Man meets system, man loses system…it’s the old, old story.
Well, that’s your opinion…
What’s the acceptable tolerance?
[/QUOTE]
You’ll have to ask your mother about that.
Regards,
Shodan
Moved to… IMHO?
Well if you don’t know where you put it, I’m not sure how you can expect us to know.
If only there was quality system on this message board to track changes.
I’m sorry Dave, but I’m afraid I can’t do that.
If the ISO standards aren’t what you’re talking about, look into
“Change control”
In software, it was “Configuration Management” - which tracks from suggested change through de-install.
Which, hopefully will not be the first change, although I know of one system placed on immediate, indefinite manual-override HOLD after it’s one and only execution.
Another was run for about 3 months (to avoid litigation) before being unplugged.
Ya know - maybe I could write a book about software security and change control…
Wow. Thank you so much for the feedback. I just never thought that it would be this difficult. I have to ask my dad for a raise then.
I made some research as well and you are correct, I should ask some professional about Software Change Management and hopefully they can help us. I will give you and update soon. Thanks for all the help.
Your OP had very little information, the fedback you got was mostly shots in the dark.
“Software Change Management” and “Software FOR Change Management” (what you actually linked) are two very different things; also, “Quality System” can refer to your Quality Management System (what people have mostly guessed) but many people use it to refer to Quality Control (which is only a part of QM).
What industry are you in? ISO9001 is the general QM standard, but many industries have specific ones. Does your father’s company currently follow any specific quality standard? Is the loopholes problem linked only to people making unauthorized changes, or is it linked to not being able to track what has been authorized, by whom, when? We need more information, or all you’ll get is more shots in the dark.
One of the things I’m doing in my current project is move the customer from a paper-based change management model to electronic: the process is exactly the same, the only difference is that documents are electronic and if two people need to access the folder at the same time they can do so without chasing it all over the factory. You sound like you’re looking for, quite literally, a Deus Ex Machina, but software will not fix a bad process; you need to fix the process, and probably the discipline issues. And fixing the discipline issues may involve telling people why this or that piece of paper is needed: if all they see is that they are told to spend half an hour filling a document so they can run a five-minute fix, they won’t do it. Once people believe in the process, they will follow it.
In my experience (mainframe system development), there was much lip service given to Change Control and Quality Assurance.
Lots of lip service and very little money.
Until the shit hit the fan - then the money would come.
The system which failed spectacularly was actually implemented via ChangeMan - a very nice configuration management tool - and the developer (whom I had known to screw up another project) refused to approve it.
The user demanded the system (which was contained in two ChangeMan packages) be signed off, and ChangeMan did its usual efficient job of installing it.
It was a very well executed install, well documented change. It was also pure CRAP (a $6,000,000 error on its first execution).
Do not mistake Change Management with Quality - as long as somebody approves it, the system cannot know if the approval is based on test results or political bullshit.
If you go with a package, make sure the person installing and configuring the package understands who can and who must approve a change.
p.s. - it is the “5 minute” fixes which come back to bite you.
I did some work for an insurance company - the heart of any insurance company is the Adjudication system - Claim Processing - specifically the pay/decline decision.
This company had been doing the “quick fix” for so long they no longer were certain what the source code for that module was.
Best guess was that they could “probably” re-create the executable.
Another shop (bank) had a system which, for years, simply moved the load module (the executable) from the Test machines to the Production machines. Re-compiling the system from existing source was impossible. I was able to get all the change decks from each programmer and end up with a system which was reproducible.
Software will not prevent screw-ups; it may create an audit trail of the screw-up.
In my experience (software as the medical device, for cancer treatment, dose calculations and charting; also includes HW dev & manufacturing), you must have a change control system to ensure your quality system remains compliant. Change control can be manual or automated, but the process is the key, and it must be a robust one.
Nava’s point is well-taken here:
If the process is broken then if it’s implemented by software, all you’ll get is more problems, faster.
A good point here.
Hell, I’ve been doing QM for 20-some years, I hope I’ve learned something about it along the way 
Any feedback about ETQ’s Change Management Software?
Carmella Edison, meet Phyllida Dickinson.
Phyllida Dickinson, Carmella Edison.
Carmella, Phyllida.
Phyllida, Carmella.
Carm, Phyl… Phyl, Carm.