ISO/TS 19158:2012

TECHNICAL ISO/TS
SPECIFICATION 19158
First edition
2012-10-15
Geographic information — Quality
assurance of data supply
Information géographique — Assurance qualité relative à
l’approvisionnement de données
Reference number
©
ISO 2012
© ISO 2012
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any
means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the
address below or ISO’s member body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO 2012 – All rights reserved

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Conformance . 1
3 Normative references . 1
4 Terms and definitions . 1
5 Abbreviated terms . 3
6 General principles . 3
6.1 Quality assurance in production and update . 3
6.2 Data quality evaluation . 4
6.3 Quality assurance framework . 5
7 Requirements . 6
7.1 Production and/or update quality assurance . 6
7.2 Quality assurance levels . 6
8 Quality assessment procedures . 7
8.1 Basic quality assessment . 7
8.2 Operational quality assessment . 7
8.3 Full quality assessment . 8
8.4 Quality assurance maintenance and monitors . 8
8.5 Failure to achieve required quality assurance level . 9
Annex A (normative) Abstract test suite .10
Annex B (informative) Example of supplier responsibilities .12
Annex C (informative) Quality assurance in production and the steps to an appropriate level of
quality assurance .15
Annex D (informative) Example of individual and team quality assessment procedure .19
Bibliography .22
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of technical committees is to prepare International Standards. Draft International
Standards adopted by the technical committees are circulated to the member bodies for voting.
Publication as an International Standard requires approval by at least 75 % of the member bodies
casting a vote.
In other circumstances, particularly when there is an urgent market requirement for such documents, a
technical committee may decide to publish other types of document:
— an ISO Publicly Available Specification (ISO/PAS) represents an agreement between technical
experts in an ISO working group and is accepted for publication if it is approved by more than 50 %
of the members of the parent committee casting a vote;
— an ISO Technical Specification (ISO/TS) represents an agreement between the members of a
technical committee and is accepted for publication if it is approved by 2/3 of the members of the
committee casting a vote.
An ISO/PAS or ISO/TS is reviewed after three years in order to decide whether it will be confirmed for
a further three years, revised to become an International Standard, or withdrawn. If the ISO/PAS or
ISO/TS is confirmed, it is reviewed again after a further three years, at which time it must either be
transformed into an International Standard or be withdrawn.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO/TS 19158 was prepared by Technical Committee ISO/TC 211, Geographic information/Geomatics.
iv © ISO 2012 – All rights reserved

Introduction
This Technical Specification provides a quality assurance framework for the producer and customer in
their production relationship. It identifies methods of managing the quality of production more efficiently
and effectively. It enables innovation and continual improvement within the context of existing:
— geographic information quality principles and quality evaluation procedures, and
— quality management systems.
With ever increasing demands in value and quality in the Geographic Information (GI) market the
framework facilitates the production of a product that meets requirements in terms of cost, quantity,
quality and timeliness.
Through the application of the framework there are opportunities for:
— better understanding of requirements by all involved in production and update especially within
multiple producer environments,
— reduced data throughput time,
— reduced rework,
— improved data quality, and
— increased confidence within a mutually beneficial relationship leading to lower costs for both
supplier and organization.
ISO 19157 establishes the principles for the description of geographic data quality and specifies
components for reporting quality information as well as procedures for the evaluation of geographic
data quality.
The quality assessment procedure, as defined in this Technical Specification, is a second-party (customer)
conformity assessment activity.
TECHNICAL SPECIFICATION ISO/TS 19158:2012(E)
Geographic information — Quality assurance of data supply
1 Scope
This Technical Specification provides a framework for quality assurance specific to geographic
information. It is based upon the quality principles and quality evaluation procedures of geographic
information identified in ISO 19157 and the general quality management principles defined in
[2]
ISO 9000 .
The framework defined in this Technical Specification enables a customer to satisfy itself that its
suppliers, both internal and external, are capable of delivering geographic information to the required
quality. Fundamental to the framework is the assurance of the supplier’s ability to understand and meet
the quality requirements. Through the quality assurance framework both the customer and the supplier
are able to consider the quality required at the earliest opportunity in the production/update process.
Principles and responsibilities of the relationship between the customer and the supplier that facilitate
the framework are provided. The responsibility for the quality assessment procedure is shared between
the customer and the supplier.
This Technical Specification is applicable to customers and suppliers of all geographic information where the
quality of the product may be impacted upon by the supplier’s processes in any of the following scenarios:
— there is an agreement or legislation for the supply of data acquisition services,
— data acquisition services are being tendered for, and
— one or more suppliers exist in the supply chain.
This Technical Specification is not applicable for the supply of legacy datasets or ‘off the shelf’ products
where there is no further data production or update activity to manage.
2 Conformance
Any organization claiming conformance with this specification shall pass all of the requirements
described in the abstract test suite presented in Annex A.
3 Normative references
The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.
1)
ISO 19157:— , Geographic information — Data quality
4 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
1) To be published.
4.1
customer
organization or person that receives a product (4.3)
[SOURCE: ISO 9000:2005, definition 3.3.5]
NOTE The customer can be internal or external to the supplier (4.11) organization.
4.2
process
set of interrelated or interacting activities which transforms inputs into outputs
[SOURCE: ISO 9000:2005, definition 3.4.1]
NOTE The process may be broken down further into elemental activities [sub-process (4.10)] as is deemed
necessary to control the quality (4.4) of the process.
4.3
product
result of a process (4.2)
[SOURCE: ISO 9000:2005, definition 3.4.2]
4.4
quality
degree to which a set of inherent characteristics fulfils requirements
[SOURCE: ISO 9000:2005, definition 3.1.1]
NOTE For the purposes of this Technical Specification the quality characteristics of a product (4.3) include:
— data quality (the elements of which are described by ISO 19157),
— volume of delivery,
— schedule of delivery, and
— cost of production and/or update.
4.5
quality assessment procedure
procedure by which a customer (4.1) assures that its suppliers (4.11) are capable of consistently
delivering the product (4.3) to the required quality (4.4)
NOTE The assessment procedure is a second-party (customer) conformity assessment activity.
4.6
quality assessment result
output of the quality assessment procedure (4.5)
4.7
quality assurance
part of quality (4.4) management focused on providing confidence that quality requirements will be fulfilled
[SOURCE: ISO 9000:2005, definition 3.2.11]
4.8
quality assurance level
assurance level achieved is an outcome of the quality assessment procedure (4.5)
NOTE Three quality assurance levels can be achieved as part of the quality assurance framework: basic,
operational and full.
2 © ISO 2012 – All rights reserved

4.9
quality control
part of quality (4.4) management focused on fulfilling quality requirements
[SOURCE: ISO 9000:2005, definition 3.2.10]
4.10
sub-process
activity elements of a process (4.2)
NOTE Sub-processes can be broken down even further as is deemed necessary to control the quality (4.4)
of the process.
EXAMPLE In the case of photogrammetric survey, aerial triangulation can be considered a sub-process.
4.11
supplier
organization or person that provides a product (4.3)
[SOURCE: ISO 9000:2005, definition 3.3.6]
NOTE 1 The supplier can be internal or external to the customer organization.
NOTE 2 In the context of this Technical Specification, the supplier has provided a product via a process that can
have some impact on quality (4.4).
5 Abbreviated terms
[1]
AQL Acceptance Quality Limit (ISO 3534-2 ) sometimes referred to as Acceptable Quality Level
GI Geographic Information
KPI Key Performance Indicators
QC Quality Control
QA Quality Assurance
6 General principles
6.1 Quality assurance in production and update
Customers can provide data product specifications to suppliers expecting them to deliver data according
to that specification with little or no input into the supplier’s processes. Delivery is expected on time and
to the volumes requested with data at the required quality level. This approach creates risks, as until the
final product is delivered, there is limited confidence in the supplier’s ability to achieve this. These risks
are getting worse with the requirement for:
— more complex data,
— increased speed to market, and
— outsourced production and update (external to the customer).
Figure 1 identifies that a product is created from the culmination of several interrelated processes
combining outputs to produce a final product. By introducing quality evaluation processes to the
data outputs from each process, sub-process, teams and individuals, according to the requirements of
ISO 19157, it is possible to determine how the quality of the final product will be affected.
EXAMPLE A process is employed to correct numerous data defects. The output from this process is then
passed to another process tasked with further data enhancements. Through measuring the quality of the output
of both processes the error introduced into the product will be more accurately understood than by measuring
the product alone. In complex production and/or update processes it is not always clear where an error has been
created it is therefore not easy to resolve.
ISO 19157 identifies that data quality elements can be evaluated in various ways and at different stages
of the lifecycle of a dataset. In this instance that stage is the production and update stage where the
objective is to assure the customer that the product can be built and maintained to the required quality.
Figure 1 identifies that each individual, team, sub-process or process can be seen to be creating a dataset.
It is this dataset that forms the scope for any testing. The scope will only include those data quality
elements, based on ISO 19157, that can be affected by the individual, team, sub-process or process. In
general all elements relevant to the final product will be considered. In all cases feedback on testing will
be provided to ensure the required quality is achieved and maintained. This procedure may be managed
within a framework provided by a quality management system.
NOTE In many cases the assurance of quality starts with the definition and design of a product. This aspect
[3] [5]
is covered in general terms in ISO 9001 and more specifically with regard to GI in ISO 19131 .
6.2 Data quality evaluation
This Technical Specification differentiates between data testing undertaken by the supplier and the
customer as quality control (QC) and data quality assurance (QA) respectively. With this differentiation,
and specific supplier responsibilities, the product is built on the concept of quality.
QC data quality evaluation is built in to the production process, monitoring and controlling the output
of individuals, sub-processes and processes. The sampling regime of QC is designed to take into
consideration the knowledge and skill of the operators and the complexity of the tasks. QC data quality
results will then provide strong indications of the likely quality of the product to be delivered to the
customer. With quality assurance throughout the production process it is possible to check against
customer requirements and to inform the product design process.
Once data is delivered to the customer it can be tested as product (data QA). In this instance the
customer’s sampling regime will take into consideration the experience of the supplier, the complexity
of the task, the supplier’s QC data quality results, quality plan and training records. The aim will be to
reduce the requirement for data QA without creating further risk.
4 © ISO 2012 – All rights reserved

Quality m anagem ent system
Custom er
Quality assurance Quality evaluation
Quality evaluation report
Production/update Product
(Metadata)
Feedback
Quality evaluation report
Process Data
(Metadata)
Feedback
Custom er
requirem ents Quality evaluation report
Sub process Data
(Metadata)
and product
design
Feedback
Quality evaluation report
Team Data
(Metadata)
Feedback
Quality evaluation report
Individual Data
(Metadata)
Feedback
Figure 1 — Quality evaluation and quality assurance in production and update
6.3 Quality assurance framework
The quality assurance framework provides the opportunity for assuring quality at production points
within the production and/or update environments as identified in 6.1.
Quality in this instance refers to the
— data quality as defined by ISO 19157,
— volume of delivery,
— schedule of delivery, and
— cost of production and/or update.
Three levels of quality assurance are described in this Technical Specification: basic, operational and
full (Clause 8). With each increment there are greater opportunities for quality assurance, thereby
mitigating risk to the quality of the product. For example, basic quality assurance may only assure a
customer of supplier intent, whilst operational quality assurance will assure capability in the supplier’s
operating environment.
Assurance of quality is gained through this staged approach. This ensures that the quality of the product
is well understood before it is even delivered. Clause 8 identifies the supplier responsibilities within the
quality assessment procedure. Further guidance on supplier responsibilities is provided in Annex B.
Once quality assurance is gained the applicable levels of assurance within the supplier’s data production
or update process are considered to be quality assured. The aim then is to maintain this assurance for
the life of the production process. The quality assessment procedure shall be designed to develop and
improve supplier capabilities.
7 Requirements
7.1 Production and/or update quality assurance
All processes necessary for the creation of the product shall be identified (see 6.1). The quality requirement
for each process and sub-process necessary for the creation of the product shall be identified. Quality in
this instance refers to data quality according to the requirements of ISO 19157 as well as:
— volume of delivery,
— schedule of delivery, and
— cost of production and/or update
The quality evaluation procedure according to the requirements of ISO 19157 shall be applied to all
relevant processes or sub-process outputs, where the process or sub-process can impact on data quality,
as identified in 6.1.
All processes and sub-processes shall inform subsequent processes and sub-processes of input data quality.
NOTE If a price for services has already been agreed, which is recommended, it is not necessary to include the
‘cost of production and/or update’ as part of the quality assessment procedure.
7.2 Quality assurance levels
The appropriate level of quality assurance, as identified in Clause 8, shall be used to assess process, sub-
process and individuals within the production and/or update element of the product cycle.
All supplier production processes, relevant to the delivery of product to the customer, shall have been
assessed or shall be in the process of being assessed as identified in Clause 8.
6 © ISO 2012 – All rights reserved

8 Quality assessment procedures
8.1 Basic quality assessment
Basic quality assessment is the first level of quality assurance to be achieved in this quality assurance
framework. As identified in Figure 1 it applies to the whole process that will deliver the product to the
customer. Its objective is to rapidly reassure the customer that a supplier is capable of meeting the overall
requirements for the delivery of the product/s. It is the customer that will confirm that the required level
of quality assurance has been met. The quality assessment procedure can apply to existing processes,
however a basic level of quality assurance is usually undertaken soon after the introduction of a new
process that will deliver data. Exact timing of the quality assessment will depend on the complexity of
the required product and/or processes.
NOTE In the case of services that are tendered for a basic level, quality assessment is undertaken as soon
after contract award as is practical. This is demonstrated in the example of external supplier steps to quality
assurance provided in C.2.
To gain assurance at this level the supplier shall be able to demonstrate to the customer that they
have understood the product specification, the data AQLs, the delivery schedule, and have a process
in place that will deliver the volumes and data quality necessary. Results of any initial data testing of
the product and initial deliverables are analysed by the customer, together with the high level process
documentation, change management and improvement plans. Once the customer has confirmed that
quality assurance has been achieved at a basic level the next immediate aim is to achieve an operational
level of quality assurance. See also the examples of assessment procedures provided in Annex C.
8.2 Operational quality assessment
8.2.1 General principles
Following basic quality assurance, operational quality assurance is the second level of assurance to be
achieved. Figure 1 illustrates the individual parts of the processes that will deliver to the customer. The
objective of operational quality assurance is to reassure the customer that the sub-processes, and the
individuals that operate within them, are delivering the required quality in support of other processes
and sub-processes. It is the customer that will confirm that the required level of assurance has been met.
The quality assessment procedure at the operational level shall start immediately after confirmation
that the basic level of assurance has been achieved. The assessment shall be completed within an agreed
period. Exact timing will depend on the complexity of the product and/or processes.
8.2.2 Sub-process quality assessment
Sub-process quality assessment is a subset of operational quality assessment. The division of processes
into further sub-processes will depend on:
— availability of output data that can be tested within a data quality scope,
— process complexity, for example, if the process can be broken down further and/or if the process is
prone to error,
— process criticality, with due consideration for the impact of process error, and
— process dependencies, with consideration for external influences on the process.
It is the customer that will confirm that the required level of assurance has been met. To achieve this, the
supplier must be able to provide evidence of:
— the identification of each sub-process and how these fit together,
— relevant and appropriate process controls (for examples, see B.2.3),
— the delivery of geographic information which meets the quality requirement for the next process in
terms of data quality,according to the requirements in ISO 19157, volume and schedule, and
— an acceptable proportion of the individuals (the team) working on any sub-process have been quality
assessed and assured (as identified in 8.2.3) and those that have not are in the process of doing so.
8.2.3 Individual and team quality assessment
Individual quality assessment is a subset of operational quality assessment. The aim of individual quality
assessment is to ensure that the workforce is adequately trained, coached, mentored and supported to
be capable of delivering to the quality required.
It is the supplier’s responsibility to undertake the quality assessment of individuals. To achieve an
appropriate level of assurance for a sub-process the individual shall have completed all the necessary
training for that sub-process.
The individual shall have demonstrated that they have the necessary knowledge and skills to be capable
of constantly meeting the data production or update AQLs and output volumes and schedule required of
the sub-process. Annex D provides an example of production AQLs for an individual.
The individual shall be able to demonstrate basic knowledge of how the process is managed, be able to
point to monitors and metrics of performance, and be actively involved in continuous improvement.
The quality assessment procedure of an individual shall be used as an opportunity to develop and
improve the knowledge and skills of that individual within the workforce.
Individuals may be grouped into teams. The quality assessment procedure may be applied to the team
through aggregation of individuals’ quality assessment results (see D.2).
8.3 Full quality assessment
Full quality assessment is the
...