The Consortium for Information & Software Quality™ (CISQ™) is a not-for-profit IT leadership group that develops standards for automating software measurement from source code - this includes measures of software size, structural quality, technical debt, and related metrics. The standards written by CISQ enable IT and business leaders to measure the risk IT applications pose to the business, as well as estimate the cost of ownership. CISQ was co-founded by the Object Management Group® (OMG®) and Software Engineering Institute (SEI) at Carnegie Mellon University. The specifications are submitted to the OMG and ISO for approval as international standards.
We're in an era of "nine-digit defects" where IT outages, security breaches, and performance degradation issues can cost organizations in the millions of dollars. Software quality is a Board room issue.
The Information Technology (IT) industry needs standard measures for evaluating software quality. In fact, all industries that rely on software-intensive systems need these metrics to assess the risk and cost of their digital assets and platforms. Automated measurement is critical given the complexity of modern systems, the fast pace of development, and the future of auto-generated code (think AI).
Establishing a global standard for software structural quality is an important step for enabling these measures to be used in acquiring IT services from suppliers or for apples-to-apples comparison in benchmarking applications and the quality of new development. CISQ fills a critical void since there are no other standards bodies developing standards for automating the measurement of size and quality from the source code of a software system.
CISQ submits its specifications to OMG and ISO for approval as international standards.
With regards to software quality, CISQ supplements the ISO/IEC 25000 series of standards. ISO defines software quality characteristics and CISQ automates their measurement through tooling. The code quality measures were developed by CISQ using definitions in ISO/IEC 25010, the international standard that defines eight software quality characteristics and their subcharacteristics. The measures supplement ISO/IEC 25023, the standard that enumerates measures of the various subcharacteristics. The CISQ measures are quantified from the automated analysis of source code (via static analysis) to identify architectural and coding weaknesses in the software. Dr. Bill Curtis, Founding Executive Director of CISQ, is on the ISO/IEC 25000 team. For more information, read CISQ Supplements ISO/IEC 25000 Series with Automated Quality Characteristic Measures.
With regards to software sizing, the Automated Function Point (AFP) standard developed by CISQ and standardized by OMG was also approved by ISO. The AFP standard is ISO 19515:2019.