Press Release

Needham, MA – November 1, 2018 – The Consortium for Information & Software Quality™ (CISQ™), an IT industry leadership group that develops standards for automating software quality and size measurement, today unveiled its Trustworthy Systems Manifesto. The Manifesto lists 5 principles around which senior executives can develop policy to govern system development and deployment.

Software-intensive systems are one of the largest sources of risk to enterprises and their customers. For example, IT-related incidents at Knight Capital, SWIFT, Target, and United Airlines far exceeded $100 million in damages. A new research report from CISQ estimates the cost of poor quality software in the U.S. to top $2.8 trillion. In the era of 9-digit glitches, the Manifesto will help management determine policies that strengthen software development and mitigate the risk exposure of these systems.

According to CISQ Executive Director Dr. Bill Curtis, “Financial risks from software-intensive systems dramatically increase as enterprises automate more of their critical business functions. Executives are ultimately responsible for managing this risk. The Manifesto provides guidance to executives and senior managers, the majority of whom are not IT experts, for developing policy to ensure their critical systems are trustworthy. The manifesto’s objective is to initiate discussions between the enterprise and IT or engineering about reducing operational and cost risks to the business. Trustworthy systems are secure from malicious actors, reliable and safe in operation, resilient to unexpected conditions, and accurate in their computations.”

Dr. Curtis will present a webinar on Thursday, December 6, 2018 at 11 a.m. EST to introduce the Trustworthy Systems Manifesto and discuss its 5 principles:

• Engineering discipline in product and process
• Quality assurance to risk tolerance thresholds
• Traceable properties of system components
• Proactive defense of the system and its data
• Resilient and safe operations

Become a Signatory

Signatories indicate their willingness to develop policies and practices within their organizations to support these principles, and to encourage adoption of these principles in other organizations. To become a signatory, visit https://it-cisq/tsm/signatures.php.

About CISQ

The Consortium for Information & Software Quality™ (CISQ™) is an IT leadership group that develops international standards for automating the measurement of software size and structural quality from the source code. The standards written by CISQ enable IT and business leaders to measure the risk IT applications pose to the business, as well as estimate the cost of ownership. CISQ was co-founded by the Object Management Group® (OMG®) and Software Engineering Institute (SEI) at Carnegie Mellon University. For more information, visit https://www.it-cisq.org/