Quality management systems - Guidelines for configuration management

This document provides guidance on the use of configuration management within an organization. It is
applicable to the support of products and services from concept to disposal.

Systèmes de management de la qualité - Lignes directrices pour la gestion de la configuration

L'ISO 10007:2017 dispense des recommandations pour l'utilisation de la gestion de la configuration au sein de l'organisme. Il est applicable en support des produits et des services depuis leur conception jusqu'� leur retrait de service.

Sistemi vodenja kakovosti - Smernice za vodenje konfiguracij

Ta dokument zagotavlja smernice za uporabo vodenja konfiguracij v organizaciji. Uporablja se kot podpora za izdelke in storitve od zasnove do odlaganja.

General Information

Status
Published
Public Enquiry End Date
29-Aug-2016
Publication Date
14-May-2017
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
13-Apr-2017
Due Date
18-Jun-2017
Completion Date
15-May-2017

Relations

Buy Standard

Standard
ISO 10007:2017 - Quality management -- Guidelines for configuration management
English language
10 pages
sale 15% off
Preview
sale 15% off
Preview
Standard
ISO 10007:2017
English language
15 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
Standard
ISO 10007:2017 - Systemes de management de la qualité -- Lignes directrices pour la gestion de la configuration
French language
10 pages
sale 15% off
Preview
sale 15% off
Preview
Standard
ISO 10007:2017 - Quality management -- Guidelines for configuration management
Spanish language
10 pages
sale 15% off
Preview
sale 15% off
Preview
Draft
ISO/DIS 10007:2016
English language
14 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

INTERNATIONAL ISO
STANDARD 10007
Third edition
2017-03
Quality management — Guidelines for
configuration management
Management de la qualité — Lignes directrices pour la gestion de la
configuration
Reference number
ISO 10007:2017(E)
©
ISO 2017

---------------------- Page: 1 ----------------------
ISO 10007:2017(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2017, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2017 – All rights reserved

---------------------- Page: 2 ----------------------
ISO 10007:2017(E)

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Configuration management responsibility . 2
4.1 Responsibilities and authorities . 2
4.2 Dispositioning authority . 2
5 Configuration management process . 2
5.1 General . 2
5.2 Configuration management planning. 2
5.3 Configuration identification . 3
5.3.1 Product structure or service capability and selection of configuration items . 3
5.3.2 Configuration information. 3
5.3.3 Configuration baselines . 4
5.4 Change control . 4
5.4.1 General. 4
5.4.2 Initiation, identification and documentation of the need for change . 4
5.4.3 Evaluation of change. 5
5.4.4 Disposition of change . . 5
5.4.5 Implementation and verification of change . 5
5.5 Configuration status accounting . 5
5.5.1 General. 5
5.5.2 Documented Information . 6
5.5.3 Reports . 6
5.6 Configuration audit . 6
Annex A (informative) Structure and content of a configuration management plan .8
Bibliography .10
© ISO 2017 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO 10007:2017(E)

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO’s adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: w w w . i s o .org/ iso/ foreword .html.
This document was prepared by Technical Committee ISO/TC 176, Quality management and quality
assurance, Subcommittee SC 2, Quality systems.
This third edition cancels and replaces the second edition (ISO 10007:2003), which has been technically
revised. This edition aligns ISO 10007 with ISO 9000:2015 and ISO 9001:2015.
iv © ISO 2017 – All rights reserved

---------------------- Page: 4 ----------------------
ISO 10007:2017(E)

Introduction
The purpose of this document is to enhance common understanding of the subject, to promote the
use of configuration management and to assist organizations applying configuration management to
improve their performance.
This document outlines the responsibilities and authorities before describing the configuration
management process that includes configuration management planning, configuration identification,
change control, configuration status accounting and configuration audit.
Configuration management is a management activity that applies technical and administrative
direction over the life cycle of a product and service, its configuration identification and status, and
related product and service configuration information.
Configuration management documents the product or service configuration. It provides identification
and traceability, the status of achievement of its physical and functional requirements, and access to
accurate information in all phases of the life cycle.
Configuration management can be implemented based on the size of the organization and the
complexity and nature of the product or service and reflects the needs of specific lifecycle phases.
Configuration management can be used to meet the product and service identification and traceability
requirements specified in ISO 9001:2015, 8.5.2.
© ISO 2017 – All rights reserved v

---------------------- Page: 5 ----------------------
INTERNATIONAL STANDARD ISO 10007:2017(E)
Quality management — Guidelines for configuration
management
1 Scope
This document provides guidance on the use of configuration management within an organization. It is
applicable to the support of products and services from concept to disposal.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 9000:2015, Quality management systems — Fundamentals and vocabulary
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 9000 and the following apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at http:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.1
configuration
interrelated functional and physical characteristics of a product or service defined in configuration
information (3.5)
3.2
configuration baseline
approved configuration information (3.5) that establishes the characteristics of a product or service at
a point in time that serves as reference for activities throughout the life cycle of the product or service
3.3
configuration item
entity within a configuration (3.1) that satisfies an end use function
3.4
configuration status accounting
formalized recording and reporting of configuration information (3.5), the status of proposed changes
and the status of the implementation of approved changes
3.5
configuration information
requirements for product or service design, realization, verification, operation and support
© ISO 2017 – All rights reserved 1

---------------------- Page: 6 ----------------------
ISO 10007:2017(E)

4 Configuration management responsibility
4.1 Responsibilities and authorities
The organization should identify, describe and assign responsibilities and authorities, including
accountability, related to the configuration management process. The following should be considered:
a) the complexity and nature of the product or service;
b) the needs of the different product or service life cycle stages;
c) the interfaces between activities directly involved in the configuration management process;
d) the other relevant interested parties that are (or need to be) involved, both within and outside the
organization;
e) the identification of the responsible authority for verifying implementation activities;
f) the identification of the dispositioning authority.
4.2 Dispositioning authority
Prior to approval of a change, the dispositioning authority should verify that:
a) the proposed change is necessary and the consequences would be acceptable;
b) the change has been properly documented and categorized;
c) the planned activities for the implementation of the change into documented information, hardware
and/or software are satisfactory.
5 Configuration management process
5.1 General
The organization should establish, implement and maintain a configuration management process. The
organization should coordinate the activities of the configuration management process in order for it to
be effective.
The configuration management process should be focused on product or service requirements
(including those of customers or relevant interested parties), as well as the application of statutory
and regulatory requirements, while taking into account the context in which it will be performed. The
configuration management process should be detailed in a configuration management plan. This should
describe any project-specific documented information and the extent of their application during the life
cycle of the product or service.
5.2 Configuration management planning
Configuration management planning is the foundation for the configuration management process.
Effective planning coordinates configuration management activities in a specific context over the
product or service life cycle. The output of configuration management planning is the configuration
management plan.
The configuration management plan for a specific product or service should:
a) be documented and approved;
b) be controlled;
c) identify the configuration management documented information to be used;
2 © ISO 2017 – All rights reserved

---------------------- Page: 7 ----------------------
ISO 10007:2017(E)

d) make reference to relevant documented information of the organization wherever possible;
e) describe the required resources and any responsibilities and authorities (including accountability),
for carrying out configuration management throughout the life cycle of the
...

SLOVENSKI STANDARD
SIST ISO 10007:2017
01-junij-2017
1DGRPHãþD
SIST ISO 10007:2004
Sistemi vodenja kakovosti - Smernice za vodenje konfiguracij
Quality management systems - Guidelines for configuration management
Systèmes de management de la qualité - Lignes directrices pour la gestion de la
configuration
Ta slovenski standard je istoveten z: ISO 10007:2017
ICS:
03.100.70 Sistemi vodenja Management systems
03.120.10 Vodenje in zagotavljanje Quality management and
kakovosti quality assurance
SIST ISO 10007:2017 en,fr
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------

SIST ISO 10007:2017

---------------------- Page: 2 ----------------------

SIST ISO 10007:2017
INTERNATIONAL ISO
STANDARD 10007
Third edition
2017-03
Quality management — Guidelines for
configuration management
Management de la qualité — Lignes directrices pour la gestion de la
configuration
Reference number
ISO 10007:2017(E)
©
ISO 2017

---------------------- Page: 3 ----------------------

SIST ISO 10007:2017
ISO 10007:2017(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2017, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2017 – All rights reserved

---------------------- Page: 4 ----------------------

SIST ISO 10007:2017
ISO 10007:2017(E)

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Configuration management responsibility . 2
4.1 Responsibilities and authorities . 2
4.2 Dispositioning authority . 2
5 Configuration management process . 2
5.1 General . 2
5.2 Configuration management planning. 2
5.3 Configuration identification . 3
5.3.1 Product structure or service capability and selection of configuration items . 3
5.3.2 Configuration information. 3
5.3.3 Configuration baselines . 4
5.4 Change control . 4
5.4.1 General. 4
5.4.2 Initiation, identification and documentation of the need for change . 4
5.4.3 Evaluation of change. 5
5.4.4 Disposition of change . . 5
5.4.5 Implementation and verification of change . 5
5.5 Configuration status accounting . 5
5.5.1 General. 5
5.5.2 Documented Information . 6
5.5.3 Reports . 6
5.6 Configuration audit . 6
Annex A (informative) Structure and content of a configuration management plan .8
Bibliography .10
© ISO 2017 – All rights reserved iii

---------------------- Page: 5 ----------------------

SIST ISO 10007:2017
ISO 10007:2017(E)

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO’s adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: w w w . i s o .org/ iso/ foreword .html.
This document was prepared by Technical Committee ISO/TC 176, Quality management and quality
assurance, Subcommittee SC 2, Quality systems.
This third edition cancels and replaces the second edition (ISO 10007:2003), which has been technically
revised. This edition aligns ISO 10007 with ISO 9000:2015 and ISO 9001:2015.
iv © ISO 2017 – All rights reserved

---------------------- Page: 6 ----------------------

SIST ISO 10007:2017
ISO 10007:2017(E)

Introduction
The purpose of this document is to enhance common understanding of the subject, to promote the
use of configuration management and to assist organizations applying configuration management to
improve their performance.
This document outlines the responsibilities and authorities before describing the configuration
management process that includes configuration management planning, configuration identification,
change control, configuration status accounting and configuration audit.
Configuration management is a management activity that applies technical and administrative
direction over the life cycle of a product and service, its configuration identification and status, and
related product and service configuration information.
Configuration management documents the product or service configuration. It provides identification
and traceability, the status of achievement of its physical and functional requirements, and access to
accurate information in all phases of the life cycle.
Configuration management can be implemented based on the size of the organization and the
complexity and nature of the product or service and reflects the needs of specific lifecycle phases.
Configuration management can be used to meet the product and service identification and traceability
requirements specified in ISO 9001:2015, 8.5.2.
© ISO 2017 – All rights reserved v

---------------------- Page: 7 ----------------------

SIST ISO 10007:2017

---------------------- Page: 8 ----------------------

SIST ISO 10007:2017
INTERNATIONAL STANDARD ISO 10007:2017(E)
Quality management — Guidelines for configuration
management
1 Scope
This document provides guidance on the use of configuration management within an organization. It is
applicable to the support of products and services from concept to disposal.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 9000:2015, Quality management systems — Fundamentals and vocabulary
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 9000 and the following apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at http:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.1
configuration
interrelated functional and physical characteristics of a product or service defined in configuration
information (3.5)
3.2
configuration baseline
approved configuration information (3.5) that establishes the characteristics of a product or service at
a point in time that serves as reference for activities throughout the life cycle of the product or service
3.3
configuration item
entity within a configuration (3.1) that satisfies an end use function
3.4
configuration status accounting
formalized recording and reporting of configuration information (3.5), the status of proposed changes
and the status of the implementation of approved changes
3.5
configuration information
requirements for product or service design, realization, verification, operation and support
© ISO 2017 – All rights reserved 1

---------------------- Page: 9 ----------------------

SIST ISO 10007:2017
ISO 10007:2017(E)

4 Configuration management responsibility
4.1 Responsibilities and authorities
The organization should identify, describe and assign responsibilities and authorities, including
accountability, related to the configuration management process. The following should be considered:
a) the complexity and nature of the product or service;
b) the needs of the different product or service life cycle stages;
c) the interfaces between activities directly involved in the configuration management process;
d) the other relevant interested parties that are (or need to be) involved, both within and outside the
organization;
e) the identification of the responsible authority for verifying implementation activities;
f) the identification of the dispositioning authority.
4.2 Dispositioning authority
Prior to approval of a change, the dispositioning authority should verify that:
a) the proposed change is necessary and the consequences would be acceptable;
b) the change has been properly documented and categorized;
c) the planned activities for the implementation of the change into documented information, hardware
and/or software are satisfactory.
5 Configuration management process
5.1 General
The organization should establish, implement and maintain a configuration management process. The
organization should coordinate the activities of the configuration management process in order for it to
be effective.
The configuration management process should be focused on product or service requirements
(including those of customers or relevant interested parties), as well as the application of statutory
and regulatory requirements, while taking into account the context in which it will be performed. The
configuration management process should be detailed in a configuration management plan. This should
describe any project-specific documented information and the extent of their application during the life
cycle of the product or service.
5.2 Configuration management planning
Configuration management planning is the foundation for the configuration management process.
Effective planning coordinates configuration management activities in a specific context over the
product or service life cycle. The output of configuration management planning is the configuration
management plan.
The configuration management plan for a specific product or service should:
a) be documented an
...

NORME ISO
INTERNATIONALE 10007
Troisième édition
2017-03
Systèmes de management de la
qualité — Lignes directrices pour la
gestion de la configuration
Quality management — Guidelines for configuration management
Numéro de référence
ISO 10007:2017(F)
©
ISO 2017

---------------------- Page: 1 ----------------------
ISO 10007:2017(F)

DOCUMENT PROTÉGÉ PAR COPYRIGHT
© ISO 2017, Publié en Suisse
Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite ni utilisée
sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie, l’affichage sur
l’internet ou sur un Intranet, sans autorisation écrite préalable. Les demandes d’autorisation peuvent être adressées à l’ISO à
l’adresse ci-après ou au comité membre de l’ISO dans le pays du demandeur.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2017 – Tous droits réservés

---------------------- Page: 2 ----------------------
ISO 10007:2017(F)

Sommaire Page
Avant-propos .iv
Introduction .v
1 Domaine d’application . 1
2 Références normatives . 1
3 Termes et définitions . 1
4 Responsabilité dans la gestion de la configuration . 2
4.1 Responsabilités et autorités . 2
4.2 Autorité de décision . 2
5 Processus de gestion de la configuration . 2
5.1 Généralités . 2
5.2 Planification de la gestion de la configuration . 2
5.3 Identification de la configuration . 3
5.3.1 Arborescence du produit ou capacité du service et choix des articles
de configuration . 3
5.3.2 Information de configuration . 3
5.3.3 Configurations de référence . 4
5.4 Maîtrise des évolutions . 4
5.4.1 Généralités . 4
5.4.2 Détection, identification et documentation du besoin d’évolution . 4
5.4.3 Évaluation de l’évolution . 5
5.4.4 Décision relative à l’évolution . 5
5.4.5 Mise en œuvre et vérification de l’évolution . 5
5.5 Enregistrement de l’état de la configuration . 6
5.5.1 Généralités . 6
5.5.2 Information documentée . 6
5.5.3 Rapports . 6
5.6 Audits de la configuration . 7
Annexe A (informative) Structure et contenu d’un plan de gestion de la configuration .8
Bibliographie .10
© ISO 2017 – Tous droits réservés iii

---------------------- Page: 3 ----------------------
ISO 10007:2017(F)

Avant-propos
L’ISO (Organisation internationale de normalisation) est une fédération mondiale d’organismes
nationaux de normalisation (comités membres de l’ISO). L’élaboration des Normes internationales est
en général confiée aux comités techniques de l’ISO. Chaque comité membre intéressé par une étude
a le droit de faire partie du comité technique créé à cet effet. Les organisations internationales,
gouvernementales et non gouvernementales, en liaison avec l’ISO, participent également aux travaux.
L’ISO collabore étroitement avec la Commission électrotechnique internationale (IEC) en ce qui
concerne la normalisation électrotechnique.
Les procédures utilisées pour l’élaboration du présent document et celles destinées à sa mise à jour sont
décrites dans les Directives ISO/IEC, Partie 1. Il convient, en particulier, de prendre note des différents
critères d’approbation requis pour les différents types de documents ISO. Le présent document a été
rédigé conformément aux règles de rédaction données dans les Directives ISO/IEC, Partie 2 (voir www
.iso .org/ directives).
L’attention est appelée sur le fait que certains des éléments du présent document peuvent faire l’objet de
droits de propriété intellectuelle ou de droits analogues. L’ISO ne saurait être tenue pour responsable
de ne pas avoir identifié de tels droits de propriété et averti de leur existence. Les détails concernant
les références aux droits de propriété intellectuelle ou autres droits analogues identifiés lors de
l’élaboration du document sont indiqués dans l’Introduction et/ou dans la liste des déclarations de
brevets reçues par l’ISO (voir www .iso .org/ brevets).
Les appellations commerciales éventuellement mentionnées dans le présent document sont données
pour information, par souci de commodité, à l’intention des utilisateurs et ne sauraient constituer un
engagement.
Pour une explication de la nature volontaire des normes, la signification des termes et expressions
spécifiques de l’ISO liés à l’évaluation de la conformité et pour toute information au sujet de l’adhésion
de l’ISO aux principes de de l’Organisation mondiale du commerce (OMC) concernant les obstacles
techniques au commerce (OTC), voir le lien suivant: w w w . i s o .org/ iso/ foreword .html.
Le présent document a été élaboré par le comité technique ISO/TC 176, Management et assurance de la
qualité, sous-comité SC 2, Systèmes qualité.
Cette troisième édition annule et remplace la deuxième édition (ISO 10007:2003), qui a fait l’objet d’une
révision technique. La présente édition de l’ISO 10007 s’aligne sur l’ISO 9000:2015 et l’ISO 9001:2015.
iv © ISO 2017 – Tous droits réservés

---------------------- Page: 4 ----------------------
ISO 10007:2017(F)

Introduction
Le présent document a pour objet de développer une compréhension commune du sujet, d’encourager
l’utilisation de la gestion de la configuration et d’aider les organismes qui appliquent la gestion de la
configuration à améliorer leurs performances.
Ce document met d’abord en évidence les responsabilités et les autorités avant de décrire le processus
de gestion de la configuration, lequel comprend sa planification, l’identification de la configuration,
la maîtrise des évolutions, l’enregistrement de l’état de la configuration, ainsi que les audits de la
configuration.
La gestion de la configuration est une discipline de management qui applique des dispositions
administratives et techniques à toute la durée de vie d’un produit ou d’un service, à l’identification et
à l’état de sa configuration, ainsi qu’à l’information de configuration du produit ou du service associé.
La gestion de la configuration documente la configuration du produit ou du service. À toutes les étapes
de son cycle de vie, elle fournit identification et traçabilité, le point de la conformité à ses exigences
physiques et fonctionnelles, ainsi que l’accès à une information adéquate.
Dans sa mise en œuvre, il est possible de tenir compte de la taille de l’organisme comme de la complexité
et de la nature du produit ou du service. Il convient que la gestion de la configuration traduise les
besoins des phases spécifiques du cycle de vie.
La gestion de la configuration peut être utilisée pour répondre aux exigences de l’ISO 9001:2015, 8.5.2,
relatives à l’identification et à la traçabilité du produit ou du service.
© ISO 2017 – Tous droits réservés v

---------------------- Page: 5 ----------------------
NORME INTERNATIONALE ISO 10007:2017(F)
Systèmes de management de la qualité — Lignes
directrices pour la gestion de la configuration
1 Domaine d’application
Le présent document dispense des recommandations pour l’utilisation de la gestion de la configuration
au sein de l’organisme. Il est applicable en support des produits et des services depuis leur conception
jusqu’à leur retrait de service.
2 Références normatives
Les documents suivants cités dans le texte constituent, pour tout ou partie de leur contenu, des
exigences du présent document. Pour les références datées, seule l’édition citée s’applique. Pour les
références non datées, la dernière édition du document de référence s’applique (y compris les éventuels
amendements).
ISO 9000:2015, Systèmes de management de la qualité — Principes essentiels et vocabulaire
3 Termes et définitions
Pour les besoins du présent document, les termes et définitions donnés dans l’ISO 9000 ainsi que les
suivants s’appliquent.
L’ISO et l’IEC tiennent à jour des bases de données terminologiques destinées à être utilisées en
normalisation, consultables aux adresses suivantes:
— ISO Online browsing platform: disponible à l’adresse http:// www .iso .org/ obp
— IEC Electropedia: disponible à l’adresse http:// www .electropedia .org/
3.1
configuration
ensemble de caractéristiques fonctionnelles et physiques corrélées d’un produit ou d’un service définies
par l’information de configuration (3.5)
3.2
configuration de référence
information de configuration (3.5) approuvée qui établit les caractéristiques d’un produit ou d’un service
à une étape de la vie du produit ou du service et servant de référence pour les activités réalisées tout au
long du cycle de vie du produit ou du service
3.3
article de configuration
unité au sein d’une configuration (3.1) qui satisfait une fonction d’utilisation finale
3.4
enregistrement de l’état de la configuration
action d’enregistrer et de présenter sous des formes définies l’information de configuration (3.5), l’état
des demandes d’évolution et de la mise en œuvre des évolutions approuvées
3.5
information de configuration
exigences relatives à la conception, à la réalisation, à la vérification, à l’utilisation et au soutien d’un
produit ou d’un service
© ISO 2017 – Tous droits réservés 1

---------------------- Page: 6 ----------------------
ISO 10007:2017(F)

4 Responsabilité dans la gestion de la configuration
4.1 Responsabilités et autorités
Il convient que l’organisme détermine, décrive et attribue les responsabilités et les autorités, y compris
les obligations, afférentes au processus de gestion de la configuration. Il convient de considérer les
points suivants:
a) la complexité et la nature du produit ou du service;
b) les besoins des différentes étapes du cycle de vie du produit ou du service;
c) les interfaces entre activités directement concernées dans le processus de gestion de la
configuration;
d) les autres parties intéressées qui sont (ou doivent être) impliquées, tant au sein qu’en dehors de
l’organisme;
e) l’identification de l’autorité responsable de la vérification des mesures de mise en œuvre;
f) l’identification de l’autorité de décision.
4.2 Autorité de décision
Avant d’approuver une évolution, il convient que l’autorité de décision vérifie:
a) que l’évolution proposée est nécessaire et que ses conséquences seront acceptables;
b) que l’évolution a été convenablement documentée et classée;
c) que les activités planifiées pour la mise en œuvre de l’évolution dans l’information documentée, les
matériels et/ou les logiciels, sont satisfaisantes.
5 Processus de gestion de la configuration
5.1 Généralités
Il convient que l’organisme adopte, mette en œuvre et maintienne un processus de gestion de la
configuration. Il convient que l’organisme coordonne les activités du processus de gestion de la
configuration pour garantir son efficacité.
Il convient que le processus de gestion de la configuration soit centré sur les exigences relatives au
produit ou au service (y compris les exigences des clients ou des parties intéressées impliquées), ainsi
que sur l’application des exigences légales et réglementaires, tout en prenant en compte le contexte de
sa réalisation. Il convient que le processus de gestion de la configuration soit décrit dans un plan de
gestion de la configuration. Il convient que ce plan de gestion de la configuration présente l’information
documentée spécifique au projet, ainsi que son champ d’application tout au long du cycle de vie du
produit ou du service.
5.2 Planification de la gestion de la configuration
La planification de la gestion de la configuration est le fondement du processus de gestion de la
configuration. Une planification efficace coordonne les activités de gestion de la configuration dans le
contexte spécifique du cycle de vie d’un produit ou d’un service. Le plan de gestion de la configuration
constitue l’élément de sortie de la planification de la gestion de la configuration.
Pour un produit ou un service particulier, il convient qu’un plan de gestion de la configuration:
a) soit documenté et approuvé;
2 © ISO 2017 – Tous droits réservés

---------------------- Page: 7 ----------------------
ISO 10007:2017(F)

b) soit maîtrisé;
c) détermine l’information documentée de gestion de la configuration à employer;
d) se réfère, chaque fois que cela est possible, à l’information documentée pertinente de l’organisme;
e) décrive les ressources requises, ainsi que les responsabilités et les autorités (y compris les
obligations), pour la réalisation de la gestion de la configuration tout au long du cycle de vie du
produit ou du service.
Le plan de gestion de la configuration peut être un document isolé, une partie d’un autre document ou
composé de plusieurs documents.
Dans certaines situations, le plan de gestion de la configuration sera fourni par un prestataire externe.
L’organisme peut vouloir conserver de tels plans en tant que documents séparés, ou les intégrer dans
son propre plan de gestion de la configuration.
L’Annexe A décrit une structure et un contenu optionnels d’un plan de gestio
...

NORMA ISO
INTERNACIONAL 10007
Tercera edición
Traducción oficial
2017-03
Official translation
Traduction officielle
Gestión de la calidad — Directrices
para la gestión de la configuración
Quality management — Guidelines for configuration management
Systèmes de management de la qualité — Lignes directrices pour la
gestion de la configuration
Publicado por la Secretaría Central de ISO en Ginebra, Suiza, como
traducción oficial en español avalada por el Grupo de Trabajo Spanish
Translation Task Force (STTF), que ha certificado la conformidad en
relación con las versiones inglesa y francesa.
Número de referencia
ISO 10007:2017 (traducción oficial)
©
ISO 2017

---------------------- Page: 1 ----------------------
ISO 10007:2017 (traducción oficial)

DOCUMENTO PROTEGIDO POR COPYRIGHT
© ISO 2017
Reservados los derechos de reproducción. Salvo prescripción diferente, o requerido en el contexto de su implementación, no podrá
reproducirse ni utilizarse ninguna parte de esta publicación bajo ninguna forma y por ningún medio, electrónico o mecánico,
incluidos el fotocopiado, o la publicación en Internet o una Intranet, sin la autorización previa por escrito. La autorización puede
solicitarse a ISO en la siguiente dirección o al organismo miembro de ISO en el país solicitante.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Ginebra, Suiza
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Publicada en Suiza
Versión española publicada en 2017
Traducción oficial/Official translation/Traduction officielle
ii © ISO 2017 – Todos los derechos reservados

---------------------- Page: 2 ----------------------
ISO 10007:2017 (traducción oficial)

Índice Página
Prólogo .iv
Introducción .vi
1 Objeto y campo de aplicación. 1
2 Referencias normativas . 1
3 Términos y definiciones . 1
4 Responsabilidad de gestión de la configuración . 2
4.1 Responsabilidades y autoridad . 2
4.2 Autoridad con decisión sobre la configuración . 2
5 Proceso de gestión de la configuración . 2
5.1 Generalidades . 2
5.2 Planificación de la gestión de la configuración . 2
5.3 Identificación de la configuración . 3
5.3.1 Estructura del producto o capacidad del servicio y selección de los
elementos de la configuración . 3
5.3.2 Información sobre la configuración . 3
5.3.3 Líneas de referencia de la configuración. 4
5.4 Control de cambios . 4
5.4.1 Generalidades . 4
5.4.2 Iniciación, identificación y documentación de la necesidad del cambio . 4
5.4.3 Evaluación del cambio . 5
5.4.4 Disposición del cambio. 5
5.4.5 Implementación y verificación del cambio . 5
5.5 Rendición de cuentas del estado de la configuración . 6
5.5.1 Generalidades . 6
5.5.2 Información documentada . 6
5.5.3 Informes . 6
5.6 Auditoría de la configuración . 7
Anexo A (informativo) Estructura y contenido de un plan de gestión de la configuración .8
Bibliografía .10
Traducción oficial/Official translation/Traduction officielle
© ISO 2017 – Todos los derechos reservados iii

---------------------- Page: 3 ----------------------
ISO 10007:2017 (traducción oficial)

Prólogo
ISO (Organización Internacional de Normalización) es una federación mundial de organismos
nacionales de normalización (organismos miembros de ISO). El trabajo de elaboración de las Normas
Internacionales se lleva a cabo normalmente a través de los comités técnicos de ISO. Cada organismo
miembro interesado en una materia para la cual se haya establecido un comité técnico, tiene el derecho
de estar representado en dicho comité. Las organizaciones internacionales, gubernamentales y no
gubernamentales, vinculadas con ISO, también participan en el trabajo. ISO colabora estrechamente
con la Comisión Electrotécnica Internacional (IEC) en todos los temas de normalización electrotécnica.
En la Parte 1 de las Directivas ISO/IEC se describen los procedimientos utilizados para desarrollar este
documento y aquellos previstos para su mantenimiento posterior. En particular debería tomarse nota
de los diferentes criterios de aprobación necesarios para los distintos tipos de documentos ISO. Este
documento ha sido redactado de acuerdo con las reglas editoriales de la Parte 2 de las Directivas ISO/
IEC (véase www .iso .org/directives).
Se llama la atención sobre la posibilidad de que algunos de los elementos de este documento puedan
estar sujetos a derechos de patente. ISO no asume la responsabilidad por la identificación de alguno
o todos los derechos de patente. Los detalles sobre cualquier derecho de patente identificado durante
el desarrollo de este documento se indicarán en la Introducción y/o en la lista ISO de declaraciones de
patente recibidas (véase www .iso .org/patents).
Cualquier nombre comercial utilizado en este documento es información que se proporciona para
comodidad del usuario y no constituye una recomendación.
Para una explicación de la naturaleza voluntaria de las normas, el significado de los términos específicos
de ISO y las expresiones relacionadas con la evaluación de la conformidad, así como la información
acerca de la adhesión de ISO a los principios de la Organización Mundial del Comercio (OMC) respecto a
los Obstáculos Técnicos al Comercio (OTC), véase www .iso .org/iso/foreword .html.
Este documento ha sido elaborado por el Comité Técnico ISO/TC 176, Gestión y aseguramiento de la
calidad, Subcomité SC 2, Sistemas de la calidad.
Esta tercera edición anula y sustituye a la segunda edición (ISO 10007:2003) que ha sido revisada
técnicamente. Esta edición alinea la Norma ISO 10007 con las Normas ISO 9000:2015 e ISO 9001:2015.
Traducción oficial/Official translation/Traduction officielle
iv © ISO 2017 – Todos los derechos reservados

---------------------- Page: 4 ----------------------
ISO 10007:2017 (traducción oficial)

Prólogo de la versión en español
Este documento ha sido traducido por el Grupo de Trabajo Spanish Translation Task Force (STTF) del
Comité Técnico ISO/TC 176, Gestión y aseguramiento de la calidad, en el que participan representantes
de los organismos nacionales de normalización y representantes del sector empresarial de los
siguientes países:
Argentina, Bolivia, Brasil, Chile, Colombia, Costa Rica, Cuba, Ecuador, España, El Salvador, Estados
Unidos de América, Honduras, México, Panamá, Perú y Uruguay.
Igualmente, en el citado Grupo de Trabajo participan representantes de COPANT (Comisión
Panamericana de Normas Técnicas) e INLAC (Instituto Latinoamericano de la Calidad).
Esta traducción es parte del resultado del trabajo que el Grupo ISO/TC 176/STTF, viene desarrollando
desde su creación en el año 1999 para lograr la unificación de la terminología en lengua española en el
ámbito de la gestión de la calidad.
Traducción oficial/Official translation/Traduction officielle
© ISO 2017 – Todos los derechos reservados v

---------------------- Page: 5 ----------------------
ISO 10007:2017 (traducción oficial)

Introducción
El propósito de este documento es mejorar la comprensión sobre el tema de gestión de la configuración,
promover su uso y ayudar a las organizaciones que la aplican, a mejorar su desempeño.
Este documento presenta una descripción general de las responsabilidades y autoridades antes
de describir el proceso de gestión de la configuración que incluye la planificación de la gestión de la
configuración, la identificación de la configuración, el control de cambios, la rendición de cuentas del
estado de la configuración y la auditoría de la configuración.
La gestión de la configuración es una actividad de gestión que aplica la dirección técnica y administrativa
durante el ciclo de vida de un producto y servicio, la identificación y estado de la configuración y la
información relacionada con la configuración del producto y del servicio.
La gestión de la configuración documenta la configuración del producto o servicio. Proporciona
identificación y trazabilidad, el estado de cumplimiento de sus requisitos físicos y funcionales, y acceso
a información exacta en todas las fases del ciclo de vida.
La gestión de la configuración se puede implementar con base en el tamaño de la organización y en la
complejidad y naturaleza del producto o servicio y refleja las necesidades de las fases específicas del
ciclo de vida.
La gestión de la configuración se puede usar para satisfacer los requisitos de identificación y trazabilidad
del producto y servicio especificados en el apartado 8.5.2 de la Norma ISO 9001:2015.
Traducción oficial/Official translation/Traduction officielle
vi © ISO 2017 – Todos los derechos reservados

---------------------- Page: 6 ----------------------
NORMA INTERNACIONAL ISO 10007:2017 (traducción oficial)
Gestión de la calidad — Directrices para la gestión de la
configuración
1 Objeto y campo de aplicación
Este documento presenta orientación sobre el uso de la gestión de la configuración dentro de una
organización. Es aplicable al soporte de productos y servicios desde su conceptualización hasta su
disposición final.
2 Referencias normativas
Los siguientes documentos se referencian en el texto de tal forma que parte o la totalidad de su
contenido constituyen requisitos de este documento. Para las referencias con fecha, sólo aplica la
edición citada. Para las referencias sin fecha se aplica la última edición del documento de referencia
(incluyendo cualquier modificación).
ISO 9000:2015, Sistemas de gestión de la calidad — Fundamentos y vocabulario
3 Términos y definiciones
Para los fines de este documento, se aplican los términos y definiciones incluidos en la Norma ISO 9000
además de los siguientes.
ISO e IEC mantienen bases de datos terminológicas para su utilización en normalización en las siguientes
direcciones:
— Plataforma de búsqueda en línea de ISO: disponible en http: //www .iso .org/obp
— Electropedia de IEC: disponible en http: //www .electropedia .org/
3.1
configuración
características funcionales y físicas interrelacionadas de un producto o servicio, definidas en la
información sobre configuración (3.5)
3.2
línea de referencia de la configuración
información sobre configuración aprobada (3.5) que establece las características de un producto o
servicio en un punto en el tiempo, que sirve como referencia para actividades durante todo el ciclo de
vida del producto o servicio
3.3
elemento de configuración
entidad dentro de una configuración (3.1), que satisface una función de uso final
3.4
rendición de cuentas del estado de la configuración
registro e informe formalizado de la información sobre configuración (3.5), el estado de los cambios
propuestos y el estado de implementación de los cambios aprobados
3.5
información sobre configuración
los requisitos para el diseño, realización, verificación, operación y soporte del producto o servicio
Traducción oficial/Official translation/Traduction officielle
© ISO 2017 – Todos los derechos reservados 1

---------------------- Page: 7 ----------------------
ISO 10007:2017 (traducción oficial)

4 Responsabilidad de gestión de la configuración
4.1 Responsabilidades y autoridad
La organización debería identificar, describir y asignar las responsabilidades y autoridad, incluirá la
rendición de cuentas, relacionadas con el proceso de gestión de la configuración. Se debería considerar
lo siguiente:
a) la complejidad y naturaleza del producto o servicio;
b) las necesidades de las diferentes etapas en el ciclo de vida del producto o servicio;
c) las interfaces entre las actividades directamente involucradas en el proceso de gestión de la
configuración;
d) las otras partes interesadas pertinentes que están (o necesitan estar) involucradas tanto dentro
como fuera de la organización;
e) la identificación de la autoridad responsable de verificar las actividades de implementación;
f) la identificación de la autoridad con decisión sobre la configuración.
4.2 Autoridad con decisión sobre la configuración
Antes de la aprobación de un cambio, la autoridad con decisión sobre la configuración debería
verificar que:
a) el cambio propuesto es necesario, y las consecuencias serían aceptables;
b) el cambio ha sido documentado y categorizado apropiadamente, y;
c) las actividades planificadas para la implementación del cambio en la información documentada, el
hardware y/o el software son satisfactorias.
5 Proceso de gestión de la configuración
5.1 Generalidades
La organización debería establecer, implementar y mantener un proceso de gestión de la configuración.
La organización debería coordinar las actividades del proceso de gestión de la configuración, para que
este proceso sea eficaz.
El proceso de gestión de la configuración debería estar enfocado en los requisitos del producto y del
servicio (incluidos los de los clientes o de las partes interesadas pertinentes), al igual que la aplicación
de los requisitos legales o reglamentarios, mientras se tiene en cuenta el contexto en el cual se ejecute.
El proceso de gestión de la configuración se debería detallar en un plan de gestión de la configuración.
Éste debería describir cualquier información documentada específica de los proyectos, y el alcance o
aplicación durante el ciclo de vida del producto o servicio.
5.2 Planificación de la gestión de la configuración
La planificación de la gestión de la configuración es la base del proceso de gestión de la configuración.
Una planificación eficaz coordina las actividades de gestión de la configuración en un contexto
específico durante el ciclo de vida del producto o servicio. El resultado de la planificación de la gestión
de la configuración es el plan de gestión de la configuración.
El plan de gestión de la configuración para un producto o servicio específico debería:
a) estar documentado y aprobado;
Traducción oficial/Official translation/Traduction officielle
2 © ISO 2017 – Todos los derechos reservados

---------------------- Page: 8 ----------------------
ISO 10007:2017 (traducción oficial)

b) estar controlado;
c) identificar la información documentada de la gestión de la configuración por usar;
d) hacer referencia a la información documentada pertinente de la organización, siempre que sea
posible;
e) describir los recursos requeridos y cualquier responsabilidad y autoridad (incluid
...

SLOVENSKI STANDARD
oSIST ISO/DIS 10007:2016
01-julij-2016
Sistemi vodenja kakovosti - Smernice za vodenje konfiguracij
Quality management systems - Guidelines for configuration management
Systèmes de management de la qualité - Lignes directrices pour la gestion de la
configuration
Ta slovenski standard je istoveten z: ISO/DIS 10007
ICS:
03.100.70 Sistemi vodenja Management systems
03.120.10 Vodenje in zagotavljanje Quality management and
kakovosti quality assurance
oSIST ISO/DIS 10007:2016 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
oSIST ISO/DIS 10007:2016

---------------------- Page: 2 ----------------------
oSIST ISO/DIS 10007:2016
DRAFT INTERNATIONAL STANDARD
ISO/DIS 10007
ISO/TC 176/SC 2 Secretariat: BSI
Voting begins on: Voting terminates on:
2016-06-15 2016-09-06
Quality management systems — Guidelines for
configuration management
Systèmes de management de la qualité — Lignes directrices pour la gestion de la configuration
ICS: 03.120.10
THIS DOCUMENT IS A DRAFT CIRCULATED
FOR COMMENT AND APPROVAL. IT IS
THEREFORE SUBJECT TO CHANGE AND MAY
NOT BE REFERRED TO AS AN INTERNATIONAL
STANDARD UNTIL PUBLISHED AS SUCH.
To expedite distribution, this document is circulated as received from the
IN ADDITION TO THEIR EVALUATION AS
committee secretariat. ISO Central Secretariat work of editing and text
BEING ACCEPTABLE FOR INDUSTRIAL,
composition will be undertaken at publication stage.
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
STANDARDS MAY ON OCCASION HAVE TO
BE CONSIDERED IN THE LIGHT OF THEIR
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
Reference number
NATIONAL REGULATIONS.
ISO/DIS 10007:2016(E)
RECIPIENTS OF THIS DRAFT ARE INVITED
TO SUBMIT, WITH THEIR COMMENTS,
NOTIFICATION OF ANY RELEVANT PATENT
RIGHTS OF WHICH THEY ARE AWARE AND TO
©
PROVIDE SUPPORTING DOCUMENTATION. ISO 2016

---------------------- Page: 3 ----------------------
oSIST ISO/DIS 10007:2016
ISO/DIS 10007:2016(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2016, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2016 – All rights reserved

---------------------- Page: 4 ----------------------
oSIST ISO/DIS 10007:2016
ISO/DIS 10007:2016(E)

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Configuration management responsibility . 1
4.1 Responsibilities and authorities . 1
4.2 Dispositioning authority . 2
5 Configuration management process . 2
5.1 General . 2
5.2 Configuration management planning. 2
5.3 Configuration identification . 3
5.3.1 Product structure or service capability and selection of configuration items . 3
5.3.2 Configuration information. 3
5.3.3 Configuration baselines . 3
5.4 Change control . 4
5.4.1 General. 4
5.4.2 Initiation, identification and documentation of the need for change . 4
5.4.3 Evaluation of change. 4
5.4.4 Disposition of change . . 5
5.4.5 Implementation and verification of change . 5
5.5 Configuration status accounting . 5
5.5.1 General. 5
5.5.2 Documented Information . 5
5.5.3 Reports . 6
5.6 Configuration audit . 6
Annex A (Informative)Structure and content of a configuration management plan .7
Bibliography . 9
© ISO 2016 – All rights reserved iii

---------------------- Page: 5 ----------------------
oSIST ISO/DIS 10007:2016
ISO/DIS 10007:2016(E)

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity
assessment, as well as information about ISO’s adherence to the WTO principles in the Technical
Barriers to Trade (TBT) see the following URL: www.iso.org/iso/foreword.html.
The committee responsible for this document is Technical Committee ISO/TC 176, Quality management
and quality assurance, Subcommittee SC 2, Quality systems.
This third edition cancels and replaces the second edition (ISO 10007:2003). This edition has sought to
improve the alignment of ISO 10007 with ISO 9000:2015 and ISO 9001:2015.
iv © ISO 2016 – All rights reserved

---------------------- Page: 6 ----------------------
oSIST ISO/DIS 10007:2016
ISO/DIS 10007:2016(E)

Introduction
The purpose of this International Standard is to enhance common understanding of the subject, to
promote the use of configuration management, and to assist organizations applying configuration
management to improve their performance.
This International Standard outlines the responsibilities and authorities before describing the
configuration management process that includes configuration management planning, configuration
identification, change control, configuration status accounting and configuration audit.
Configuration management is a management activity that applies technical and administrative
direction over the life cycle of a product and service, its configuration identification and status, and
related product and service configuration information.
Configuration management documents the product or service configuration. It provides identification
and traceability, the status of achievement of its physical and functional requirements, and access to
accurate information in all phases of the life cycle.
Configuration management can be implemented based on the size of the organization and the
complexity and nature of the product or service and should reflect the needs of specific lifecycle phases.
© ISO 2016 – All rights reserved v

---------------------- Page: 7 ----------------------
oSIST ISO/DIS 10007:2016

---------------------- Page: 8 ----------------------
oSIST ISO/DIS 10007:2016
DRAFT INTERNATIONAL STANDARD ISO/DIS 10007:2016(E)
Quality management systems — Guidelines for
configuration management
1 Scope
This International Standard gives guidance on the use of configuration management within an
organization. It is applicable to the support of products and services from concept to disposal.
2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and are
indispensable for its application. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any amendments) applies.
ISO 9000:2015, Quality management systems — Fundamentals and vocabulary
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 9000 and the following apply.
3.1
configuration
interrelated functional and physical characteristics of a product or service defined in configuration
information (3.5)
3.2
configuration baseline
approved configuration information (3.5) that establishes the characteristics of a product or service at
a point in time that serves as reference for activities throughout the life cycle of the product or service
3.3
configuration item
entity within a configuration (3.1) that satisfies an end use function
3.4
configuration status accounting
formalized recording and reporting of configuration information (3.5), the status of proposed changes
and the status of the implementation of approved changes
3.5
configuration information
requirements for product or service design, realization, verification, operation and support
4 Configuration management responsibility
4.1 Responsibilities and authorities
The organization should identify, describe, and assign responsibilities and authorities, including
accountability, related to the configuration management process. The following should be considered:
a) the complexity and nature of the product or service;
b) the needs of the different product or service life cycle stages;
© ISO 2016 – All rights reserved 1

---------------------- Page: 9 ----------------------
oSIST ISO/DIS 10007:2016
ISO/DIS 10007:2016(E)

c) the interfaces between activities directly involved in the configuration management process;
d) the other relevant interested parties that are, or need to be, involved, within and outside the
organization;
e) the identification of the responsible authority for verifying implementation activities;
f) the identification of the dispositioning authority.
4.2 Dispositioning authority
Prior to approval of a change, the dispositioning authority should verify that:
a) the proposed change is necessary, and the consequences would be acceptable;
b) the change has been properly documented and categorized;
c) the planned activities for the implementation of the change into documented information, hardware
and/or software are satisfactory.
5 Configuration management process
5.1 General
The organization should establish, implement and maintain a configuration management process. The
organization should coordinate the activities of the configuration management process in order for it to
be effective.
The configuration management process should focus on customer and statutory and regulatory
requirements for the product or service and should take into account the context in which it will be
performed. The configuration management process should be detailed in a configuration management
plan. This should describe any project-specific documented procedures and the extent of their
application during the life cycle of the product or service.
5.2 Configuration management planning
Configuration ma
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.