Information technology — Software process assessment — Part 1: Concepts and introductory guide

Technologies de l'information — Évaluation des procédés du logiciel — Partie 1: Concepts et guide d'introduction

General Information

Status
Withdrawn
Publication Date
26-Aug-1998
Withdrawal Date
26-Aug-1998
Current Stage
9599 - Withdrawal of International Standard
Completion Date
12-Nov-2004
Ref Project

Relations

Buy Standard

Technical report
ISO/IEC TR 15504-1:1998 - Information technology -- Software process assessment
English language
11 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

TECHNICAL ISO/IEC
REPORT TR 15504-1
First edition
1998-08-15
Information technology — Software process
assessment —
Part 1:
Concepts and introductory guide
Technologies de l’information — Évaluation des procédés du logiciel —
Partie 1: Concepts et guide introductif
Reference number
B C
ISO/IEC TR 15504-1:1998(E)

---------------------- Page: 1 ----------------------
ISO/IEC TR 15504-1:1998(E)
Contents
1 Scope.1
2 Normative reference.1
3 Terms and definitions.1
4 Overview .1
4.1 General .1
4.2 The assessment framework .3
4.2.1 The context of process assessment .3
4.2.2 An architecture for software processes .4
4.2.3 Assessment indicators.5
4.3 Competency of assessors.5
4.4 Process improvement context.5
4.5 Process capability determination context .7
5 Conformance .8
5.1 Performing software process assessments.8
5.1.1 Overview of the requirements.8
5.1.2 Responsibilities.8
5.1.3 The assessment inputs.9
5.1.4 Selecting processes for assessment .9
5.1.5 Assessment indicators.9
5.1.6 Reporting assessment results.10
5.2 Developing a compatible model .10
Bibliography.11
© ISO/IEC 1998
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or
utilized in any form or by any means, electronic or mechanical, including photocopying and micro-
film, without permission in writing from the publisher.
ISO/IEC Copyright Office • Case postale 56 • CH-1211 Genève 20 • Switzerland
Printed in Switzerland
ii

---------------------- Page: 2 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission)
form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC
participate in the development of International Standards through technical committees established by the
respective organization to deal with particular fields of technical activity. ISO and IEC technical committees
collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in
liaison with ISO and IEC, also take part in the work.
In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
The main task of technical committees is to prepare International Standards, but in exceptional circumstances a
technical committee may propose the publication of a Technical Report of one of the following types:
— type 1, when the required support cannot be obtained for the publication of an International Standard, despite
repeated efforts;
— type 2, when the subject is still under technical development or where for any other reason there is the future
but not immediate possibility of an agreement on an International Standard;
— type 3, when a technical committee has collected data of a different kind from that which is normally published
as an International Standard (“state of the art”, for example).
Technical Reports of types 1 and 2 are subject to review within three years of publication, to decide whether they
can be transformed into International Standards. Technical Reports of type 3 do not necessarily have to be
reviewed until the data they provide are considered to be no longer valid or useful.
ISO/IEC TR 15504-1, which is a Technical Report of type 2, was prepared by Joint Technical Committee ISO/IEC
JTC 1, Information technology, Subcommittee SC 7, Software engineering.
ISO/IEC TR 15504 consists of the following parts, under the general title Information technology — Software
process assessment :
 Part 1: Concepts and introductory guide
 Part 2: A reference model for processes and process capability
 Part 3: Performing an assessment

Part 4: Guide to performing assessments
 Part 5: An assessment model and indicator guidance
 Part 6: Guide to competency of assessors
 Part 7: Guide for use in process improvement
 Part 8: Guide for use in determining supplier process capability

Part 9: Vocabulary
iii

---------------------- Page: 3 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)
Introduction
Overview
ISO/IEC TR 15504 provides a framework for the assessment of software processes. This framework can be used
by organizations involved in planning, managing, monitoring, controlling, and improving the acquisition, supply,
development, operation, evolution and support of software.
ISO/IEC TR 15504 provides a structured approach for the assessment of software processes for the following
purposes:
 by or on behalf of an organization with the objective of understanding the state of its own processes for process
improvement;
 by or on behalf of an organization with the objective of determining the suitability of its own processes for a
particular requirement or class of requirements;
 by or on behalf of one organization with the objective of determining the suitability of another organization's
processes for a particular contract or class of contracts.
The framework for process assessment
 encourages self-assessment;
 addresses the adequacy of the management of the assessed processes;
 takes into account the context in which the assessed processes operate;
 produces a set of process ratings (a process profile) rather than a pass/fail result;
 is appropriate across all application domains and sizes of organization.
For an organization to improve product quality it must have a proven, consistent and reliable method for assessing
the state of its processes and must have a means of using the results as part of a coherent improvement
programme.
The use of process assessment within an organization should encourage
 the culture of constant improvement and the establishment of the proper mechanisms to support and maintain
that culture;
 the engineering of processes to meet business requirements;
 the optimization of resources.
This will result in capable organizations that maximize their responsiveness to customer and market requirements,
minimize the full life-cycle costs of their products and as a result maximize end-user satisfaction.
Purchasers will benefit from the use of process assessment. Its use in capability determination will
 reduce uncertainties in selecting suppliers of software intensive systems by enabling the risks associated with
the contractor's capability to be identified before contract award;
 enable appropriate controls to be put in place for risk containment;
iv

---------------------- Page: 4 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)
 provide a quantified basis for choice in balancing business needs, requirements and estimated project cost
against the capability of competing suppliers.
The major benefits of a standardized approach to process assessment are that it will
 provide a public, shared approach for process assessment;
 lead to a common understanding of the use of process assessment for process improvement and capability
evaluation;
 facilitate capability evaluation in procurement;
 be controlled and regularly reviewed in the light of experience of use;
 be changed only by international consensus;
 encourage harmonization of existing schemes.
The approach to process assessment defined in ISO/IEC TR 15504 is designed to provide a basis for a common
approach to describing the results of process assessment, allowing for some degree of comparison of assessments
based upon different but compatible models and methods. The sophistication and complexity required of a process
is dependent upon its context. For instance the planning required for a five person project team is much less than
for a fifty person team. This context influences how a competent assessor judges a practice when assessing its
adequacy and influences the degree of comparability between process profiles.
Field of application
Process assessment has two principal contexts for its use, as shown diagrammatically in figure 1.
Within a process improvement context, process assessment provides the means of characterizing the current
practice within an organizational unit in terms of the capability of the selected processes. Analysis of the results in
the light of the organization's business needs identifies strengths, weaknesses and risks inherent in the processes.
This, in turn, leads to the ability to determine whether the processes are effective in achieving their goals, and to
identify significant causes of poor quality, or overruns in time or cost. These provide the drivers for prioritizing
improvements to processes.
Process capability determination is concerned with analysing the proposed capability of selected processes against
a target process capability profile in order to identify the risks involved in undertaking a project using the selected
processes. The proposed capability may be based on the results of relevant previous process assessments, or
may be based on an assessment carried out for the purpose of establishing the proposed capability.
Two of the parts of ISO/IEC TR 15504 (parts 7 and 8) address the use of process assessment for process
improvement and for process capability determination. Other parts of ISO/IEC TR 15504 address various issues
relating to process assessment.
Process
Is
examined
Identifies
by
Identifies
capability
changes to
and risks of
Process
Assessment
leads leads
to to
Process Capability
motivates
Improvement Determination
Figure 1 — Software Process Assessment
v

---------------------- Page: 5 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)
ISO/IEC TR 15504 has been designed to satisfy the needs of acquirers, suppliers and assessors, and their
individual requirements from within a single source.
The benefits arising from the use of this suite of documents include
For acquirers:
 an ability to determine the current and potential capability of a supplier's software processes.
For suppliers:
 an ability to determine the current and potential capability of their own software processes;
 an ability to define areas and priorities for software process improvement;
a framework that defines a road map for software process improvement.

For assessors:
 a framework for conducting assessments.
ISO/IEC TR 15504 is not intended to be used in any scheme for the certification/registration of the process
capability of an organization.
Components of ISO/IEC TR 15504
ISO/IEC TR 15504 is composed of nine parts. This clause describes each of the parts and its role within
ISO/IEC TR 15504.
Part 1
Part 9
Concepts and
Vocabulary
introductory guide
Part 7 Part 8 Part 6
Guide for use in process Guide for use in Guide to competency of
improvement determining supplier assessors
process capability
Part 3 Part 4
Performing an Guide to performing
assessment assessments
Part 2 Part 5
A reference model for An assessment model
processes and process and indicator guidance
capability
Figure 2 — Components of ISO/IEC TR 15504
vi

---------------------- Page: 6 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)
Figure 2 shows a potential road map for users of ISO/IEC TR 15504. Part 1 (this document) provides a general
entry point to ISO/IEC TR 15504. Readers with specific interest in either process improvement or supplier capability
determination should then read parts 7 or 8 as appropriate for detailed guidance on these contexts of use. These
parts will enable the user to identify the appropriate usage of the normative components of ISO/IEC TR 15504
(parts 2 and 3). Part 4 provides guidance on the application of part 2 and part 3 while part 5 is an exemplar
assessment model compatible with the reference model (part 2). Users with a primary interest in the role of the
assessor are directed to part 6 where guidance on the skills and competencies of assessors can be found.
Table 1 identifies the principal classes of reader for ISO/IEC TR 15504 and shows where their primary areas of
interest are addressed within the document set.
Table 1 — Readership of ISO/IEC TR 15504
Class of Reader Interests Suggested parts to be read
Assessment Sponsor How an assessment is conducted, what 1, 2, 3, 4, 6
tools and other support are required, how to
initiate an assessment.
Process Improvement Initiating an improvement programme, 7
Sponsor defining assessment inputs for an
assessment for improvement purposes,
using assessment results for improvement.
Process Capability Initiating a programme for the determination 8
Determination Sponsor of supplier capability, defining a target
capability profile, verifying and using
assessment results in a capability
determination exercise.
Assessors Conducting a conformant assessment, 2, 3, 4, 5, 6
developing the skills and competencies
needed to perform an assessment.
Developers of Assessment Developing a model for performing 2, 3, 4, 5
Models assessments that is compatible with the
reference model.
Developers of Assessment Developing a method that will support the 2, 3, 4
Methods performance of conformant assessments.
Tool Developers Developing tools that will support assessors 2, 3, 4, 5
by collecting, recording and classifying
evidence in the performance of assessments.
Part 1 (informative) is an entry point into ISO/IEC TR 15504. It describes how the parts of the suite fit together, and
provides guidance for their selection and use. It explains the requirements contained within ISO/IEC TR 15504 and
their applicability to the performance of an assessment.
Part 2 (normative) of ISO/IEC TR 15504 defines a two dimensional reference model for describing processes and
process capability used in a process assessment. The reference model defines a set of processes, defined in
terms of their purpose and outcomes, and a framework for evaluating the capability of the processes through
assessment of process attributes structured into capability levels. Requirements for establishing the compatibility of
different assessment models with the reference model are defined.
vii

---------------------- Page: 7 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)
Part 3 (normative) of ISO/IEC TR 15504 defines the requirements for performing an assessment in such a way that
the outcomes will be repeatable, reliable and consistent.
Part 4 (informative) of ISO/IEC TR 15504 provides guidance on performing software process assessments,
interpreting the requirements of ISO/IEC TR 15504-2 and ISO/IEC TR 15504-3 for different assessment contexts.
The guidance covers the selection and use of a documented process for assessment; of a compatible assessment
model(s); and of a supporting assessment instrument or tool. This guidance is generic enough to be applicable
across all organizations, and also for performing assessments using a variety of different methods and techniques,
and supported by a range of tools.
Part 5 (informative) of ISO/IEC TR 15504 provides an exemplar model for performing process assessments that is
based upon and directly compatible with the reference model in ISO/IEC TR 15504-2. The assessment model(s)
extend the reference model through the inclusion of a comprehensive set of indicators of process performance and
capability.
Part 6 (informative) of ISO/IEC TR 15504 describes the competence, education, training and experience of
assessors that are relevant to conducting process assessments. It describes mechanisms that may be used to
demonstrate competence and to validate education, training and experience.
Part 7 (informative) of ISO/IEC TR 15504 describes how to define the inputs to and use the results of an
assessment for the purposes of process improvement. The guide includes examples of the application of process
improvement in a variety of situations.
Part 8 (informative) of ISO/IEC TR 15504 describes how to define the inputs to and use the results of an
assessment for the purpose of process capability determination. It addresses process capability determination in
both straightforward situations and in more complex situations involving, for example, future capability. The
guidance on conducting process capability determination is applicable either for use within an organization to
determine its own capability, or by an acquirer to determine the capability of a (potential) supplier.
Part 9 (normative) is a consolidated vocabulary of all terms specifically defined for the purposes of
ISO/IEC TR 15504.
Relationship to other International Standards
ISO/IEC TR 15504 is complementary to several other International Standards and other models for evaluating the
capability and effectiveness of organizations and processes. This section describes the relationship between
ISO/IEC TR 15504 and the major related International Standards.
ISO/IEC TR 15504 incorporates the intent of the ISO 9000 series to provide confidence in a supplier's quality
management whilst providing acquirers with a framework for assessing whether potential suppliers have the
capability to meet their needs. Process assessment provides users with the ability to evaluate process capability on
a continuous scale in a comparable and repeatable way, rather than using the pass/fail characteristic of quality
audits based on ISO 9001. In addition, the framework described in ISO/IEC TR 15504 provides the opportunity to
adjust the scope of assessment to cover specific processes of interest, rather than all of the processes used by an
organizational unit.
ISO/IEC TR 15504 is related in particular to the following components of the ISO 9000 series:
 ISO 9001:1994, Model for quality assurance in design, development, production, installation and servicing;
 ISO 9000-3:1997, Quality management and quality assurance standards — Part 3: Guidelines for the
application of ISO 9001:1994 to the development, supply, installation and maintenance of computer software;
 ISO 9004-4:1993, Quality management and quality system elements — Part 4: Guidelines for quality
improvement.
viii

---------------------- Page: 8 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)
ISO/IEC TR 15504, and particularly part 2, is directly aligned to
 ISO/IEC 12207:1995, Information technology — Software life cycle processes.
ISO/IEC TR 15504 provides an overall contextual framework for software life cycle processes, and the process
dimension of the reference model is closely mapped to this framework.
ix

---------------------- Page: 9 ----------------------
©
TECHNICAL REPORT  ISO/IEC ISO/IEC TR 15504-1:1998(E)
Information technology — Software process assessment —
Part 1:
Concepts and introductory guide
1 Scope
This part of ISO/IEC TR 15504 provides overall information on the concepts of software process assessment and its
use in the two contexts of process improvement and process capability determination. It describes how the parts of
the suite fit together, and provides guidance for their selection and use. It explains the requirements contained
within ISO/IEC TR 15504, and their applicability to performing assessments.
Readers of this guide should familiarize themselves with the terminology and structure of the document suite, and
then reference the appropriate parts of the suite for the context in which they propose to conduct an assessment. If
the assessment is to be conducted for the purposes of internal process improvement within an organization, the
relevant context is described in ISO/IEC TR 15504-7. If the results of the assessment are to be used for the
purposes of determining the process capability of the organizational unit in the context of a specified requirement,
the guidance is in ISO/IEC TR 15504-8.
More detailed description of the use of ISO/IEC TR 15504 is given in clause 4.
2 Normative reference
The following normative documents contain provisions which, through reference in this text, constitute provisions of
this part of ISO/IEC TR 15504. For dated references, subsequent amendments to, or revisions of, any of these
publications do not apply. However, parties to agreements based on this part of ISO/IEC TR 15504 are encouraged
to investigate the possibility of applying the most recent editions of the normative documents indicated below. For
undated references, the latest edition of the normative document referred to applies. Members of ISO and IEC
maintain registers of currently valid International Standards.
ISO/IEC TR 15504-9:1998, Information technology — Software process assessment — Part 9: Vocabulary.
3 Terms and definitions
For the purposes of this part of ISO/IEC TR 15504, the terms and definitions given in ISO/IEC TR 15504-9 apply.
4 Overview
4.1 General
ISO/IEC TR 15504 provides a framework for the assessment of software processes. This framework can be used
by organizations involved in planning, managing, monitoring, controlling and improving the acquisition, supply,
development, operation, evolution and support of software.
Process assessment examines the processes used by an organization to determine whether they are effective in
achieving their goals. The assessment characterizes the current practice within an organizational unit in terms of
the capability of the selected processes. The results may be used to drive process improvement activities or
1

---------------------- Page: 10 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)
process capability determination by analyzing the results in the context of the organization's business needs,
identifying strengths, weaknesses and risks inherent in the processes.
The documents provide a structured approach to software process assessment for the following purposes:
a) by or on behalf of an organization with the objective of understanding the state of its own processes for process
improvement;
b) by or on behalf of an organization with the objective of determining the suitability of its own processes for a
particular requirement or class of requirements;
c) by or on behalf of one organization with the objective of determining the suitability of another organization's
processes for a particular contract or class of contracts.
The high level view of the relationships between process assessment, process improvement and process capability
determination is shown in figure 3, along with an indication of the places of the various components of
ISO/IEC TR 15504 in the processes.
An assessment may be used for purposes of either Process Improvement or Capability Determination. Guidance on
such usage is found in ISO/IEC TR 15504-7 and ISO/IEC TR 15504-8 respectively. Performance of an assessment
requires a model (or models) compatible with the reference model in ISO/IEC TR 15504-2; an exemplar model is
provided in ISO/IEC TR 15504-5. The assessment process must be documented and should be based upon a
method in line with the requirements defined in ISO/IEC TR 15504-3 and following the guidance provided in
ISO/IEC TR 15504-4. A competent assessor is charged with ensuring that the assessment is conformant; guidance
for the necessary skills and competencies are in ISO/IEC TR 15504-6.
Process
Assessment
Improvement
used
expressed
Is
Process
Capability
Part 7
mapped
Dimension
Dimension
Documented
against
using for
Process
Capability
Determination
Parts 3 & 4
Reference Model
Part 8
Part 6
Part 2
used by
Validation of model compatibility
Part 2
Compatible Assessment Model(s)
Parts 4 & 5
Figure 3 — Overview of relationships of elements of ISO/IEC TR 15504
ISO/IEC TR 15504 is designed to provide assessment results that are repeatable, objective, comparable within
similar contexts, and able to be used for either process improvement or process capability determination.
The framework for the conduct of assessments is designed to support the achievement of dependable assessment
results. The framework includes an architecture for rating processes and for presenting assessment ratings. The
assessment framework also provides guidance on the conduct of the assessment. ISO/IEC TR 15504 provides
guidance in the contexts of both process improvement and process capability determination. It further provides a
definition of the required skills and experience for assessors.
This section describes how to use the other parts of ISO/IEC TR 15504 to conduct process assessments and make
effective use of their results. The key determinant in the use of ISO/IEC TR 15504 is the purpose for which the
assessment is being conducted. This may be:
2

---------------------- Page: 11 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)
 to promote an understanding of the software process;
 to support process improvement;
 to support process capability determination.
4.2 The assessment framework
4.2.1 The context of process assessment
The context of a process assessment is summarized in figure 4. ISO/IEC TR 15504-2 defines a reference model
that provides a basis for rating the capability of processes, based on their achievement of defined process
attributes. ISO/IEC TR 15504-3 defines the requirements for performing an assessment and sets out the
circumstances under which assessment results may be compared. ISO/IEC TR 15504-4 provides guidance on
performing an assessment and interpreting the requirements in ISO/IEC TR 15504-3. This guidance is generic
enough to be applicable across all organizations, and for conducting assessments using a variety of methods,
techniques and tools.
Process assessment is performed either during a process improvement initiative as described in
ISO/IEC TR 15504-7, or as part of a process capability determination exercise as described in
ISO/IEC TR 15504-8. In either case, the formal entry to the assessment processes occurs with the assessment
sponsor’s commitment to proceed. The assessment input may then be compiled. The assessment input defines the
purpose of the assessment (why it is being carried out), the scope of the assessment, and what constraints, if any,
apply to the assessment. The assessment input also defines the responsibilities for carrying out the assessment.
From process improvement
or process capability determination
Assessment Input
• Assessment sponsor
Assessment Activities
• Assessment purpose
•Planning
• Assessment scope
• Data Collection
• Assessment constraints
• Data Validation
• Assessment responsibilities
• Process Rating
• Additional information to be collected
• Reporting
Process Assessment
Indicator Set
• Process performance indicators
• Process capability indicators
Assessment Output

Compatible Assessment record
Assessment
Reference Model
Model
• Process purpose
• Process attributes
To process improvement
or process capability determination
Figure 4 — Context of process assessment
3

---------------------- Page: 12 ----------------------
© ISO/IEC
ISO/IEC TR 15504-1:1998(E)
An assessment is carried out by assessing selected processes against the assessment model(s) selected for the
assessment. This assessment model(s) have to be compatible with the reference model defined in
ISO/IEC TR 15504-2. This two-dimensional model consists of a set of processes and a set of process attributes.
The process attributes apply across all processes. They are grouped into capability levels that may be used to
determine the capability of the process. The assessment output includes a set of process profiles and optionally a
capability level rating for each process assessed.
The assessment process contains at least five specified activities: planning
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.