Scorecard and KPIs to Measure Quality
The CISQ code quality standards for Security, Reliability, Performance Efficiency and Maintainability are used as KPIs (Key Performance Indicators) in a scorecard to indicate the level of quality or risk in a given release. By measuring software quality over time, an organization has KPIs readily available for internal and external uses – for example, in reporting to a regulatory body or a client. Scorecards are often used in governance meetings with partners.
Example Vendor Scorecard
| All Vendors | Vendor 1 | Vendor 2 | ||||
|---|---|---|---|---|---|---|
| Quality Characteristics | Original | Current | Original | Current | Original | Current |
| Security | 2.88 | 2.4 (-17%) | 2.68 | 2.67 (-.01%) | 2.68 | 2.7 (+.8%) |
| Reliability | 3.05 | 2.99 (-2%) | 3.19 | 2.89 (-14%) | 3.11 | 3.2 (+.5%) |
| Performance Efficiency | 2.93 | 2.99 (+2%) | 2.99 | 2.83 (-1.3%) | 2.79 | 2.84 (+.3%) |
| Maintainability | 2.88 | 3.01 (+5%) | 2.68 | 2.08 (-17%) | 2.31 | 2.7 (+18%) |
Scale: 1.0 - 4.0 (low-to-high quality score) a measure of critical violations / software size