1、BS ISO/IEC 30105-5:2016Information technology IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes Part 5: GuidelinesBSI Standards PublicationWB11885_BSI_StandardCovs_2013_AW.indd 1 15/05/2013 15:06BS ISO/IEC 30105-5:2016 BRITISH STANDARDNational forewordThis British Stand
2、ard is the UK implementation of ISO/IEC 30105-5:2016.The UK participation in its preparation was entrusted to Technical Committee IST/60, IT Service Management and IT Governance.A list of organizations represented on this committee can be obtained on request to its secretary.This publication does no
3、t purport to include all the necessary provisions of a contract. Users are responsible for its correct application. The British Standards Institution 2016.Published by BSI Standards Limited 2016ISBN 978 0 580 88923 3 ICS 35.080 Compliance with a British Standard cannot confer immunity from legal obl
4、igations.This British Standard was published under the authority of the Standards Policy and Strategy Committee on 30 November 2016.Amendments/corrigenda issued since publicationDate T e x t a f f e c t e dBS ISO/IEC 30105-5:2016Information technology IT Enabled Services-Business Process Outsourcing
5、 (ITES-BPO) lifecycle processes Part 5: GuidelinesTechnologies de linformation Processus du cycle de vie de la dlocalisation du processus daffaires des services activs par IT Partie 5: Lignes directricesINTERNATIONAL STANDARDISO/IEC30105-5Reference numberISO/IEC 30105-5:2016(E)First edition2016-11-1
6、5 ISO/IEC 2016BS ISO/IEC 30105-5:2016ii ISO/IEC 2016 All rights reservedCOPYRIGHT PROTECTED DOCUMENT ISO/IEC 2016, Published in SwitzerlandAll rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or m
7、echanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester.ISO copyright officeCh. de Blandonnet 8 CP 401CH-1214 Vernier, Geneva,
8、SwitzerlandTel. +41 22 749 01 11Fax +41 22 749 09 47copyrightiso.orgwww.iso.orgISO/IEC 30105-5:2016(E)BS ISO/IEC 30105-5:2016ISO/IEC 30105-5:2016(E)Foreword ivIntroduction v1 Scope . 12 Normative references 13 Terms and definitions . 14 Purpose 25 ITES-BPO process context . 36 ITES-BPO process struc
9、ture 47 Stakeholders and stakeholder value definition . 88 Process reference model .109 Process assessment model 1110 Framework for assessment of process capability .1510.1 Components of assessment . 1510.2 Measurement framework . 1711 Organization maturity model 1912 Process capability assessment 2
10、212.1 Process capability initiation 2212.2 Process assessment output 2213 Process risk determination 2413.1 Process risk determination Introduction 2413.2 Process risk determination Steps 2513.2.1 Step 1 Initiate process risk determination 2513.2.2 Step 2 Set target capability . 2613.2.3 Step 3 Asse
11、ss current capability 2613.2.4 Step 4 Determine proposed capability .2613.2.5 Step 5 Verify proposed capability .2713.2.6 Step 6 Analyse process related risks and act on results 2714 Process improvement .2814.1 Process improvement purpose and outcomes 2814.2 Types of process improvement 2814.3 Proce
12、ss improvement programme . 3014.3.1 Examine organizations business goals to set improvement objectives .3014.3.2 Initiate process improvement cycle .3114.3.3 Identify improvement areas 3214.3.4 Analyse assessment strengths and weaknesses 3214.3.5 Review organizational improvement objectives .3314.3.
13、6 Generate and identify improvement areas .3314.3.7 Derive action plan 3314.3.8 Implement improvements 3414.3.9 Monitoring implementation 3514.3.10 Confirm improvements . 3514.3.11 Sustain and monitor improvements 35Bibliography .37 ISO/IEC 2016 All rights reserved iiiContents PageBS ISO/IEC 30105-5
14、:2016ISO/IEC 30105-5:2016(E)ForewordISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of Internation
15、al Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with
16、ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In par
17、ticular the different approval criteria needed for the different types of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).Attention is drawn to the possibility that some of the elements of this
18、document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (se
19、e www.iso.org/patents).Any trade name used in this document is information given for the convenience of users and does not constitute an endorsement.For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment, as well as information about ISOs adherence t
20、o the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following URL: www.iso.org/iso/foreword.html.The committee responsible for this document is ISO/IEC JTC 1, Information technology, Subcommittee SC 40, IT Service Management and IT Governance.A list of al
21、l parts in the ISO/IEC 30105 series can be found on the ISO website.iv ISO/IEC 2016 All rights reservedBS ISO/IEC 30105-5:2016ISO/IEC 30105-5:2016(E)IntroductionITES-BPO services encompass the delegation of one or more IT enabled business processes to a service provider who uses appropriate technolo
22、gy to deliver service. Such a service provider manages, delivers, improves and administers the outsourced business processes in accordance with predefined and measurable performance metrics. This covers diverse business process areas such as finance, human resource management, administration, health
23、 care, banking and financial services, supply chain management, travel and hospitality, media, market research, analytics, telecommunication, manufacturing, etc. These services provide business solutions to customers across the globe and form part of the core service delivery chain for customers.ISO
24、/IEC 30105 (all parts) specifies the lifecycle processes requirements involved in the ITES-BPO industry. It provides an overarching standard for all aspects of ITES-BPO industry from the view of the service provider that performs the outsourced business processes. This is applicable for any ITES-BPO
25、 service provider providing services to customers through contracts and in industry verticals. It covers the entire outsourcing lifecycle and defines the processes that are considered to be good practices. It is an improvement standard that enables risk determination and improvement for service prov
26、iders performing outsourced business processes. It also serves as a process reference model for service providers. It focuses on IT enabled business processes which are outsourced. It is generic and can be applied to all IT enabled business process outsourced services, regardless of type, size and t
27、he nature of the services delivered. Process improvement implemented using ISO/IEC 30105 (all parts) can lead to clear return on investment for customers and service providers. Alignment to ISO/IEC 30105 (all parts) can improve consistency, delivery quality and predictability in delivery of services
28、.Figure 1 illustrates the key entities and relationships involved in an ITES-BPO service. It includes the customer, the ITES-BPO service provider and various levels of suppliers. This is in line with the supply chain relationship depicted in ISO/IEC 20000-1:2011, 7.2.Figure 1 ITES-BPO key entitiesTh
29、is document provides guidance to the other parts of ISO/IEC 30105 and the requirements for assessing processes. This document, in such a context, provides guidance on the application of the process assessment model, how to strategically leverage the assessment and then how to use it in the context o
30、f an improvement programme for an ITES-BPO organization. ISO/IEC 2016 All rights reserved vBS ISO/IEC 30105-5:2016BS ISO/IEC 30105-5:2016Information technology IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes Part 5: Guidelines1 ScopeISO/IEC 30105 specifies the lifecyc
31、le process requirements performed by the IT enabled business process outsourcing service provider for the outsourced business processes. It defines the processes to plan, establish, implement, operate, monitor, review, maintain and improve its services. This document: covers IT enabled business proc
32、esses that are outsourced; is not intended to cover IT services but includes similar, relevant process for completeness; is applicable to the service provider, not to the customer; is applicable to all lifecycle processes of ITES-BPO; provides guidance on application of the process assessment model,
33、 how to strategically leverage the assessment and to use it in the context of an improvement programme or risk assessment for an ITES-BPO service provider organization.2 Normative referencesThe following documents are referred to in the text in such a way that some or all of their content constitute
34、s requirements of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.ISO/IEC 30105-2:2016, Information technology IT Enabled Services-Business Process Outsourcing (ITES-BPO) lif
35、ecycle processes Part 2: Process assessment model (PAM)ISO/IEC 30105-3:2016, Information technology IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes Part 3: Measurement framework (MF) and organization maturity model (OMM)ISO/IEC 33020, Information technology Process as
36、sessment Process measurement framework for assessment of process capability3 Terms and definitionsFor the purposes of this document, the terms and definitions given in ISO/IEC 30105-4, ISO/IEC 33001 and ISO/IEC 33020 apply.ISO and IEC maintain terminological databases for use in standardization at t
37、he following addresses: IEC Electropedia: available at http:/www.electropedia.org/ ISO Online browsing platform: available at http:/www.iso.org/obpINTERNATIONAL STANDARD ISO/IEC 30105-5:2016(E) ISO/IEC 2016 All rights reserved 1BS ISO/IEC 30105-5:2016ISO/IEC 30105-5:2016(E)4 PurposeThis document aim
38、s to provide guidance on the following:a) the key parts of ISO/IEC 30105 (all parts), including the process assessment model, measurement framework and the organization maturity model;b) how to undertake process assessment and determine organization maturity through assessment of process risk;c) the
39、 approach to the organization maturity model (OMM), including the organization maturity rating scale. This scale represents the extent to which an organization is able to demonstrate its maturity through process quality. Process quality is demonstrated through assessment of the organizations ability
40、 to establish, manage and execute its processes with high capability;d) use of the assessment and outcomes as part of a framework for performing process improvement (PI) in a continual cycle.Assessment of process capability is concerned with analysing the output of conformant process assessments to
41、identify the strengths, weaknesses and risks associated with deploying the processes to meet a specific requirement.Assessment of process risk is applicable across all ITES-BPO domains and to any ITES-BPO service provider organization wanting to determine the process risks of its own processes.PI us
42、es the results of a current state assessment for an ITES-BPO service provider organization to formulate and prioritize improvement plans. These plans improve the processes, thus creating the inherent ability to support continual improvement.Analysis of the output from a process assessment and proces
43、s risk determination findings against an organizational units business goals and the joint business goals of a customer-service provider engagement will lead to identification of the strengths, weaknesses and risks related to the processes, operations, structure, etc. This can help to determine whet
44、her the processes are effective in achieving business goals and provide the critical triggers for making improvements.The guidance on assessment of process risk covers the following: overview of process capability: target capability, process oriented risk analysis; guidance for conducting an assessm
45、ent of process capability: core and extended.The guidance on PI provides the following:a) overview of PI: the factors which drive ITES-BPO process improvement and the underlying general principles;b) methodology for PI: improving ITES-BPO processes within a continual improvement cycle;c) measurement
46、 framework and management: ITES-BPO process improvement from a management perspective, including an overall framework for process measurement.The PAM is designed to provide organizations with an integrated approach to organizational performance management that results in the following: delivery of i
47、ncreased effectiveness in driving outcomes to customers and stakeholders, contributing to organizational sustainability; improvement of overall organizational effectiveness and capabilities; organizational and personal learning.These service provider improvements can be marketed to outsourcing compa
48、nies (customers) and can provide increased value to customers and stakeholders.2 ISO/IEC 2016 All rights reservedBS ISO/IEC 30105-5:2016ISO/IEC 30105-5:2016(E)For all practical purposes, “value” can be considered as business outcomes achieved in line with the requirements of the customer contract or
49、 customer requirements.The adoption and implementation of ISO/IEC 30105 (all parts) can lead to the following benefits:a) a greater degree of standardization of base practices in this important industry segment;b) benchmarking for useful comparisons across adopting service provider organizations;c) improved process efficiency and productivity, improved asset utilization and reduced internal/external failures or potential failures, thereby improving the quality of output and services;d) improv
