“Made by TDK” = Top Quality
TDK’s activities and processes are designed to prohibit the manufacturing or release of a defective product. All TDK groups and business units are working to eliminate product defects by incorporating quality in the process, design, and management, to ensure “Made by TDK” continues to be a synonym of top quality.
TDK quality rules are well established and cover all aspects of design, development, material, shipment, etc. suitable for a manufacturing company, but TDK’s commitment to quality did not end here. There are now guidelines present for software development.
Trusted Positioning’s Journey
When Trusted Positioning Inc. (TPI) became the first software-only Business Unit of TDK in April 2020, the journey to “advance to Zero Defects” for software started. Initially, TPI tried to take and apply TDK’s quality rules, design reviews, and guidelines to its software business, but it became clear that manufacturing design and development processes and design reviews were not fitting well for a software BU, especially, when the BU also needed to be fully compliant with ISO9001. TPI worked closely with the TDK headquarters quality team to create an updated Quality Management System (QMS) for software businesses within the TDK group that also complies to ISO 9001 requirements.
A First for TDK: ISO Certification for Software
An ISO certification journey for a manufacturing company is different from that of a pure software company. The differences are of such an extent that there is a separate software specific guideline for software companies trying to get ISO9001 certification. However, this software specific guideline ISO90003 is only the first step. A Software Development Life Cycle (SDLC) requires guidance from IEEE12207, and software reliability consideration requires information from IEEE1633. In short, to achieve ISO9001 certification, guidance from other international standards are needed as well.
ISO9001 is the basic quality standard designed to fit any type of business. It is customer focused, meaning that customer satisfaction is the goal which is achieved via quality improvement. Most other standards use ISO9001 as the starting point. ISO9001 promotes a process approach and risk-based thinking. Every important aspect for a successful business is defined as a process which follows the Plan-Do-Check-Act (PDCA) principle and the interactions of all these processes is collectively defined as the QMS.
Started with ISO90003
When implementing a QMS for Software, it is recommended to start with ISO90003. The most important processes for a software business are centered around the SDLC process, support and maintenance process, monitoring and measurement process, and recall process. All of these processes are significantly different than their counterparts in manufacturing. For example, there are many ways to implement the SDLC process depending on the needs of the software business. The Waterfall method aligns best with manufacturing, however, the majority of software development organizations use Agile.
Software Failure Modes and Effects Analysis (SFMEA)
Software Failure Modes and Effects Analysis (SFMEA) is an important risk assessment and management tool. The principle is the same as its manufacturing counterpart, the Failure Modes and Effects Analysis (FMEA), however, the implementation is different. For example, there is no failure mode related to wear and tear when it comes to software. However, software failures and design flaws do exist, and the consequences can be devastating, such as the case of recent airline crashes.
Support/Maintenance & Monitoring/Measurement
“Support and Maintenance” is an important process that needs to be defined for a software business. This process includes answering questions such as how the customer requests will be handled, who will be responsible for what works, what will constitute a release, what must be checked for a release, and how the process’s success will be measured.
The monitoring and measurement process is also different from that of a manufacturing company. There is no lab measurement needed, but unit, sanity, smoke, regression, and feature testing are all required. The recall process is also different. A software recall can be downgrading the software to a stable bug-free version as compared to shipping a defective product back to the manufacturer.
Implementation
All the needed processes to update the QMS for software were developed by April 1, 2021 and then staff started to adopt and implement the processes in their daily activities. Internal audits started in June 2021 to find gaps in the process and/or implementation. Multiple internal audits were performed over the following months in preparation for an external audit. In March 2022 we completed our certification audit and received our ISO 9001 certification. We were quite pleased to pass the external certification without any nonconformities or opportunities for improvements.
