Differences

This shows you the differences between two versions of the page.

--- 73:compliance [2019/03/28 22:07] – emr
+++ 73:compliance [2024/02/15 00:00] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
 ====== Manage Compliance ======
-Development of complex products is always a regulated environment. Examples are standards set by governing bodies like the FAA or FDA, ISO or IEEE standards, quality, safety, security, environmental, or health standards, or market requirements like CMMI or Automotive SPICE. Assuring compliance with all relevant standards is a key aspect of process management.
+Development of complex products is always a regulated environment. Examples are standards set by governing bodies like the FAA or FDA, ISO or IEEE standards, quality, safety, security, environmental, or health standards, or market requirements like Automotive SPICE or CMMI. Manage compliance with all relevant standards is a key aspect of process management.
 Stages enables process managers to map their processes against standards, detect and close gaps, and generate evidence for audits, assessments, and appraisals.
+**Watch our basic videos on compliance [[https://www.youtube.com/playlist?list=PL7Za7yI9SGwIkr0Elhg39yFDoP6FZbl6q|here]].**
 ===== Map Processes against Standard Requirements =====
@@ Line 11: / Line 13: @@
 Typically a process has to comply only with specific sections of a reference model. Those sections are called [[:general:reference_model|scopes]]. The processes are then mapped against these scopes.
-{{  :73:compliance-assignscopes.png?direct&801x393  }}
+[[https://doc.stagesasaservice.com/lib/exe/fetch.php?media=73:compliance-assignscopes.png|{{  :73:compliance-assignscopes.png?direct&801x393  }}]]
 To define that a process needs to be compliant with to a set of reference model scopes, use the ''Management > Compliance'' menu and add them via the ''Add Reference Model'' button.
@@ Line 17: / Line 19: @@
 To start the mapping, click or tap on the reference model name. Stages then shows the reference model, but only those parts that are covered by the assigned scopes. Use the navigation to drill down to the requirements.
-To allow a quick overview which standard requirements are already mapped and where there are still gaps, the rating of each requirements is also shown in the navigation **<font inherit/inherit;;#ecf0f1;;#e74c3c>(1)</font>**.
+To allow a quick overview which standard requirements are already mapped and where there are still gaps, the coverage of each requirement is also shown in the navigation **(1)**.
-To assign process content to a specific requirement, use the context menu in ''Compliance References'' box <font inherit/inherit;;#ecf0f1;;#e74c3c>**(2)**</font> . The assignment works exactly the same as in assigning process elements to each other. You can use the element comment for each assignment to record details about each mapping, e.g. which chapter of a work product covers the standard requirement.
+To assign process content to a specific requirement, use the context menu in ''Compliance References'' box **(2)** . The assignment works exactly the same as in assigning process elements to each other. You can use the element comment for each assignment to record details about each mapping, e.g. which chapter of a work product covers the standard requirement.
-{{  :73:compliance-mapping.png?direct&801x393  }}
+[[https://doc.stagesasaservice.com/lib/exe/fetch.php?media=73:compliance-mapping.png|{{  :73:compliance-mapping.png?direct&801x393  }}]]
-Finally, a set of mappings can be rated against a standard requirement. To set the rating, use the context menu in the ''Compliance Rating'' box <font inherit/inherit;;#ecf0f1;;#e74c3c>**(3)**</font> .
+Finally, it can be defined how well a set of mappings covers a standard requirement. To set the coverage, use the context menu in the ''Compliance Coverage'' box **(3)** .
-Defining the correct rating is typically expert judgement, but you can use the following rating scheme as an orientation:
+[[https://doc.stagesasaservice.com/lib/exe/fetch.php?media=73:compliance-rating.png|{{  :73:compliance-rating.png?direct&300x247  }}]]
+Defining the correct coverage is typically expert judgement, but you can use the following scheme as an orientation:
   * Zero Stars (None): The process does not cover the requirement at all.
@@ Line 33: / Line 37: @@
 You can also take notes, e.g. why you mapped those element or aspects that are still missing.
-{{  :73:compliance-rating.png?direct&300x247  }}
 To finish the mapping, use the X in the top right corner that shows both the reference model name and the name of the workspace where the process resides.
-The following video shows the whole sequence of actions to assign reference model scopes, map the process to the individual requirements, and finally rate the mappings.
+{{ youtube>j5qlrl1jCUk?large&rel=0 }}
-TODO: video
+The above video shows the whole sequence of actions to assign reference model scopes, map the process to the individual requirements, and finally determine the coverage of the mappings.
-===== Show Compliance Mappings in Process Content =====
+===== View Compliance in Process Context =====
-Some process participants need to to understand why a certain activity or work product is required. This can be accomplished by using the ''Compliance''  perspective when viewing the process content.
+Some process participants need to understand why a certain activity or work product is required. This can be accomplished by using the ''Compliance''  perspective when viewing the process content.
-TODO: screen shot
+[[https://doc.stagesasaservice.com/lib/exe/fetch.php?media=73:compliance-viewmappings.png|{{  :73:compliance-viewmappings.png?direct&801x393  }}]]
 This perspective is configurable, but normally shows the description of the process element and its compliance mappings side-by-side. The users can follow the links to the respective compliance requirements, ideally by opening the link in a new browser tab or window.
-===== Show Gaps and Generate Evidence =====
+===== Show Compliance Traceability =====
+To see how the compliance requirements can be traced to the process content, use the pre-defined Compliance Traces report. It is typically installed in ''Reports > Compliance > Compliance Traces''.
+To generate the traces, select the desired reference model scopes and run the report.
+[[https://doc.stagesasaservice.com/lib/exe/fetch.php?tok=056789&media=https://doc.stagesasaservice.com/lib/plugins/ckgedit/fckeditor/userfiles/image/73/compliancetraces_1.png|{{  https://doc.stagesasaservice.com/lib/plugins/ckgedit/fckeditor/userfiles/image/73/compliancetraces_1.png?direct&800x409  }}]]
+The report shows the compliance requirements and the process content that is mapped to them. It also contains the coverage, notes, and other information. There are direct links to the compliance requirements and the mapped process element. The links automatically open a new browser tab.
+In some cases, it saves a lot of time to map reference models onto each other. If you would like to also include those indirect traces, switch on ''Include Mappings across Reference Models''.
+Finally, the traces can be exported to Excel via the normal report Excel export.
+===== Show Compliance Gaps =====
+The same report can also be used to find the compliance gaps. Simply set ''Include Gaps''  to "Yes" or "Only Gaps" and run the report as described above.
+===== Generate Evidence =====
+To generate the evidence for audits, assessments, or appraisals, the same report can be used. Simply run the report in the workspace containing the project's valid process. If a compliance requirement is mapped to a work product with files, those are included in the ''Evidence''  column.
-TODO: Use pre-defined reports
+The report results can be imported into common appraisal tools like //Appraisal Wizard//  and //Capability Advisor//, so auditors can start their assessment right away.
 These pre-defined reports can be modified by the customer. Individual reports can also be created. See [[:72:custom_reports|here for more info on how to create custom reports]].