Consortium for IT Software Quality to Host Seminar on Software Quality in Federal Acquisitions

Needham, MA — The Consortium for IT Software Quality (CISQ) is pleased to announce that it will be hosting a seminar on “Software Quality in Federal Acquisitions” on Wednesday, March 26th at the Hyatt Regency in Reston, VA. Well-respected industry speakers will provide valuable information on software quality as it relates to acquisition practice, sizing and estimating, as well as developments in assurance and security within the federal space.

 

Participants will walk away encouraged to use software sizing and structural quality measures to reduce the risk and cost of software. Not only will best practices for deploying and using software measures in productivity analysis be presented, but presenters will identify pitfalls to avoid in analysis and use of measures.

 

Robert Martin of MITRE Corporation will lead a discussion on advances in information assurance standards while John Keane of Military Health Systems will recount lessons learned in health IT security.

 

“Software acquisition has been a challenge for the federal government, as the recent healthcare.gov rollout debacle illustrates,” said Dr. Bill Curtis, Director of CISQ. “This seminar will outline the challenges and risks of public sector acquisitions involving sensitive and classified information. Speakers will discuss tools and findings that can minimize the risks of acquiring complex software-intensive systems.”

 

The seminar is intended for IT executives, application managers, software measurement specialists, quality assurance professionals, and others interested in using automated software measures. The registration fee for the seminar is $50 USD. To view the full agenda and to register, visit http://www.omg.org/cisq-va14.

 

About CISQ

The Consortium for IT Software Quality (CISQ) is an IT industry leadership group comprised of IT executives from the Global 2000, system integrators, outsourced service providers, and software technology vendors committed to introduce a computable metrics standard for measuring software quality and size. Founded by the Object Management Group (OMG) and the Software Engineering Institute at Carnegie Mellon, CISQ is a neutral, open forum in which customers and suppliers of IT application software can develop an industry-wide agenda of actions for improving IT application quality and reduce cost and risk. CISQ is sponsored by CAST, Capgemini, and Huawei. For more information, visit www.it-cisq.org.

 

Note to editors: For a listing of all OMG trademarks, visit http://www.omg.org/legal/tm_list.htm. All other trademarks are the property of their respective owners.

 

###

Gartner Outsourcing & Strategic Partnerships Summit

25604_thumb_logo_gartner

The premier outsourcing event for 2014 provides actionable advice, the latest thought leadership and best practices to guide CIOs, sourcing executives and leaders in making the best informed decisions while enabling a new balance between value, cost and risk.

 

The 2014 agenda focuses on how to effectively align sourcing with the business and with strategic partners, convert innovative approaches into successful outcomes, and execute on new thinking amid economic turbulence and disruptive, fast-evolving technology change.

 

 For more information click here.

Gartner PPM & IT Governance Summit

25604_thumb_logo_gartner

The Gartner PPM & IT Governance Summit 2014 is the premier gathering of program and portfolio management executives focused on improving how organizations select, implement and manage IT initiatives and services.

 

Attendees will gain new methods of prioritization, resource optimization and governance to address competing strategic goals, as well as how to adapt programs with an eye toward shifting risks and ongoing business case validity.

 

For more information click here.

Wipro to Sponsor Consortium for IT Software Quality

CISQ-logo-sm

 

Needham, MA — The Consortium for IT Software Quality (CISQ) announced today that Wipro Ltd. (NYSE: WIT), a leading global Information Technology, Consulting and Outsourcing company, will sponsor the consortium. Wipro will become the fourth major sponsor to join the list of industry participants investing in the completion and adoption of CISQ standards in the IT industry. Earlier in 2013, Huawei, Capgemini and CAST all announced their sponsorship support for CISQ.

 

Wipro is one of the leaders and bellwethers of the India IT industry, and a major player in the global Application Services market. In its leadership role, Wipro has been investing significantly in software quality measurement to ensure that the firm upholds the highest standards in software quality for its clients. Wipro’s sponsorship of CISQ is based on a commitment to drive the state of the art and industry standards for software quality in Application Development and Maintenance (ADM).

 

The ADM outsourcing industry has matured greatly since the early days of the 1990’s, and continues to get more competitive at a global level. The Indian IT industry pioneered global sourcing, partly on the basis of process excellence, codified by the Capability Maturity Model (CMM), which was developed by the Software Engineering Institute (SEI) at Carnegie Mellon University in the United States. Dr. Bill Curtis, best known for building the CMM at SEI, which was a key driver in the globalization of the Indian IT software industry, has now assumed the role of director at CISQ.

 

At a press conference last week in India, Dr. Curtis described how much he believes CISQ could have a similar impact as CMM, and why some of the leading Indian Global Sis are embracing this new initiative. “The last wave in software engineering was focused on improving our process maturity as a major improvement lever,” said Dr. Curtis. “The current wave in software engineering has moved on to focus on the product and the outcomes achieved in managing software projects and maintenance.”

 

Conceived as a partnership by the SEI and the Object Management Group (OMG), CISQ was initially led by a set of industry multinationals which rely on global sourcing for application development. Together with industry participants and software measurement experts the consortium has successfully led the standardization of Function Point measurement and produced a Software Characteristics Measurement Specification due to be turned into a full OMG standard in 2014. To learn more about sponsorship opportunities for CISQ, visit www.it-cisq.org.

 

About CISQ

The Consortium for IT Software Quality (CISQ) is an IT industry leadership group comprised of IT executives from the Global 2000, system integrators, outsourced service providers, and software technology vendors committed to introduce a computable metrics standard for measuring software quality and size. CISQ is a neutral, open forum in which customers and suppliers of IT application software can develop an industry-wide agenda of actions for improving IT application quality and reduce cost and risk.

 

Software Quality in Federal Acquisitions

info-top

 

Join us for the next CISQ Seminar at the OMG Technical Meeting on Wednesday, March 26, 2014 at the HYATT Reston Town Center (1800 Presidents Street) in Reston, VA USA. Dr. Bill Curtis and other esteemed speakers will provide valuable information on the role of software analysis and measurement in acquiring government systems. Areas of focus include acquisition practice, sizing and estimating, and developments in assurance and security within the federal space.

 

The objectives of the CISQ – Software Quality in Federal Acquisitions Seminar are to:

  • Motivate participants to use software sizing and structural quality measures to reduce the risk and cost of software. 
  • Present the CISQ/OMG measures for Automated Function Points, Reliability, Performance Efficiency, Security, and Maintainability.
  • Present best practices for deploying and using software measures in productivity analysis and improvement, vendor management, benchmarking, and structural quality management.
  • Identify pitfalls to avoid in analysis and use of measures. 
  • Describe experiences and lessons learned using software measures in large organizations.

This seminar is intended for IT Executives, application managers, software measurement and improvement specialists, quality assurance professionals, and others interested in using automated software measures.

 

Hosted By: Consortium for IT Software Quality (CISQ) in cooperation with Object Management Group (OMG), Software Engineering Institute (SEI), Interoperability Clearinghouse, IT Acquisition Advisory Council (IT-AAC)

 

 

To download materials from this event, you must be a CISQ member. Click here for our Member Page.

 

 

CURRENT PROGRAM AGENDA

(Last Updated 3/25/2014)


 

0800 – 0900

 

Registration

 

 

Morning Segment: System Engineering Practices

 

0900 – 0915

 

Welcome and Introductions

Dr. Bill Curtis, Director, CISQ; Kevin Jackson, IT-AAC

 

0915 – 1000

 

Sizing and Estimating Software Risk

Lead: David Herron, David Consulting Group
Neal Ziring, NSA Information Assurance Directorate TD
This presentation will introduce the uses of productivity analysis with a strong emphasis on continual improvement. Three types of measures required for productivity analysis-size, effort, and application demographics-along with how to avoid pitfalls in collecting them will be discussed, along with the description of how Function Points have emerged as a preferred measure of size.

 

1015 – 1100

 

Advances in Information Assurance Standards

Lead: Robert Martin, Project Lead, Common Weakness Enumeration, MITRE Corp.
Emile Monette, Senior Advisor for Cybersecurity, GSA Office of Mission Assurance
Dr. Paul Black, Computer Scientist, NIST
Michael Kennedy, Division Chief for Architecture and Interoperability, ISE
Mr. Martin will describe the national efforts to identify and eliminate the causes of security breaches through the development of the Common Weakness Enumeration repository. He will describe best practices for using information in the repository for improving the security of software. He will describe how to measure the security of software and how this is done using the CISQ measure for Security, whose definition he led.

 

1115 – 1200

 

Lessons Learned in Health IT Security

Lead: John Keane, Military Health Systems
Robert Babiskin, CTO, ICH
Mr. Keane will describe the tools and processes his team uses to measure and manage structural quality on DoD contracts. He will describe how he uses analysis from several tools to get more complete coverage of security and structural quality issues. He will present data from his extensive use of these tools to show how security and quality are inextricably linked and what benefits can be achieved by managing Software Assurance in a holistic manner.

 

1200 – 1300

 

Lunch

 

 

Afternoon Segment: IT Acquisition and Management CSFs for Assured Outcomes

 

1300 – 1315

 

Introduction

MajGen John Brennan, USAF ret, Executive Director, IT-AAC

 

1315 – 1400

 

Keynotes

Facilitator: John Weiler, CIO Interop. Clearinghouse
AA/S and DA/S Roberta Stempfley, CS&C NP&PD DHS
Software acquisition has been a challenge in the public sector for a long time, hitting fever pitch with the Healthcare.gov rollout and some of the software supply chain issues being dealt with in the Defense community. More concerted, standardized measurement of software being acquired is necessary, as well as the policy to move the acquisition establishment towards better governance models.

 

1415 – 1500

 

New Findings on Measuring the Effectiveness and Quality of Agile Projects

Facilitators: Dr. William Nichols, Software Engineering Institute; Dr. Bill Curtis, CAST
Alden V. Munson, Jr, FMR DNI SAE currently Sr Fellow & Board Member, Potomac Institute for Advanced Technology
This session will present new research being released by both the Software Engineering Institute (SEI) and CAST Software on the measurement of agile projects. The featured results from the SEI will present conclusions from a study of transactional data collected from an Agile life-cycle management platform. Results will be contracted with data from Team Software Process (TSP) projects. Findings include observations on some difficulties and limitations in measuring agile projects and the consistency of agile practices. CAST will present results from its upcoming release of the bi-annual CRASH Report on differences in structural quality attributes observed among different development methods. The session will conclude with open discussion on the impact of observations from these studies on Federal acquisition practices.

 

1515 – 1600

 

Using Software Productivity and Structural Quality Measures in Public and Private Contracts

Facilitators: Dr. Bill Curtis, Director, CISQ; John Weiler, CIO Interop. Clearinghouse
At the request of outsourcers and system integrators, CISQ was formed by the Software Engineering Institute and Object Management Group to develop standards for source code attributes such as size and quality characteristics. Automated Function Points (now an OMG Approved Specification) and specifications for measures of Reliability, Performance, Security, and Maintainability (soon to be submitted for OMG approval) have been defined by a group of public and private experts. These measures will be presented along with how they have been used in outsourcing and acquisitions. Lessons learned, caveats, and contractual concerns will be discussed.

 

1615 – 1730

 

Cocktail Social

Network with your peers and senior leaders!

 

To download materials from this event click here.

Software Robustness and Resiliency in Capital Markets

CISQ hosted its latest Technology Executive Roundtable at the Marriott at Grand Central (NYC). The topic for this installment was “Software Robustness and Resiliency in Capital Markets”, and featured the following speakers: Corey Booth, Partner and Managing Director, Boston Consulting Group; Dr. Bill Curtis, Director, CISQ; JP Chauvet, Chief Architect of Equities, Credit Suisse. Over 25 senior leaders from organizations such as Bridgewater Associates, BNY Mellon, NYSE Euronext, Deutsche Bank, The Depository Trust & Clearing Corporation, and J.P.Morgan were in attendance listening to presentations, engaging in discussions, and networking with peers.

 

Dr. Curtis started off by discussing the recent changes in the regulatory environment at the Federal level, especially as they relate to software risk prevention. He covered some of the highlights of Regulation SCI, and the feedback provided to the SEC by CISQ. A link to the presentation can be found here.

 

Mr. Booth then talked about the tradeoffs between risk and development speed, and their implications on software quality frameworks and processes. He discussed the two worlds and speeds of IT: industrial and digital. Managing these two worlds requires organizing and executing in different ways, not to mention the differences in governing relationships and stakeholders within each IT world. Implementing digital-ready capabilities requires practicing an open architecture and flexible organizational governance. Some current case studies of capital markets clients that were building QA governance mechanisms to address system resilience (Data-Driven Operational Assurance) were also discussed. A link to the presentation can be found here.

 

Finally, Mr. Chauvet discussed the path to introducing software risk prevention methodologies. He talked about the types of issues that make it difficult to manage software resiliency and robustness, how to balance expectations from the business, and what regulatory response would be useful vs. detrimental. Key steps to enabling the cultural shift and success include: having a clear and consistent definition of Software Quality throughout the organization, identifying from within and implementing best practices of quality, and creating widespread visibility into quality measures (such as those defined by CISQ). Mr. Chauvet was an early adopter of software analysis & measurement in this industry, and he leaned on his successful experience at Credit Suisse. It was interesting to hear how using a combination of peer pressure and pull generated demand for quality measurement! A link to the presentation can be found here.

 

The Q&A session that followed included lively discussion amongst the speakers and attendees. Positive interviews of the attendees after the event reflected the event’s overall success. For more information regarding upcoming CISQ events, visit our events page.

Software Quality Consortium to Host Roundtable Discussion on Software Robustness and Resiliency in Capital Markets

CISQ-logo-sm

 

Will address the system risk prevalent in today’s financial markets

 

 

Needham, MA—The Consortium for IT Software Quality (CISQ) is pleased to announce it will be hosting an executive roundtable, “Software Robustness and Resiliency in Capital Markets,” on Tuesday, November 19th from 7:30am-10am at the Marriott hotel at Grand Central at 525 Lexington Ave and 48th Street in New York, NY.

 

The level of software complexity and risk being managed at exchanges and by broker dealers is a major concern in the industry today. Technology leaders need to address software risk in a way that improves the ability to gain competitive advantage and speed to the marketplace. The CISQ roundtable will be an open dialogue on getting ahead of the software robustness issue and upcoming regulations.

 

Speakers will include: Corey Booth, Partner and Managing Director of Boston Consulting Group, Dr. Bill Curtis, Director of CISQ, and J.P. Chauvet, Chief Architect of Equities at Credit Suisse. Together, they will discuss the challenges of achieving robust and resilient systems in the context of today’s market and technology landscape. In particular, talks will discuss managing the risk-to-speed tradeoff- how to establish the right level of quality governance; implementing structural software quality measurement- deployment challenges and practices; and a summary of Regulation SCI and the CISQ response to the current proposed regulation. The event will close with an open discussion and a question and answer session.

 

To learn more and to register for the event, visit http://www.it-cisq.org/NYCRoundtable.

 

About CISQ

The Consortium for IT Software Quality (CISQ) is an IT industry leadership group comprised of IT executives from the Global 2000, system integrators, outsourced service providers, and software technology vendors committed to introduce a computable metrics standard for measuring software quality and size. CISQ is a neutral, open forum in which customers and suppliers of IT application software can develop an industry-wide agenda of actions for improving IT application quality and reduce cost and risk. For more information, visit www.it-cisq.org.

Gartner Application Architecture, Development & Integration Summit

Transform Your Application Strategies for a New Reality
December 3-5, 2013 | Las Vegas, NV

 

25604_thumb_logo_gartnerGive your organization the strategic advantage of leading-edge applications. Find out how you can tap the full potential of mobile and social, deliver great UX design and implement flexible architecture engineered for the long haul. 

 

At the 2013 summit, you’ll get the tools and insight you need to do that and more. Modernize legacy applications, secure the cloud (a new track covers security and governance) and understand the business impact of big data.

 

For more information click here.

Software Robustness and Resiliency in Capital Markets

A CISQ Technology Executive Roundtable

 

Tuesday, November 19, 7:30-10:00am,

Marriott at Grand Central, 525 Lexington Avenue at 48th Street, NYC

 

Registration $295

 

25560_thumb_rulerThere isn’t a single stakeholder in the capital markets today who is unaware or unconcerned about the level of software complexity and risk being managed at the exchanges and the broker dealers.

 

“I also want…to identify a series of concrete measures designed to address specific areas where the robustness and resilience of market systems can be improved.”
–  Mary Jo White, SEC Chair

 

Beyond Regulation SCI, as technology leaders we have to address software risk in a way that improves our ability to gain competitive advantage and speed to market. This technology executive roundtable is an open dialogue on getting ahead of the software robustness issue and the coming regulations. To facilitate, we are bringing together several industry leaders to discuss the challenges of achieving robust and resilient systems in the context of today’s market and technology landscape.

 

person1

Corey Booth
Partner and Managing Director
Boston Consulting Group

 

Corey will frame the morning discussion about the tradeoffs between risk and development speed, and their implications on software quality frameworks and processes. Corey will outline some current case studies at capital markets clients building QA governance mechanisms to address system resilience.

 

Corey Booth is a Managing Director within BCG’s Financial Services practice, based in New York City. Corey works with financial services clients on business technology adoption and optimization, in the capital markets, asset management and consumer services. Prior to BCG, Corey served as the CIO at the Securities and Exchange Commission (SEC) for a four year term, ending in 2008. Prior to joining the SEC, Mr. Booth was an associate principal in the financial services and information technology practices of McKinsey and Company. In that role, he was responsible for advising senior executives of major financial institutions on a variety of strategic and technology management issues.

 

person1

Dr. Bill Curtis
Director
Consortium for IT Software Quality

 

Bill will discuss the recent changes in the regulatory environment at the Federal level, especially as relates to software risk prevention. He will cover some of the highlights of Regulation SCI, and the feedback provided to the SEC by CISQ and other related entities.

 

Dr. Bill Curtis is an industry luminary who is best known for leading development of the Capability Maturity Model (CMM) as the director of the Software Process Program at the Software Engineering Institute (SEI) at Carnegie Mellon University. He currently serves as the Director for CISQ, and the Chief Scientist at CAST, a software company that offers software risk prevention solutions. Prior to CISQ, Bill was a Co-Founder of TeraQuest, the global leader in CMM-based services, which was acquired by Borland. In past roles, Bill directed research on intelligent user interface technology, software design process, software productivity and quality measurement, and software practices. Bill was recently elected a Fellow of the Institute of Electrical and Electronics Engineers (IEEE) for his contributions to software process improvement and measurement.

 

person1

JP Chauvet
Chief Architect of Equities
Credit Suisse, IB

 

As an early adopter of software analysis & measurement in this industry, JP will discuss the path to introducing software risk prevention methodologies. JP will about the types of issues that make it difficult to manage software resiliency & robustness. How to balance expectations from the business, and what regulatory response would be useful vs. detrimental.

 

JP Chauvet is a Director at Credit Suisse and Chief Architect of Equities, based in New York. In this role, JP drives the technology governance across the main businesses that form the bank’s leading Equity franchise: Equities Trading, Prime Services, Equity Derivatives and Global Arbitrage Trading. Previously, JP held various roles at both Credit Suisse and Lehman Brothers, including Head of Equities Production Services, Head of Equities Core Trading Development and Head of AsiaPac Trading System Development based in Tokyo.

 

 

Agenda for November 19th, 2013

Location: Marriott at Grand Central, 525 Lexington Avenue at 48th Street, NYC


7:30 am

Networking Coffee and Refreshments

8:00

Corey Booth, BCG
 
Managing the Risk-to-Speed Tradeoff – How to establish the right level of quality governance
8:30 JP Chauvet, Credit Suisse
  Implementing Structural Software Quality Measurement – Deployment challenges & practices
9:00 Dr. Bill Curtis, CISQ
  Summary of Regulation SCI and the CISQ response to the current proposed regulation
9:30 Discussion and Q&A

 

We have an obligation to the investing public, and the economy at large, to address the system risk prevalent in today’s financial markets. Join us for this important discussion on your role in this effort.

 

Representatives from the following companies attended the event: 

  • Bridgewater
  • CAST Software
  • Object Management Group
  • Boston Consulting Group
  • Goldman Sachs
  • NYSE Euronext
  • BNY Mellon
  • Tata Consultancy Services
  • CAPGEMINI
  • TechMahindra
  • The Depository Trust & Clear
  • JPMorgan
  • Deutsche Bank
  • CREDIT SUISSE – GROUP

You can download the materials from the event on the CISQ Member Page.

Director of CISQ Responds to the Proposed SEC Rule

 

Director of CISQ responds to the proposed SEC rule

Calls out importance of quality and security in automated systems supporting U.S. securities market

 

Needham, MA — The Consortium for IT Software Quality (CISQ) is proud to announce that its Director, Dr. Bill Curtis, submitted comments on the consortium’s behalf to the Securities and Exchange Commission (SEC) regarding proposed rule, “Regulation Systems Compliance and Integrity – Rule 1000(b)(1)”.

 

In the responses, Dr. Curtis made recommendations to ensure that critical structural weaknesses would be detected and fixed. Specific recommendations include:

 

  • SCI entities should incorporate measurements of cost, quality, operational performance, and business risk of SCI software in development and testing methods;
  • The structural quality of SCI Security Systems should be evaluated and measured, since many software security vulnerabilities result from poor structural quality; 
  • SCI systems should be reviewed and tested prior to each software release; and
  • Policies compliant with the proposed rule should include a broader range of standards than currently proposed, including CISQ’s standard measure of structural quality characteristics such as reliability and security. 

 

The proposed Rule 1000(b)(1) would require regulated organizations to implement practices that ensure the capacity, integrity, resiliency, availability, and security of automated systems supporting US securities markets. It would be applied to self-regulatory organizations (including registered clearing agencies), alternative trading systems, plan processors, and exempt clearing agencies subject to the Commission’s Automation Review Policy. These SCI entities would be required to comply with requirements specific to the automated systems that support the performance of their regulated activities.

 

To view Part 1 and Part 2 of Dr. Curtis’s response letters, visit the CISQ website at www.it-cisq.org.

 

About CISQ

The Consortium for IT Software Quality (CISQ) is an IT industry leadership group comprised of IT executives from the Global 2000, system integrators, outsourced service providers, and software technology vendors committed to introduce a computable metrics standard for measuring software quality and size. CISQ is a neutral, open forum in which customers and suppliers of IT application software can develop an industry-wide agenda of actions for improving IT application quality and reduce cost and risk. For more information, visit www.it-cisq.org.