Development of complex products is always a regulated environment. Examples are standards set by governing bodies like the FAA or FDA, ISO or IEEE standards, quality, safety, security, environmental, or health standards, or market requirements like Automotive SPICE. Managing compliance with all relevant standards is a key aspect of process management.
Stages enables process managers to map their processes against standards, detect and close gaps, and generate evidence for audits, assessments, and appraisals.
Watch our intro videos on compliance here.
The basic idea is to break down the standard documents into their individual requirements and map the processes against those requirements. The standard requirements are modeled as a process, which is marked as a reference model.
Typically a process has to comply only with specific sections of a reference model. Those sections are called scopes. The processes are then mapped against these scopes.
To define that a process needs to be compliant with to a set of reference model scopes, use the Management > Compliance
menu and add them via the Add Reference Model
button.
To start the mapping, click or tap on the reference model name. Stages then shows the reference model, but only those parts that are covered by the assigned scopes. Use the navigation to drill down to the requirements.
To allow a quick overview which standard requirements are already mapped and where there are still gaps, the coverage of each requirement is also shown in the navigation (1).
To assign process content to a specific requirement, use the context menu in Compliance References
box (2) . The assignment works exactly the same as in assigning process elements to each other. You can use the element comment for each assignment to record details about each mapping, e.g. which chapter of a work product covers the standard requirement.
Finally, it can be defined how well a set of mappings covers a standard requirement. To set the coverage, use the context menu in the Compliance Coverage
box (3) .
Defining the correct coverage is typically expert judgement, but you can use the following scheme as an orientation:
You can also take notes, e.g. why you mapped those element or aspects that are still missing.
To finish the mapping, use the X in the top right corner that shows both the reference model name and the name of the workspace where the process resides.
The above video shows the whole sequence of actions to assign reference model scopes, map the process to the individual requirements, and finally determine the coverage of the mappings.
Some process participants need to understand why a certain activity or work product is required. This can be accomplished by using the Compliance
perspective when viewing the process content.
This perspective is configurable, but normally shows the description of the process element and its compliance mappings side-by-side. The users can follow the links to the respective compliance requirements, ideally by opening the link in a new browser tab or window.
While modeling a process it can be useful to directly map new elements to compliance requirements. This can be done directly from the Compliance
perspective.
To create a mapping, click or tap on the context menu in the compliance box, select the reference model, and assign the current element to a specific compliance requirement via search or browse. You can also add a comment to this specific mapping via the Edit Comment
function.
As you are mapping from the element view, it is not possible to adjust the coverage or leave general notes on the whole standard requirements. To do this, use the functionality described above.
Starting with Stages version 7.10, compliance mappings are also visible on the reference model side.
In the above example, the mappings to various process elements are displayed directly in the Automotive SPICE reference model.
To see how the compliance requirements can be traced to the process content, use the pre-defined Compliance Traces report. It is typically installed in Reports > Compliance > Compliance Traces
.
To generate the traces, select the desired reference model scopes and run the report.
The report shows the compliance requirements and the process content that is mapped to them. It also contains the coverage, notes, and other information. There are direct links to the compliance requirements and the mapped process element. The links automatically open a new browser tab.
In some cases, it saves a lot of time to map reference models onto each other. If you would like to also include those indirect traces, switch on Include Mappings across Reference Models
.
Finally, the traces can be exported to Excel via the normal report Excel export.
The same report can also be used to find the compliance gaps. Simply set Include Gaps
to “Yes” or “Only Gaps” and run the report as described above.
To generate the evidence for audits, assessments, or appraisals, the same report can be used. Simply run the report in the workspace containing the project's valid process. If a compliance requirement is mapped to a work product with files, those are included in the Evidence
column.
The report results can be imported into common appraisal tools like Appraisal Wizard and Capability Advisor, so auditors can start their assessment right away.
These pre-defined reports can be modified by the customer. Individual reports can also be created. See here for more info on how to create custom reports.