Subjective Questions

Give three examples from IT organization where Pareto analysis of 80:20 holds good. 1. Defect Analysis 2. Failures found in production 3. Cycle/Delivery Time reduction 4. Employee Satisfaction/Dissatisfaction 5. Customer Satisfaction/Dissatisfaction 6. Help Desk problems The process for using Pareto charts is described in the following steps: 1. Define the problem clearly using any of the tools from Quality Toolbox (e.g., Use brainstorming, affinity diagrams, or cause-and-effect diagrams) 2. Collect a sufficient sample size of data over the specified time, or use historical data, if available 3. Sort the data in descending order by occurrence or frequency of causes characteristics 4. Construct the Pareto Chart and draw bars to correspond to the sorted data in descending order, where the x axis is the problem category and the y axis is frequency 5. Determine the vital few causes on which to focus improvement efforts 6. Compare and select major causes, repeating the process until the problems root causes are reached sufficiently to resolve the problem 2. List down some Standard Helpdesk problem. 1. Terminal kbd locked 2. Terminal 123x is hung 3. Terminal shows no cursor on the screen 4. Unable to start session

5. Unable to print from E-mail 6. Terminal 324x cant access menu 7. Model X printer not printing 8. System logs user off 9. Unable to print reports 10. Terminal 789x unable to logon 11. Transactions abending 12. System drops session 13. Unable to get out of application 14. System accepts invalid data 15. Unable to connect with host 16. Users cannot catalog 17. Cannot log on to e-mail 18. Users hung in application 19. User unable to access printer 20. System sends error xxx 21. Not able to logon to the system 22. Printer not working 23. Email server Down 24. Hung system (Machine not responding) 25. Keyboard/Mouse not working 3. You have been asked by a systems development project leader for your help in developing a test plan. The project leader wants to know what should be included in a test plan. He has asked you to develop a brief table of contents for a test plan. What would you include in that table of contents and why? Test Plan Template, according IEEE 829 standards 1. Test Plan Identifier 2. References 3. Introduction 4. Test Items

5. Software Risk Issues 6. Features to be Tested 7. Features not to be Tested 8. Approach 9. Item Pass/Fail Criteria 10. Suspension Criteria and Resumption Requirements 11. Test Deliverables 12. Remaining Test Tasks 13. Environmental Needs 14. Staffing and Training Needs 15. Responsibilities 16. Schedule 17. Planning Risks and Contingencies 18. Approvals 19. Glossary 4. What are the steps that you would follow while doing Regression testing? Or The code has been given for regression testing. Write the process to be followed. In simple, 1. Identify the areas that are not changed 2. Select the type of regression testing that needs to be done i.e unit regression, regional or full regression 3. Determine if regression testing would be done with downstream applications 4. Check the availability of budget, resource, time 5. Select the testcases 6. Use a tool to expedite regression testing (if available) 7. Execute the testcases 8. In case any defects are observed, close it asap.

Risk-based Test Case Selection for regression testing Risk-based Test Selection approach has four main steps. Step 1: Estimate the cost for each test case: Cost is categorized on a one to five scale, where one is low and five is high. Two kinds of costs will be taken into consideration: 1) The consequences of a fault as seen by the customer, for example, losing market share because of faults, 2) The consequences of a fault as seen by the vendor, for example, high software maintenance costs because of faults. Step 2: Derive severity probability for each test case: For each test case, we compute severity probability depending on the number of defects and the severity of defects. Severity probability falls into a zero to five scale, where zero is low and five is high. Step 3: Calculate Risk Exposure for each test case: Risk Exposure is the multiplication of Cost and severity probability. To enhance or focus the results, we can also add weights to test cases that we need to give preference to. Step 4: Select test cases that have the highest values of Risk Exposure as Safety Tests (Safety Tests check that serious failures do not occur). Risk-based Test Scenario Selection Since end-to-end scenarios involve many components of the system working together, they are highly effective at finding regression faults. Our selection strategy obeys two rules: R1: Select scenarios to cover the most critical test cases. R2: Ensure scenarios cover as many test cases as possible. Based on a traceability matrix showing the relation between end-to-end test scenarios and test cases, our risk-based test scenario selection approach also has four main steps. Step 1: Calculate Risk Exposure REs for each scenario:

Using the traceability matrix, we can simply calculate the Risk Exposure for each scenario by summing up the Risk Exposure for all test cases that this scenario covers. Step 2: Select the scenario with highest REs Step 3: Update the traceability matrix (remove selected scenarios and covered test cases, and re-calculate REs): When running the chosen scenario, all test cases covered by the scenario will be executed. According to our selection rules, these test cases should not affect our selection any more. We should focus on those test cases that have not yet been executed. In our approach, we cross out the column for the chosen scenario, and rows for all the test cases covered by the scenario. All of this is easily automated. Step 4: Repeat Steps 2 and 3 as desired. 5. What are the phases involved in SDLC? What, when, where and why do QA and Testers play a role in these phases. First point refers to Tester role & second - QA Initiation . Provide input for estimating testing efforts QA-Kickoff meeting participation; Giving Process training to the team; Definition Review of functional requirement document Design test strategy QA-Req Review; Project Plan Review; Giving Tailoring Guidance System Design Review of system design doc, interface agreement doc etc QA-Design Review Programming & Training Test plan/specification preparation Preparation of Test Data Preparation of Test environment QA-Test Plan Review; Oversee Code reviews; Ensure proper collection of review data & other metrics

 Evaluation & Acceptance Perform various validation activities like integration testing, system testing Test manager: oversees acceptance testing Tracking defects QA-Oversee integration & system testing according to the standard processes Installation & Operation o Ensure properly tested code is shifted to production QA-Ensuring Formal project closure & project data is submitted to Organizations Process Database Role of QA other than those in SDLC(in general):
y y y y y y

Developing policies, procedures and standards Acquiring and implementing tools and methodologies Marketing creating awareness of quality programs and concepts Measuring quality Defining, recording, summarizing and presenting analyses Performing process analysis (statistical process control)

11. What are the responsibilities of the following participants in Effective Quality Management? IT Management Quality Control Dept QA Dept It is important to understand Qlty Mgt before listing down & differentiating the responsibilities of different roles. Quality management: a philosophy and a set of guiding principles that represent the foundation of a continuously improving organization. the application of quantitative methods and human resources to improve the products and services supplied to an organization, all processes within an organization, and the degree to which the current and future needs of the

customer are met. integrates fundamental management techniques, existing improvement efforts, and technical tools under a disciplined approach focused on continuous improvement. It is a culture change. IT Mgmt IT management involved in a corporate quality management program should undertake the following four actions in an effort to rethink and assign their quality responsibilities: 1. Determine what new, changed, and continued quality responsibilities will be assigned to the IT group as a result of the corporate quality program. 2. Evaluate the capability of the IT group to deploy quality initiatives within and outside the group. Define the skills, commitment, and quality approaches currently available to line management. 3. Determine the value added by utilizing IT QA analysts to support corporate quality management initiatives. 4. Develop a plan to assimilate and leverage the current function into the quality support activity needed to support both the corporate quality management program and IT quality responsibilities. More clearly : Understand the concept of quality management, which includes understanding the degree to which the current and future needs of the customer (internal as well as external) are met Executive management's commitment to quality should be expressed in writing to all employees in the form of a quality policy. Adopt behaviors required to show commitment Accept the need to change to participative leadership Lead in the development of a quality management implementation plan Lead the formation of the implementation organization Lead the planning for process improvement teams Provide funds for training

 Provide time for training and meetings Identify quality standards and measures Publicize and reward results Monitor and measure progress Provide personnel and other resources QC To identify the most logical points in the process to add controls. To determine whether the product conforms to a standard or procedure i.e., compliance checks Create the Software V&V Plan Conduct Management Review of V&V Support Management and Technical Reviews Interface with Organizational and Supporting Processes Creation of V&V Report Software Change Control/Configuration Control (if CCB is a overseen by QC dept) Defect Management - Usage of checklist, standards for defect identification and removal. Defect measurement & deposit QA Set up Quality Improvement Team, Measurement team and awareness Team Crosby Help define and implement the scope, validity, use, and management of the data and information that underlie the corporations corporate quality management system Developing the companys base of data and information used for planning and day-to-day management. Evaluation of how quality and data and information reliability, timeliness, and access are assured. Developing the companys approach to selecting quality-related competitive

comparisons and world-class benchmarks to support quality planning, evaluation, and improvement. Determining how data and information are analyzed to support the companys overall quality objectives. Improve standards by involving employees Deming and TQM Institute modern aids to training, Institute training program to retrain and on statistical methods Defect Prevention 12. All processes and standards have been followed in the lifecycle of a particular project, yet the project is consistently behind schedule, is over budget and the customer is unhappy. State briefly what you think are reasons behind this and who's responsible. or You are the QA Manager. There are well-defined standards, process, procedures etc., in place. Your development team strictly followed and produced the product. But the customer is dissatisfied, as the product was delivered very late, (Schedule overrun) and over-budget. Also the customer was not happy with the functioning. What would you do now? Considering all these main considerations we cannot do much about the schedule overrun and the cost incurred through that. Therefore the only way to gain customer satisfaction back is to concentrate and solve the Customer dissatisfaction issue. In a situation like this the best way to go about this would to be 1. Get on your customers wavelength- By reacting positively to their concern, getting to the same wavelength and give undivided attention to the current issue 2. Get the facts-Ask questions, record conversations, Listen carefully, obtain feelings and concerns 3. Establish and initiate an action program Even if the requirements are not valid issues we still need to take consideration of the pressing issue and provide a solution for this.

4. Can negotiate a satisfactory resolution with the customer by suggesting a resolution and getting the agreement and implement the resolution with customer consent. 5. If required there could be sessions (JAD Sessions) where the customer and the development team could meet up and discuss any discrepancies. 6. Follow up with the customer to validate whether they are satisfied with the new solution being implemented Possible reasons could be:
y y y

Estimation of the efforts is not proper (Over Budget) Project Manager Project Plan is not properly developed -Project Manager Project Tracking is not proper - Project Manager is responsible for schedule slippage and Effort over run Change Control Process need to be looked into Configuration Controller Processes may need to be revisited and changed QA is responsible Look at standards for improvement Project Manager - Deming Lack of emphasis on measurement No Defect Prevention Project Manager Defect Elimination is not done properly Project Manager Failure to determine the cost associated with defects Project Manager Failure to initiate programs to Manage defects Project Manager Most economical means for identifying defects unknown Managements unwillingness to accept full responsibility for all defects Deming and Crosby principle Inability to follow V-Testing to capture defects earlier in the lifecycle

y y y y y y y y y y

13. Your operational dept encounters production defect at the rate of 3 defects per 1000 lines of code. During a vendor meet you come across another company XYZ that is of the same size of yours and in the same industry. This companys production defect is 2 defects per 1000 lines of code. Can you conclude that the XYZ operation dept is better that yours. Can you use this for benchmarking? Explain. OR

If two organisations with same standards, one having 10 defects per 1000 KLOC and the other one having 12 defects per 1000 KLOC can be compared? Yes or No? Explain. Here, a decision cant be taken on a pure objective basis as there are many other factors that need to be considered while comparing the two defect densities. 1. Firstly, it should be made sure that the two defect densities to be compared are normalized on common factors. 2. Usually defect density normalization with respect to function points are preferred over KLOC. For example, while considering language differences, the fact that Visual Basic doesn't readily lend itself to LOC counts makes Function Point sizing the more appropriate common base across all three projects. 3. In some cases, the modules in which few faults are discovered during testing may simply not have been tested properly. Those modules which reveal large numbers of faults during testing may genuinely be very well tested in the sense that all the faults really are 'tested out of them'. The key missing explanatory data in this case is, of course, testing effort. 4. Another hypothesis is the popular software engineering assumption that small modules are likely to be (proportionally) less failure prone. In other words small modules have a lower defect density. In fact, empirical studies summarised in [Hatton 1997] suggest the opposite effect: that large modules have a lower fault density than small ones. 5. It is recommended that more complete models that enable to augment the empirical observations with other explanatory factors, most notably, testing effort and operational usage. If you do not test or use a module you will not observe faults or failures associated with it for which operational usage has to be considered. 6. Some of other factors that need to be considered include y y y

Complexity of the project Language Process capability

y y y

History of defects Defect severity Common causes

14. Who is responsible for keeping track of changes in the software? Who has the authority to change? How do you ensure that change control is properly carried out? SCM Steps 1. Management of the SCM Process 2. Software Configuration Identification 3. Software Configuration Control 4. Software Configuration Status Accounting 5. Software Configuration Auditing 6. Software Release Management and Delivery Software Who is responsible?
y y

Configuration Controller is responsible for keeping track of changes. Changes to the code is normally controlled by the usage of configuration tools like Visual Source Safe, Ellips, Changeman Concurrent Versioning System (CVS)

Who authorizes changes?

y

If the change is major, it should be approved by Systems Planning steering committess/SCCB (Software Configuration Control Board). For a minor change, IT manager or Senior person in User department can approve it. However, all the changes should be in written format.

How to ensure Change Control

y

The nature of the proposed change should be explained in writing, and formally approved by a responsible individual as mentioned above.

Documenting the proposed change clears up any initial misunderstandings that may arise when only verbal requests are made. In addition, written proposals provide a history of changes in a particular system.
y y

Developers should make changes and not the operations Someone independent of the person who designed and made the change should be responsible for testing the final revised program. The results should be recorded on program change registers and sent to the IT manager for approval. Operations should accept only properly approved changes.

Finally, the documentation system should be updated with all change sheets or change registers and printouts. Perform Configuration Control Audit to ensure Change control. Usage of tool for change control for code and document

y y

15. If a defect occurs in the software product, whom do you held responsible for the defect & why?
y

Individual should not be held responsible for defects. Defect information should be used to improve the process. As imperfect or flawed processes cause most defects, processes may need to be altered to prevent defects.

The main intention of defect record should be for four major purposes:
o o o

To ensure the defect is corrected To report status of the application To gather statistics used to develop defect expectations in future applications To improve the software development process

o y

At a minimum, the tool selected should support the recording and communication of all significant information about a defect for better analysis. For example, a defect log could include:
o o o o

Defect ID number Descriptive defect name and type Source of defect - test case or other source that found the defect Method SDLC phase of creation

o o o o o

Phases SDLC phase of detection Component or program that had the defect Defect severity Defect priority Defect status (e.g. open, fixed, closed, user error, design, and so on) - more robust tools provide a status history for the defect Date and time tracking for either the most recent status change, or for each change in the status history Detailed description, including the steps necessary to reproduce the defect Screen prints, logs, etc. that will aid the developer in resolution process Stage of origination Persons assigned to research and correct the defect

o o y y y

Finally, Identify the categories of defects, origin of defects Use statistical processes to determine the root causes of the problem Close the gap by improving the process or updating the processes, standards, checklists etc if required.

16. Security and Privacy of customer information are very important for ecommerce projects. Quality principles expect that management policies are a pre-requisite for good work process. Draft a policy for e-commerce security and privacy. Or Write a Security and Privacy policy for e-securities projects for your organization. Securityrelates to the means (process and technology) by which an entity protects the privacy of any sort of data/information. Security measures keep information secured, and decrease the means of tampering, destruction, or inappropriate access. Privacyrefers to the individuals right to keep certain information private, unless that information will be used or disclosed with his or her permission. (more

like the rights of individuals or Consent/Authorization Issues/Procedures/Processes ) Security is more related to the availability of the information and policy for that should address the same with proper checks and balances taking care of that while privacy is some thing which ensures right information to the right person. SECURITY & PRIVACY POLICY
y

XYZ Company protocols adhere to the latest standards; your information is encrypted during your e-commerce sessions with XYZ Company. We do not store credit card or purchasing card information on our web server, and do require a re-entry of the credit card number for each purchase. This is an added level of security, and helpful in laboratories or purchasing departments with multiple users of a central computer.

Security audits are conducted by third parties in order to further ensure security.

XYZ Company Online Privacy Policy This Policy relates only to our online information collection and use practices. In short, we do the following:
y

We only collect personally identifiable information that you voluntarily and knowingly provide us. We use the information that you provide us only for the purpose(s) for which you specifically provided it or for specific additional purposes for which we receive your prior consent.

We do not share any information you provide us with anyone outside of XYZ Corporation, except for suppliers who assist us in maintaining and managing the activities on our site. These suppliers are legally obligated to maintain the confidentiality of any information we provide them, including your information.

We may use a technology called cookies to enhance your experience on our site. We employ appropriate security measures to protect the loss, misuse and alteration of any information you provide us. We provide you with choice and control over the collection and use of any personally identifiable information that you provide us on-line, and a means for updating, correcting or removing this information .

Cookies Like many companies, we use a technology called cookies to enhance your experience on our site. We use cookies to store visitors preferences, record session information, such as items that consumers add to their shopping cart, record past activity at a site in order to provide better service when visitors return to our site , customize Web page content based on visitors' browser type or other information that the visitor sends. The cookies XYZ Company uses do not contain any personally identifiable information and can not profile your system or collect information from your hard drive. You are not identified by name or e-mail address, just by a unique string of numbers that we assign the first time you come to our site. Security We employ appropriate security measures to protect the loss, misuse and alteration of the information under our control. For our e-commerce activities, we employ Secure Sockets Layer (SSL) software, which encrypts information you input, as an additional security measure. However, as no on-line data transmission can be guaranteed to be totally secure, we (like all web sites) cannot warrant or guarantee 100% security of any information you transmit to us at our web site. Links To Other Sites

XYZ Company does not guarantee the content of other sites for which we provide a link. 17. Is it possible to implement too much quality control in an Organisation? Yes or No? Explain. Implementation of too much Quality Control may have certain impediments to start with1. First of all, it has to be driven top down by the management 2. Staff may not like too many QC points 3. Staff may resist/oppose this as they may feel it will hinder the faster progress of work because of more check points It is possible to do it wherein QA processes are set properly, and if the cost, resources and time are not prohibitive, and if you get the involvement of the top management, implementing too much quality control becomes easier as Philip Crosby says, "Quality is Free". But, the term TOO MUCH here may depend upon many factors which may be prevailing in the organization. In cases where there are chaos all around, where there are too many complaints frequently from the customers, no. of QUALITY CONTROL points may be increased. But as the CBOK says, one of the quality management philosophy objectives is to continually improve process capability by reducing variation and rework. With this strategy quality is built into the products rather than tested at the end. As standards and Do procedures are perfected, the need for extensive quality control is reduced. Quality control procedures are considered appraisal costs. They add to the overall cost, increase the effort required, and increase the cycle time for building products and delivering services. Where standards and Do procedures are not perfected, quality control is necessary in a process to catch defects before they affect the outcome of downstream processes. Appraisal costs are part of the Cost of Quality, which is covered in Knowledge Domain 1. The challenge is to

install the appropriate amount and types of controls to minimize cost, effort, and cycle time; and to minimize the risk that defects will go undetected and "leak" into other processes. Quality must be built-in a product and not tested in. Too much Quality Control is not required if
y y y

Standards are developed properly Processes are well defined Quality controls are installed at the logical points in the process to minimize the defects. Logical points are determined based on the following
o o o o

Risk severity Cost, effort and cycle time impact Availability of appropriate resources/people Strength of control method (Automatic, Self-Checking, Peer review, Third Party audit, Supervisory) Impact on overall culture

18. List various Cost of QualityCategories (from Hagan 1986) COQ Categories I. Prevention Costs 1. Requirements
o o o o o

1. Marketing research for customer/user quality needs 2. Customer/user quality surveys 3. Product quality risk analysis 4. Prototyping for customer review 5. User requirements/specification reviews/inspections 1. Project quality planning 2. Project process validation

2. Project
o o

o o o o o o o o

3. Quality assessment of development platform and tools 4. Platform and tools development for quality 5. Developer quality training 6. Quality metrics data collection 7. Design for quality: software component reuse 8. Formal inspections / peer reviews 9. Project configuration management 10. Supplier capability assessment 1. Salaries 2. Expenses 3. Training 4. Platform and tools 1. Salaries 2. Expenses 3. Training 4. Platform and tools 1. SQA salaries 2. SQA expenses 3. Software process and standards definition and publication 4. Metrology: data maintenance, analysis, and reporting 5. SQA program planning 6. SQA performance reporting 7. SQA education/training 8. Process improvement 9. SQA process compliance audits

3. Reuse library
o o o o

4. Configuration management administration

o o o o

5. SQA administration
o o o o o o o o o

II. Appraisal Costs 1. Supplied product testing 2. Project appraisal costs

o

1. Verification and validation activities

2. Testing: planning, platforms, setup, test data generation, test execution and logging, reporting, test data evaluation 3. Product quality audits 1. Process maturity evaluation 2. Field performance trials 3. Special product evaluations

3. External appraisals
o o o

III. Internal failure costs 1. Product design defect costs

o o o o

1. Causal analysis and reporting 2. Design corrective action 3. Rework and retest due to design corrective action 4. Work products wasted due to design changes 1. Defect analysis cost 2. Cost of obtaining product fix 3. Cost of defect work-arounds 4. Rework

2. Purchased product defect cost

o o o o

3. Implementation defect costs

y y y y y y

1. Defect measurement and reporting 2. Defect fixing 3. Causal analysis and reporting 4. Project process corrective action 5. Fix inspection 6. Retest and integration

IV. External failure costs 1. Technical support for responding to defect complaints 2. Product returned due to defect 3. Maintenance and release due to defects 4. Defect notification costs

5. Upgrade due to defect 6. Service agreement claims (warranty expense reports) 7. Liability claims (insurance and legal reports) 8. Penalties (product contract reports) 9. Costs to maintain customer/user goodwill due to dissatisfaction (sales reports) 10. Lost sales due to quality problems (field salesperson reports) 19. How will you improve the performance of your subcontractors Move towards single supplier for any one item, on a long-term relationship of loyalty and trust. To be competitive it is very important to have lower costs. We have to minimize total cost; not only the price. Remember that defective units are cost; delay in delivery is cost, excessive inventory is cost, etc. To minimize total cost long-term relationship with suppliers is really important. If you as a customer help your supplier to develop, to improve the quality, you will receive better products so you will win and your supplier too. Deming favors the practice of working with a single supplier, where feasible, to reduce variability of incoming materials, and states that this practice should be built on a long-term relationship of trust and understanding between supplier and purchaser. In this way, suppliers can produce materials that do a better job of fulfilling the needs of the organization. To maintain long-term contracts, suppliers will be more likely to improve their own processes to provide better products or services. Effective Subcontract Management and Oversight is a team effort and is critical for ensuring and/or improving subcontractor performance. To improve Subcontractors' Performance
y y

Perform daily walkdown of subcontractor work activities Perform joint performance audits with Sub Contract Coordinator and subcontractor Ensures compliance with subcontract requirements

Foster implementation of benchmarked programs

(Benchmark Contractors' and Subcontractors' Performance By comparing current performance against other contractors and the rest of the industry in all relevant areas, we can determine areas where training is needed and continuously improve business processes. We can also benchmark our subcontractor's performance across different projects and against other subcontractors and use the findings to create an effective model for predicting and preventing claims.)
y y

Review subcontractor generated data Support Sub Contract Coordinator in conducting subcontractor investigations Provides lessons learned information to subcontractor Interfaces with all Operational Managers to support Project initiatives Coach subcontractor in developing and implementing corrective actions resulting from audits and self assessments Assure subcontractor submits benchmark Program results Identify and evaluate violations Prepare notices to subcontractor Sign / approve violation notices to subcontractors Transmit notices to subcontractors Approve subcontractor corrective actions and/or provide direction Monitor close-out of quality issues Chair progress review meetings Assess subcontractor performance (monthly subcontractor scorecard)

y y y

y y y y y y y y y

20. Do You think that KLOC is a right measure for the code which your MIS has developed for Inventrory system. Though LOC metric is easy to understand and widely used, there are certain intricacies involved which can mislead with wrong interpretations especially during the important calculations of defect density and Productivity. Now a days, Function Point metrics are getting more popular because of their normalized

calculations, though it is initially difficult to understand. Both the metrics are discussed in detail here: Lines Of Code (LOC) The LOC metric is anything but simple. The major problem comes from the ambiguity of the operational definition, the actual counting. In the early days of Assembler programming, in which one physical line was the same as one instruction, LOC definition was clear. With the availability of high level languages the one to one correspondence broke down. Differences between physical lines and instruction statements (or logical lines of code) and differences among languages contribute to the huge variations in counting LOCs. Even within the same language, the methods and algorithms used by different counting tools can cause significant differences in the final counts. Several variations that are significant are Count only executable lines Count executable lines + data defns Count executable lines + data defns + comments Count executable lines + data defns + comments + job control language Count lines as physical lines on an input screen Count lines as terminated by logical delimiters When straight LOC count data is used without normalizing, size & defect rate comparisons across languages are often invalid. For productivity, the problems with LOC are more severe. A Basic problem is that the amt of LOC in a program is negatively correlated with design efficiency. Efficient design provides the functionality with lower implementation effort and fewer LOCs. In addition to the level of languages issue, LOC data do not reflect non-coding work such as the creation of requirements, specifications & user manuals. Therefore, LOC do not reflect the true productivity in this case. Function Points A Function can be defined as a collection of executable statements that perform

a certain task, together with declarations of the formal parameters and local variables manipulated by those statements. Here, if defects per unit of functions is low, then the software should have better quality even though the defects per KLOC value could be higher when the functions were implemented by fewer lines of code. However, measuring functions is theoretically promising but realistically very difficult. Here, first the Function Count (FC) has to be made using the following five components with their respective weighting factors which in turn are decided by certain guidelines and standards. The five components and their usual weighting factors according to their complexities are given below (For e.g. for the External O/P Component, if the number of data element types is 20 or more and the no. of files types referened is 2 or more -> then complexity is HIGH. iIf the number of data element types is 5 or fewer and the no. of files types referened is 2 or 3 -> then complexity is LOW): 1. External I/P: Low complexity:3, Medium cmplxity:4, High cmplxity:6, 2. External O/P: Low complexity:4, Medium cmplxity:5, High cmplxity:7, 3. Logical I/P: Low complexity:7, Medium cmplxity:10, High cmplxity:15, 4. Logical O/P: Low complexity:5, Medium cmplxity:7, High cmplxity:10, 5. External Inquiry: Low complexity:3, Medium cmplxity:4, High cmplxity:6, Then -> FC= {i=1to5[j=1to3(Wij*Xij)]} Where Wij is the weighting factors of the five components by complexity level (low, med, high) Xij are the numbers of each component in the application. The second step involves a scale from 0 to 5 to assess the impact of 14 general system characteristics in terms of their likely effect on the application. The 14 characteristics are: 1. Data communications 2. Distributed functions

3. Performance 4. Heavily used configuration 5. Transaction rate 6. Online data entry 7. Enduser efficiency 8. Online update 9. Cmplx processing 10. Resuability 11. Installation use 12. Operational use 13. Multiple sites 14. Facilitation of change The scores (ranging from 0 to 5) for these chrcs are then summed, based on the following formula, to arrive at the Value Adjustment Factor (VAF) Value Adjustment Factor (VAF) = {0.65+0.01*[i=1to14(Ci)]} Where Ci is the score for general system characteristic i. Finally, the no. of FPs are calculated by: FP = FC*VAF ----------------------------

2. As Requirement analysis plays a major role in the s/w development life cycle, list out the four key attributes of requirements & explain. Give two quality checklists for each of the attributes. Complete. The requirements document includes all of the necessary requirements information. For example, whether or not SRS includes (Checklist): 1. 2. 3. 4. all the functions and nonfunctional requirements, constraints, external interface requirements, and data requirements that must be satisfied.

Consistent. 1. Internal conflicts do not exist between requirements in the document that result in the requirements contradicting each other. 2. The requirements also do not conflict with higher-level requirements including business, user, or system-level requirements. 3. Terminology should also be used consistently within the document: y A word has the same meaning every time it is used. y Two different words are not used to mean the same thing. Modifiable. The requirements document is organized and written in a manner that will facilitate making future change: 1. Nonredundant: Each requirement is stated in only one place. 2. Changeable: Each requirement can be changed without excessive impact on other requirements. Unambiguous. 1. Each requirement statement should have only one interpretation, and each requirement should be specified in a coherent, easy-to-understand manner. For example, the author searches for words that end in ly (for example, quickly, user-friendly, automatically) because adverbs by nature are almost always ambiguous. Concise. 1. Each requirement should be stated in short, specific, action-oriented

language. Finite. 1. The requirement should not be stated in an open-ended manner. For example, words like all, every, and throughout should be avoided in requirements statements. Measurable. 1. Specific, measurable limits or values should be stated for each requirement as appropriate. Feasible. 1. The requirement can be implemented using available technologies, techniques, tools, resources, and personnel within the specified cost and schedule constraints. Testable. There exists a reasonably cost-effective way to determine that the software satisfies the requirement. Traceable. <!--[if !supportLists]-->1. <!--[endif]-->Each requirement should be traceable back to its source (for example, user-level requirements, system-level requirements, standard, and enhancement request). <!--[if !supportLists]-->2. <!--[endif]-->It should also be specified in a manner that allows traceability forward into the design, implementation, and tests.

-------------------------------------1. Give three examples from IT organization where Pareto analysis of 80:20
holds good.

<!--[if !supportLists]-->1. Defect Analysis<!--[endif]--> <!--[if !supportLists]-->2. Failures found in production<!--[endif]--> <!--[if !supportLists]-->3. Cycle/Delivery Time reduction<!--[endif]--> <!--[if !supportLists]-->4. [endif]--> Employee Satisfaction/Dissatisfaction<!--

<!--[if !supportLists]-->5. [endif]-->

Customer

Satisfaction/Dissatisfaction<!--

<!--[if !supportLists]-->6. Help Desk problems<!--[endif]--> The process for using Pareto charts is described in the following steps: <!--[if !supportLists]-->1. Define the problem clearly using any of the tools from Quality
Toolbox (e.g., Use brainstorming, affinity diagrams, or cause-and-effect diagrams)<!--[endif]--

> <!--[if !supportLists]-->1. Collect a sufficient sample size of data over the specified time, or
use historical data, if available<!--[endif]-->

<!--[if !supportLists]-->2. Sort the data in descending order by occurrence or frequency of

causes characteristics<!--[endif]-->

<!--[if !supportLists]-->3. Construct the Pareto Chart and draw bars to correspond to the
sorted data in descending order, where the x axis is the problem category and the y axis is frequency<!--[endif]-->

<!--[if !supportLists]-->4. Determine the vital few causes on which to focus improvement
efforts<!--[endif]-->

<!--[if !supportLists]-->5. Compare and select major causes, repeating the process until the
problems root causes are reached sufficiently to resolve the problem

<!--[endif]--> 2. State some differences between SEI CMM and ISO 9000 ISO 9000:2000 ISO 9001:2000 ISO 9004:2000 ISO 9000-3:2000 ISO 9001:2000 Terminology translation Top Mgt Higher leve/Sr mgt Fundas n Vocabulary Requirements Gdliens for pefformance improvements Gdliens for the application for ISO 9000:2000 to Computer SW CMMI

QMS; Qlty Manual Qlty Plan Customer; interested party Documented procedure Record Qlty mgt (very broad sense) Similarities ISO 8 Principles:-

OSSP Prj Plan; SW Development Plan; Sys Engg Plan; Data Mgt Plan Customer; Stakeholder Plan for performing the process; procedure work product; record;evidence of implementation Qlty Mgt (& Qntive mgt)

Customer focus

-GP2.7, Identify & involve Relavant stakeholder -PP SP 2.6, Plan Stakeholder involvement -RD,TS -CMMI is not as strong as ISO -GP2.1, Establish an Organizational Policy -GP2.4, Assign Responsibility -GP2.10,Review Status with Higher Mgt -OPF -GP2.3, Provide Resources -GP2.5,Train Ppl -GP2.7,Identify n involve Relavant Stakeholder -GP2.2, Plan the Process -GP3.1, Establish a efined Process -OPD,IPM -GP3.1,Establish a defined Process -Focus of entire CMMI through cap n maturity levels -GP2.8, M&C the process -PMC,MA,IPM,DAR -SAM -CMMI is less specific abt "collaboration" -CMMI is more concerned with "control"

Leadership

Invovlement of People

Process Approach System Approach Continual Improvement Factual Approach to Decision Making

Mutually Beneficial Supplier Relationships

Differences Language ISO uses 'SHALL' statements (prescriptive) CMMI doesnt More elaborated (e.g., "determine and provide resources" is implemented in CMMI with GP2.2 & GP2.3 in all Pas)

Compactness of stts in ISO e.g., Details ISO is very sparse Guidance ISO hasn't provided detailed imppln guidance Process Improvement ISO 9004:2000 provides very igh level guidance for prc improvement Institutionalization ISO requires orgns to estblish QMS but doesn't explicitly required instituionalization -bldg strong prc infrastructure is left to the Orgn. Standard Broad direction One set of requirements to be satisfied No guidelines ofr implementation Requires interpretation for organizations with many programs Applicable for all kinds of organizations ISO 9000-3 gives the Gdliens for the application for ISO 9000:2000 to Computer SW Static in nature

CMMI provides practices,subpractices,typical work products & amplifications

CMMI has Capability levels n maturity levels

CMMI is devoted to prc improvement -Distinguished Org. n Prj level prc improvement activiteis

CMMI very strongly emphasizes institutionalization through GGs n GPs. This is a major strength of the CMMI and is critical to oveall prc imprvovment success Model Detailed Progressive steps (levels) Institutionalization & implementation guidance Accomodates organizations with many programs

Applicable only to software development organizations Evaluationary in nature and espouses continuous improvement of the software

development processes Contains 8 clauses Certification Audit is like an exam Contains 18 KPAs Final assessment is collaborative Result of assessment is a quantitative score of the maturity of the software development process Staged

Result of certification is pass fail criteria Continuous 1.

Your organization is in testing a new version of sw. A large number of defects have been unearthed in testing which may result in a delayed release. The mgt wants you to present the measures you have taken as QA mgr in the development of the software towards a quality product. You have to present to the mgt on the initiatives of your team in building quality into the sw How would you justify ur actions to the mgt.

ANS: Give them a detailed outline of the plan regarding the following questions Make a list of defects in the software unearthed during the testing Conducting a brainstorming session to find out the root causes for the defects Constructing a control chart to find solutions to the problems Make a plan of the steps involved in solving the problems as to who is responsible for what Keep them posted on the improvements made in the products Give them the test reports. Test reports include the number of defects that still exist. Prepare a detailed chart on the level of improvements made. 2. A potential customer of your organization requires a sw that can be provided only with new tools and technology and currently available in ur orgn. Your mgt has decided to accept the contact. How should the project be planned for successful completion? ANS: Reallocate the resource for the project Get a detailed requirement from the customer so that they could be measured and tested to see if the objectives are met or not. Design the product with the help of all the developers, code, test and implement in the production environment and monitor their progress to see if they are met. 3. Your orgn requires a metrics program to be implemented However the mgt focus is only one net profit. How would you impress on the need to measure cost overruns and schedule overruns? ANS: Without measures business cannot be conducted for a long time If there are no measures for cost/schedule overrun we would not be able to take appropriate measures before and hence the customer may be dissatisfied. As a consultant to an organization involved in handling large S/w projects how would you impress on the mgt on the need for structured testing? ANS: Structured testing advantages are It tests the logic of the software. Hence hidden defects could be found at earlier stages Parts of the software may be tested 4.

5. Suggest measures of effectiveness in the Checkpoint reviews in Requirement, External design, Internal Design and Program Specs phases. ANS: Requirements Check for completeness External Design Supports the requirements 6. Develop Standards on Meetings ANS: Everyone in the meeting should be given equal rights in participating in the meeting. They should be willing to share their ideas Only one can speak at a time Decisions will be arrived at a consensus in a meeting 7. Your company has quite a number of tools procured from vendors. But their implementation is poor among business users. How will you ensure that the tools procured are used as well? ANS: Training, vendors support, support activites in case of problems, after implementation monitor them 8. Your operational dept encounters production defect at the rate of 3 defects per 1000 lines of code. During a vendor meet you come across another company XYZ that is of the same size of yours and in the same industry. This companys production defect is 2 defects per 1000 lines of code. Can you conclude that the XYZ operation dept is better that yours. Can you use this for benchmarking. Explain. (7 marks) ANS: Yes it could be used for benchmarking as it is of the same size and the same industry as yours. Benchmark with them. Find out what process they use for coding. Follow the same techniques as them and try and reduce your defects. Make company visits. 9. Name three attributes of a product that you would ask the customer during a survey. For each of the attribute ask a relevant question that you would ask the customer and suggest a metric to evaluate the goal that has been set. ANS: Reliability of the product, Integrity of the product, Usability of the product 10. You as a QC person, what type of test end report will you prepare for the PL of the concerned project? What will you report and why? ANS: What are the issues that are still open A summary of the defects that were uncovered during testing (number of critical errors, minor, major) Screen shots of the defects if any available Who detected the error Who corrected the error Number of days involved in detecting the error 11. A payroll system has been developed and is to be rolled out to production. What steps will you take to ensure that defects are caught as early as possible.

ANS: Monitor the progress using logs, cpu time, memory usage during peak hours, ask the customer if this is the quality he expected 12. your manager wants to go for mbnqa. He is aware of the categories. As an IT head he wants you to determine the categories that can be calculated by you to determine whether the company can get the award. (for which categories you can calculate the points as an IT head.) ANS: 1) Get the latest criteria for qualifying for the mbnqa award 2) Compare the criteria with your organization. 3) Inform the management about the whether they qualify or not 4) If they qualify then with the managements approval apply for the award 13. You have 4 defects per FP now. You want to reduce it to 2 defects per FP. What will you do? ANS: 1)Benchmark with other organizations to see what are the best practices followed 2)Brainstorm with the team to find out the reasons for defects 3)Implement the practice and measure the progress 4) By going around the PDCA cycle and continuously improving the process you can improve Plan security or risk environment in your organizati 14. The vendor payment has not been managed properly. Due to this when the payment is postponed for a vendor it is written both in vendor to be paid and check book details. Errors due to this are 1000 per year and this resresents 1 % each wrong payment results in a loss of $1000 loss. What is the loss. SHow ur working ANS: 1000 * 1000 15. You have to make a presentation on the features of an ISO and TQM to program to your mgt What would be part of your presentation ANS: Define what ISO What are the objectives of ISO What are the different types of models available in ISO Which model is best suited for the organization Define TQM and objectives How do they benefit the organization What are the steps that need to taken to implement them 16. As Manager Q of an ISO 9001 company you have planned for a global quality award as the next milestone. How would you impress on ur mgt the plans and gain approval of your plan ANS: Find opportunities to reward the people as and when possible. Ask them what reward means to them as reward is perceived differently by different people. People dont work for money. So convince the management by Quoting some of the Quality Gurus sayings like Joseph Juran Give them proven success/ positive outcomes of rewarding people by other organization

17. Mr. Laloo P. Yadav is the new IS Manager of an investment company. His team needs to develop an online trading system within 2 months with no increase in team size. An online (buy/sell) transaction has to be completed within 2 seconds and the online search should not take more than 5 seconds. How should Mr. Yadav approach this to get the software developed with the best quality and within schedule? ANS: First form a team of subject matter experts and developers to conduct a checkpoint reviews Brainstorm with them as to phases in which checkpoint reviews needed to be conducted (Requirements phase, Design phase, Coding phase). Prepare a plan as to who will be responsible for conducting the reviews, on what date they will be conducted, what are the criterias to be met (eg An online (buy/sell) transaction has to be completed within 2 seconds and the online search should not take more than 5 seconds) before proceeding to the next phase so that defects could be found at the earliest possible and hence reduces the cost and time of reworking at the end of the project, what are the statistical tools that would be used to measure the processing performance. There should be a consensus on the decisions made in the above mentioned points for delivering a quality software on the customer specified date. Plan should be documented sent to the all the concerned people(IT manager, developer, reviewers) so that they are aware of their roles and responsibilities to produce the software on time. Ensure everyone complies with the plan. Adequate training should be given to the person who is conducting the review regarding the intents of the review. Conduct the checkpoint reviews Compare the actual result with the expected result with the help of the statistical tools that were mentioned in the plan. If the actual result does not meet the criteria mentioned in the plan brainstorm the root causes for the problems. Make appropriate changes and retest the software. 18. Differentiate between Product Quality and Process Quality and the role of Quality analyst in each of them. ANS: Process Quality helps in achieving the product quality Process Quality are Internal Quality focus(operation). Product quality focuses on external Quality(market) Process Quality focus on process. Product quality are concerned with results Process Quality people are cost. Product quality people are investment 19. An organization has implemented standards. However the implementation is weak. So you have been called to have a re-look at the standards. What would be role of different actors involved (e.g. QA, QC, Standardization Group etc..) ANS: Role of QA Form standards by benchmarking with other industries Review the implementation of the standards. Get feedback from the QC Make appropriate changes to the standards

Role Of QC Implement the standards Standardization Group 20. State how would you focus the attention of your management on the defects identified by the QC group, but not rectified by the dEv. Team. ANS: If the defects are not rectified by the development team then inform the management telling them the consequences(like product may not be delivered on time or defective product will be delivered to the customer which spoils the credibility of the organization, losses incurred by the organization) 21. The procedure of tool selection was given (define needs, train the user, get feedback etc). The tools in your organization were selected using that procedure but still the tools were ending up as shelfware, as in, the people are not using the tools after deployment. How will you, as a QA manager, select tools which become popular in the org. ANS: 1) Brainstorm with the employees as to what are tools that they require to do their job effectively. You can even visit other organizations to see what tools they use and how effective it is and make a recommendation. Employees consent should be got before using the tool 2) Get managements approval 3) Train the users with those tool. Have a dedicated and skilled person for training and solving problems related to the tool 4) Deploy those tools 5) Measure the effectiveness of the tools to see if they have added any value to the work products or process. 22. You are Software test Manager. Your testers ask you what attributes of a defect they need to note down as they are doing the testing. Suggest three attributes of a defect that are important. ANS: Type, Severity, Effort required to detect and correct the error 23. Roles and responsibilities during a software inspection ANS: Expanded QA Role Prepares inspection checklists, schedules meetings Moderates inspection meetings Logs and tracks action items to resolution Writes test plans, procedures, scenarios Conducts, participates in functional/regression testing Conducts system validation, user acceptance testing 24. Long time back 10 years before IT department wrote few standards. Users did not follow them. You are now QA manager of the organization. You have been asked to solve this problem by forming a standard committee. Write the members of Standards Committee. And Write the responsibility of each Standard

Committee (Who are the members , Responsibilities) QA Group (Responsibilities) Users (Responsibilities) IT Organization (Responsibilities) ANS: QA Group develops an annotated bibliography on software standards and standards-related topics, especially those related to the Body of Knowledge; QA groups authors/reviews articles on software standards topics and disseminating these through the newsletter and via the web; Providing opportunities for tutorials and training the users about standards and t their development; QA groups participating on the US TAG (Tech'l Advisory Group) for ISO/IEC JTC1/SC7 which is concerned with developing/reviewing international standards on software engineering, lifecycle, process, and quality topics; QA groups works cooperatively with the IEEE Software Engineering Standards Committee on software quality-related standards; QA groups Respond to questions from the users on software standards. The IT organization supports the standards committee by providing adequate resources and funding They provide commitment to follow the standards and communicate to the all levels of the organization their roles and responsibilities in adhering to the standards 25. Brainstorm with the team as why the project went beyond schedule. Find out the causes for delay. Discuss the alternatives that could be taken to solve the problems. ANS: Apologize to the customer for the delayed delivery and the project going over the budget. Suggest the customer the actions that are going to be taken. Get his approval. Give him the details as to who will resolve the problem and when would it be resolved Implement the action that was agreed upon. 26. Design a mentoring program to transfer knowledge from seniors to juniors. ANS: Train them by explaining to them the concepts (eg standards) Give them a project/ assignments as a part of the training Meet with the team every once in 3-4 weeks. Review their assignments and provide feedback in 1. Program Design and Planning. 2. Program Management. 3. Program Operations. 4. Program Evaluation. 27. What should be done before benchmarking? ANS: Before Benchmarking you need to prepare what are the objectives of your visit, which are the organization you want to benchmark against, what are the actions that will be taken on completion of the benchmark, how will it benefit the customers, managements approval. 28. Do You think that KLOC is a right measure for the code which your MIS has developed for Inventrory system.

ANS: studies conducted in mis (management information systems) environments show that, for both development and maintenance, function points based measures satisfy the criterion. Excellent means of quantifying software product quality as well as to assess the effectiveness of the testing process. Many industry averages exist, most of which are in the area of 10-20 defects per one thousand lines of code (KLOC) during system testing, while prior to and including system testing values are up to 200 defects per KLOC [Humphrey 1996]. Rubin reports defect rates from a world-wide survey per industry sector with Aerospace at 4.6 defects / KLOC, Financial at 3.1 defects / KLOC and System Software 2.0 / KLOC [Rubin 1995]. Rubin also reports 0.9 defects per function point as a world-wide industry average, while Capers Jones reports 1.75 coding defects per function point [Capers 1995] [Rubin 1995]. Defect densities should drop ten-fold between testing and maintenance phases [Grady 1992]. If such trends are not realized between prerelease and postrelease of software, then this is an indication that the testing process is not effective. This metric should also be used in parallel with the percentage of effort spent on testing. Limited testing time allocated will result in few defects detected prerelease and many detected postrelease. 29. Your Organization recently implemented a total quality management program. This has caused you to change your role from a quality assurance manager to a quality leader. Your responsibility as a leader is to get line management to do many of the tasks that you previously did as a quality assurance manager. What strategy will you use to get buy in from first-line supervisors to incorporate quality leadership as part of their day-to-day job function? ANS: Tell them that you would be able to do both the jobs. Benefits that you would offer to the company by doing both the jobs 30. The Malcom Baldrige NQA defines one of the roles of a leader as establishing a vision. You know that a vision must be expressed in terms external to the organization, and define the organization ideally would like to accomplish. For example, one of Ford's visions was to have customers that brag about their products. You have asked your IT director to develop a vision for the function. He tell you that the IT function already has a mission, and his vision is to accomplish that mission. How do you explain to your IT director the difference between a vision and a mission? ANS: Tell the manager what is vision and what is mission. Mission tells you the purpose of the organization. Vision is a term that tells what the organization wants to achieve. Tell him the purpose of redefining the vision and mission 31. Your IT function had a QA started in 1987 which was terminated in a cost cutback in 1989. At that time, the employees of the quality assurance function personally performed most of the quality efforts, such as conduction reviews and writing standards. You were recently appointed quality assurance manager. You know that the tasks previously performed by the quality assurance group should, in fact, be incorporated into the day-to-day work programs of the IT function.

What approach would you like to incorporate quality practices into the software development processes? ANS: Create an inventory of the quality practices that have been created with their title, status Store them in a library that is accessible by all the employees of the organization Assess the process. Before developing a quality practice check the inventory of the process that is already existing to suit the process. A process map could be created for this purpose 32. A product that your organization is about to produce is already available in the market. You are asked to come up with a process to evaluate the design of this product. ANS: Form a team to collect information how the customers perceive the quality of the product in the market (customer survey), doing a interview with the company employees about the product functionalities through benchmarking Assess if the product if produced by the company will be welcomed by the market or not 33. The QA department publishes a status on error reporting, fixed in the 30 days time. You however feel this has a negative impact on the QA department. Show 2 techniques you would use to reduce the negative impact. ANS: Techniques Why you selected it? a ) Brainstrom and use cause and effect diagram to find the root cause of the problem_________________ __________________________________________ _________________ _________________________________________ b) Use of statistical tools like control charts to reduce the variation in the process _________________ __________________________________________ _________________ __________________________________________ 34. Mr. Masor is an IT director, He is a quality conscious person , understands Customer satisfaction is the goal etc. So decides to set up the Department to test software and a librarian for documentation in the project etc. * Rate Mr. Masor as leader on a scale of 1 to 5 * Rate his approach on the Quality principles * Explain why? ANS: Rating level - 3 He has decided to document the processes. Estimation for the current projects will be based on the success of previous projects. Projects could be easily planned and tracked which results in stability A separate department has been set up to test the software the developers could spend more time on development. 35. In order to bring about improvement in the testing process and help your team members come up with guidelines on ( 2 steps each) a) How to stop testing?

b) How to test with constraint on resources Test with valid data, the most important functionality 36. A Helpdesk has been instituted to collect the problems from the customer. How will IT department solve the problems to keep the customers? ANS: Find out the frequently occurring problems. Brainstorm with the development team as to what could be the root causes for the problems Implement the solutions along with logs so that the problems could be tracked easily Do an adequate in house testing, users may also be asked to test the product When the QC team faces time constraints ask them to assign priority to the test that are important to be performed and only those test cases will be performed. Usually these test cases will be testing important functionality of the product or the high risk requirements with valid data. 37. Your organization has planned to purchase a third party tool for timesheet entry. But there is opposition from the project leaders that there are people with skills to develop the product in-house. Your boss asked for your advice. As Quality analyst how will you decide on whether to purchase or develop in-house ANS: Find out why the organization has chosen to outsource the development. Generally products are outsourced for the reason of problems in the organization is not adequately addressed. If the problems could be overcome easily then advice the management to develop the product in house. Tell him that outsourced products will not be supported by the organization and hence make its implementation difficult. If the problems cannot be solved and there is a time constraint on the product to be developed then advice the developers about the problems that are existing and get their consent before outsourcing the product 38. Zero defects- do you agree. Substantiate with reasons? Ans- Explain Philip Crossby 10-14 principles. Step 1: Management Commitment Action. Discuss the need for quality improvement with management, emphasisizing the need for defect prevention. Do not confuse communication with motivation. The results of communication are real and long-lasting; the results of motivation are shallow and short-lived. Prepare a quality policy that states each individual is expected to perform exactly like the requirement or cause the requirement to be officially changed to what we and the customer really need. Agree that quality improvement is a practical way to profit improvement. Accomplishment. Helping management recognize it must be personally committed to participating in the program raises the level of visibility for quality and ensures everyones cooperation so long asthere is progress. Step 2: Quality Improvement Team Action. Bring together representatives of each department to form the quality improvement

team. These should be people who can speak for their departments to commit operations to actions. Preferably, the department heads should participate at least on the first go around. Orient the team members as to the content and purpose of the program. Explain their roleswhich are to cause the necessary actions to take place in their departments and the company. Accomplishment. All the tools necessary to do the job are now together in one team. It works well to appoint one of the members as the chair of the team for this phase Step 3: Quality Measurement Action. It is necessary to determine the status of quality throughout the company. Quality measurements for each area of activity must be established where they dont exist and reviewed where they do. Record quality status to show where improvement is possible and where corrective action is necessary and to document actual improvement later. Nonmanufacturing measurements, which are sometimes difficult to establish

Step 4: Cost of Quality Evaluation Action. Initial estimates are likely to be shaky (although low), and so it is necessary at this point to get more accurate figures. The comptrollers office must do this. They should be provided with detailed information on what constitutes COQ. COQ is not an absolute performance measurement; it is an indication of where corrective action will be profitable for a company. The higher the cost, the more corrective action that needs to be taken. Accomplishment. Having the comptroller establish COQ removes any suspected bias from the calculation. More important, a measurement of quality management performance has been established in the companys system.

Step 5: Quality Awareness Action. It is time now to share with employees the measurements of what nonquality is costing. This is done by training supervisors to orient employees and by providing visible evidence of the concern for quality improvement through communication material such as booklets, films and posters. Dont confuse this with some getmotivated- quick scheme. It is a sharing process and does not involve manipulating people. This is an important step. It may be the most important step of all. Service and administrative people should be included just like everybody else. Accomplishment. The real benefit of communication is that it gets supervisors and employees in the habit of talking positively about quality. It aids the process of changing, or perhaps clarifying, existing attitudes toward quality. And it sets the basis for the corrective action and error cause removal steps.

Step 6: Corrective Action Action. As people are encouraged to talk about their problems, opportunities for correction come to light, involving not just the defects found by inspection, audit or selfevaluation, but also less obvious problemsas seen by the working people themselves

that require attention. These problems must be brought to the supervision meetings at each level. Those that cannot be resolved are formally passed up to the next level of supervision for review at their regular meeting. If a specific functional area does not hold such meetings, the team should take action to establish them in that department. Accomplishment. Individuals soon see the problems brought to light are being faced and resolved on a regular basis. The habit of identifying problems and correcting them is the beginning.

Step 7: Establish an Ad Hoc Committee for the Zero Defects Program Action. Select three or four members of the team to investigate the zero defects concept and ways to implement the program. The quality manager must be clear, right from the start, that zero defects is not a motivation program. Its purpose is to communicate to all employees the literal meaning of the words zero defects and the thought that everyone should do things right the first time. This must be transmitted to every member of the team. In particular, the ad hoc group should seek ways to match the program to the companys personality. Accomplishment. Improvement comes with each step of the overall program. By the time zero defects day is reached, as much as a year may have gone by and the initial improvement will be flattening out. At that point, the new commitment to a specific goal takes over, and the improvement begins. Setting up the ad hoc committee to study and prepare the implementation ensures the goals of the program will be firmly supported by the companys thought leaders.

Step 8: Supervisor Training Action. Conduct a formal orientation with all levelsof management prior to implementation of all the steps. All managers must understand each step well enough to explain it to their people. The proof of understanding is the ability to explain it. Accomplishment. Eventually all supervisors will be tuned into the program and realize its value for themselves. Then they will concentrate their actions on the program. Step 9: Zero Defects Day Action. Establishment of zero defects as the performance standard of the company should be done in one day. That way, everyone understands it the same way. Supervisors should explain the program to their people and do something different in the facility so everyone will recognize it is a new attitude day. Accomplishment. Making a day of the zero defects commitment provides an emphasis and a memory that will be long lasting. Step 10: Goal Setting Action. During meetings with employees, each supervisor requests they establish the goals they would like to strive for. Usually, there should be 30-, 60- and 90-day goals. All should be specific and measurable. Accomplishment. This phase helps people learn to think in terms of meeting goals and accomplishing specific tasks as a team. Step 11: Error Cause Removal Action. Ask individuals to describe any problem that keeps them from performing error free work on a simple, one-page form. This is not a suggestion system. All they have to

list is the problem; the appropriate functional group (for example, industrial engineering) will develop the answer. It is important that any problems listed be acknowledged within 24 hours. Typical inputs might be: This tool is not long enough to work right with all the parts. The sales department makes too many errors on their order entry forms. We make a lot of changes in response to telephone calls, and many of them end up having to be done all over again. I dont have any place to put my pocketbook. Accomplishment. People now know their problems can be heard and answered. Once employees learn to trust this communication, the program can go on forever. Step 12: Recognition Action. Establish award programs to recognize those who meet their goals or perform outstanding acts. It is wise not to attach relative values to the identification of problems. Problems identified during the error cause removal stage should all betreated the same way because they are not suggestions. The prizes or awards should not be financial. Recognition is what is important. Accomplishment. Genuine recognition of performance is something people really appreciate. They will continue to support the program whether or not they, as individuals, participate in the awards. Step 13: Quality Councils Action. Bring the quality professionals and team chairpersons together regularly to communicate with each other and determine actions necessary to upgrade and improve the solid quality program being installed. Accomplishment. These councils are the best source of information on the status of programs and ideas for action. They also bring the professionals together on a regular basis. Step 14: Do It Over Again Action. The typical program takes a year to 18 months. By that time, turnover and changing situations will have wiped out most of the education effort. Therefore, it is necessary to set up a new team of representatives and begin again. For instance, mark zero defects day as an anniversary. Or give a special lunch for all employees. The point is that the program is never over. Accomplishment. Repetition makes the program perpetual and, thus, part of the woodwork. If quality isnt ingrained in the organization, it will never happen. Subjective Questions-Quality principles 1.Is it possible to implement too much quality control in an organization? Yes / No? Explain. Ans: It is possible to implement too much quality control Wherein QA processes are set properly If the cost, resources and time are not prohibitive If u get the involvement of top management, implementing too much Quality control becomes easier as Philp Crossby says Quality is free. Quality must be built-in a product not tested in. Or

Too much QA is not required if Standards are developed properly Processes are well defined Quality controls are installed at logical points in the process to minimize the defects based on following: o Risk severity o Cost, effort and cycle time impact o Availability of appropriate resources/ people 2. Customer says, the programme developed is not good. But developer says, the program is good and the requirements given by the customer was not good. How will you tackle this situation as a QA Manager? As a QA manager , JAD (joint Application Development ) sessions will have to be arranged with which the customer can be involved from the beginning. Every phase will be done with the acceptance of both the parties This is done with frequent meetings , freezing of requirements , reviews and testing in the appropriate phases, signing-off at each stage. Points: Conduct JAD sessions Requirement Specification Sign off Change control procedure Service level agreement to be set up Customer to be involved in all phases V testing concept 3.If two organizations with same standards, one having 10 defects per 1000 KLOC and other one having 12 defects per 1000 KLOC can be compared? Yes / No? Explain. Ans 3- No. two organizations can be compared. Every organization has its own process and standards. Two organizations can be compared on the basis of b. Complexity of the project c. Language d. Process capability e. History of defects f. Common causes 4. a. Explain Drive out fear. Ans- 4a. Drive out Fear- One related aspect of fear is the inability to serve the best interest of the company through necessity to satisfy specified rules, or to satisfy a production quota, or to cut costs by some specified amount. Example: During Inspection, An inspector incorrectly records the results of an inspection for fear of exceeding the quota of allowable defects. b. Eliminate numerical goals. Ans- 4b. Eliminate Numerical Goals- Numerical goals often have a negative effect through frustration. These devices are management's lazy way out. They indicate

desperation and incompetence of management. It never helped anyone do a better job. There is a better way. 4. How Deming has elaborated the principle on that basis. Explain in brief? Ans. Explain Deming principles. Deming has suggested 14 principles that can better overcome this By: 1. Create Consistency of Purpose in the Company 2. Learn the New Philosophy 3. Require Statistical Evidence of Information Technology Quality 4. Reduce the Number of Vendors 5. Use Statistical Methods to Find Sources of Trouble 6. Institute Modern Aids to Training on the Job 7. Improve Supervision 8. Drive Out Fear 9. Break Down Barriers Between Departments 10. Eliminate Numerical Goals, Slogans, Pictures, Posters Urging People to Increase Productivity, Sign Their Work as an Autograph, etc. 11. Look Carefully at Work Standards 12. Institute a Massive Training Program for Employees in Simple but Powerful Statistical Methods 13. Institute a Vigorous Program for Retraining People in New Skills 14. Create a Structure in Top Management that Will Push Every Day on the Above 13 Points 5. Zero defects- do you agree. Substantiate with reasons? Ans- Explain Philip Crossby 10-14 principles. Ans 5a. Acc to Philip Crossby, Zero Defects is a revelation to all involved that they are embarking on a new way of corporate life. Working under this discipline requires personal commitments and understanding. Therefore, it is necessary that all members of the company participate in an experience that will make them aware of this change. He proposed 14 principles to achieve defect free and quality product by: 1. Management Commitment 2. The Quality Improvement Team 3. Quality Measurement 4. The Cost of Quality 5. Quality Awareness 6. Corrective Action 7. Zero Defects Planning 8. Supervisor Training 9. ZD Day 10. Goal Setting 11. Error-Cause Removal 12. Recognition 13. Quality Councils 14. Do it Over Again

Subjective Questions On Quality Leader Ship 1. ABC is a software company, focused on Software Services. Come out with Vision, Mission, Goal and Values. (10 Marks)- refer content for KD-2

Ans 1: KD-2 content part 2. The user of the software is not only the customer. Apart from user give three other customers who use the software product. Explain How their perspectives are taken care during SDLC (5 Marks) Ans 2: The other customers: IT Manager Project manager/ test manager QA Information resource manager/ internal control officer/ system security officer SSS/ICS Tester 3. How do you measure Management Commitment towards Quality in your organization? ( 5 Marks) Explain the responsibilities of any 3: Project manager, IT manager , QA

4. One of the customers called the help desk and told that there is a problem in the software and the system is not working. The help desk referred the problem to you. How will you go about handling it? Be specific about the time frame? (10 Marks) Ans-3, 4 , 5 KD2 Content part 5. Your IT function had a QA started in 1995 which was terminated in a cost cut-back in 1997. At that time, the employees of the quality assurance function personally performed most of the quality efforts, such as conduction reviews and writing standards. You were recently appointed Quality Assurance Manager. You know that the tasks previously performed by the quality assurance group should, in fact, be incorporated into the day-today work programs of the IT function. What approach would you like to incorporate quality practices into the software development processes? (10 Marks)

6. As a Quality Analyst you have been asked to prepare a Sample QA report. What would be minimum content of such a report and what would be your approach in arriving such a report (10 Marks)