1、BS ISO/IEC 20246:2017 Software and systems engineering Work product reviews BSI Standards Publication WB11885_BSI_StandardCovs_2013_AW.indd 1 15/05/2013 15:06BS ISO/IEC 20246:2017 BRITISH STANDARD National foreword This British Standard is the UK implementation of ISO/IEC 20246:2017. The UK particip
2、ation in its preparation was entrusted to Technical Committee IST/15, Software and systems engineering. A list of organizations represented on this committee can be obtained on request to its secretary. This publication does not purport to include all the necessary provisions of a contract. Users ar
3、e responsible for its correct application. The British Standards Institution 2017. Published by BSI Standards Limited 2017 ISBN 978 0 580 90033 4 ICS 35.080 Compliance with a British Standard cannot confer immunity from legal obligations. This British Standard was published under the authority of th
4、e Standards Policy and Strategy Committee on 31 March 2017. Amendments/corrigenda issued since publication Date T e x t a f f e c t e dBS ISO/IEC 20246:2017 Software and systems engineering Work product reviews Ingnierie du logiciel et des systmes Revue des produits de travail INTERNATIONAL STANDARD
5、 ISO/IEC 20246 Reference number ISO/IEC 20246:2017(E) First edition 2017-02 ISO/IEC 2017 BS ISO/IEC 20246:2017ii ISO/IEC 2017 All rights reserved COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2017, Published in Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be re
6、produced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the reques
7、ter. ISO copyright office Ch. de Blandonnet 8 CP 401 CH-1214 Vernier, Geneva, Switzerland Tel. +41 22 749 01 11 Fax +41 22 749 09 47 copyrightiso.org www.iso.org ISO/IEC 20246:2017(E)BS ISO/IEC 20246:2017ISO/IEC 20246:2017(E)Foreword v Introduction vi 1 Scope . 1 2 Normative references 1 3 T erms an
8、d definitions . 1 4 Conformance . 3 4.1 Intended usage 3 4.2 Full conformance. 3 4.3 Tailored conformance . 3 5 Work product reviews. 4 5.1 Overview 4 5.2 Review attributes 4 5.3 Review types . 4 6 Work product review process . 5 6.1 Overview 5 6.2 Purpose 5 6.3 Outcomes . 5 6.4 Activities and tasks
9、 6 6.4.1 Planning . 6 6.4.2 Initiate review 6 6.4.3 Individual review . 7 6.4.4 Issue communication and analysis 7 6.4.5 Fixing and reporting . 8 6.5 Information items . 8 7 Review techniques 8 7.1 Overview 8 7.2 Individual reviewing techniques . 9 7.2.1 Overview . 9 7.2.2 Ad hoc reviewing . 9 7.2.3
10、 Checklist-based reviewing 9 7.2.4 Scenario-based reviewing 9 7.2.5 Perspective-based reading (PBR).10 7.2.6 Role-based reviewing .11 7.3 Issue analysis techniques 11 7.3.1 Overview 11 7.3.2 Individual analysis .11 7.3.3 Review meeting techniques 11 7.3.4 Group decision making 12 Annex A (normative)
11、 Review documentation 13 Annex B (informative) Review documentation examples .21 Annex C (informative) Review attributes .26 Annex D (informative) Review types .30 Annex E (informative) Mapping to IEEE 1028-2008 34 Annex F (informative) Review selection based on work product 35 Annex G (informative)
12、 Reviews Life cycle mapping 37 Annex H (informative) Review measurement and improvement 39 Annex I (informative) Tool support 41 ISO/IEC 2017 All rights reserved iii Contents PageBS ISO/IEC 20246:2017ISO/IEC 20246:2017(E)Bibliography .42 iv ISO/IEC 2017 All rights reservedBS ISO/IEC 20246:2017ISO/IE
13、C 20246:2017(E) Foreword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standard
14、s through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC
15、, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular, t
16、he different approval criteria needed for the different types of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives). Attention is drawn to the possibility that some of the elements of this docum
17、ent may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (see www
18、 .iso .org/ patents). Any trade name used in this document is information given for the convenience of users and does not constitute an endorsement. For an explanation on the meaning of ISO specific terms and expressions related to conformit y assessment, as well as information about ISOs adherence
19、to the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following URL: www . i s o .org/ iso/ foreword .html. This document was prepared by Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 7, Software and systems engineering. ISO/IE
20、C 2017 All rights reserved vBS ISO/IEC 20246:2017ISO/IEC 20246:2017(E) Introduction The purpose of this document is to provide an International Standard that defines work product reviews, such as inspections, reviews and walkthroughs that can be used at any stage of the software and systems life cyc
21、le. It can be used to review any system or software work product. This document defines a generic process for work product reviews that can be configured based on the purpose of the review and the constraints of the reviewing organization. The intent is to describe a generic process that can be appl
22、ied both efficiently and effectively by any organization to any work product. The main objectives of reviews are to detect issues, to evaluate alternatives, to improve organizational and personal processes, and to improve work products. When applied early in the life cycle, reviews are typically sho
23、wn to reduce the amount of unnecessary rework on a project. The work product review techniques presented in this document can be used at various stages of the generic review process to identify defects and evaluate the quality of the work product. Review documents that are produced during work produ
24、ct reviews are defined in Annex A.vi ISO/IEC 2017 All rights reservedBS ISO/IEC 20246:2017Software and systems engineering Work product reviews 1 Scope This document establishes a generic framework for work product reviews that can be referenced and used by all organizations involved in the manageme
25、nt, development, test and maintenance of systems and software. It contains a generic process, activities, tasks, review techniques and documentation templates that are applied during the review of a work product. A work product is any artefact produced by a process. This document defines work produc
26、t reviews that can be used during any phase of the life cycle of any work product. This document is intended for, but not limited to, project managers, development managers, quality managers, test managers, business analysts, developers, testers, customers and all those involved in the development,
27、testing and maintenance of systems and software. 2 Normative references The following documents are referred to in the text in such a way that some or all of their content constitutes requirements of this document. For dated references, only the edition cited applies. For undated references, the lat
28、est edition of the referenced document (including any amendments) applies. ISO/IEC/IEEE 24765, Systems and software engineering Vocabulary 3 T erms a nd definiti ons For the purposes of this document, the terms and definitions given in ISO/IEC/IEEE 24765 and the following apply. ISO and IEC maintain
29、 terminological databases for use in standardization at the following addresses: IEC Electropedia: available at h t t p :/ www .electropedia .org/ ISO Online browsing platform: available at h t t p :/ www .iso .org/ obp 3.1 ad hoc reviewing unstructured independent review technique 3.2 author check
30、informal review performed by the author of the work product 3.3 buddy check informal review performed independently by a colleague of the author 3.4 checklist-based reviewing review technique guided by a list of questions or required attributes 3.5 formal review form of review that follows a defined
31、 process with formal documented output 3.6 informal review form of review that does not follow a defined process and has no formal documented output INTERNATIONAL ST ANDARD ISO/IEC 20246:2017(E) ISO/IEC 2017 All rights reserved 1BS ISO/IEC 20246:2017ISO/IEC 20246:2017(E) 3.7 informal group review in
32、formal review performed by three or more persons 3.8 inspection formal review of a work product to identify issues, which uses defined team roles and measurement to improve the review process EXAMPLE Fagan Inspections 7are a specific type of inspection and code inspections are used to review program
33、 source code. 3.9 issue observation that deviates from expectations EXAMPLE Potential defect, improvement or point needing clarification. 3.10 milestone review formal review of a work product and supporting evidence used to determine its acceptability for use in the next stage of development or for
34、delivery Note 1 to entry: The requirement for this form of review is normally specified in the project plan. 3.11 page-by-page reviewing technique where reviewers review a work product in a sequential order 3.12 pair review informal review of a work product performed by two suitably qualified people
35、 other than the author working together 3.13 peer desk check informal review where the author and a colleague walk through a work product 3.14 peer review review of work products performed by others qualified to do the same work 3.15 perspective-based reading form of role-based reviewing that uses c
36、hecklists and involves the creation of prototype deliverables to check the completeness and other quality characteristics of the work product 3.16 role-based reviewing technique where reviewers review a work product from the perspective of different stakeholder roles EXAMPLE Typical stakeholder role
37、s include specific user types, such as work product maintainer, tester and developer. 3.17 scenario-based reviewing technique where the review is guided by determining the ability of the work product to address specific scenarios2 ISO/IEC 2017 All rights reservedBS ISO/IEC 20246:2017ISO/IEC 20246:20
38、17(E) 3.18 technical review formal peer review of a work product by a team of technically-qualified personnel that examines the suitability of the work product for its intended use and identifies discrepancies from specifications and standards Note 1 to entry: Technical review may also provide recom
39、mendations of alternatives and examination of various alternatives. 3.19 walkthrough formal review in which an author leads members of the review through a work product, and the participants ask questions and make comments about possible issues 3.20 work product artefact produced by a process EXAMPL
40、E Project plan, requirements specification, design documentation, source code, test plan, test meeting minutes, schedules, budgets, and incident reports. Note 1 to entry: A subset of the work products can be baselined to be used as the basis of further work and some will form the set of project deli
41、verables. 4 Conformance 4.1 Intended usage The normative requirements in this document are contained in Clause 6 and Annex A. It is recognized that particular projects or organizations may not need to use all of the techniques defined by this document. Therefore, implementation of this document typi
42、cally involves selecting a set of techniques suitable for the project or organization. There are two ways that an organization or individual can claim conformance to the provisions of this document. The organization or individual shall assert whether full or tailored conformance to this document is
43、claimed. 4.2 Full conformance Full conformance is achieved by demonstrating that all of the requirements (i.e. “shall” statements) of the work product review process defined in Clause 6 and the review documentation annex of this document have been satisfied. 4.3 Tailored conformance When this docume
44、nt is used as a basis for establishing a review process that does not qualify for full conformance, the subset of activities for which tailored conformance is claimed, is recorded. Tailored conformance is achieved by demonstrating that all of the requirements (i.e. “shall” statements) for the record
45、ed subset of activities have been satisfied. Where tailoring occurs, justification shall be provided (either directly or by reference), whenever an activity defined in Clause 6 of this document is not followed. All tailoring decisions shall be recorded with their rationale, including the considerati
46、on of any applicable risks. Tailoring decisions shall be agreed by the relevant stakeholders. ISO/IEC 2017 All rights reserved 3BS ISO/IEC 20246:2017ISO/IEC 20246:2017(E) 5 Work product reviews 5.1 Overview Work product reviews are performed on many projects, typically as a means of contributing to
47、the early detection of defects, so that these defects can be removed as early as possible thus reducing unnecessary rework. In practice, reviews are performed for a variety of purposes in addition to defect detection (examples are listed in C.1.2.1). Reviews can be classified in a number of ways. In
48、 this document, reviews are classified as either formal or informal. Many review techniques can be used over the course of a review, such as role-based reviewing for individual review and checklist-based reviewing during a review meeting. The generic process for conducting work product reviews (defi
49、ned in Clause 6) includes a number of selectable attributes (including review techniques). This allows users to configure their specific review type according to their unique situation. These attributes are described in detail in Annex C. This configuration of the generic process allows users to define reviews that suit their purpose while still conforming to their constraints in the most effective and efficient manner, rather than forcing them to choose a specific named review type that they
