ISO/IEC TR 24748-3:2011

TECHNICAL ISO/IEC
REPORT TR
24748-3
First edition
2011-09-01
Systems and software engineering — Life
cycle management —
Part 3:
Guide to the application of ISO/IEC 12207
(Software life cycle processes)
Ingénierie des systèmes et du logiciel — Gestion du cycle de vie —
Partie 3: Guide pour l'application de l'ISO/CEI 12207 (Processus du
cycle de vie du logiciel)
Reference number
©
ISO/IEC 2011
©  ISO/IEC 2011
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56  CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO/IEC 2011 – All rights reserved

Contents Page
Foreword . v
Introduction . vi
1  Scope . 1
2  Terms and definitions . 1
3  Overview of ISO/IEC 12207:2008 . 1
3.1  General . 1
3.2  Structure of ISO/IEC 12207:2008 . 2
3.3  Context of ISO/IEC 12207:2008 . 2
3.4  Comparison to previous versions of ISO/IEC 12207 . 4
4  Application Concepts . 5
4.1  Overview . 5
4.2  Software concepts . 5
4.2.1  System and software concepts . 5
4.3  Life cycle concepts . 7
4.4  Process concepts . 7
4.4.1  General . 7
4.4.2  Process principles . 9
4.4.3  Process categories of ISO/IEC 12207:2008 . 10
4.4.4  Recursive/iterative application of processes . 15
4.5  Organizational concepts . 17
4.5.1  General . 17
4.5.2  Responsibility . 18
4.5.3  Organizational relationships . 18
4.5.4  Project organizational structure . 19
4.6  Project concepts . 19
4.6.1  General . 19
4.6.2  Project relationships . 20
4.6.3  Enabling system relationships . 21
4.6.4  Hierarchy of projects . 22
4.7  Adaptation concepts . 23
4.7.1  General . 23
4.7.2  Adaptation . 24
4.7.3  Life cycle adaptation . 24
4.7.4  Adaptation for domains, disciplines and specialties . 24
4.7.5  Tailoring . 25
5  Applying ISO/IEC 12207:2008 . 25
5.1  Overview . 25
5.2  Application strategy . 25
5.2.1  Overview . 25
5.2.2  Planning the application . 27
5.2.3  Conduct pilot project(s) . 27
5.2.4  Formalize the approach . 28
5.2.5  Institutionalize the approach . 28
5.3  Application in organizations . 28
5.3.1  Overview . 28
5.3.2  Considerations and techniques . 29
5.3.3  Application opportunities . 29
5.3.4  Management commitment . 30
5.3.5  Uses of ISO/IEC 12207:2008 within an organization . 30
© ISO/IEC 2011 – All rights reserved iii

5.4  Application on projects .31
5.4.1  Overview .31
5.4.2  Application of Agreement Processes on a project .32
5.4.3  Application of Technical Processes to a project .35
5.4.4  Application of Software Implementation Processes to a project .45
5.4.5  Application of processes in a life cycle model .48
Annex A (informative) Notes for the application of ISO/IEC 12207:2008 processes .59
A.1  General .59
A.2  Agreement Processes (Clause 6.1) .59
A.3  Organizational Project-Enabling Processes (Clause 6.2) .69
A.4  Project Processes (Clause 6.3) .71
A.5  Technical Processes (Clause 6.4) .81
A.6  Software Implementation Processes (Clause 7.1) .97
A.7  Software Support Processes (Clause 7.2) . 104
A.8  Software Reuse Processes (Clause 7.3) . 108
Annex B (informative) Use of reusable software products . 109
B.1  Scope . 109
B.2  Evaluating reusable software products . 109
Bibliography . 110

iv © ISO/IEC 2011 – All rights reserved

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are members of
ISO or IEC participate in the development of International Standards through technical committees
established by the respective organization to deal with particular fields of technical activity. ISO and IEC
technical committees collaborate in fields of mutual interest. Other international organizations, governmental
and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information
technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as
an International Standard requires approval by at least 75 % of the national bodies casting a vote.
In exceptional circumstances, when the joint technical committee has collected data of a different kind from
that which is normally published as an International Standard (“state of the art”, for example), it may decide to
publish a Technical Report. A Technical Report is entirely informative in nature and shall be subject to review
every five years in the same manner as an International Standard.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
ISO/IEC TR 24748-3 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 7, Software and systems engineering.
This first edition of ISO/IEC TR 24748-3 cancels and replaces ISO/IEC TR 15271:1998, which has been
technically revised.
ISO/IEC TR 24748 consists of the following parts, under the general title Systems and software
engineering — Life cycle management:
 Part 1: Guide for life cycle management
 Part 2: Guide to the application of ISO/IEC 15288 (System life cycle processes)
 Part 3: Guide to the application of ISO/IEC 12207 (Software life cycle processes)
© ISO/IEC 2011 – All rights reserved v

Introduction
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) currently have two International Standards that focus on life cycle processes:
 ISO/IEC 15288:2008, Systems and software engineering — System life cycle processes, and
 ISO/IEC 12207:2008, Systems and software engineering — Software life cycle processes.
In addition, ISO and IEC have a multi-part International Standard that promotes the adoption of an integrated
process approach when establishing, implementing, operating, monitoring, reviewing, maintaining and
improving a Service Management System (SMS), to deliver services which meet business needs and
customer requirements:
 ISO/IEC 20000, Information technology — Service management.
This service management standard may be used in conjunction with ISO/IEC 15288 and ISO/IEC 12207 for
the delivery of system services and software services.
The purpose of this part of ISO/IEC TR 24748 is to provide guidance on the application of the software life
cycle processes standard, ISO/IEC 12207:2008. Taken together, the parts of ISO/IEC TR 24748 are intended
to facilitate the joint usage of the process content of the two high-level life cycle process standards, which in
turn may be used together with related standards such as the one for service management, and various other
lower-level process standards. In this way, ISO/IEC TR 24748 provides unified and consolidated guidance on
the life cycle management of systems and software. Its purpose is to help ensure consistency in system
concepts and life cycle concepts, models, stages, processes, process application, key points of view,
adaptation and use in various domains as the two standards (and others) are used in combination. It should
help a project design a life cycle model for managing progress on a project.
Whereas ISO/IEC TR 24748-1 addresses in generic terms the purpose stated above of guidance for the life
cycle management of systems and software, this part of ISO/IEC TR 24748 focuses in on and expands the
coverage of those aspects most relevant to software. This part of ISO/IEC TR 24748 will also, in conjunction
with ISO/IEC TR 24748-1, aid in identifying and planning the use of the life cycle processes described in
ISO/IEC 12207:2008. The proper use of these processes will contribute to a project being completed
successfully, meeting its objectives and requirements for each stage and for the overall project.
This part of ISO/IEC TR 24748 elaborates on factors that should be considered when applying
ISO/IEC 12207:2008 and does this in the context of the various ways in which ISO/IEC 12207:2008 can be
applied. The guidance is not intended to provide the rationale for the requirements of ISO/IEC 12207:2008.
Before reading this part of ISO/IEC TR 24748, readers have to understand the relation between system and
software, the concept of "system of interest", and the structure of a system. These concepts are described in
ISO/IEC TR 24748-1.
vi © ISO/IEC 2011 – All rights reserved

TECHNICAL REPORT ISO/IEC TR 24748-3:2011(E)

Systems and software engineering — Life cycle management —
Part 3:
Guide to the application of ISO/IEC 12207 (Software life cycle
processes)
1 Scope
This part of ISO/IEC TR 24748 is a guide for the application of ISO/IEC 12207:2008. It addresses system, life
cycle, process, organizational, project, and adaptation concepts, principally through reference to
ISO/IEC TR 24748-1 and ISO/IEC 12207:2008. It gives guidance on applying ISO/IEC 12207:2008 from the
aspects of strategy, planning, application in organizations, and application on projects.
This part of ISO/IEC TR 24748 is intentionally aligned with both ISO/IEC TR 24748-1 and
ISO/IEC TR 24748-2 (Guide to the application of ISO/IEC 15288) in its terminology, structure and content.
2 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 12207:2008,
ISO/IEC 15288:2008 and ISO/IEC TR 24748-1:2010, apply.
3 Overview of ISO/IEC 12207:2008
3.1 General
ISO/IEC 12207:2008, Systems and software engineering — Software life cycle processes, establishes a
common framework for software life cycle processes, with well-defined terminology, that can be referenced by
the software industry. It applies to the acquisition of systems and software products and services, to the
supply, implementation, operation, maintenance, and disposal of software products and the software portion
of a system, whether performed internally or externally to an organization. Those aspects of system definition
needed to provide the context for software products and services are included. Software includes the software
portion of firmware.
ISO/IEC 12207:2008 may be used stand alone or jointly with other International Standards, such as
ISO/IEC 15288:2008, and supplies a process reference model that supports process capability assessment in
accordance with ISO/IEC 15504-2, Information technology — Process assessment — Part 2: Performing an
assessment.
The purpose of ISO/IEC 12207:2008 is to provide a defined set of processes to facilitate communication
among acquirers, suppliers and other stakeholders in the life cycle of a software product. ISO/IEC 12207:2008
is written for acquirers of systems and software products and services and for suppliers, implementers,
operators, maintainers, managers, quality assurance managers, and users of software products.
© ISO/IEC 2011 – All rights reserved 1

3.2 Structure of ISO/IEC 12207:2008
ISO/IEC 12207:2008 contains requirements in four clauses.
 Clause 6, which defines the requirements for the system life cycle processes,
 Clause 7, which defines the requirements for specific software life cycle processes,
 Clauses of Annex A, which provides requirements for tailoring of ISO/IEC 12207:2008, and
 Clauses of Annex B, which provides a Process Reference Model (PRM) which may be used for
assessment purposes.
Five informative annexes support the use of ISO/IEC 12207:2008 or its harmonization with
ISO/IEC 15288:2008:
 Annex C expands on the history and rationale for the changes to achieve harmonization, and provides
high-level traceability among the International Standards which were used as the inputs to the revision of
ISO/IEC 12207:2008.
 Annex D describes the alignment of the processes of ISO/IEC 15288:2008 and ISO/IEC 12207:2008.
 Annex E provides an example of a process view for Usability, intended to illustrate how a project might
assemble processes, activities and tasks of ISO/IEC 12207:2008 to provide focused attention to the
achievement of product characteristics that have been selected as being of special interest.
 Annex F contains some example process descriptions relating to business goals and contracting that may
be considered useful to some readers of ISO/IEC 12207:2008.
 Annex G provides support for IEEE users and describes relationships of ISO/IEC 12207:2008 to IEEE
standards.
Readers of ISO/IEC 12207:2008 are advised to consult clause 5 of that International Standard to gain
understanding of the key concepts used.
3.3 Context of ISO/IEC 12207:2008
ISO/IEC 12207:2008 has a focus on the processes that are used by or for software-centred projects that exist
in a defined relationship with the organization, other projects and enabling systems. A project is assigned
responsibility that encompasses one or more life cycle stages of the software system-of-interest.
ISO/IEC 12207:2008 is applicable to organizations and projects whether they act as the acquirer or the
supplier of a software system and whether the system is comprised of products, services, or a combination of
both.
The context of ISO/IEC 12207:2008 is illustrated in Figure 1.
2 © ISO/IEC 2011 – All rights reserved

Have span of
interest
Project span of
control
System-of-
Organizations
Organizations
interest
Organizations
Enabling
system
Create and monitor
projects
Projects
Projects
Projects
Software
Apply processes to perform
required work on or with
Life cycle stages
(s , s , …, s ) software within life cycle
1 2 n
stages
Figure 1 — Context of ISO/IEC 12207:2008
A single project may involve multiple organizations working together as partners. Such a project should use
ISO/IEC 12207:2008 to establish common terminology, as well as information flows and interfaces among the
organizations to enhance communication.
When an organization applies ISO/IEC 12207:2008 to a particular software system, then that system becomes
the system-of-interest. The system-of-interest has a life cycle that consists of multiple stages through which
the system passes during its lifetime, denoted s , s , …, s .
1 2 n
EXAMPLE An example of typical stages is:
 s : concept,
 s : development,
 s : operation, and
 s : maintenance.
NOTE 1 Stages are described in clause 5.1.12 of ISO/IEC 12207:2008 and in clauses 3.2, 4 and 5 of
ISO/IEC TR 24748-1.
A number of enabling systems are deployed throughout the software life cycle to provide the system-of-
interest with support as needed. Each life cycle stage can require one or more enabling systems. Enabling
systems that cooperate with the software during its operation and maintenance stages can be needed, as well.
It is important to note that an enabling system has its own life cycle and that when ISO/IEC 12207:2008 (or
ISO/IEC 15288:2008, if applicable) is applied to it, it then becomes a system-of-interest.
NOTE 2 The role and use of enabling systems are described in clause 4.6.3 of this Technical Report.
NOTE 3 For related material on enabling systems, see also clause 5.1.4 of ISO/IEC 15288:2008 and clause 3.1.5 of
ISO/IEC TR 24748-1.
© ISO/IEC 2011 – All rights reserved 3

Have system
focus
ISO/IEC 12207:2008 is applicable at any level of the structure associated with a software system. As the
software is decomposed recursively into its elements, the processes of ISO/IEC 12207:2008 may be used for
each element in the software structure. Each system element has a life cycle of its own and its own set of
enabling systems.
NOTE 4 For related material on system structure, see clause 5.1.3 of ISO/IEC 15288:2008 and clause 3.1.4 of
ISO/IEC TR 24748-1.
NOTE 5 A view from a project hierarchy perspective is given in clause 4.6.4 of this Technical Report.
In order to perform needed operations and transformations upon software systems during their life cycles, the
organization creates and monitors projects. Projects have defined scope, resources (including time) and focus.
The scope can involve managing all of the stages of the life cycle, a subset of the stages, one or more defined
processes or one or more process activities. The time scale can be of varying duration, for example one hour
or tens of years. The focus of the project is related to the software and its elements in some form of system
structure or stage partitioning.
NOTE 6 Related project concepts are described in clause 4.6 of this Technical Report.
NOTE 7 System life cycle concepts are described in clause 3.2 of ISO/IEC TR 24748-1.
Organizations focus on software that is created in projects within the organization or in conjunction with other
organizations. Projects have a span of interest that includes the software and its related enabling systems.
Some enabling systems are under direct control of the project. The software and those enabling systems
make up the project span of control.
NOTE 8 The span of interest is described in clause 4.6.3 of this Technical Report.
The work performed in projects is on or with the software within one or more life cycle stages. The scope of
ISO/IEC 12207:2008 includes the definition of an appropriate life cycle for software, the selection of processes
to be applied throughout the life cycle and the application of these processes to fulfil agreements and achieve
customer satisfaction.
ISO/IEC 12207:2008 can be applied to all types of software product-focused or service-focused systems and
system elements consisting of software.
The use of ISO/IEC 12207:2008 may be adapted to accommodate the varying project requirements in treating
software life cycles.
NOTE 9 This may be performed by adapting the life cycle as described in clauses 6 and 7 of ISO/IEC TR 24748-1 and
tailoring described in Annex A of ISO/IEC 12207:2008.
3.4 Comparison to previous versions of ISO/IEC 12207
ISO/IEC 12207 was published on 1 August 1995 and was the first International Standard to provide a
comprehensive set of life cycle processes, activities and tasks for software that is part of a larger system, and
for standalone software products and services. That International Standard was followed in November 2002
by ISO/IEC 15288 which addressed system life cycle processes. The ubiquity of the software meant that the
software and its design processes should not be considered separately from those systems, but be
considered as an integral part of the system and system design processes. The ISO/IEC 12207 Amendments
in 2002 and 2004 added process purpose and outcomes to the International Standard and established a
Process Reference Model in accordance with the requirements of ISO/IEC 15504-2.
ISO/IEC 12207:2008 integrates ISO/IEC 12207:1995 with its two Amendments and provides better process
definition to support consistency and improved usability.
NOTE 1 Clause 9.1 of ISO/IEC TR 24748-1 gives extensive detailed comparison between the versions of
ISO/IEC 12207, as well as comparisons between ISO/IEC 15288:2008 and ISO/IEC 12207:2008.
NOTE 2 Figure 18 in ISO/IEC TR 24748-1 shows the process structure changes of the 2008 update.
4 © ISO/IEC 2011 – All rights reserved

NOTE 3 Figure 20 in ISO/IEC TR 24748-1 provides information regarding the source of the provisions in the aligned
process clause set of ISO/IEC 12207:2008.
NOTE 4 Figure 21 in ISO/IEC TR 24748-1 provides a mapping between ISO/IEC 12207:1995 and ISO/IEC 12207:2008
process clause sets.
NOTE 5 Figure 22 in ISO/IEC TR 24748-1 gives the inverse mapping between ISO/IEC 12207:2008 and
ISO/IEC 12207:1995.
4 Application Concepts
4.1 Overview
This Technical Report provides guidelines for life cycle management in the field of software systems. This
clause highlights and explains essential concepts on which this Technical Report is based, and introduces key
concepts useful in reading and applying ISO/IEC 12207:2008.
NOTE ISO/IEC TR 24748-1 provides more information on concepts related to life cycle management in general.
4.2 Software concepts
4.2.1 System and software concepts
The application of ISO/IEC 12207:2008 presupposes an understanding of system concepts. A system is a
combination of interacting elements organized to achieve one or more stated purposes. For the purposes of
this Technical Report, systems are considered man-made and utilized to provide services in defined
environments for the benefit of users and other stakeholders. These systems may be configured with one or
more of the following: hardware, software, services, humans, processes (e.g. review process), procedures
(e.g. operator instructions), facilities and naturally occurring entities (e.g. water, organisms, minerals). A
system may be considered as a product or as the services it provides. A system element is a member of a set
of elements that constitutes a system. A system element is a discrete part of a system that can be
implemented to fulfil specified requirements.
NOTE 1 System concepts are introduced in ISO/IEC 15288:2008, clause 5.1. Additional discussion, such as systems
and system structure, is provided in ISO/IEC TR 24748-1, clause 3.1.
NOTE 2 ISO/IEC TR 24748-2 provides more information on concepts related to system life cycle management.
Software is the subsystems or elements of a system consisting of computer programs, related procedures,
associated documentation, and data pertaining to the operation of the subsystem or element.
System concepts are directly applicable to software. The underlying philosophy of ISO/IEC 12207:2008 is that
aspects such as software implementation and maintenance should be conducted in a manner that exhibits
engineering discipline. Following this approach allows the establishment of a framework that has clear
linkages to the systems engineering environment, i.e. one that includes software, hardware, people and
business practices.
Characteristic properties at a system’s boundary arise from the interactions between subordinate systems.
Whatever the boundaries chosen to define the software system, the concepts and models in this Technical
Report are generic and permit a practitioner to correlate or adapt individual instances of life cycles to its
software concepts and principles.
NOTE 3 The relationship between systems and software is introduced in ISO/IEC 12207:2008, clause 5.1.2.
© ISO/IEC 2011 – All rights reserved 5

Figure 2 illustrates a system as a specific combination of hardware, computers, software, people, and facilities.
In the parent system, processes such as business processes exist. Software serves by providing for the
execution of certain functions of these processes in computers. The software could be resident in a computer,
embedded in a piece of firmware, or integral to a hardware item. In any case, the acquisition, supply,
implementation, operation, or maintenance of the software needs to be in coordination and harmony with
those of the parent system.
Business processes in the system
Computer based processes
Hardware Software
Manual Operations
Facilities
Computer
System
System
Figure 2 — Software in the system
Within an organization, there may be a number of computer systems supporting the business processes, as
shown in Figure 3.
6 © ISO/IEC 2011 – All rights reserved

Figure 3 — Computer systems in an organization
4.3 Life cycle concepts
Application of ISO/IEC 12207:2008 presupposes an understanding of life cycle concepts.
NOTE Life cycle concepts are introduced in ISO/IEC 15288:2008, clause 5.2. Additional discussion is in
ISO/IEC TR 24748-1 clause 3.2.
4.4 Process concepts
4.4.1 General
4.4.1.1 Introduction
The application of ISO/IEC 12207:2008 presupposes an understanding of process concepts.
NOTE 1 Process concepts are introduced in ISO/IEC 15288:2008, clause 5.3. Additional discussion is in
ISO/IEC TR 24748-1, clause 3.3.
The focus of ISO/IEC 12207:2008 is on the processes that are applied within a life cycle. The processes can
be used by organizations (for example functional organizations and projects) that play the role of acquirer,
supplier (for example main contractor, subcontractor, or service provider) or management to fulfil
© ISO/IEC 2011 – All rights reserved 7

responsibilities pertaining to the software system. Additionally, the processes in ISO/IEC 12207:2008 can be
used as a reference model for process assessments under ISO/IEC 15504, Information technology —
Process assessment.
A process is an integrated set of activities that transform inputs (for example a set of data such as
requirements) into desired outputs (for example a set of data describing a desired solution). An activity is a set
of cohesive tasks. A task is a requirement, recommendation, or permissible action, intended to contribute to
the achievement of one or more outcomes of a process.
A task is expressed in the form of a requirement, self-declaration, recommendation, or permissible action. For
this purpose, Note 3 of Clause 2.3 in ISO/IEC 15288:2008 carefully employs certain auxiliary verbs to
differentiate between the forms of tasks:
 “Shall” is used to express a requirement of the International Standard;
 “Should” to express a recommendation;
 “May” to indicate permission.
Within a life cycle stage, processes are performed as required to achieve stated objectives. The progression
of a system through its life is the result of actions managed and performed by people in one or more
organizations using the processes selected for a life cycle stage.
NOTE 2 Process concepts are introduced in ISO/IEC 15288:2008, clause 5.3, ISO/IEC 12207:2008, clauses 5.1.9 and
5.1.10, and ISO/IEC TR 24748-1, clause 3.3.
NOTE 3 Criteria for processes are discussed in ISO/IEC 12207:2008, clause 5.1.8, and the decomposition of
processes is discussed in clause 5.1.11. ISO/IEC 15288:2008 does not contain corresponding material.
NOTE 4 ISO/IEC TR 24774, Systems and software engineering — Life cycle management — Guidelines for process
definition, provides guidelines for the description of processes.
Figure 4 illustrates example inputs and outputs of a process for engineering a system. The inputs can be
either converted to desired outputs or can enable or control the conversion. Each set of these process inputs
and outputs needs to be defined and managed.

Figure 4 — Example process inputs and outputs
8 © ISO/IEC 2011 – All rights reserved

4.4.1.2 Inputs
Inputs can come from outside an organization or project, or from other processes that precede or accompany
the process being examined. Examples of inputs to a process include:
a) Information, such as requirements, interface or architecture definitions.
b) Data, such as measurements and test reports.
c) Material that either ends up in the output or is consumed in producing the output.
d) Services that are part of a chain of services, such as setting up a computer prior to, or coincident with
establishing an account.
4.4.1.3 Outputs
Outputs can go to other processes or back to the same process (recursive processing) inside the organization,
project (or both), or they can go outside the project or organization, or both. Examples of outputs parallels the
examples given for inputs in 4.4.1.1. However, the outputs are often (but not necessarily) transformed in some
way by the process being examined.
4.4.1.4 Controls
Processes can be controlled by organizational or organization management directives and constraints and by
governmental regulations and laws. Examples of such controls on a process include:
a) The project agreement.
b) The interfaces with processes used on other systems for which the project is responsible (see
clause 4.6.2 of this Technical Report).
c) The applicable system life cycle stage or stages.
d) Internal standard practices of the organization, or the part of the organization that has project
responsibility.
4.4.1.5 Enabling Mechanisms
Each process can have a set of process enabling mechanisms such as listed below.
a) The workforce that performs the tasks related to the process.
b) Other resources required by the process such as facilities, equipment and funds.
c) Tools (for example software and hardware, automated, manual) required for performing the process
activities.
d) Technologies required by persons performing the activities including methods, procedures and
techniques.
4.4.2 Process principles
4.4.2.1 Introduction
ISO/IEC 12207:2008 establishes a top-level architecture of the life cycle of software from conception through
retirement. The architecture is constructed with a set of processes and interrelationships among these
processes. The processes are based on two primary principles:
© ISO/IEC 2011 – All rights reserved 9

 Modularity; and
 responsibility.
4.4.2.2 Modularity
The processes are modular, in that they are:
a) Strongly cohesive: All the parts of a process are strongly related. This reduces the dependency of one
process on others, which in turn increases the efficiency with which the process can be executed;
b) Loosely coupled: The number of interfaces among the processes is kept to a minimum, which reduces
the amount of communication required for each process to successfully complete.
In principle, each process is dedicated to a unique function at each usage in a given stage of the life cycle and
may employ another process for a specialized function. The following presents the rules for identifying,
scoping, and structuring processes:
a) A process is modular i.e. one process should perform one and only one function within the life cycle and
the interfaces between any two processes should be minimal;
NOTE The rule that a process should perform one and only function does not imply that a process can only be
performed by one part of an organization at one stage of the life cycle. Performing a process is not locked to any one time,
part of the life cycle, or performing part of the organization.
b) Each process is invoked in the architecture;
c) If process A is invoked by process B and only process B, then A belongs to B;
d) If a function is invoked by more than one process, then the function becomes a process in itself;
e) It must be possible to verify any function within the life cycle model;
f) Each process should have an internal structure defined sufficiently to be executable.
4.4.2.3 Responsibility
The principle of responsibility is closely linked to the concept of an organization. Each process is considered
the responsibility of an organization (or party). An organization may perform one or more processes. A
process may be performed by one organization or more than one organization, with one of the organizations
being identified as the responsible party. A party executing a process has the responsibility for that entire
process even though the execution of individual tasks may be by different people.
The responsibility principle facilitates adaptation and application of ISO/IEC 12207:2008 on a project, in which
many persons may be legitimately involved.
NOTE 1 ISO/IEC TR 24748-1, clause 3.3.2 provides more information on process responsibility.
NOTE 2 Organizations and parties are discussed in clause 4.5 of this Technical Report.
4.4.3 Process categories of ISO/IEC 12207:2008
4.4.3.1 General
ISO/IEC 12207:2008 groups the activities that may be performed during the life cycle of a software system
into seven process groups, four of which are system context process groups, and three of which are software-
specific process groups. The system context process groups are similar or identical to those in
ISO/IEC 15288:2008.
10 © ISO/IEC 2011 – All rights reserved

The system context process groups are:
 Agreement Processes;
 Organizational Project-Enabling Processes;
 Project Processes; and
 Technical Processes.
The software specific process groups are:
 Software Implementation Processes;
 Software Support Processes; and
 Software Reuse Processes.
Each of the life cycle processes within the seven groups is described in terms of its purpose and desired
outcomes and lists activities and tasks which need to be performed to achieve those outcomes.
NOTE The life cycle process categories are summarized in ISO/IEC 12207:2008, clause 5.2.1. A summary of the
processes are given in clause 5.2.2. In-depth discussions are given in clauses 6 and 7.
4.4.3.2 System context process categories
The system context processes are shown in Figure 5.

Figure 5 — System context processes
© ISO/IEC 2011 – All rights reserved 11

NOTE 1 A summary of the system context processes are given in ISO/IEC 12207:2008, clause 5.2.2.1. An in-depth
discussion is given in clause 6.
The four system context process groups of ISO/IEC 12207:2008, as well as the primary relationships between
the groups, are portrayed in Figure 6. The role of the Organizational Project-Enabling and Project groups of
processes is to achieve the project goals within applicable life cycle stages to satisfy an agreement.
Organizational Project-Enabling Processes provide enabling resources and infrastructure that are used to
create, support, and monitor projects and to assess project effectiveness. The Project Processes ensure that
adequate planning, assessment, and control activities are performed to manage processes and life cycle
stages.
Appropriate processes are selected from the Technical Processes and used to populate projects in order for
the project to perform work related to the system life cycle.

Figure 6 — Role of the system context processes
Projects may need to establish relationships with other projects within the organization, as well as those in
other organizations. Such relationships are established through the Agreement Processes of acquisition and
supply as shown in Figure 7. The degree of formality of the agreement is adapted to the internal or external
business relationships between projects.
NOTE 2 An example and discussion of the use of the Agreement Processes is provided in clause 5.4.2 of this
Technical Report.
12 © ISO/IEC 2011 – All rights reserved

Figure 7 — Use of Agreement Processes
4.4.3.3 Software specific process categories
The software specific processes are shown in Figure 8.
© ISO/IEC 2011 – All rights reserved 13

Figure 8 — Software specific processes
NOTE A summary of the software specific processes are given in ISO/IEC 12207:2008, clause 5.2.2.2. An in-depth
discussion is given in clause 7.
The three software specific process groups of ISO/IEC 12207:2008, as well as the primary relationships
between the groups, are portrayed in Figure 9.
14 © ISO/IEC 2011 – All rights reserved

Figure 9 — Role of the software specific processes
4.4.4 Recursive/iterative application of processes
4.4.4.1 General
Two forms of process a
...