Reference and guide to SFIA version 7. Framework status: Development.

Quality and conformance

Quality and conformance subcategory

Quality management QUMG

No proposed changes for SFIA 7

The application of techniques for monitoring and improvement of quality to any aspect of a function or process. The achievement of, and maintenance of compliance to, national and international standards, as appropriate, and to internal policies, including those relating to sustainability and security.

Quality assurance QUAS

No proposed changes for SFIA 7

The process of ensuring that the agreed quality standards within an organisation are adhered to and that best practice is promulgated throughout the organisation.

Deleted skill: Quality standards QUST

No proposed changes for SFIA 7

The development, maintenance, control and distribution of quality standards.

New: Measurement MEAS

New for SFIA 7

The development and operation of a measurement capability to support management information needs. The planning, implementation and control of activities to measure attributes of processes, products and services in order to assess performance, progress and provide indications and insights actual or potential problems, issues, and risks. The identification of requirements, selecting measures and measurement scales, establishing data collection and analysis methods, setting target values and thresholds. Measurement can be applied to organizations, projects, processes, and work products.

Conformance review CORE

No proposed changes for SFIA 7

The independent assessment of the conformity of any activity, process, deliverable, product or service to the criteria of specified standards, best practice, or other documented requirements. May relate to, for example, asset management, network security tools, firewalls and internet security, sustainability, real-time systems, application design and specific certifications.

Safety assessment SFAS

No proposed changes for SFIA 7

The assessment of safety-related software systems to determine compliance with standards and required levels of safety integrity. This involves making professional judgements on software engineering approaches, including the suitability of design, testing, and validation and verification methods, as well as the identification and evaluation of risks and the means by which they can be reduced. The establishment, maintenance and management of an assessment framework and practices.

Digital forensics DGFS

No proposed changes for SFIA 7

The collection, processing, preserving, analysing, and presenting of computer-related evidence in support of security vulnerability mitigation and/or criminal, fraud, counterintelligence, or law enforcement investigations.

Change requests