OMG Homepage MDA Homepage CORBA Homepage MOF Homepage UML Homepage CWM Homepage XMI Homepage DDS Homepage OMG MARTE BPMN Homepage SysML Homepage banner

Julie Pike
+1-781-444 0404  

Director of CISQ Responds to Proposed SEC Rule
Calls out importance of quality and security in automated systems supporting U.S. securities market

Needham, MA- 09-10-2013-The Consortium for IT Software Quality (CISQ) is proud to announce that its Director, Dr. Bill Curtis, submitted comments on the consortium's behalf to the Securities and Exchange Commission (SEC) regarding proposed rule, "Regulation Systems Compliance and Integrity- Rule 1000(b)(1)".

In the responses, Dr. Curtis made recommendations to ensure that critical structural weaknesses would be detected and fixed. Specific recommendations include:
SCI entities should incorporate measurements of cost, quality, operational performance, and business risk of SCI software in development and testing methods;

  • The structural quality of SCI Security Systems should be evaluated and measured, since many software security vulnerabilities result from poor structural quality;
  • SCI systems should be reviewed and tested prior to each software release; and
  • Policies compliant with the proposed rule should include a broader range of standards than currently proposed, including CISQ's standard measure of structural quality characteristics such as reliability and security.

The proposed Rule 1000(b)(1) would require regulated organizations to implement practices that ensure the capacity, integrity, resiliency, availability, and security of automated systems supporting US securities markets. It would be applied to self-regulatory organizations (including registered clearing agencies), alternative trading systems, plan processors, and exempt clearing agencies subject to the Commission's Automation Review Policy. These SCI entities would be required to comply with requirements specific to the automated systems that support the performance of their regulated activities.

To view Part 1 and Part 2 of Dr. Curtis's response letters, visit the CISQ website at

About CISQ 
The Consortium for IT Software Quality (CISQ) is an IT industry leadership group comprised of IT executives from the Global 2000, system integrators, outsourced service providers, and software technology vendors committed to introduce a computable metrics standard for measuring software quality and size. CISQ is a neutral, open forum in which customers and suppliers of IT application software can develop an industry-wide agenda of actions for improving IT application quality and reduce cost and risk. For more information, visit

Note to editors: For a listing of all OMG trademarks, visit  All other trademarks are the property of their respective owners.

Copyright © 1997-2017 Object Management Group, Inc. All Rights Reserved. For questions about the WEBSITE , please contact
For TECHNICAL questions, please contact
Contact BD for info on joining OMG at
Explorer versions 6.0 or later or any browser capable of viewing JavaScript and CSS 2.0. The site is using
DHTML JavaScript Menu By