CAN CSA-ISO IEC 15504-3-2005 Information technology - Process assessment - Part 3 Guidance on performing an assessment.pdf

1、 Reference numbe rISO/IEC 15504-3:2004(E)ISO/IEC 2004Information technology Process assessment Part 3: Guidance on performing an assessment Technologies de linformation valuation des procds du logiciel Partie 3: Ralisation dune valuation National Standard of CanadaCAN/CSA-ISO/IEC 15504-3:05(ISO/IEC

2、15504-3:2004)International Standard ISO/IEC 15504-3:2004 (first edition, 2004-01-15) has been adopted withoutmodification (IDT) as CSA Standard CAN/CSA-ISO/IEC 15504-3:05, which has been approved as a NationalStandard of Canada by the Standards Council of Canada.ISBN 1-55397-969-9 October 2005The Ca

3、nadian Standards Association (CSA), under whose auspices this National Standard has been produced, was chartered in 1919 and accredited by the Standards Council of Canada to the National Standards system in 1973. It is a not-for-profit, nonstatutory, voluntary membership association engaged in stand

4、ards development and certification activities. CSA standards reflect a national consensus of producers and users including manufacturers, consumers, retailers, unions and professional organizations, and governmental agencies. The standards are used widely by industry and commerce and often adopted b

5、y municipal, provincial, and federal governments in their regulations, particularly in the fields of health, safety, building and construction, and the environment. Individuals, companies, and associations across Canada indicate their support for CSAs standards development by volunteering their time

6、 and skills to CSA Committee work and supporting the Associations objectives through sustaining memberships. The more than 7000 committee volunteers and the 2000 sustaining memberships together form CSAs total membership from which its Directors are chosen. Sustaining memberships represent a major s

7、ource of income for CSAs standards development activities. The Association offers certification and testing services in support of and as an extension to its standards development activities. To ensure the integrity of its certification process, the Association regularly and continually audits and i

8、nspects products that bear the CSA Mark. In addition to its head office and laboratory complex in Toronto, CSA has regional branch offices in major centres across Canada and inspection and testing agencies in eight countries. Since 1919, the Association has developed the necessary expertise to meet

9、its corporate mission: CSA is an independent service organization whose mission is to provide an open and effective forum for activities facilitating the exchange of goods and services through the use of standards, certification and related services to meet national and international needs.For furth

10、er information on CSA services, write toCanadian Standards Association5060 Spectrum Way, Suite 100Mississauga, Ontario, L4W 5N6CanadaThe Standards Council of Canada is the coordinating body of the National Standards system, a federation of independent, autonomous organizations working towards the fu

11、rther development and improvement of voluntary standardization in the national interest. The principal objects of the Council are to foster and promote voluntary standardization as a means of advancing the national economy, benefiting the health, safety, and welfare of the public, assisting and prot

12、ecting the consumer, facilitating domestic and international trade, and furthering international cooperation in the field of standards. A National Standard of Canada is a standard which has been approved by the Standards Council of Canada and one which reflects a reasonable agreement among the views

13、 of a number of capable individuals whose collective interests provide to the greatest practicable extent a balance of representation of producers, users, consumers, and others with relevant interests, as may be appropriate to the subject in hand. It normally is a standard which is capable of making

14、 a significant and timely contribution to the national interest. Approval of a standard as a National Standard of Canada indicates that a standard conforms to the criteria and procedures established by the Standards Council of Canada. Approval does not refer to the technical content of the standard;

15、 this remains the continuing responsibility of the accredited standards development organization. Those who have a need to apply standards are encouraged to use National Standards of Canada whenever practicable. These standards are subject to periodic review; therefore, users are cautioned to obtain

16、 the latest edition from the organization preparing the standard.The responsibility for approving National Standards of Canada rests with theStandards Council of Canada270 Albert Street, Suite 200Ottawa, Ontario, K1P 6N7CanadaAlthough the intended primary application of this Standard is stated in it

17、s Scope, it is importantto note that it remains the responsibility of the users to judge its suitability for their particular purpose.Registered trade-mark of Canadian Standards AssociationCette norme est offerte en anglais seulement pour le moment. La CSA publiera la version enfranais ds quelle ser

18、a produite par lorganisme rdacteur.CAN/CSA-ISO/IEC 15504-3:05Information technology Process assessment Part 3: Guidance on performing an assessmentOctober 2005 Canadian Standards Association CSA/1CAN/CSA-ISO/IEC 15504-3:05Information technology Process assessment Part 3: Guidance on performing an as

19、sessmentCSA PrefaceStandards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the Canadian Advisory Committee (CAC) on ISO/IEC Joint Technical Committe

20、e 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph a

21、nd Telephone Consultative Committee (ITU-T).At the time of publication, ISO/IEC 15504-3:2004 is available from ISO and IEC in English only. CSA will publish the French version when it becomes available from ISO and IEC.This International Standard was reviewed by the CSA TCIT under the jurisdiction o

22、f the Strategic Steering Committee on Information Technology and deemed acceptable for use in Canada. (A committee membership list is available on request from the CSA Project Manager.) From time to time, ISO/IEC may publish addenda, corrigenda, etc. The CSA TCIT will review these documents for appr

23、oval and publication. For a listing, refer to the CSA Information Products catalogue or CSA Info Update or contact a CSA Sales representative. This Standard has been formally approved, without modification, by the Technical Committee and has been approved as a National Standard of Canada by the Stan

24、dards Council of Canada.October 2005 Canadian Standards Association 2005All rights reserved. No part of this publication may be reproduced in any form whatsoever without the prior permission ofthe publisher. ISO/IEC material is reprinted with permission. Where the words “this International Standard”

25、 appear in the text, they should be interpreted as “this National Standard of Canada”.Inquiries regarding this National Standard of Canada should be addressed toCanadian Standards Association5060 Spectrum Way, Suite 100, Mississauga, Ontario, Canada L4W 5N61-800-463-6727 416-747-4044www.csa.caRefere

26、nce numberISO/IEC 15504-3:2004(E)ISO/IEC 2004INTERNATIONAL STANDARD ISO/IEC15504-3First edition2004-01-15Information technology Process assessment Part 3: Guidance on performing an assessment Technologies de linformation valuation des procds du logiciel Partie 3: Ralisation dune valuation ISO/IEC 15

27、504-3:2004(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloadi

28、ng this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the Gene

29、ral Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given

30、 below. ISO/IEC 2004 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs memb

31、er body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org ii ISO/IEC 2004 All rights reservedISO/IEC 15504-3:2004(E) ISO/IEC 2004 All rights reserved iiiContents Page Foreword.

32、v Introduction . vi 1 Scope 1 2 Normative references . 1 3 Terms and definitions. 1 4 Overview of Process Assessment 2 4.1 Introduction . 2 4.2 Assessment process 2 4.3 Measurement Framework for Process Capability . 3 4.4 Process Reference Model 3 4.5 Process Assessment Model. 3 4.6 Assessment Tools

33、 3 4.7 Competency of assessment team . 4 4.8 Assessment approaches 4 4.9 Success factors for process assessment 4 5 Guidance on Requirements for Performing an Assessment 5 5.1 General. 5 5.2 The assessment process activities. 5 5.3 Roles and responsibilities 9 5.4 Defining the initial assessment inp

34、ut . 10 5.5 Recording the assessment output 14 5.6 Selecting a Documented Assessment Process. 14 6 Measurement Framework for Process Capability . 15 6.1 Level 0: Incomplete process 16 6.2 Level 1: Performed process. 16 6.3 Level 2: Managed process . 17 6.4 Level 3: Established process. 20 6.5 Level

35、4: Predictable process . 22 6.6 Level 5: Optimizing process 25 6.7 Rating process attributes. 27 6.8 Process capability level model 29 7 Process Reference Models 30 7.1 Interpreting The Requirements For A Process Reference Model 31 7.2 Selecting Process Reference Models . 33 8 Process Assessment Mod

36、els 34 8.1 Interpreting the requirements for a Process Assessment Model 34 8.2 Selection of a Process Assessment Model 37 9 Selecting and Using Assessment Tools. 39 10 Guidance on Competency of Assessors42 10.1 Overview 42 10.2 Gaining and maintaining competence 43 11 Guidance on Verification of Con

37、formity. 43 11.1 Verifying conformity of Process Reference Models 44 11.2 Verifying conformity of Process Assessment Models 44 11.3 Verifying conformity of process assessments 45 ISO/IEC 15504-3:2004(E) iv ISO/IEC 2004 All rights reservedAnnex A (informative) An Exemplar Documented Assessment Proces

38、s .46 Annex B (informative) Guidance on Indicators52 Bibliography54 ISO/IEC 15504-3:2004(E) ISO/IEC 2004 All rights reserved vForeword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardiz

39、ation. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutu

40、al interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordan

41、ce with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to the national bodies for voting. Publication as an International St

42、andard requires approval by at least 75 % of the member bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. ISO/IEC 15504-3 was pr

43、epared by Joint Technical Committee ISO/IEC/TC JTC 1, Information technology, Subcommittee SC 7, Software and system engineering. This first edition cancels and replaces ISO/IEC TR 15504-4:1998 and ISO/IEC TR 15504-6:1998, which have been technically revised. ISO/IEC 15504 consists of the following

44、parts, under the general title Information technology Process assessment: Part 2: Performing an assessment Part 3: Guidance on performing an assessment Part 4: Guidance on use for process improvement and process capability determination The following parts are in preparation: Part 1: Concepts and vo

45、cabulary Part 5: An exemplar Process Assessment Model The complete series will replace ISO/IEC TR 15504-1 to ISO/IEC TR 15504-9. ISO/IEC 15504-3:2004(E) vi ISO/IEC 2004 All rights reservedIntroduction This part of ISO/IEC 15504 assumes familiarity with the normative part of the standard. It is prima

46、rily addressed to the competent assessor and other people, such as the sponsor of the assessment, who need guidance on ensuring that the requirements for performing an assessment have been met. It will also be of value to developers of assessment methods and of tools to support an assessment. ISO/IE

47、C 15504-1 will provide a general introduction to the concepts of process assessment and a glossary for assessment related terms. ISO/IEC 15504-2 sets out the minimum requirements for performing an assessment that ensure consistency and repeatability of the ratings. The requirements help to ensure th

48、at the assessment output is self-consistent and provides evidence to substantiate the ratings and to verify compliance with the requirements. ISO/IEC 15504-2 defines the Measurement Framework for process capability and the requirements for: a) performing an assessment; b) process reference models; c

49、) process assessment models; d) verifying conformity of process assessment. This part of ISO/IEC 15504 provides guidance for interpreting the minimum requirements for performing an assessment. It also provides guidance on: the nature of the measurement framework; the role and function of process reference models; the requirements for and selection of a process assessment model; the selection and use of assessment tools; criteria for assessor competence; and verification of conformity of