TL 9000 is a quality management practice set up by the QuEST Forum in 1998 for telecom industry. TL 9000 is grounded on ISO 9001 with industry specific adders.  It adds specific telecom hardware (H), software (S) and service (V) requirements to the more generic practices of ISO 9001. QuEST forum administrates the TL 9000 certification process (www.questforum.org ). The QuEST forum was originated by a number of telecommunication companies, e.g. Bell Atlantic, BellSouth, Pacific Bell and South Western Bell. QuEST stands for ‘Quality Excellence for Suppliers of Telecommunications Leadership’

TL9000 is defined by two documents.

  • TL 9000 Quality Management System Requirements Handbook
  • TL 9000 Quality Management System Measurements Handbook

There are certain specific points to be ensured if an organization is seeking for compliance to this standard in additional to the common procedures as explained in Stages in an assessment/certification process . The specific points are explained below.

1. Registration Options

The process is the same as other registrations (e.g. ISO 9001) except that the scope of registration includes reference to product categories chosen and adders (H, S, V) involved. The registration options available are Hardware (H), Software (S), and Services (V). An organization can choose all or any combination of the options that apply to it. The registration option determines which of the TL 9000 specific requirements apply to the registration. Once an organization finalizes the registration scope and options, it starts the process of mapping its products to the TL 9000 product categories. TL 9000 has over a hundred product categories covering hardware, software and services.

2. Setting the company up in Quest Forum Portal

The TL 9000 Administrator needs to be contacted to initiate setting the company up in Quest Forum Portal. Any person authenticated by the organization can do the same through the TL 9000 administrator. Once access is gained, using the given Registration ID, a Registration ID Profile is created, and maintained.

3. Data Submission

One of the requirements of the TL 9000 registration is the reporting of the measurements data specific to that registration. The Registration Management System (RMS) facilitates online submission of this data on a monthly basis through its web-based interface in the Quest Forum Portal. Based on the product category, decide which all measurements should be collected against the selected product categories, as per the latest version of the measurement handbook. Start uploading to Quest website against the organization. At least 3 iterations of measurement data are required before starting the final assessment of TL 9000.

4. Assessment Process

Once the process of determining, collecting and analysis of measurement data has been formalized and initiated, and the quality management system has been updated to reflect all the TL 9000 Requirements, the company is ready to go for TL 9000 audit/assessment. The assessor/auditor needs to view the data confirmation reports received from the UTD (University of Dallas, TX) who maintain the RMS. If the assessment is successful, then a TL 9000 Certificate is issued. Information is sent to QuEST, and TL 9000 registration follows. Information is found within the QuEST Forum Portal (which includes access to the RMS) on the QuEST Forum website.

1. Interviewing the Project team

A quality audit can be done easily by interviewing the project manager as well as some of the project team members. Before starting the interview try to understand the project scope, known risks, problems etc. And even can have some quantitative analysis done, on effort variance or schedule slippage (assuming sufficient access permission is provided to pull the data for analysis). At the time of interview, auditor can ask about the project, current status etc. Even auditor can ask some pre-planned general questions to evaluate the knowledge of interviewee. (Generic questions could be based on the management system in the organization). Then observe how the interviewee responds to the questions. From his response itself, definitely there will be an opening to another question. The response might give you hints leading to a different set of questions. So an interview based audit is somewhat easy compared to a remote audit. But auditor has to lead the show; otherwise in order to hide non-conformances, auditor might get misled by the interviewee.

2. Check Tailoring

Project team will define their own process by suitably tailoring the Organizational Set of Standard Process (OSSP). These tailored processes should be submitted to process owners of the organization like Engineering Process Group, Only with their approval, the tailored process can be executed within the project. Auditor has to check the necessity of these tailoring, approval details etc. Also the auditor has to ensure that the tailored process is not a risk to the organizational business needs.

3. Project compliance audit

Normally project activities are executed as per a plan. Plan could be a management plan, test plan, integration plan, configuration management plan, QA plan or an integrated master plan. If there is a template defined for these plans, it would be adhering to the organizational practices. Thereby a plan template will detail all the processes which are supposed to be executed within the project as demanded by the organization complying to specific standards/models. So during a project audit, it is very important to ensure that the project plan used is in line with the template defined in the organization. It has to be ensured that the sections in the template are not removed while taken for the project. Each section in the plan might be a specific practice to be adhered. So there are chances of sections being removed if project team do not want to practice it.

4. Plan based audit

After ensuring that the plans are compliant to the organizational template, go through the plan section by section. Plan will direct you to each artefact in the Configuration Management (CM) tool. Take the respective artefact or Configurable Item (CI) and do a configuration audit on the CI. CM audit cannot be done on the entire CIs, so do it randomly. While checking the CI for process compliance, it may lead to another audit. Say for example, if a requirement document is taken, first check the contents for completeness and correctness. Check whether any legal or regulatory requirements are mentioned. If mentioned, trace it out in the lower level documents like design. If it cannot be traced, it could be a noncompliance. Then ensure other CM aspects of the requirement document like document history. If reviewer column is unfilled in the document history, check whether review is actually done or not, assuming review is not tailored. Likewise, audit goes on. Then go back to project plan and continue with next section.

5. CM audit

Functional and physical configuration management audit needs to be done on work products. Functional configuration audits are a kind of work product audits. It is done to ensure the functional performance of the work products. As a part of Physical configuration audit check the correct versions, ensure properly filled in document history/amendment record, impact analysis document for changes, change tracking sheet traceability document etc.

6. Quantitative Data Audit

Auditor can randomly verify the data collected. If there are some specific measures to be collected as instructed by the organization or customer, ensure the availability of the same. Auditor can check the integrity of collected data. In addition check whether corrective actions planned in the milestone analysis are implemented inside the project or not.

7. Workproduct audit

In addition to process audits, work products are also audited to check compliance. CMMI PA- PPQA talks about the same. Auditor has to do some sample validation of final work products. If it is a product, probably testing might be a mechanism for work product audit. It need not be a regular testing as done by testers. Instead, auditor can take some sample Test Cases, a representative sample Test Cases which are already certified as ‘passed’ by testers and execute those Test Cases to ensure compliance

.

8. CAPA based audit

As part of internal quality audits, corrective actions are planned for non-conformances. During course of time, those actions/plans are usually ignored. Auditor has to ensure the compliance to those corrective or preventive actions

9. Audit of customer driven points

Inside the project, there may be a lot of customer reported issues, customer feedbacks, complaints etc. Timely analysis and proper actions needs to be taken on all those points. Audit must check and report deviations if the issues are not addressed.

10. Check List based audit

Finally take the audit checklist and ensure coverage. A checklist based audit is not a recommended practice. Checklists may make your audit a machine kind. But checklists can definitely be used to ensure coverage in the final stage of your audit.