Information technology -- Software process assessment

Technologies de l'information -- Évaluation des procédés du logiciel

General Information

Status
Withdrawn
Publication Date
26-Aug-1998
Withdrawal Date
26-Aug-1998
Current Stage
6060 - International Standard published
Start Date
24-Jun-1998
Completion Date
27-Aug-1998
Ref Project

RELATIONS

Buy Standard

Technical report
ISO/IEC TR 15504-1:1998 - Information technology -- Software process assessment
English language
11 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (sample)

TECHNICAL ISO/IEC
REPORT TR 15504-1
First edition
1998-08-15
Information technology — Software process
assessment —
Part 1:
Concepts and introductory guide
Technologies de l’information — Évaluation des procédés du logiciel —
Partie 1: Concepts et guide introductif
Reference number
B C
ISO/IEC TR 15504-1:1998(E)
---------------------- Page: 1 ----------------------
ISO/IEC TR 15504-1:1998(E)
Contents

1 Scope......................................................................................................................................................1

2 Normative reference..............................................................................................................................1

3 Terms and definitions...........................................................................................................................1

4 Overview ................................................................................................................................................1

4.1 General ...................................................................................................................................................1

4.2 The assessment framework .................................................................................................................3

4.2.1 The context of process assessment ...................................................................................................3

4.2.2 An architecture for software processes .............................................................................................4

4.2.3 Assessment indicators.........................................................................................................................5

4.3 Competency of assessors....................................................................................................................5

4.4 Process improvement context.............................................................................................................5

4.5 Process capability determination context ..........................................................................................7

5 Conformance .........................................................................................................................................8

5.1 Performing software process assessments.......................................................................................8

5.1.1 Overview of the requirements..............................................................................................................8

5.1.2 Responsibilities.....................................................................................................................................8

5.1.3 The assessment inputs.........................................................................................................................9

5.1.4 Selecting processes for assessment ..................................................................................................9

5.1.5 Assessment indicators.........................................................................................................................9

5.1.6 Reporting assessment results...........................................................................................................10

5.2 Developing a compatible model ........................................................................................................10

Bibliography..............................................................................................................................................................11

© ISO/IEC 1998

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or

utilized in any form or by any means, electronic or mechanical, including photocopying and micro-

film, without permission in writing from the publisher.
ISO/IEC Copyright Office • Case postale 56 • CH-1211 Genève 20 • Switzerland
Printed in Switzerland
---------------------- Page: 2 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)
Foreword

ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission)

form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC

participate in the development of International Standards through technical committees established by the

respective organization to deal with particular fields of technical activity. ISO and IEC technical committees

collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in

liaison with ISO and IEC, also take part in the work.

In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.

The main task of technical committees is to prepare International Standards, but in exceptional circumstances a

technical committee may propose the publication of a Technical Report of one of the following types:

— type 1, when the required support cannot be obtained for the publication of an International Standard, despite

repeated efforts;

— type 2, when the subject is still under technical development or where for any other reason there is the future

but not immediate possibility of an agreement on an International Standard;

— type 3, when a technical committee has collected data of a different kind from that which is normally published

as an International Standard (“state of the art”, for example).

Technical Reports of types 1 and 2 are subject to review within three years of publication, to decide whether they

can be transformed into International Standards. Technical Reports of type 3 do not necessarily have to be

reviewed until the data they provide are considered to be no longer valid or useful.

ISO/IEC TR 15504-1, which is a Technical Report of type 2, was prepared by Joint Technical Committee ISO/IEC

JTC 1, Information technology, Subcommittee SC 7, Software engineering.

ISO/IEC TR 15504 consists of the following parts, under the general title Information technology — Software

process assessment :
 Part 1: Concepts and introductory guide
 Part 2: A reference model for processes and process capability
 Part 3: Performing an assessment
Part 4: Guide to performing assessments
 Part 5: An assessment model and indicator guidance
 Part 6: Guide to competency of assessors
 Part 7: Guide for use in process improvement
 Part 8: Guide for use in determining supplier process capability
Part 9: Vocabulary
iii
---------------------- Page: 3 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)
Introduction
Overview

ISO/IEC TR 15504 provides a framework for the assessment of software processes. This framework can be used

by organizations involved in planning, managing, monitoring, controlling, and improving the acquisition, supply,

development, operation, evolution and support of software.

ISO/IEC TR 15504 provides a structured approach for the assessment of software processes for the following

purposes:

 by or on behalf of an organization with the objective of understanding the state of its own processes for process

improvement;

 by or on behalf of an organization with the objective of determining the suitability of its own processes for a

particular requirement or class of requirements;

 by or on behalf of one organization with the objective of determining the suitability of another organization's

processes for a particular contract or class of contracts.
The framework for process assessment
 encourages self-assessment;
 addresses the adequacy of the management of the assessed processes;
 takes into account the context in which the assessed processes operate;

 produces a set of process ratings (a process profile) rather than a pass/fail result;

 is appropriate across all application domains and sizes of organization.

For an organization to improve product quality it must have a proven, consistent and reliable method for assessing

the state of its processes and must have a means of using the results as part of a coherent improvement

programme.
The use of process assessment within an organization should encourage

 the culture of constant improvement and the establishment of the proper mechanisms to support and maintain

that culture;
 the engineering of processes to meet business requirements;
 the optimization of resources.

This will result in capable organizations that maximize their responsiveness to customer and market requirements,

minimize the full life-cycle costs of their products and as a result maximize end-user satisfaction.

Purchasers will benefit from the use of process assessment. Its use in capability determination will

 reduce uncertainties in selecting suppliers of software intensive systems by enabling the risks associated with

the contractor's capability to be identified before contract award;
 enable appropriate controls to be put in place for risk containment;
---------------------- Page: 4 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)

 provide a quantified basis for choice in balancing business needs, requirements and estimated project cost

against the capability of competing suppliers.

The major benefits of a standardized approach to process assessment are that it will

 provide a public, shared approach for process assessment;

 lead to a common understanding of the use of process assessment for process improvement and capability

evaluation;
 facilitate capability evaluation in procurement;
 be controlled and regularly reviewed in the light of experience of use;
 be changed only by international consensus;
 encourage harmonization of existing schemes.

The approach to process assessment defined in ISO/IEC TR 15504 is designed to provide a basis for a common

approach to describing the results of process assessment, allowing for some degree of comparison of assessments

based upon different but compatible models and methods. The sophistication and complexity required of a process

is dependent upon its context. For instance the planning required for a five person project team is much less than

for a fifty person team. This context influences how a competent assessor judges a practice when assessing its

adequacy and influences the degree of comparability between process profiles.
Field of application

Process assessment has two principal contexts for its use, as shown diagrammatically in figure 1.

Within a process improvement context, process assessment provides the means of characterizing the current

practice within an organizational unit in terms of the capability of the selected processes. Analysis of the results in

the light of the organization's business needs identifies strengths, weaknesses and risks inherent in the processes.

This, in turn, leads to the ability to determine whether the processes are effective in achieving their goals, and to

identify significant causes of poor quality, or overruns in time or cost. These provide the drivers for prioritizing

improvements to processes.

Process capability determination is concerned with analysing the proposed capability of selected processes against

a target process capability profile in order to identify the risks involved in undertaking a project using the selected

processes. The proposed capability may be based on the results of relevant previous process assessments, or

may be based on an assessment carried out for the purpose of establishing the proposed capability.

Two of the parts of ISO/IEC TR 15504 (parts 7 and 8) address the use of process assessment for process

improvement and for process capability determination. Other parts of ISO/IEC TR 15504 address various issues

relating to process assessment.
Process
examined
Identifies
Identifies
capability
changes to
and risks of
Process
Assessment
leads leads
to to
Process Capability
motivates
Improvement Determination
Figure 1 — Software Process Assessment
---------------------- Page: 5 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)

ISO/IEC TR 15504 has been designed to satisfy the needs of acquirers, suppliers and assessors, and their

individual requirements from within a single source.
The benefits arising from the use of this suite of documents include
For acquirers:

 an ability to determine the current and potential capability of a supplier's software processes.

For suppliers:

 an ability to determine the current and potential capability of their own software processes;

 an ability to define areas and priorities for software process improvement;
a framework that defines a road map for software process improvement.
For assessors:
 a framework for conducting assessments.

ISO/IEC TR 15504 is not intended to be used in any scheme for the certification/registration of the process

capability of an organization.
Components of ISO/IEC TR 15504

ISO/IEC TR 15504 is composed of nine parts. This clause describes each of the parts and its role within

ISO/IEC TR 15504.
Part 1
Part 9
Concepts and
Vocabulary
introductory guide
Part 7 Part 8 Part 6
Guide for use in process Guide for use in Guide to competency of
improvement determining supplier assessors
process capability
Part 3 Part 4
Performing an Guide to performing
assessment assessments
Part 2 Part 5
A reference model for An assessment model
processes and process and indicator guidance
capability
Figure 2 — Components of ISO/IEC TR 15504
---------------------- Page: 6 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)

Figure 2 shows a potential road map for users of ISO/IEC TR 15504. Part 1 (this document) provides a general

entry point to ISO/IEC TR 15504. Readers with specific interest in either process improvement or supplier capability

determination should then read parts 7 or 8 as appropriate for detailed guidance on these contexts of use. These

parts will enable the user to identify the appropriate usage of the normative components of ISO/IEC TR 15504

(parts 2 and 3). Part 4 provides guidance on the application of part 2 and part 3 while part 5 is an exemplar

assessment model compatible with the reference model (part 2). Users with a primary interest in the role of the

assessor are directed to part 6 where guidance on the skills and competencies of assessors can be found.

Table 1 identifies the principal classes of reader for ISO/IEC TR 15504 and shows where their primary areas of

interest are addressed within the document set.
Table 1 — Readership of ISO/IEC TR 15504
Class of Reader Interests Suggested parts to be read
Assessment Sponsor How an assessment is conducted, what 1, 2, 3, 4, 6
tools and other support are required, how to
initiate an assessment.
Process Improvement Initiating an improvement programme, 7
Sponsor defining assessment inputs for an
assessment for improvement purposes,
using assessment results for improvement.
Process Capability Initiating a programme for the determination 8
Determination Sponsor of supplier capability, defining a target
capability profile, verifying and using
assessment results in a capability
determination exercise.
Assessors Conducting a conformant assessment, 2, 3, 4, 5, 6
developing the skills and competencies
needed to perform an assessment.
Developers of Assessment Developing a model for performing 2, 3, 4, 5
Models assessments that is compatible with the
reference model.
Developers of Assessment Developing a method that will support the 2, 3, 4
Methods performance of conformant assessments.
Tool Developers Developing tools that will support assessors 2, 3, 4, 5
by collecting, recording and classifying
evidence in the performance of assessments.

Part 1 (informative) is an entry point into ISO/IEC TR 15504. It describes how the parts of the suite fit together, and

provides guidance for their selection and use. It explains the requirements contained within ISO/IEC TR 15504 and

their applicability to the performance of an assessment.

Part 2 (normative) of ISO/IEC TR 15504 defines a two dimensional reference model for describing processes and

process capability used in a process assessment. The reference model defines a set of processes, defined in

terms of their purpose and outcomes, and a framework for evaluating the capability of the processes through

assessment of process attributes structured into capability levels. Requirements for establishing the compatibility of

different assessment models with the reference model are defined.
vii
---------------------- Page: 7 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)

Part 3 (normative) of ISO/IEC TR 15504 defines the requirements for performing an assessment in such a way that

the outcomes will be repeatable, reliable and consistent.

Part 4 (informative) of ISO/IEC TR 15504 provides guidance on performing software process assessments,

interpreting the requirements of ISO/IEC TR 15504-2 and ISO/IEC TR 15504-3 for different assessment contexts.

The guidance covers the selection and use of a documented process for assessment; of a compatible assessment

model(s); and of a supporting assessment instrument or tool. This guidance is generic enough to be applicable

across all organizations, and also for performing assessments using a variety of different methods and techniques,

and supported by a range of tools.

Part 5 (informative) of ISO/IEC TR 15504 provides an exemplar model for performing process assessments that is

based upon and directly compatible with the reference model in ISO/IEC TR 15504-2. The assessment model(s)

extend the reference model through the inclusion of a comprehensive set of indicators of process performance and

capability.

Part 6 (informative) of ISO/IEC TR 15504 describes the competence, education, training and experience of

assessors that are relevant to conducting process assessments. It describes mechanisms that may be used to

demonstrate competence and to validate education, training and experience.

Part 7 (informative) of ISO/IEC TR 15504 describes how to define the inputs to and use the results of an

assessment for the purposes of process improvement. The guide includes examples of the application of process

improvement in a variety of situations.

Part 8 (informative) of ISO/IEC TR 15504 describes how to define the inputs to and use the results of an

assessment for the purpose of process capability determination. It addresses process capability determination in

both straightforward situations and in more complex situations involving, for example, future capability. The

guidance on conducting process capability determination is applicable either for use within an organization to

determine its own capability, or by an acquirer to determine the capability of a (potential) supplier.

Part 9 (normative) is a consolidated vocabulary of all terms specifically defined for the purposes of

ISO/IEC TR 15504.
Relationship to other International Standards

ISO/IEC TR 15504 is complementary to several other International Standards and other models for evaluating the

capability and effectiveness of organizations and processes. This section describes the relationship between

ISO/IEC TR 15504 and the major related International Standards.

ISO/IEC TR 15504 incorporates the intent of the ISO 9000 series to provide confidence in a supplier's quality

management whilst providing acquirers with a framework for assessing whether potential suppliers have the

capability to meet their needs. Process assessment provides users with the ability to evaluate process capability on

a continuous scale in a comparable and repeatable way, rather than using the pass/fail characteristic of quality

audits based on ISO 9001. In addition, the framework described in ISO/IEC TR 15504 provides the opportunity to

adjust the scope of assessment to cover specific processes of interest, rather than all of the processes used by an

organizational unit.

ISO/IEC TR 15504 is related in particular to the following components of the ISO 9000 series:

 ISO 9001:1994, Model for quality assurance in design, development, production, installation and servicing;

 ISO 9000-3:1997, Quality management and quality assurance standards — Part 3: Guidelines for the

application of ISO 9001:1994 to the development, supply, installation and maintenance of computer software;

 ISO 9004-4:1993, Quality management and quality system elements — Part 4: Guidelines for quality

improvement.
viii
---------------------- Page: 8 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)
ISO/IEC TR 15504, and particularly part 2, is directly aligned to
 ISO/IEC 12207:1995, Information technology — Software life cycle processes.

ISO/IEC TR 15504 provides an overall contextual framework for software life cycle processes, and the process

dimension of the reference model is closely mapped to this framework.
---------------------- Page: 9 ----------------------
TECHNICAL REPORT ISO/IEC ISO/IEC TR 15504-1:1998(E)
Information technology — Software process assessment —
Part 1:
Concepts and introductory guide
1 Scope

This part of ISO/IEC TR 15504 provides overall information on the concepts of software process assessment and its

use in the two contexts of process improvement and process capability determination. It describes how the parts of

the suite fit together, and provides guidance for their selection and use. It explains the requirements contained

within ISO/IEC TR 15504, and their applicability to performing assessments.

Readers of this guide should familiarize themselves with the terminology and structure of the document suite, and

then reference the appropriate parts of the suite for the context in which they propose to conduct an assessment. If

the assessment is to be conducted for the purposes of internal process improvement within an organization, the

relevant context is described in ISO/IEC TR 15504-7. If the results of the assessment are to be used for the

purposes of determining the process capability of the organizational unit in the context of a specified requirement,

the guidance is in ISO/IEC TR 15504-8.
More detailed description of the use of ISO/IEC TR 15504 is given in clause 4.
2 Normative reference

The following normative documents contain provisions which, through reference in this text, constitute provisions of

this part of ISO/IEC TR 15504. For dated references, subsequent amendments to, or revisions of, any of these

publications do not apply. However, parties to agreements based on this part of ISO/IEC TR 15504 are encouraged

to investigate the possibility of applying the most recent editions of the normative documents indicated below. For

undated references, the latest edition of the normative document referred to applies. Members of ISO and IEC

maintain registers of currently valid International Standards.

ISO/IEC TR 15504-9:1998, Information technology — Software process assessment — Part 9: Vocabulary.

3 Terms and definitions

For the purposes of this part of ISO/IEC TR 15504, the terms and definitions given in ISO/IEC TR 15504-9 apply.

4 Overview
4.1 General

ISO/IEC TR 15504 provides a framework for the assessment of software processes. This framework can be used

by organizations involved in planning, managing, monitoring, controlling and improving the acquisition, supply,

development, operation, evolution and support of software.

Process assessment examines the processes used by an organization to determine whether they are effective in

achieving their goals. The assessment characterizes the current practice within an organizational unit in terms of

the capability of the selected processes. The results may be used to drive process improvement activities or

---------------------- Page: 10 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)

process capability determination by analyzing the results in the context of the organization's business needs,

identifying strengths, weaknesses and risks inherent in the processes.

The documents provide a structured approach to software process assessment for the following purposes:

a) by or on behalf of an organization with the objective of understanding the state of its own processes for process

improvement;

b) by or on behalf of an organization with the objective of determining the suitability of its own processes for a

particular requirement or class of requirements;

c) by or on behalf of one organization with the objective of determining the suitability of another organization's

processes for a particular contract or class of contracts.

The high level view of the relationships between process assessment, process improvement and process capability

determination is shown in figure 3, along with an indication of the places of the various components of

ISO/IEC TR 15504 in the processes.

An assessment may be used for purposes of either Process Improvement or Capability Determination. Guidance on

such usage is found in ISO/IEC TR 15504-7 and ISO/IEC TR 15504-8 respectively. Performance of an assessment

requires a model (or models) compatible with the reference model in ISO/IEC TR 15504-2; an exemplar model is

provided in ISO/IEC TR 15504-5. The assessment process must be documented and should be based upon a

method in line with the requirements defined in ISO/IEC TR 15504-3 and following the guidance provided in

ISO/IEC TR 15504-4. A competent assessor is charged with ensuring that the assessment is conformant; guidance

for the necessary skills and competencies are in ISO/IEC TR 15504-6.
Process
Assessment
Improvement
used
expressed
Process
Capability
Part 7
mapped
Dimension
Dimension
Documented
against
using for
Process
Capability
Determination
Parts 3 & 4
Reference Model
Part 8
Part 6
Part 2
used by
Validation of model compatibility
Part 2
Compatible Assessment Model(s)
Parts 4 & 5
Figure 3 — Overview of relationships of elements of ISO/IEC TR 15504

ISO/IEC TR 15504 is designed to provide assessment results that are repeatable, objective, comparable within

similar contexts, and able to be used for either process improvement or process capability determination.

The framework for the conduct of assessments is designed to support the achievement of dependable assessment

results. The framework includes an architecture for rating processes and for presenting assessment ratings. The

assessment framework also provides guidance on the conduct of the assessment. ISO/IEC TR 15504 provides

guidance in the contexts of both process improvement and process capability determination. It further provides a

definition of the required skills and experience for assessors.

This section describes how to use the other parts of ISO/IEC TR 15504 to conduct process assessments and make

effective use of their results. The key determinant in the use of ISO/IEC TR 15504 is the purpose for which the

assessment is being conducted. This may be:
---------------------- Page: 11 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)
 to promote an understanding of the software process;
 to support process improvement;
 to support process capability determination.
4.2 The assessment framework
4.2.1 The context of process assessment

The context of a process assessment is summarized in figure 4. ISO/IEC TR 15504-2 defines a reference model

that provides a basis for rating the capability of processes, based on their achievement of defined process

attributes. ISO/IEC TR 15504-3 defines the requirements for performing an assessment and sets out the

circumstances under which assessment results may be compared. ISO/IEC TR 15504-4 provides guidance on

performing an assessment and interpreting the requirements in ISO/IEC TR 15504-3. This guidance is generic

enough to be applicable across all organizations, and for conducting assessments using a variety of methods,

techniques and tools.

Process assessment is performed either during a process improvement initiative as described in

ISO/IEC TR 15504-7, or as part of a process capability determination exercise as described in

ISO/IEC TR 15504-8. In either case, the formal entry to the assessment processes occurs with the assessment

sponsor’s commitment to proceed. The assessment input may then be compiled. The assessment input defines the

purpose of the assessment (why it is being carried out), the scope of the assessment, and what constraints, if any,

apply to the assessment. The assessment input also defines the responsibilities for carrying out the assessment.

From process improvement
or process capability determination
Assessment Input
• Assessment sponsor
Assessment Activities
• Assessment purpose
•Planning
• Assessment scope
• Data Collection
• Assessment constraints
• Data Validation
• Assessment responsibilities
• Process Rating
• Additional information to be collected
• Reporting
Process Assessment
Indicator Set
• Process performance indicators
• Process capability indicators
Assessment Output
Compatible Assessment record
Assessment
Reference Model
Model
• Process purpose
• Process attributes
To process improvement
or process capability determination
Figure 4 — Context of process assessment
---------------------- Page: 12 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)

An assessment is carried out by assessing selected processes against the assessment model(s) selected for the

assessment. This assessment model(s) have to be compatible with the reference model defined in

ISO/IEC TR 15504-2. This two-dimensional model consists of a set of processes and a set of process attributes.

The process attributes apply across all processes. They are grouped into capability levels that may be used to

determine the capability of the process. The assessment output includes a set of process profiles and optionally a

capability level rating for each process assessed.
The assessment process contains at least five specified activities: planning
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.