《ISO-15504-2-2003.pdf》由会员分享,可在线阅读,更多相关《ISO-15504-2-2003.pdf(24页珍藏版)》请在三一文库上搜索。
1、 Reference number ISO/IEC 15504-2:2003(E) ISO/IEC 2003 INTERNATIONAL STANDARD ISO/IEC 15504-2 First edition 2003-10-15 Software engineering Process assessment Part 2: Performing an assessment Gnie logiciel Procds dvaluation Partie 2: Excution dune valuation ISO/IEC 15504-2:2003(E) PDF disclaimer Thi
2、s PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept the
3、rein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; t
4、he PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. ISO/IEC 2003 All rights
5、reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the re
6、quester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO/IEC 2003 All rights reserved -,-,- ISO/IEC 15504-2:2003(E) ISO/IEC 2003 All rights reserved iii Contents Page Forewordi
7、v Introduction .iv 1 Scope 1 2 Normative references . 1 3 Terms and definitions. 2 4 Performing an assessment 2 4.1 General. 2 4.2 The assessment process . 2 4.3 Roles and responsibilities 4 4.4 Defining the initial assessment input . 4 4.5 Recording the assessment output 6 5 Measurement framework f
8、or process capability . 6 5.1 Level 0: Incomplete process 6 5.2 Level 1: Performed process. 6 5.3 Level 2: Managed process . 7 5.4 Level 3: Established process. 8 5.5 Level 4: Predictable process . 9 5.6 Level 5: Optimizing process 9 5.7 Rating process attributes. 10 5.8 Process capability level mod
9、el 11 6 Models for process assessment . 11 6.1 Introduction . 11 6.2 Process Reference Models 12 6.3 Process Assessment Models 13 7 Mechanisms for verification of conformity 15 7.1 Introduction . 15 7.2 Verifying conformity of Process Reference Models 16 7.3 Verifying conformity of Process Assessmen
10、t Models 16 7.4 Verifying conformity of process assessments 16 ISO/IEC 15504-2:2003(E) iv ISO/IEC 2003 All rights reserved Foreword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardizati
11、on. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual
12、interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance
13、with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard
14、requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC 15504-2 was
15、 prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 7, Software and system engineering. This first edition of ISO/IEC 15504-2 cancels and replaces ISO/IEC TR 15504-2:1998 and ISO/IEC TR 15504-3:1998, which have been technically revised. ISO/IEC 15504 consist
16、s of the following parts, under the general title Software engineering Process assessment: Part 2: Performing an assessment Part 3: Guidance on performing an assessment Part 4: Guidance on use for process improvement and process capability determination The following parts are in preparation: Part 1
17、: Concepts and vocabulary Part 5: An exemplar Process Assessment Model The complete series will replace ISO/IEC TR 15504-1 to ISO/IEC TR 15504-9. ISO/IEC 15504-2:2003(E) ISO/IEC 2003 All rights reserved v Introduction This part of ISO/IEC 15504 defines the basis for process assessment. Other parts o
18、f ISO/IEC 15504 contain guidance that will provide a more detailed understanding of the subject. It is primarily addressed to the competent assessor and other stakeholders, such as the sponsor of the assessment, who need to be assured that the requirements of this International Standard have been me
19、t. It will also be of value to developers of assessment methods and of tools to support an assessment. ISO/IEC 15504-2 sets out the minimum requirements for performing an assessment that ensure consistency and repeatability of the ratings. The requirements help to ensure that the assessment output i
20、s self-consistent and provides evidence to substantiate the ratings and to verify compliance with the requirements. ISO/IEC 15504-1 provides a general introduction to the concepts of process assessment and a glossary for assessment related terms. ISO/IEC 15504-3 provides guidance for interpreting th
21、e requirements for performing an assessment. This part of ISO/IEC 15504 identifies the measurement framework for process capability and the requirements for: a) performing an assessment; b) Process Reference Models; c) Process Assessment Models; d) verifying conformity of process assessment. Process
22、 assessment, as defined in this International Standard, is based on a two dimensional model containing a process dimension and a capability dimension. The process dimension is provided by an external Process Reference Model, which defines a set of processes characterized by statements of process pur
23、pose and process outcomes. The capability dimension consists of a measurement framework comprising six process capability levels and their associated process attributes. The assessment output consists of a set of process attribute ratings for each process assessed, termed the process profile, and ma
24、y also include the capability level achieved by that process. Process assessment is applicable in the following circumstances: a) by or on behalf of an organization with the objective of understanding the state of its own processes for process improvement; b) by or on behalf of an organization with
25、the objective of determining the suitability of its own processes for a particular requirement or class of requirements; c) by or on behalf of one organization with the objective of determining the suitability of another organizations processes for a particular contract or class of contracts. As des
26、cribed in ISO/IEC 15504-4, process assessment is an activity that can be performed either as part of a process improvement initiative or as part of a capability determination approach. The formal entry to the assessment process occurs with the compilation of the assessment input which defines the pu
27、rpose of the assessment (why it is being carried out), the scope of the assessment, what constraints apply to the assessment and any additional information that needs to be gathered. The assessment input also defines the responsibility of the various parties in the performance of an assessment. An a
28、ssessor who has the necessary -,-,- ISO/IEC 15504-2:2003(E) vi ISO/IEC 2003 All rights reserved competence and skills oversees the assessment. Assessors may be from within the organization, external to the organization or a combination of both. An assessment is carried out against a defined assessme
29、nt input utilizing conformant Process Assessment Model(s) related to one or more conformant or compliant Process Reference Models. ISO/IEC TR 15504-5 contains an exemplar Process Assessment Model that is based upon the Process Reference Model defined in ISO/IEC 12207:1995/Amd.1, Annex F. -,-,- INTER
30、NATIONAL STANDARD ISO/IEC 15504-2:2003(E) ISO/IEC 2003 All rights reserved 1 Software engineering Process assessment Part 2: Performing an assessment 1 Scope This part of ISO/IEC 15504 addresses the assessment of process and the application of process assessment for improvement and capability determ
31、ination. It defines the minimum set of requirements for performing an assessment that will ensure assessment results are objective, impartial, consistent, repeatable and representative of the assessed processes. Results of conformant process assessments may be compared when the scopes of the assessm
32、ents are considered to be similar. For guidance on this matter, refer to ISO/IEC 15504-4. The requirements for process assessment defined in this part of ISO/IEC 15504 form a structure which: a) facilitates self-assessment; b) provides a basis for use in process improvement and capability determinat
33、ion; c) takes into account the context in which the assessed process is implemented; d) produces a process rating; e) addresses the ability of the process to achieve its purpose; f) is applicable across all application domains and sizes of organization; g) may provide an objective benchmark between
34、organizations. NOTE Copyright release: users of this part of ISO/IEC 15504 may freely reproduce relevant material as part of any Process Assessment Model, or as part of any demonstration of conformance with this International Standard, so that it can be used for its intended purpose. 2 Normative ref
35、erences The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 12207:1995/Amd.1:2002, Informatio
36、n technology Software life cycle processes ISO/IEC TR 15504-9, Information technology Software process assessment Part 9: Vocabulary1) ISO/IEC 15288:2002, Systems engineering System life cycle processes 1) A revision of this document is in preparation under the following reference: ISO/IEC 15504-1.
37、-,-,- ISO/IEC 15504-2:2003(E) 2 ISO/IEC 2003 All rights reserved 3 Terms and definitions For the purposes of this document, the terms and definitions given in ISO/IEC TR 15504-9 apply. 4 Performing an assessment 4.1 General The purpose of process assessment is to understand the capability of the pro
38、cesses implemented by an organization. As a result of successful implementation of process assessment: a) information and data that characterize the processes assessed is determined; b) the extent to which the processes achieve the process purpose is determined. This Clause of ISO/IEC 15504-2 sets o
39、ut the requirements for an assessment or assessments conformant with this International Standard. The requirements help to ensure that the assessment output is self-consistent and provides evidence to substantiate the ratings. Figure 1 shows the logical arrangement of the normative elements of this
40、International Standard. NOTE Higher levels of capability may give greater confidence that an organizations business goals will be met; lower levels of capability may indicate potential sources of risk. Process Reference Model Process Purpose Process Outcomes Measurement Framework Capability Levels P
41、rocess Attributes Rating Scale Process Assessment Model i ditScope ASSESSMENT PROCESS Planning Data Collection Data Validation Process Attribute Rating Reporting Roles and Responsibilities Sponsor Competent Assessor Assessor(s) INITIAL INPUT Purpose Scope Constraints Additional information OUTPUT Id
42、entification of Evidence Assessment Process used Process Profiles Indicators Mapping Translation Domain and Scope Identities Assessor competence criteria Date Assessment Input Additional information Approach Figure 1 The normative elements of this International Standard 4.2 The assessment process 4.
43、2.1 The assessment shall be conducted according to a documented assessment process that is capable of meeting the assessment purpose. -,-,- ISO/IEC 15504-2:2003(E) ISO/IEC 2003 All rights reserved 3 4.2.2 The documented assessment process shall contain at minimum the following activities: a) Plannin
44、g a plan for the assessment shall be developed and documented, including at minimum: 1) the required inputs specified in this part of ISO/IEC 15504; 2) the activities to be performed in conducting the assessment; 3) the resources and schedule assigned to these activities; 4) the identity and defined
45、 responsibilities of the participants in the assessment; 5) the criteria to verify that the requirements of this International Standard have been met; 6) a description of the planned assessment outputs. b) Data collection data required for evaluating the processes within the scope of the assessment
46、(see 4.4.2 c) and additional information (see 4.4.2 j) shall be collected in a systematic manner, applying at minimum the following: 1) the strategy and techniques for the selection, collection, analysis of data and justification of the ratings shall be explicitly identified and shall be demonstrabl
47、e; 2) correspondence shall be established between the organizational units processes, specified in the assessment scope, and the elements in the Process Assessment Model; 3) each process identified in the assessment scope shall be assessed on the basis of objective evidence; 4) the objective evidenc
48、e gathered for each attribute for each process assessed shall be sufficient to meet the assessment purpose and scope; 5) the identification of the objective evidence gathered shall be recorded and maintained to provide the basis for verification of the ratings. c) Data validation the data collected shall be validated to: 1) confirm that the evidence collected is objective; 2) ensure that the objective evidence is sufficient and representative to cover the scope and purpose of the assessment; 3) ensure that the data as a whole is consistent.