1、Systems and software engineering Lifecycle profiles for Very Small Entities (VSEs)Part 5-2-1: Organizational management guidelinesPD ISO/IEC TR 29110-5-2-1:2016BSI Standards PublicationWB11885_BSI_StandardCovs_2013_AW.indd 1 15/05/2013 15:06National forewordThis Published Document is the UK implemen
2、tation of ISO/IEC TR 29110-5-2-1:2016. The UK participation in its preparation was entrusted to TechnicalCommittee IST/15, Software and systems engineering.A list of organizations represented on this committee can be obtained onrequest to its secretary.This publication does not purport to include al
3、l the necessary provisions ofa contract. Users are responsible for its correct application. The British Standards Institution 2016.Published by BSI Standards Limited 2016ISBN 978 0 580 87549 6ICS 35.080Compliance with a British Standard cannot confer immunity fromlegal obligations.This Published Doc
4、ument was published under the authority of theStandards Policy and Strategy Committee on 30 June 2016.Amendments/corrigenda issued since publicationDate Text affectedPUBLISHED DOCUMENTPD ISO/IEC TR 29110-5-2-1:2016Systems and software engineering Lifecycle profiles for Very Small Entities (VSEs) Par
5、t 5-2-1: Organizational management guidelinesIngnierie des systmes et du logiciel Profils de cycle de vie pour trs petits organismes (TPO) Partie 5-2-1: Guide la gestion organisationnelleTECHNICAL REPORTISO/IEC TR29110-5-2-1First edition2016-06-15Reference numberISO/IEC TR 29110-5-2-1:2016(E) ISO/IE
6、C 2016PD ISO/IEC TR 29110-5-2-1:2016ii ISO/IEC 2016 All rights reservedCOPYRIGHT PROTECTED DOCUMENT ISO/IEC 2016, Published in SwitzerlandAll rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or me
7、chanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester.ISO copyright officeCh. de Blandonnet 8 CP 401CH-1214 Vernier, Geneva, S
8、witzerlandTel. +41 22 749 01 11Fax +41 22 749 09 47copyrightiso.orgwww.iso.orgISO/IEC TR 29110-5-2-1:2016(E)PD ISO/IEC TR 29110-5-2-1:2016ISO/IEC TR 29110-5-2-1:2016(E)Foreword vIntroduction vi1 Scope . 11.1 Fields of application . 11.2 Target audience 12 Normative references 13 Terms and definition
9、s . 14 Conventions and abbreviated terms 14.1 Naming, diagramming and definition conventions . 14.2 Abbreviated terms . 35 Overview . 36 Organizational Management (OM) process 56.1 OM purpose 56.2 OM objectives . 56.3 OM input products . 56.4 OM output products 56.5 OM internal products 66.6 OM role
10、s involved . 66.7 OM process description . 66.7.1 OM diagram 66.7.2 OM activities 76.8 OM incorporation to the Organizational Repository .107 Resource Management (RM) process.107.1 RM purpose . 107.2 RM objectives 117.3 RM input products 117.4 RM output products . 117.5 RM internal products 117.6 RM
11、 roles involved 127.7 RM diagram . 127.8 RM activities . 127.8.1 RM.1 Resource planning and preparation (RM.01) 137.8.2 RM.2 Obtain and provide resources (RM.02) .147.8.3 RM.3 Periodic evaluations, monitoring and control of resources (RM.03) 157.9 RM incorporation to the Organizational Repository .1
12、68 Process Management (PSM) process 178.1 PSM purpose 178.2 PSM objectives 178.3 PSM input products 178.4 PSM output products 178.5 PSM internal products . 188.6 PSM roles involved 188.7 PSM diagram 188.8 PSM activities 198.8.1 PSM.1 Process management planning and monitoring (PSM.01, PSM.05) 198.8.
13、2 PSM.2 Process definition, deployment and improvement (PSM.01, PSM.02, PSM.04, PSM.05) 218.8.3 PSM.3 Process evaluation (PSM.01, PSM.03, PSM.05) 228.8.4 PSM.4 Results gathering, analysis and reporting (PSM.03, PSM.04, PSM.05) 238.9 PSM incorporation to the Organizational Repository 249 Project Port
14、folio Management (PPM) process .24 ISO/IEC 2016 All rights reserved iiiContents PagePD ISO/IEC TR 29110-5-2-1:2016ISO/IEC TR 29110-5-2-1:2016(E)9.1 PPM purpose 249.2 PPM objectives . 259.3 PPM input products . 259.4 PPM output products 259.5 PPM internal products . 259.6 PPM roles involved . 269.7 P
15、PM diagram 269.8 PPM activities 279.8.1 PPM.1 Preparation and scheduling (PPM.01) .279.8.2 PPM.2 Generate and activate projects (PPM.01, PPM.02) .289.8.3 PPM.3 Evaluation and control of projects and customer accounts (PPM.01, PPM.03) 289.8.4 PPM.4 Project organizations closure (PPM.01, PPM.03) 299.9
16、 PPM incorporation to the Organizational Repository 3010 Roles .3011 Product description3112 Software tools requirements 4012.1 Resource Management process . 4012.2 Process Management process . 4112.3 Project Portfolio Management process . 4112.4 Organizational Management process . 41Annex A (inform
17、ative) Interactions between the Basic Profile and the Organizational Profile 42Annex B (informative) Mapping between the objectives of this part of ISO/IEC 29110 and base standards .49Bibliography .55iv ISO/IEC 2016 All rights reservedPD ISO/IEC TR 29110-5-2-1:2016ISO/IEC TR 29110-5-2-1:2016(E)Forew
18、ordISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical co
19、mmittees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in th
20、e work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval cr
21、iteria needed for the different types of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).Attention is drawn to the possibility that some of the elements of this document may be the subject of pa
22、tent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents).Any trade
23、name used in this document is information given for the convenience of users and does not constitute an endorsement.For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment, as well as information about ISOs adherence to the World Trade Organization (W
24、TO) principles in the Technical Barriers to Trade (TBT) see the following URL: www.iso.org/iso/foreword.html.The committee responsible for this document is ISO/IEC JTC 1, Information technology, Subcommittee SC 7, Software and systems engineering.The full list of parts of ISO/IEC 29110 is available
25、here. ISO/IEC 2016 All rights reserved vPD ISO/IEC TR 29110-5-2-1:2016ISO/IEC TR 29110-5-2-1:2016(E)IntroductionVery Small Entities (VSEs) around the world are creating valuable products and services. For the purpose of ISO/IEC 29110, a Very Small Entity (VSE) is an enterprise, an organization, a de
26、partment or a project having up to 25 people. Since many VSEs develop and/or maintain system and software components used in systems, either as independent products or incorporated in larger systems, a recognition of VSEs as suppliers of high quality products is required.According to the Organizatio
27、n for Economic Co-operation and Development (OECD) SME and Entrepreneurship Outlook report (2005), “Small and Medium Enterprises (SMEs) constitute the dominant form of business organization in all countries worldwide, accounting for over 95 % and up to 99 % of the business population depending on co
28、untry”. The challenge facing governments and economies is to provide a business environment that supports the competitiveness of this large heterogeneous business population and that promotes a vibrant entrepreneurial culture.From studies and surveys conducted, it is clear that the majority of Inter
29、national Standards do not address the needs of VSEs. Implementation of and conformance with these International Standards is difficult, if not impossible. Consequently, VSEs have no, or very limited, ways to be recognized as entities that produce quality systems/system elements including software in
30、 their domain. Therefore, VSEs are excluded from some economic activities.It has been found that VSEs find it difficult to relate International Standards to their business needs and to justify the effort required to apply International Standards to their business practices. Most VSEs can neither aff
31、ord the resources, in terms of number of employees, expertise, budget and time, nor do they see a net benefit in establishing over-complex systems or software lifecycle processes. To address some of these difficulties, a set of guides has been developed based on a set of VSE characteristics. The gui
32、des are based on subsets of appropriate standards processes, activities, tasks and outcomes, referred to as “profiles”. The purpose of a profile is to define a subset of International Standards relevant to the VSEs context; for example, processes, activities, tasks and outcomes of ISO/IEC/IEEE 12207
33、 for software; and processes, activities, tasks and outcomes of ISO/IEC/IEEE 15288 for systems; and information products (documentation) of ISO/IEC/IEEE 15289 for software and systems.VSEs can achieve recognition through implementing a profile and by being audited against ISO/IEC 29110 specification
34、s.The ISO/IEC 29110 series can be applied at any phase of system or software development within a life cycle. The ISO/IEC 29110 series is intended to be used by VSEs that do not have experience or expertise in adapting/tailoring ISO/IEC/IEEE 12207 or ISO/IEC/IEEE 15288 to the needs of a specific pro
35、ject. VSEs that have expertise in adapting/tailoring ISO/IEC/IEEE 12207 or ISO/IEC/IEEE 15288 are encouraged to use those International Standards instead of ISO/IEC 29110.ISO/IEC 29110 is intended to be used with any lifecycle such as waterfall, iterative, incremental, evolutionary or agile. In the
36、context of ISO/IEC 29110, systems are composed of hardware and software components.The ISO/IEC 29110 series, targeted by audience, has been developed to improve system or software and/or service quality and process performance (see Table 1).vi ISO/IEC 2016 All rights reservedPD ISO/IEC TR 29110-5-2-
37、1:2016ISO/IEC TR 29110-5-2-1:2016(E)Table 1 ISO/IEC 29110 target audienceISO/IEC 29110 Title Target audiencePart 1 Overview VSEs and their customers, assessors, standards producers, tool vendors and methodology vendorsPart 2 Framework for profile preparationProfile producers, tool vendors and method
38、ology vendorsNot intended for VSEsPart 3 Certification and assessment guidanceVSEs and their customers, assessors, accreditation bodiesPart 4 Profile specifications VSEs, customers, standards producers, tool vendors and methodology vendorsPart 5 Management, engineering and service delivery guidesVSE
39、s and their customersPart 6 Management and engineering guides not tied to a specific profileVSEs and their customersIf a new profile is needed, ISO/IEC 29110-4 and ISO/IEC TR 29110-5 can be developed with minimal impact to existing documents.ISO/IEC 29110-1 defines the terms common to the ISO/IEC 29
40、110 series. It introduces processes, lifecycle and standardization concepts, the taxonomy (catalogue) of ISO/IEC 29110 profiles and the ISO/IEC 29110 series. It also introduces the characteristics and needs of a VSE and clarifies the rationale for specific profiles, documents, standards and guides.I
41、SO/IEC 29110-2-1 introduces the concepts for systems and software engineering profiles for VSEs. It establishes the logic behind the definition and application of profiles. For standardized profiles, it specifies the elements common to all profiles (structure, requirements, conformance, assessment).
42、 For domain-specific profiles (profiles that are not standardized and developed outside of the ISO process), it provides general guidance adapted from the definition of standardized profiles.ISO/IEC 29110-3 defines certification schemes, assessment guidelines and compliance requirements for process
43、capability assessment (ISO/IEC 33020), conformity assessments (ISO/IEC 17021-1) and self-assessments for process improvements. ISO/IEC 29110-3 also contains information that can be useful to developers of certification and assessment methods and developers of certification and assessment tools. ISO/
44、IEC 29110-3 is addressed to people who have direct involvement with the assessment process, e.g. the auditor, certification and accreditation bodies and the sponsor of the audit, who need guidance on ensuring that the requirements for performing an audit have been met.ISO/IEC 29110-4-m provides the
45、specification for all profiles in one profile group that are based on subsets of appropriate standards elements.ISO/IEC TR 29110-5-m-n provides management, engineering and service delivery guides for the profiles in a profile group.The future ISO/IEC TR 29110-6-x provides management and engineering
46、guides not tied to a specific profile.This part of ISO/IEC 29110 provides organizational management processes to VSEs which have already implemented the processes of the system engineering and/or the software engineering Basic profile.Figure 1 describes the ISO/IEC 29110 International Standards (IS)
47、 and Technical Reports (TR) and positions the parts within the framework of reference. Overview, assessment guide, management and engineering guide are available from ISO as freely available Technical Reports (TR). The Framework document, profile specifications and certification schemes are publishe
48、d as International Standards (IS). ISO/IEC 2016 All rights reserved viiPD ISO/IEC TR 29110-5-2-1:2016ISO/IEC TR 29110-5-2-1:2016(E)Figure 1 ISO/IEC 29110 seriesviii ISO/IEC 2016 All rights reservedPD ISO/IEC TR 29110-5-2-1:2016Systems and software engineering Lifecycle profiles for Very Small Entiti
49、es (VSEs) Part 5-2-1: Organizational management guidelines1 Scope1.1 Fields of applicationThis part of ISO/IEC 29110 is applicable to Very Small Entities (VSEs). VSEs are enterprises, organizations, departments or projects having up to 25 people. The lifecycle processes described in the ISO/IEC 29110 series are not intended to preclude or discourage their use by organizations bigger than VSEs.This part of ISO/IEC 29110 is the Organizational management guidance for profiles described in ISO/IEC 29110-4-1 through Organizational Management,