ISO/IEC TR 33023:2024

Technical
Report
ISO/IEC TR 33023
First edition
Information technology — Process
2024-10
assessment — Application of ISO/
IEC TS 33073 processes to the
ISO/IEC 33020 process capability
measurement scale
Technologies de l'information — Évaluation du processus —
Application des processus ISO/IEC TS 33073 à l'échelle de la
mesure de la capacité de processus de l'ISO/IEC 33020
Reference number
© ISO/IEC 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
© ISO/IEC 2024 – All rights reserved
ii
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Content of the process capability measurement framework . 1
4.1 General .1
4.2 Relationships between model elements.2
Annex A (informative) Associations between the ISO/IEC 33020 process attribute outcomes,
ISO/IEC TS 33073 process outcomes and information items . 3
Annex B (informative) Associations between the ISO/IEC 33020 generic practices, ISO/
IEC TS 33073 base practices and information item characteristics .22
Annex C (informative) Listing of the information items and their characteristics .40
Annex D (informative) Establishing the traceability between model elements with reference to
ISO/IEC/IEEE 24774:2021, Annex B .66
Bibliography .68

© ISO/IEC 2024 – All rights reserved
iii
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical activity.
ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations,
governmental and non-governmental, in liaison with ISO and IEC, also take part in the work.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/
IEC Directives, Part 2 (see www.iso.org/directives or www.iec.ch/members_experts/refdocs).
ISO and IEC draw attention to the possibility that the implementation of this document may involve the
use of (a) patent(s). ISO and IEC take no position concerning the evidence, validity or applicability of any
claimed patent rights in respect thereof. As of the date of publication of this document, ISO and IEC had not
received notice of (a) patent(s) which may be required to implement this document. However, implementers
are cautioned that this may not represent the latest information, which may be obtained from the patent
database available at www.iso.org/patents and https://patents.iec.ch. ISO and IEC shall not be held
responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www.iso.org/iso/foreword.html.
In the IEC, see www.iec.ch/understanding-standards.
This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 7, Software and systems engineering.
Any feedback or questions on this document should be directed to the user’s national standards
body. A complete listing of these bodies can be found at www.iso.org/members.html and
www.iec.ch/national-committees.

© ISO/IEC 2024 – All rights reserved
iv
Introduction
This document provides a mapping of the ISO/IEC TS 33073 processes to the ISO/IEC 33020 process
attributes with the intent of demonstrating support for the levels 1 to 3 of the ISO/IEC 33020 process
capability measurement framework.
This document is primarily addressed to developers of process assessment models for the process quality
characteristic of process capability. It is also addressed to the lead assessor and other stakeholders, such as
the sponsor of the assessment, who need to be assured that the requirements of the ISO/IEC 33020 process
measurement framework have been met.
Within this document:
— Clause 4 provides a summary description of the relationship between the ISO/IEC 33020 process
attribute outcomes and the ISO/IEC TS 33073 processes.
— Annex A extends the summary mapping in Clause 4 by providing details of the relationship between the
ISO/IEC 33020 process attribute outcomes and the ISO/IEC TS 33073 process outcomes. Links to the
information items listed in Annex C are identified. These details are provided for validating by inspection
the relationships between the ISO/IEC 33020 process attribute outcomes and the ISO/IEC TS 33073
process outcomes.
— Annex B focuses on the relationships between the generic practices associated with ISO/IEC 33020 and
the ISO/IEC TS 33073 base practice descriptions. These model elements are linked via the information
item characteristics listed in Annex C.
— Annex C provides a listing of the applicable information items and their characteristics.
— Annex D provides an overview of the key concerns arising from the application of ISO/IEC/IEEE 24774
when attempting to demonstrate objective relationships between process model elements.

© ISO/IEC 2024 – All rights reserved
v
Technical Report ISO/IEC TR 33023:2024(en)
Information technology — Process assessment — Application
of ISO/IEC TS 33073 processes to the ISO/IEC 33020 process
capability measurement scale
1 Scope
This document provides a specification for associating the processes of ISO/IEC TS 33073 with the process
attribute outcomes of ISO/IEC 33020 with the intent of demonstrating support for levels 1 to 3 of the process
capability measurement scale defined in ISO/IEC 33020.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes
requirements of this document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
ISO/IEC 33001, Information technology – Process Assessment – Concepts and vocabulary
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 33001 apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
4 Content of the process capability measurement framework
4.1 General
In ISO/IEC 33020:2019, Clause 5 the relationship between process attributes and process capability levels is
described.
Process capability is defined in ISO/IEC 33020:2019 Clause 5 on a six-point ordinal scale that enables process
capability to be assessed from the bottom of the scale, 'incomplete', through to the top end of the scale,
'innovating'. The scale represents increasing capability of an implemented process, from failing to achieve
the process purpose through to continually improving and able to respond to process change.
The relationship between the process capability levels and the process attributes is show in Table 1.
In addition, a summary view is presented of the relationship of the process attributes to the processes
associated with ISO/IEC TS 33073.
The process ORG-03 supplier management from ISO/IEC TS 33073:2017 do not appear in the list in Table 1.
The outcomes of this process do not have any discernible relationship to the process attribute outcomes of
ISO/IEC 33020.
The name of the process ORG-01 (asset management) has been renamed in this document as customer
property management in order to bring it in line with the intent of ISO 9001:2015, 8.5.3 (property belonging
to customers or external providers).

© ISO/IEC 2024 – All rights reserved
A knowledge management process (COM-12) has been added to the ISO/IEC TS 33073 common processes
list. This process has been added to support the intent of ISO 9001:2015, 7.1.6 (organizational knowledge). In
order to support the intent of ISO/IEC 33020:2019 PA 3.1 and 3.2, COM-12 is supported in this document as
COM-12A (Knowledge Management: Establish) and as COM-12B (Knowledge Management: Maintain).
Table 1 — Relationship between the ISO/IEC 33020 process capability levels and process attributes,
and the ISO/IEC TS 33073 processes
Process ca- ISO/IEC 33020:2019 process attrib- Reference ISO/IEC TS 33073:2017 processes
pability level ute outcomes
1 5.2.3.2 PA 1.1 Process performance - The processes in this group are typically
process attribute identified in the assessment scope. Certain
processes in ISO/IEC TS 33073, namely, ORG-
01, and members of the TEC process group,
are likely candidates.
2 5.2.4.2 PA 2.1 Performance manage- COM-01 Communication management
ment process attribute
COM-11 Risk management
TEC-05.1 Product/service planning
TEC-05.2 Product/service control
2 5.2.4.3 PA 2.2 Documented informa- COM-02 Documentation management
tion management process attribute
TEC-01 Configuration management
3 5.2.5.2 PA 3.1 Process definition pro- COM-03.1 Human resource management: Determine
cess attribute competencies
COM-08 Operational planning
COM-10.1 Performance evaluation: Establish
COM-12.1 Knowledge management: Establish
TOP-01 Leadership
3 5.2.5.3 PA 3.2 Process deployment COM-03.2 Human resource management: Provide
process attribute competencies
COM-06 Management review
COM-09 Operational implementation and control
COM-12.2 Knowledge management: Maintain
ORG-02 Measurement resource management
3 5.2.5.4 PA 3.3 Process assurance pro- COM-04 Improvement
cess attribute
COM-05 Internal audit
COM-07 Non-conformity management
COM-10.2 Performance evaluation: Perform
TEC-02 Process changes
4.2 Relationships between model elements
The rationale for the selection of the ISO/IEC TS 33073 processes and their associations with the
ISO/IEC 33020 process attribute outcomes can be found in Annexes A and B.
Annex A elaborates the summary mapping in Clause 4 by providing extended details of the relationship
between the ISO/IEC 33020 process attribute outcomes and the ISO/IEC TS 33073 process outcomes. Links
to the information items described in Annex C are provided in a summary format. The level of detail provides
the basis for validating by inspection the relationships between the ISO/IEC 33020 process attribute
outcomes and the ISO/IEC TS 33073 process outcomes.
Annex B focuses on the relationships between the ISO/IEC 33020 generic practices and the ISO/IEC TS 33073
base practice descriptions. These model elements are linked via the information item characteristics, as
listed in Annex C.
© ISO/IEC 2024 – All rights reserved
Annex A
(informative)
Associations between the ISO/IEC 33020 process attribute outcomes,
ISO/IEC TS 33073 process outcomes and information items
A.1 General
This annex describes the relationships between the ISO/IEC 33020 process attribute outcomes and
the ISO/IEC TS 33073 process outcomes. The model outcomes are linked by applicable information item
characteristics, as described in Annex D.
A.2 Associations between the ISO/IEC 33020 process attribute outcomes, ISO/IEC TS
33073 processes and information items
Information item characteristics provide the link between the ISO/IEC 33020 process attribute outcomes
and the ISO/IEC TS 33073 process outcomes. Each linked information item in Table A.1 is indicated by its
reference label and name, and the reference number of the characteristic.
Table A.1 provides the basis for a detailed validation by inspection of the associations between the
ISO/IEC 33020 process attribute outcomes and ISO/IEC TS 33073 process outcomes in accordance with
ISO/IEC/IEEE 24774:2021, Annex B model mapping considerations.
Table A.1 — Associations between the ISO/IEC 33020 process attribute outcomes, ISO/IEC TS 33073
process outcomes and information item characteristics
ISO/IEC Description ISO/IEC TS Description ISO/IEC TS
33020:2019 33073:2017 33073:2017 infor-
process processes mation items
attribute
outcomes
5.2.3.2 PA 1.1 Process perfor- ORG-01 Customer property manage- 07-1 Product asset
mance process attribute ment 1)
1) the process achieves its 1) Items requiring customer
defined process outcomes. property management are iden-
tified.
ORG-01 Customer property manage- 08-46 Product asset
ment communication
2) Customer property status is record
known. 1)
ORG-01 Customer property manage- 08-46 Product asset
ment communication
3) Changes to customer supplied record
product under management is 1)
controlled.
ORG-01 Customer property manage- 07-1 Product asset
ment 2)
4) The integrity of customer sup-
plied product is assured.
TEC-03 Product/ service changes 11-13 Product/ser-
1) Product/ service change vice design change
requests are identified and clas- request
sified. 1)
© ISO/IEC 2024 – All rights reserved
TTabablele A A.11 ((ccoonnttiinnueuedd))
ISO/IEC Description ISO/IEC TS Description ISO/IEC TS
33020:2019 33073:2017 33073:2017 infor-
process processes mation items
attribute
outcomes
TEC-03 Product/ service changes 08-54 Product/ser-
2) Product/ service change re- vice design change
quests are assessed using defined evaluation result
criteria. 1)
TEC-04 Product/ service design 03-47 Product/ser-
1) Design for each product/ vice design
service component is developed 1)
in accordance with defined re-
quirements.
TEC-04 Product/ service design 03-47 Product/ser-
2) External and internal inter- vice design
faces for each product/ service 2)
component are defined.
TEC-06 Product/ service quarantine 08-38 Nonconform-
1) Product/ service that does ity: Documentation
not conform to requirements is 1)
identified.
TEC-06 Product/ service quarantine 11-10 Nonconform-
2) Nonconforming product/ ser- ing product quaran-
vice is placed under quarantine. tine request
1)
TEC-06 Product/ service quarantine 08-28 Nonconform-
3) Alternative approaches are ing output disposi-
identified regarding disposition tion record
of the nonconforming product/ 1)
service.
TEC-06 Product/ service quarantine 08-32 Nonconform-
4) Agreed actions are taken re- ing product disposi-
garding disposition of noncon- tion evaluation result
forming product/ service. 1), 2)
TEC-06 Product/ service quarantine 08-35 Nonconform-
5) Product/ service that has ing product re-verifi-
been corrected is re-verified cation record
to demonstrate conformity to 1)
requirements.
TEC-06 Product/ service quarantine 08-33 Nonconform-
7) Product / service is released ing product quaran-
from quarantine when author- tine release authori-
ised. sation
1)
TEC-07 Product/ service requirements 12-23 Product/ser-
1) The required characteristics vice requirements
and context of use of products/ 5)
services are identified.
TEC-07 Product/ service requirements 12-23 Product/ser-
2) The constraints for a product/ vice requirements
service solution are defined. 8), 9), 10)
TEC-07 Product/ service requirements 12-23 Product/ser-
3) The requirements for the vice requirements
product/ service are defined. 1), 2), 3), 4), 6), 7),
11), 12)
© ISO/IEC 2024 – All rights reserved
TTabablele A A.11 ((ccoonnttiinnueuedd))
ISO/IEC Description ISO/IEC TS Description ISO/IEC TS
33020:2019 33073:2017 33073:2017 infor-
process processes mation items
attribute
outcomes
TEC-07 Product/ service requirements 08-66 Product/ser-
4) The requirements for vali- vice requirements
dating the product/ service are review record
defined. 1)
TEC-08 Product/ service review 08-59 Product/ser-
1) Criteria for the review of prod- vice performance
uct/ service is identified. review record
3)
TEC-08 Product/ service review 08-59 Product/ser-
3) Required review activities are vice performance
performed. review record
1)
08-66 Product/ser-
vice requirements
review record
1)
TEC-08 Product/ service review 08-59 Product/ser-
4) Action items are identified. vice performance
review record
2)
08-66 Product/ser-
vice requirements
review record
2)
TEC-09 Product/ service supply 03-39 Management
2) Product/ service request(s) system strategy:
are evaluated in terms of man- supplier capability
dated product/ service delivery 1)
criteria. 08-66 Product/ser-
vice requirements
review record
1)
TEC-09 Product/ service supply 08-65 Product/ser-
3) A response to a customer's vice requirements
product/ service request is pro- communication
duced. record
1)
TEC-09 Product/ service supply 03-50 Product/ser-
6) Conformity to applicable vice objectives
stated and implied customer and 2)
supplier requirements by inter- 08-63 Product/ser-
nal processes and/or product/ vice release approval
service provided is verified. record: Conformity
1)
TEC-10 Product/ service validation 08-72 Product/
3) Required validation activities service validation
are performed. record
1)
TEC-11 Product/ service verification 08-75 Product/
3) Required verification activities service verification
are performed. record
1), 2)
© ISO/IEC 2024 – All rights reserved
TTabablele A A.11 ((ccoonnttiinnueuedd))
ISO/IEC Description ISO/IEC TS Description ISO/IEC TS
33020:2019 33073:2017 33073:2017 infor-
process processes mation items
attribute
outcomes
5.2.4.2 PA 2.1 Performance TEC-05.1 Product/service planning 03-50 Product/ser-
management process 1) The objectives for the scope of vice objectives
attribute the work associated with the de- 1)
1) results to be achieved velopment of the product/service 04-06 Product/ser-
are determined and com- are defined. vice lifecycle model:
municated; Establish
1), 2)
5.2.4.2 PA 2.1 Performance COM-11 Risk management 03-57 Risk and op-
management process 1) Criteria for the assessment of portunity identifica-
attribute risks and the acceptable level of tion criteria
2) risks that can affect risk are identified. 1)
performance of the process
COM-11 Risk management 08-79 Risks and
are determined and ad-
2) Risks are identified. opportunities: iden-
dressed;
tification
1)
COM-11 Risk management 08-78 Risk treatment
6) Selected risks are treated. action log
1)
TEC-05.1 Product/service planning 04-08 Risk manage-
6) Plans for the development of ment planning
the product/service are devel- 1)
oped. 04-09 Risk manage-
ment planning: risk
treatment effective-
ness evaluation
1)
04-10 Risk manage-
ment planning: risk
treatment implemen-
tation
1)
04-11 Risk manage-
ment planning: risk
treatment options
1)
5.2.4.2 PA 2.1 Performance TEC-05.1 Product/service planning 04-06 Product/ser-
management process 1) The objectives for the scope of vice lifecycle model:
attribute the work associated with the de- Establish
3) performance of the pro- velopment of the product/service 13), 15)
cess is planned, monitored, are defined.
measured, evaluated and
TEC-05.1 Product/service planning 08-57 Product/
adjusted (as needed);
2) The feasibility of achieving the service feasibility
objectives of the product/ser- review record
vice development with available 1)
resources and constraints are
evaluated.
TEC-05.1 Product/service planning 03-49 Product/ser-
3) The tasks and resources neces- vice lifecycle model:
sary to complete the product/ Planning
service development are sized 4), 5), 6)
and estimated. 04-06 Product/ser-
vice lifecycle model:
Establish
6), 7), 8)
© ISO/IEC 2024 – All rights reserved
TTabablele A A.11 ((ccoonnttiinnueuedd))
ISO/IEC Description ISO/IEC TS Description ISO/IEC TS
33020:2019 33073:2017 33073:2017 infor-
process processes mation items
attribute
outcomes
TEC-05.1 Product/service planning 04-06 Product/ser-
5) Interfaces between customer vice lifecycle model:
and relevant interested parties Establish
are identified. 14)
TEC-05.1 Product/service planning 03-46 Product/
6) Plans for the development of service delivery:
the product/service are devel- Planning
oped. 1), 2), 3)
04-06 Product/ser-
vice lifecycle model:
Establish
5)
TEC-05.2 Product/service control 08-60 Product/
5) Deviations in product/service service provision
performance from plans are change evaluation
investigated and analysed. record
2)
09-08 Product/
service planning per-
formance evaluation
report
1)
TEC-05.2 Product/service control 08-58 Product/ser-
7) Corrective action is defined vice implementation
and directed, when product/ser- record
vice achievement is not meeting 1), 2), 3)
targets. 08-60 Product/
service provision
change evaluation
record
1)
TEC-05.2 Product/service control 08-64 Product/ser-
8) Product/service replanning is vice release record
initiated, as necessary. 1)
TEC-05.2 Product/service control 08-64 Product/ser-
9) Product/service action to pro- vice release record
gress (or not) from one scheduled 1)
milestone or event to the next is
authorized.
TEC-05.2 Product/service control 08-64 Product/ser-
10) Product/service objectives vice release record
are achieved. 1)
5.2.4.2 PA 2.1 Performance TEC-05.1 Product/service planning 04-06 Product/ser-
management process 4) The responsibilities and au- vice lifecycle model:
attribute thorities needed at each stage of Establish
4) responsibilities and product/service development are 9)
authorities for performing identified.
the process are deter-
mined, assigned and com-
municated;
© ISO/IEC 2024 – All rights reserved
TTabablele A A.11 ((ccoonnttiinnueuedd))
ISO/IEC Description ISO/IEC TS Description ISO/IEC TS
33020:2019 33073:2017 33073:2017 infor-
process processes mation items
attribute
outcomes
5.2.4.2 PA 2.1 Performance TEC-05.1 Product/service planning 03-49 Product/ser-
management process 3) The tasks and resources neces- vice lifecycle model:
attribute sary to complete the product/ Planning
5) resources necessary for service development are sized 1), 2), 3)
performing the process are and estimated. 04-06 Product/ser-
determined, provided and vice lifecycle model:
maintained (as needed); Establish
10)
12-25 Product/
service resource
requirements
1)
TEC-05.2 Product/service control 03-48 Product/ser-
1) Performance measures or as- vice lifecycle model:
sessment results are available. Control
1)
TEC-05.2 Product/service control 03-48 Product/ser-
3) Adequacy of resources is vice lifecycle model:
assessed. Control
2)
TEC-05.2 Product/service control 03-48 Product/ser-
4) Progress reviews are per- vice lifecycle model:
formed. Control
1)
5.2.4.2 PA 2.1 Performance TEC-05.1 Product/service planning 08-51 Product/ser-
management process 4) The responsibilities and au- vice competencies:
attribute thorities needed at each stage of Provision: Planning
6) person(s) performing product/service development are 1)
the process are competent identified.
on the basis of appropri-
TEC-05.2 Product/service control 08-50 Product/ser-
ate education, training, or
2) Adequacy of roles, respon- vice competencies:
experience;
sibilities, accountabilities, and Provision: Control
authorities is assessed. 1)
5.2.4.2 PA 2.1 Performance COM-01 Communication management 12-02 Communica-
management process 1) Information content is defined tion requirements
attribute in terms of identified communi- 1)
7) interfaces between cation requirements.
the involved parties are
COM-01 Communication management 12-02 Communica-
managed to ensure both
2) Parties to communicate with tion requirements
effective communication
are identified. 3)
and the level of control
COM-01 Communication management 12-02 Communica-
expected.
3) The party responsible for the tion requirements
communication is identified. 5)
COM-01 Communication management 12-02 Communica-
4) Events that require communi- tion requirements
cation actions are identified. 2)
COM-01 Communication management 12-02 Communica-
5) The channel for the communi- tion requirements
cation is selected. 4)
© ISO/IEC 2024 – All rights reserved
TTabablele A A.11 ((ccoonnttiinnueuedd))
ISO/IEC Description ISO/IEC TS Description ISO/IEC TS
33020:2019 33073:2017 33073:2017 infor-
process processes mation items
attribute
outcomes
COM-01 Communication management 08-03 Audit result
6) Information products are com- communication
municated to relevant interested record
parties. 1)
08-30 Nonconform-
ing product custom-
er communication
record
1)
08-65 Product/ser-
vice requirements
communication
record
2)
08-76 QMS Commu-
nication records
1), 2), 3)
TEC-05.1 Product/service planning 04-06 Product/ser-
5) Interfaces between customer vice lifecycle model:
and relevant interested parties Establish
are identified. 11), 12)
12-04 Customer -
interested parties
interface considera-
tions
1)
5.2.4.3 PA 2.2 Documented in- COM-02 Documentation management 12-09 Informa-
formation management 4) Documented information is tion management
process attribute current, complete and valid. requirements: pres-
1) requirements for the ervation
documented information 2), 3)
of the process are deter-
mined;
5.2.4.3 PA 2.2 Documented in- COM-02 Documentation management 12-05 Documenta-
formation management 2) The forms of documented tion management
process attribute information representation are requirements
2) requirements for control defined. 1), 2), 3)
of the documented infor-
COM-02 Documentation management 12-09 Informa-
mation are determined;
4) Documented information is tion management
current, complete and valid. requirements: pres-
ervation
1)
TEC-01 Configuration management 03-51 Product/ser-
1) Items requiring configuration vice taxonomy
management are identified. 1), 2)
TEC-01 Configuration management 12-03 Configura-
3) Changes to items under tion management
configuration management are requirements
controlled. 1)
© ISO/IEC 2024 – All rights reserved
TTabablele A A.11 ((ccoonnttiinnueuedd))
ISO/IEC Description ISO/IEC TS Description ISO/IEC TS
33020:2019 33073:2017 33073:2017 infor-
process processes mation items
attribute
outcomes
5.2.4.3 PA 2.2 Documented in- COM-02 Documentation management 05-3 Quality policy:
formation management 1) Documented information to be Documentation
process attribute documented is identified. 1)
3) documented infor- 08-18 MS Implemen-
mation is appropriately tation log: Documen-
identified, and controlled tation
according to requirements; 1), 2)
08-25 Management
review: Documenta-
tion
1)
08-39 Organizational
competencies: Docu-
mentation
1)
COM-02 Documentation management 03-02 Information
2) The forms of documented item identification:
information representation are External origin
defined. 1)
COM-02 Documentation management 12-10 Information
4) Documented information is management re-
current, complete and valid. quirements: status
1)
COM-02 Documentation management 05-2 Quality policy:
6) Documented information is Availability
available to relevant interested 1)
parties. 12-07 Information
management re-
quirements
1), 2)
TEC-01 Configuration management 09-06 Product/ser-
2) The status of configuration vice configuration
items and modifications is status report
known. 1)
5.2.4.3 PA 2.2 Documented in- COM-02 Documentation management 08-17 Information
formation management 5) Documented information is item approval record
process attribute released according to defined 1)
4) documented informa- criteria. 08-62 Product/ser-
tion is reviewed and ap- vice release approval
proved for suitability and record: Authorisa-
adequacy in accordance tion
with planned arrange- 1), 2)
ments and adjusted as
necessary to meet require-
ments;
© ISO/IEC 2024 – All rights reserved
TTabablele A A.11 ((ccoonnttiinnueuedd))
ISO/IEC Description ISO/IEC TS Description ISO/IEC TS
33020:2019 33073:2017 33073:2017 infor-
process processes mation items
attribute
outcomes
5.2.4.3 PA 2.2 Documented in- COM-02 Documentation management 02-8 Process change
formation management 1) Documented information to be implementation log:
process attribute documented is identified. Documentation
5) documented informa- 1)
tion is determined, main- 03-14 Management
tained and retained to the system (MS) scope:
extent necessary to have Documentation
confidence that the process 1)
has been performed as 03-52 Product/
planned and to demon- service taxonomy:
strate the conformity of Documentation
products and/or services 1)
to their requirements. 08-12 Corrective ac-
tion: Documentation
1)
08-31 Nonconform-
ing product custom-
er communication
record: Documenta-
tion
1)
08-43 Process
change approval:
Documentation
1)
COM-02 Documentation management 03-14 Management
3) The documented information system (MS) scope:
content status is known. Documentation
2)
08-67 Product/ser-
vice requirements
status record
1)
COM-02 Documentation management 05-4 Quality policy:
4) Documented information is Maintenance
current, complete and valid. 1), 2)
08-69 Product/
service review: Doc-
umentation
1)
11-14 Product/ser-
vice requirements
change request
1)
COM-02 Documentation management 12-08 Informa-
7) Documented information tion management
is archived, or disposed of, as requirements: dispo-
required. sition
1)
© ISO/IEC 2024 – All rights reserved
TTabablele A A.11 ((ccoonnttiinnueuedd))
ISO/IEC Description ISO/IEC TS Description ISO/IEC TS
33020:2019 33073:2017 33073:2017 infor-
process processes mation items
attribute
outcomes
5.2.5.2 PA 3.1 Process definition COM-08 Operational planning 05-5 Quality policy:
process attribute 1) Process requirements are Requirements
1) a standard process, identified. 2), 3), 4), 5)
including appropriate tai- 12-01 Communica-
loring guidelines, is estab- tion process require-
lished and maintained that ments
describes the fundamental 1)
elements that must be 12-11 Infrastructure
incorporated into a defined requirements
process; 1)
12-14 Management
system change evalu-
ation criteria
1)
12-18 Process re-
quirements: Environ-
ment
1)
COM-08 Operational planning 03-18 Management
7) Methods for monitoring the system strategy: Es-
effectiveness and suitability of tablish the manage-
the process are determined. ment system
5)
COM-08 Operational planning 03-03 MS Measure-
8) Plans for the deployment of the ment information
process are developed. gathering events
1), 2)
03-42 Organizational
planning schedule
1)
04-03 Audit pro-
gramme plan
1)
04-05 Management
review schedule
1), 2)
04-07 Product/ser-
vice review schedule
1)
08-80 Risks and op-
portunities: planning
1)
COM-10.1 Performance evaluation: Es- 03-08 MS Meas-
tablish urement methods:
1) Performance monitoring and Determination:
measurement needs are defined. Measurement
1)
COM-10.1 Performance evaluation: Es- 03-08 MS Meas-
tablish urement methods:
2) Performance measures, Determination:
derived from the performance Measurement
measurement needs, are identi- 2)
fied. 03-40 Organizational
measures
1)
© ISO/IEC 2024 – All rights reserved
TTabablele A A.11 ((ccoonnttiinnueuedd))
ISO/IEC Description ISO/IEC TS Description ISO/IEC TS
33020:2019 33073:2017 33073:2017 infor-
process processes mation items
attribute
outcomes
COM-10.1 Performance evaluation: Es- 03-08 MS Meas-
tablish urement methods:
3) Performance measurement Determination:
methods, supportive of the Measurement
performance measures, are 3)
identified.
TOP-01 Leadership 03-11 MS Relevant
1) The context of the organiza- Interested parties
tion, including the expectations 1)
of its relevant interested parties, 03-29 Management
are understood and analyzed. system strategy:
external and internal
issues
1)
12-12 MS Relevant
Interested parties
MS expectations
1)
TOP-01 Leadership 03-13 Management
2) The scope of management sys- system (MS) scope
tem activities is defined, taking 1), 2), 3), 4), 5)
the context of the organization
into consideration.
TOP-01 Leadership 03-33 Management
3) The management system poli- system strategy:
cy and objectives are defined. management com-
mitment
3), 4)
03-53 Quality objec-
tives: Documentation
1), 2)
03-54 Quality objec-
tives: Establish
1)
03-55 Quality objec-
tives: Requirements
1), 2), 3), 4), 5), 6)
© ISO/IEC 2024 – All rights reserved
TTabablele A A.11 ((ccoonnttiinnueuedd))
ISO/IEC Description ISO/IEC TS Description ISO/IEC TS
33020:2019 33073:2017 33073:2017 infor-
process processes mation items
attribute
outcomes
TOP-01 Leadership 03-08 MS Meas-
4) The management system and urement methods:
operational process strategy is Determination:
determined. Measurement
1), 2), 3)
03-09 MS Measure-
ment methods: De-
termination: Quality
assurance
1), 2), 3)
03-10 MS Measure-
ment methods: De-
termination: Quality
management
1), 2), 3)
03-15 Management
system strategy:
Determine the
processes: Quality
assurance
1)
03-16 Management
system strategy:
Determine the
processes: Quality
management
1)
03-17 Management
system strategy:
Documentation
1), 2)
03-18 Management
system strategy: Es-
tablish the manage-
ment system
1), 2)
03-30 Management
system strategy:
improvement
1), 2)
03-36 Management
system strategy: pro-
cess environment
1), 2), 3), 4), 5), 6), 7),
8), 9)
TOP-01 Leadership 03-33 Management
5) Commitment and leadership system strategy:
with respect to the management management com-
system is demonstrated. mitment
1), 2), 5), 6), 7), 8), 9),
10), 11)
© ISO/IEC 2024 – All rights reserved
TTabablele A A.11 ((ccoonnttiinnueuedd))
ISO/IEC Description ISO/IEC TS Description ISO/IEC TS
33020:2019 33073:2017 33073:2017 infor-
process processes mation items
attribute
outcomes
5.2.5.2 PA 3.1 Process definition COM-08 Operational planning 03-18 Management
process attribute 2) Process input and output prod- system strategy: Es-
2) the required inputs and ucts are determined. tablish the manage-
the expected outputs for ment system
the standard process are 3)
determined;
TOP-01 Leadership 03-37 Management
4) The management system and system strategy:
operational process strategy is product preservation
determined. 1)
5.2.5.2 PA 3.1 Process definition COM-08 Operational planning 03-18 Management
process attribute 4) The sequence and interaction system strategy: Es-
3) sequence and interac- of the process with other pro- tablish the manage-
tion of the standard pro- cesses is determined. ment system
cess with other processes 4)
is determined;
5.2.5.2 PA 3.1 Process definition COM-03.1 Human resource management: 12-16 Organiza-
process attribute Determine competencies tional competence:
4) roles, competences, 1) The competencies required Requirements
responsibilities and au- by the organization to produce 1)
thorities for performing products and services are iden-
the standard process are tified.
determined;
COM-08 Operational planning 03-44 Organizational
5) The required competencies roles and responsi-
and roles for performing the pro- bilities
cess are identified. 1)
12-16 Organiza-
tional competence:
Requirements
1)
12-17 Organizational
roles and responsi-
bilities
1), 2), 3), 4), 5)
5.2.5.2 PA 3.1 Process definition COM-08 Operational planning 03-43 Organizational
process attribute 6) The required resources for resource needs
5) resources for perform- performing the process are iden- 1)
ing the standard process tified. 12-13 MS Resource
are determined; requirements
1), 2), 3), 4)
5.2.5.2 PA 3.1 Process definition COM-12.1 Knowledge management: Es- 03-31 Management
process attribute tablish system strategy:
6) knowledge necessary 1) A taxonomy for the application knowledge: establish
for the operation of the of knowledge assets is identified. 1)
standard process is deter-
COM-12.1 Knowledge management: Es- 03-31 Management
mined [and maintained].
tablish system strategy:
2) The organizational knowledge, knowledge: establish
skills, and knowledge assets are 2)
developed or acquired.
© ISO/IEC 2024 – All rights reserved
TTabablele A A.11 ((ccoonnttiinnueuedd))
ISO/IEC Description ISO/IEC TS Description ISO/IEC TS
33020:2019 33073:2017 33073:2017 infor-
process processes mation items
attribute
outcomes
5.2.5.3 PA 3.2 Process deploy- COM-06 Management review 03-12 Management
ment process attribute 1) The objectives of the review review: Objectives
1) a defined process is are established. 1), 2)
deployed based upon an
COM-06 Management review 08-26 Management
appropriately tailored
2) The status and performance review: Implemen-
standard process;
of an activity or process are as- tation
sessed in terms of the established 1)
objectives.
COM-06 Management review 08-26 Management
3) Risks, problems and oppor- review: Implemen-
tunities for improvement are tation
identified. 2), 3)
COM-09 Operational implementation 08-19 MS Implemen-
and control tation log: Implement
3) Actions required to achieve 1), 2)
the management system objec- 08-20 MS Implemen-
tives are implemented. tation log: Provide
1), 2), 3)
08-21 MS Implemen-
tation: Maintain
1)
ORG-02 Measurement resource man- 08-20 MS Implemen-
agement tation log: Provide
2) Measurement resources for 3)
performing tests and calibrations
is acquired.
5.2.5.3 PA 3.2 Process deploy- COM-09 Operational implementation 03-21 Management
ment process attribute and control system strategy:
2) required roles, respon- 1) The required roles, respon- Responsibilities:
sibilities and authorities sibilities and authorities are Quality management
necessary for performing allocated. 1), 2)
the defined process are as- 03-38 Management
signed and communicated; system strategy:
roles and responsi-
bilities
1), 2)
08-81 Roles and
responsibilities as-
signment record
1)
5.2.5.3 PA 3.2 Process deploy- COM-03.2 Human resource management: 12-15 Organizational
ment process attribute Provide competencies competence: Provi-
3) required person(s) 1) Identified competency gaps sion
necessary for performing are filled through training or 2)
the defined process are recruitment. 12-22 Product/ser-
competent on the basis of vice competence:
defined education, training Provision
and experience; 2)
© ISO/IEC 2024 – All rights reserved
TTabablele A A.11 ((ccoonnttiinnueuedd))
ISO/IEC Description ISO/IEC TS Description ISO/IEC TS
33020:2019 33073:2017 33073:2017 infor-
process processes mation items
attribute
outcomes
COM-03.2 Human resource management: 08-40 Organization-
Provide competencies al competencies:
2) Understanding of roles and Evaluation record
activities in achieving organiza- 1)
tional objectives in product and 12-15 Organizational
service provision is demonstrat- competence: Provi-
ed by each person. sion
1)
12-22 Product/ser-
vice competence:
Provision
1)
COM-09 Operational implementation 12-15 Organizational
and control competence: Provi-
3) Actions required to achieve sion
the management system objec- 1), 2)
tives are implemented. 12-22 Product/ser-
vice competence:
Provision
1), 2)
COM-09 Operational implementation 08-41 Organizational
and control training effective-
4) Suitability and effectiveness of ness evaluation
the actions taken to achieve the result
management system objectives 1)
are reviewed. 08-70 Product/ser-
vice training effec-
tiveness evaluation
result
1)
5.2.5.3 PA 3.2 Process deploy- COM-09 Operational implementation 02-5 Measuring
ment process attribute and control equipment asset list
4) required resources nec- 2) The required resources are 1)
essary for performing the allocated and applied. 02-6 Measuring
defined process are made equipment mainte-
available, monitored and nance log
measured; 1)
08-23 MS Resources
provision record
1), 2), 3)
ORG-02 Measurement resource man- 02-4 Measurement
agement resource calibration
3) Measurement resource items log
are identified. 1)
ORG-02 Measurement resource man- 02-4 Measurement
agement resource calibration
4) The calibration status of meas- log
urement resource items is con- 2), 3), 4)
firme
...