Compliance and Standards
Make it âright today, better tomorrow.â
Adhering to compliance and standards is an initiative created to ensure that all stakeholders at Somnetics effectively manage business with quality, ethics and integrity.
To ensure the above, not only Somnetics higher management takes palpable interest in just adhering to global standards but they also make sure that all Somnetics employees are aware of their responsibilities in developing and maintaining a compliance-conscious environment. Additionally, the compliance team establishes ways to continuously assess the compliance efforts in upholding the unity of Somnetics standards.
We presently follow the following global standards and the entire organization, alongwith its Software Development Centers and R&D units comply to culture of conformity, so that our partners, customers and shareholders are better served.
CMMI Maturity Level 3 for Development, V1.30
CMMI stands for âCapability Maturity Model Integrationâ and is a model that provides appraisal and training for process improvement in organizations. CMMI was created by the Software Engineering Institute (SEI) as a result of research into organizations that would consistently deliver quality software on time and within budget.
The CMMI-DEV model is used for process improvement in organizations that develop products. CMMI for Development contains practices that cover project management, process management, systems engineering, hardware engineering, software engineering, and other supporting processes used in development and maintenance (CMMI Institute).
CMMI-DEV provides guidance for process improvement across a project, department, or organization that will lead to lower costs, improved quality, and on time delivery of products and services. CMMI-DEV guidance covers the life cycles of products from conception through delivery and maintenance. CMMI-DEV best practices are flexible enough to apply to a variety of industries, yet stable and consistent enough to provide a benchmark against which your organization can measure and compare itself. Therefore, when a company is appraised at CMMI for Development, it means that the company has been trained, assessed, and appraised in the areas of product and service development.
Maturity Level 3 in CMMI-DEV includes the following Process Areas
- Decision Analysis and Resolution (DAR)
- Integrated Project Management (IPM)
- Organizational Process Definition (OPD)
- Organizational Process Focus (OPF)
- Organizational Training (OT)
- Product Integration (RD)
- Requirements Development (RD)
- Risk Management (RSKM)
- Technical Solution (TS)
- Validation (VAL)
- Verification (VER)
ISO 9001:2008 (Quality Management)
ISO 9001 is a standard that sets out the requirements for a quality management system. It helps businesses and organizations to be more efficient and improve customer satisfaction.
- Minimize mistakes
- Improves reporting and communications
- Better quality products and service
- More reliable production scheduling and delivery
- Standards maintained by annual assessments
- Better internal management
- Less wastage
- Increase in efficiency, productivity and profit
- Improved customer retention and acquisition
- Consistent outcomes, measured and monitored
ISO 27001:2013 (IT Security Management)
The standard was previously known as BS 7799 and ISO 17799 and the ISO 27001 (ISMS) standard was published in 2005 and re-released in 2013. Information is vital to every organization and the standard provides an auditable method of monitoring, protecting and managing information and data systems.
Loss of data and information of any kind can, at the very least, be inconvenient to an organization, at worst it can lead to its collapse.
ISO 27001 provides a system for monitoring and maintaining:
- Confidentiality of information
- Availability of information
- Accuracy of information
Organization that handle information on behalf of others canÂ benefitÂ greatly from being certified because they are able to show they have a process in place for continual monitoring and protection of third party data.
ISO 20000-1:2011 (IT Service Management)
This is considered to be the Gold Standard in IT Service Management and Delivery. ISO/IEC 20000, frequently referred as just ISO 20000, is the international IT Service Management benchmark that enables IT organization (whether in-house, outsourced or external) to ensure that their IT service management processes are aligned both with the needs of the business and with international best practice. ISO/IEC 20000 helps IT software and service organizations benchmark how they deliver managed IT services, measure all service levels, and assess their performance. It is broadly aligned with, and draws strongly on, ITILÂŽ.
Benefits of implementing ISO 20000-1:2011:
- Closer alignment to both ISO 9001 and ISO/IEC 27001
- Clarification of existing definitions and addition of new definitions
- Introduction of the term Service Management System (SMS) and aligning the standard with the concept of a SMS
- Clarification of the requirements for the governance of processes operated by other parties
- Addition of requirements for the design and transition of new or changed services
- Capacity & availability management
- Incident resolution & prevention
- Service system transition
- Service continuity
- Requirement management