Study On Quality Management Strategy Of Cybersecurity Assessment Service Of QA Company

As China’s reform and opening up enters its fourth decade,the country’s economy is developing at a rapid pace.In order to ensure the stable and efficient operation of all kinds of businesses built on top of the network,cybersecurity assessment,as the first link of cybersecurity assurance,has received more and more attention in this context.As cybersecurity assessment services are still a new industry,there is relatively little research on the quality management of such services in the industry,and various cybersecurity assessment service providers are only managing the quality of their services to a limited extent through the requirements of their own project management,without studying and promoting quality management as an important management system.Among the quality management issues,how to provide customers with constantly optimized and higher quality assessment services,and how to increase the value of assessment services to customers are the main issues faced by cybersecurity assessment service providers;how to combine the company’s own characteristics,set appropriate quality management objectives,so as to effectively improve the company’s quality management level is the core issue that cybersecurity assessment service providers need to face.In this paper,three dimensions of life cycle,management elements and environmental factors are used: 1.Gap evaluation analysis of three managers of QA company on the project management process of cybersecurity assessment services using total quality management theory;2.Gap analysis of three managers of QA company on the control points of management system and ISO9000 standard requirements using quality management standard system;3.Using the Service Quality Gap Model interviews were conducted with23 stakeholders to evaluate the quality of QA’s cyber security assessment service project.The quality management issues identified in the above three dimensions were then coded and identified using the coding method of the rooting theory.After the coding of the three dimensions was completed,the findings were quantified and calculated,and a baseline was set based on the quantified results,and issues with quantified scores below the baseline were identified.After identifying the quality management issues in the three dimensions,the identified quality management issues were cross-analyzed and summarized,resulting in six core quality management issues for QA’s cybersecurity assessment services: 1.imperfect process management of cybersecurity assessment services,2.inadequate management system of cybersecurity assessment services,3.lack of skills training and awareness education mechanism in the company,4.lack of communication management of the whole service Lack of communication management for the whole process,5.Imperfect quality control measures for the whole life cycle,and 6.Lack of continuous service after delivery.In the end,six specific quality management strategies were formulated to address the core issues of QA’s cybersecurity assessment service quality management: improving the cybersecurity assessment service process management framework,improving the cybersecurity assessment service quality management system,establishing skills training and awareness education mechanisms,focusing on service process communication management,establishing whole life cycle quality control and improving post-delivery continuous services.After formulating the corresponding quality management strategies,the existing cybersecurity assessment service process management and the overall management system of QA Company have been updated and improved,and relevant system documents and templates have been implemented and implemented,achieving certain practical results.Through the use of advanced and effective quality management theories and methods,a quality management strategy was formulated to address the core issues of QA’s cybersecurity assessment service quality management,and the strategy was effectively implemented and executed through three safeguards: organizational structure,assessment mechanism and service awareness,and the quality management level of QA’s cybersecurity assessment service was effectively improved.The study provides a reference for the implementation of quality management in network security assessment services through the application of theories and methods related to quality management,while looking for effective strategies to improve the quality management of network security assessment services in the QA company.