January 2017

Standards Update

Extending Quality Metrics to Embedded Systems

To recap the last year, CISQ's specification for Automated Enhancement Points was approved as a standard, the Automated Function Points standard was submitted through OMG's fast track to ISO JTC1 SC1 WG6, and the Technical Debt specification is nearing approval. Over the course of January we have surveyed developers on the time it takes to fix software weaknesses. This is to supplement the Technical Debt measure. If you can, please take our Technical Debt survey. We are giving away Amazon gift cards as a thank you for your time. Thanks for your replies.

CISQ will participate in the revision of ISO/IEC 25010 which defines software quality characteritics. This revision will trickle through the entire 25000 series and is expected to provide an opportunity for the CISQ/OMG Automated Quality Characteristic Measures to make their way into the 25000 series as a Appendix or a separate standard. 

Our plan this year is to extend the Automated Quality Characteristic Measures to embedded and real-time systems. This is important given the rise of IoT (Internet of Things) and its impact on security and resiliency. Other initiatives will be announced in the coming months.

CISQ continues to be active in outreach and policy. Make plans to join us at the Cyber Resilience Summit on March 21 in Reston, VA. We're hosting a European event on June 6 in Brussels with attendees from NATO and the EU. 

Dr. Bill Curtis
Executive Director


Cyber Resilience Summit
 March 21, Hyatt Reston Town Center, Reston, VA

Join 150 of your peers for this educational event. 

As the journey to secure our nationís IT cyber infrastructure gains momentum, it is important to apply proven standards and methodologies that reduce risk and help us meet objectives for acquiring, developing and sustaining secure and reliable software-intensive systems. The theme of our upcoming Cyber Resilience Summit is Securing Systems inside the Perimeter. There are participants from DoD, many federal agencies, FFRDCs (MITRE, SEI..), and industry. Maj Gen Dale Meyerrose, former DNI CIO, is confirmed to keynote. Government registration is complimentary; industry $95. 


Impact Policy in the Financial Services Industry 

The U.S. Department of the Treasury,  Federal Reserve System, and Federal Deposit Insurance Corporation have issued a request for comments titled, Enhanced Cyber Risk Management Standards (PDF download).

These agencies are exploring best practices to increase the operational resilience of large and interconnected entities serving the financial services industry. 

CISQ members have submitted comments promoting the use of structural quality standards in this regulation. To reinforce the message, we encourage you to respond. They are still accepting comments beyond the January 17 deadline. 

For more information, send us a note

Upcoming Events

Gartner CIO Leadership Forum, February 26-28 in Phoenix, AZ. CISQ is a partner sponsor. Save $300 with the code GARTCISQ. 

AFCEA Mobile Tech Summit, March 1 in Washington, DC. CISQ is a partner sponsor. 

Gartner Data & Analytics Summit, March 6-9 in Grapevine, TX. CISQ is a partner sponsor. Save $300 with the code GARTCISQ.

SEI's Software Solutions Symposium, March 20-23 in Arlington, VA. CISQ presents a half-day tutorial on software measurement and a presentation on software sizing and structural quality standards. 

MTD 2017: The Ninth International Workshop on Managing Technical Debt, May 22 in Cologne, Germany. CISQ is attending. 

View CISQ's Event Calendar 

If you're attending these events --  send us a note.


Thank You CISQ Sponsors

About CISQ
The Consortium for IT Software Quality (CISQ) is an IT industry leadership group comprised of IT executives from the Global 2000, system integrators, outsourced service providers, and software technology vendors committed to introduce computable metrics standards for measuring software quality and size. CISQ is a neutral, open forum in which customers and suppliers of IT application software can develop an industry-wide agenda of actions for improving IT application quality and reduce cost and risk. 

By accepting this email and not responding with an unsubscribe request, you have consented or "opted in" to receive additional correspondence and promotions from OMG and its associated partners and sponsors. Should you wish to opt-out in the future please visit