Configuration Management and standards
Configuration Management gives the identifiably and traceability of a product at various stages of the product life. The requirements specific to configuration management are specified in various standards and Models with minor variations.
- A Level 2 Process Area for CMMI – Configuration Management (CM)
- Clause 7.2 of AS 9100 Rev C- Configuration Management
- Clause 7.5.3 of ISO 9001:2008 – Identification and Traceability
- A specific standard to deal with Configuration Management – ISO 10007
Configuration Management process is broadly described in ISO 10007 which calls for the following steps of configuration management. These steps will help the organization to make sure the product released is of right configuration and in case of any errors, the exact point of error is traced. Also, this will help to improve the product, based on various stages.
A documented configuration management plan outlining the procedures being used to manage the configuration, and describe the roles and responsibilities to manage the configuration. This plan shall be documented, controlled and approved. Wherever possible, the plan must refer to the organizational procedures.
A list of configurable items shall be selected based on various factors such as statutory and regulatory requirements, product design stages, criticality in terms of risks etc. These items are to be selected based on their management of physical and functional characteristics being managed.
The changes to the configuration items must be controlled and documented. The process and records for changes shall include justification for change, evaluation of consequences of changes, and approval of changes. This changes shall always be base lined at periodic changes to the physical and functional characteristics of the product.
Configuration status accounting
The configuration status accounting activities throughout the life cycle of the product to support and enable an efficient configuration management process. Ideally, at any point of time, the product configuration is the last baseline and the changes done after the baseline.
Periodic audits are to be conducted on the configuration based on the documented procedures, to make sure the product meets the configuration requirements are not. generally two types of configuration audits are conducted.
Physical configuration Audit : To make sure that the product is meeting the physical characteristics as specified in the product configuration information
Functional configuration audit : To make sure that the product has achieved the functional performance as defined in the product configuration information