Monitoring and measuring resources - Example of how section ISO 9001 7.1.5 would apply to a manufacture of software

dsantos24

Starting to get Involved
Can anyone provide me with an example of how section 9001 7.1.5 would apply to a manufacture of software?
 

Tagin

Trusted Information Resource
If you are developing software, then you are potentially using monitoring and measuring in 1) development, and 2) in delivering the product.

Taking a strict look at it....

In development, you might be using software tools to monitor/measure code performance, memory usage, proper handshaking, etc. that are used to ensure the product meets specs. Those tools should be identified (including revisions).

In delivery of your software, how do you verify that what you are delivering is correct? E.g., that it has not become corrupted or infested with malware? Suppose you deliver by website that a customer downloads from. Maybe you have some software tool (realtime or scheduled) that monitors the digital signature, the hash of the code, etc. to verify it hasn't been tampered with or corrupted. That tool should be documented.

You would want to also document where you store those tools (e.g., where are the master copies maintained?, who has permissions to modify them? how are they backed up?, are their hashes checked periodically? how are revision updates handled?, etc.) for 7.1.5.1b.

Traceability probably wouldn't apply unless there is a regulatory or customer requirement, in my opinion.
 

dsantos24

Starting to get Involved
Sidney - yes development of Software
Tagin - We are required to send the software to an outside lab for agency testing prior to customer delivery.

thanks
 
Top Bottom