ISO/IEC 33071:2016

INTERNATIONAL ISO/IEC
STANDARD 33071
First edition
2016-10-15
Information technology — Process
assessment — An integrated process
capability assessment model for
Enterprise processes
Technologies de l’information — Évaluation des processus — Modèle
d’évaluation de la capacité des processus intégrés pour les processus
d’entreprise
Reference number
©
ISO/IEC 2016
© ISO/IEC 2016, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO/IEC 2016 – All rights reserved

Contents Page
Foreword . v
About Enterprise SPICE . vi
Introduction . vii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 General . 1
5 Process assessment model architecture . 2
5.1 Two dimensional model . 2
5.2 Assessment indicators . 3
6 The process dimension and process performance indicators . 4
6.1 General . 4
6.2 Governance/Management Category . 6
6.2.1 Enterprise Governance . 6
6.2.2 Investment Management. 9
6.2.3 Human Resource Management . 11
6.2.4 Enterprise Architecture . 14
6.2.5 Business Relationship Management . 16
6.2.6 Supplier Agreement Management . 17
6.2.7 Tendering . 20
6.2.8 Project Management . 23
6.2.9 Risk Management . 27
6.3 Life Cycle Category . 30
6.3.1 Needs . 30
6.3.2 Requirements . 33
6.3.3 Design . 35
6.3.4 Design Implementation . 37
6.3.5 Integration . 38
6.3.6 Evaluation . 40
6.3.7 Deployment and Disposal. 43
6.3.8 Operation and Support . 45
6.4 Support Category . 47
6.4.1 Alternatives Analysis . 47
6.4.2 Measurement and Analysis . 49
6.4.3 Quality Assurance and Management . 52
6.4.4 Change and Configuration Management . 55
6.4.5 Information Management . 58
6.4.6 Knowledge Management . 61
6.4.7 Training. 63
6.4.8 Research and Innovation . 66
6.4.9 Work Environment . 69
6.4.10 Process Definition . 71
6.4.11 Process Improvement . 74
6.5 Special Applications . 77
6.5.1 Safety and Security . 77
7 The capability dimension and process capability indicators . 81
7.1 Process capability Level 0: Incomplete process . 82
7.2 Process capability Level 1: Performed process . 82
© ISO/IEC 2016 — All rights reserved iii

Annex A (informative) Conformity of the process reference model and process assessment
model with ISO/IEC 33004 requirements .83
A.1 Introduction .83
A.2 Conformance of the process reference model with ISO/IEC 33004 Clause 5 .83
A.3 Conformance of the process assessment model with ISO/IEC 33004 Clause 6 .86
Annex B (informative) Application and use of the process assessment model .90
B.1 Relationship to other standards and models .90
B.2 Contexts of Use .91
B.3 Support for Assessment and Process Improvement .92
Annex C (informative) Relationship Tables .95
Annex D (informative) High-level Mapping Tables . 108
Annex E (informative) Project Participants . 145
E.1 Sponsor . 145
E.2 Advisory Board . 145
E.2.1 Current Advisory Board Members . 145
E.2.2 Previous Advisory Board Members (other than those on current Advisory Board) . 145
E.3 Project Leader . 146
E.4 Architecture Team . 146
E.4.1 Current Members . 146
E.4.2 Previous Members (other than those on current team) . 146
E.5 Author Team . 146
E.6 Buddies and Key Early Reviewers . 147
E.7 Editorial Team . 147
E.8 General Reviewers . 148
E.9 Project Stakeholders . 148
Bibliography . 153
1 Enterprise SPICE Sources . 153
2 Enterprise SPICE References . 155
3 [iCMM] Sources and References . 156
4 [iCMM-SS] Sources and References . 158
4.1 Safety Source Standards . 158
4.2 Security Source Standards . 158
4.3 Other Safety and Security References . 158
4.3 Work Environment Sources and References . 159
5 [iCMM] Source Change Annotations . 159
6 Enterprise SPICE post publication references . 160
iv © ISO/IEC 2016 — All rights reserved

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are members of
ISO or IEC participate in the development of International Standards through technical committees
established by the respective organization to deal with particular fields of technical activity. ISO and IEC
technical committees collaborate in fields of mutual interest. Other international organizations, governmental
and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information
technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types of
document should be noted. This document was drafted in accordance with the editorial rules of the
ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
...