Patterns of software quality management in TickIT certified firms

Abstract

This study is a type of practice research known as repertoire building. Its aim is to identify patterns in the way software companies approach quality management in pursuit of ISO certification. This study examines eight UK software companies, all of which were early users of TickIT guidance for gaining ISO certification. It uses a research method which combines multiple, embedded case studies with grounded theory in order to identify patterns in the ways in which these companies perform software quality management. The study finds that each company has adopted either a policing, an advisory, or a hybrid approach towards software quality management. A company's attitudes towards both internal and external auditing characterise these approaches. The approach selected by a company affects the structure and the tasks of its quality department. These approaches reflect senior management's reasons for seeking TickIT certification. Once a company adopts an approach, it is unlikely to change unless there is new management. The study concludes that the TickIT guidance provides a suitable baseline for software quality control. This requires a company to attain Level 2 in the Capability Maturity Model. However, once a company obtains certification, TickIT does not encourage further improvement in its processes. As a result, most companies focus on product quality and largely ignore process quality. In fact it appears that none of these approaches include an adequate mechanism for software quality improvement. Hence, the failure to address process innovation in the TickIT guidelines may explain why it was difficult to distinguish among the effectiveness of these three approaches.