge Management and The N-Form Corporation. Strategic Management Journal, 15. Horsch, J. (2003) Practical Guide to Software Quality Management. Massachusett: Artech House. Hoyle, D. (2009) ISO 9000 Quality Systems Handbook. Burlington: Butterworth-Heinemann. ISO (n.d.) The Benefits of International Standards - ISO. [online] Available at: http://www.iso.org/iso/home/standards/benefitsofstandards.htm [Accessed: 30 Jan 2013]. LeGSB (2005) LeGSB - Home page. [online] Available at: http://www.legsb.gov.uk/ [Accessed: 15 Jan 2013]. Liew, A. (2007) Understanding Data, Information, Knowledge and Their Inter-relationships. Journal of Knowledge Management Practice, 8 (2). Marghescu, D. (2008) Usability Evaluation of Information Systems: A Review of Five International Standards. Heidleberg: Springer-Verlag. Nonaka, I. and Hirotaka, T. (1995) The Knowledge-Creating Company: How Japanese Companies Create the Dynamics of Innovation. New York: Oxford University Press. Peach, R. (2003) The ISO Handbook. 4th ed. New York: Mc-Graw Hills. Quazi, A. and Padibjo, R. (1998) A Journey Toward Total Quality Management Through ISO 9000 Certification — A Study On Small And Medium Sized Enterprises In Singapore. International Journal of Quality and Reliability Management, 15 (5). Sun, H. (1999) Diffusion And Contribution of Total Quality Management: An Empirical Study in Norway. Total Quality Management, 10 (6). Taormina, T. (1996) Virtual Leadership and the ISO 9000 Imperative. New Jersey: Prentice Hall. Tsim, C. et al. (2002) An adaptation to ISO 9001: 2000 For Certified Organisations. Managerial Auditing Journal, 17 (5). Wilkinson, G. and Dale, G. (2002) An Examination of The ISO 9001: 2000 Standard and Its Influence on The Integration of Management Systems. Production Planning and Control, 13 (3). International Standards Organization, ISO 9000 : 2008 Quality Management Systems, TC 176/SC 02, International Standards Organization, Geneva. International Standards Organization, ISO/IEC 9126 Software Engineering, JTC 1/SC 7, International Standards Organization, Geneva. International Standards Organization, ISO/IEC 25000 Series Software Product Quality and Requirement Evaluation, JTC 1/SC 7, International Standards Organization, Geneva. International Standards Organization, ISO/IEC 9241 Ergonomics of Human System Interaction, TC 159/SC 4, International Standards Organization, Geneva. International Standards Organization, ISO/IEC 18529 Ergonomics of human-system interaction - Human-centered lifecycle process descriptions, TC 159/SC 4, International Standards Organization, Geneva. Read More