isospice - http://www.isospice.com
TR 15504
http://www.isospice.com/articles/15/1/TR-15504/Page1.html
By Alec Dorling
Published on 12/31/2006
 

ISO/IEC TR 15504 is the international standard for Software Process Assessment. It was first published in 1998 as a Technical Report Type 2. ISO/IEC TR 15504 is re-published as ISO/IEC 15504 during 2003/2006.

A standard is published as a Technical Report Type 2, when the subject is still under technical development, or where for any other reason there is the future possibility of an agreement on an International Standard. The development of ISO/IEC 15504 has taken place in parallel with empirical studies of its use performed by the SPICE project.

ISO/IEC TR 15504 consists of the following parts, under the general title Information Technology - Software Process Assessment:

  • Part 1 : Concepts and introductory guide
  • Part 2 : A reference model for processes and process capability
  • Part 3 : Performing an assessment
  • Part 4 : Guide to performing assessments
  • Part 5 : An assessment model and indicator guidance
  • Part 6 : Guide to competency of assessors
  • Part 7 : Guide for use in process improvement
  • Part 8 : Guide for use in determining supplier process capability
  • Part 9 : Vocabulary

Read the full article for more information on: the different parts of TR 15504, purpose and scope, performing and assessment, and how to obtain copies of ISO/IEC TR 15504.

The Parts of the Standard
Part 1 (informative) is an entry point into ISO/IEC TR 15504. It describes how the parts of the suite fit together, and provides guidance for their selection and use. It explains the requirements contained within ISO/IEC TR 15504 and their applicability to the performance of an assessment.
Part 2 (normative) of ISO/IEC TR 15504 defines a two dimensional reference model for describing processes and process capability used in a process assessment. The reference model defines a set of processes, defined in terms of their purpose and outcomes, and a framework for evaluating the capability of the processes through assessment of process attributes structured into capability levels. Requirements for establishing the compatibility of different assessment models with the reference model are defined. An amendment to Part 2 is being published during 2003 to extend the process definitions in Part 2 for acquirer processes
Part 3 (normative) of ISO/IEC TR 15504 defines the requirements for performing an assessment in such a way that the outcomes will be repeatable, reliable and consistent.
Part 4 (informative) of ISO/IEC TR 15504 provides guidance on performing software process assessments, interpreting the requirements of ISO/IEC TR 15504 2 and ISO TR 15504 3 for different assessment contexts. The guidance covers the selection and use of a documented process for assessment; of a compatible assessment model(s); and of a supporting assessment instrument or tool. This guidance is generic enough to be applicable across all organizations, and also for performing assessments using a variety of different methods and techniques, and supported by a range of tools.
Part 5 (informative) of ISO/IEC TR 15504 provides an exemplar model for performing process assessments that is based upon and directly compatible with the reference model in ISO/IEC TR 15504 2. The assessment model(s) extend the reference model through the inclusion of a comprehensive set of indicators of process performance and capability.
Part 6 (informative) of ISO/IEC TR 15504 describes the competence, education, training and experience of assessors that are relevant to conducting process assessments. It describes mechanisms that may be used to demonstrate competence and to validate education, training and experience.
Part 7 (informative) of ISO/IEC TR 15504 describes how to define the inputs to and use the results of an assessment for the purposes of process improvement. The guide includes examples of the application of process improvement in a variety of situations.
Part 8 (informative) of ISO/IEC TR 15504 describes how to define the inputs to and use the results of an assessment for the purpose of process capability determination. It addresses process capability determination in both straightforward situations and in more complex situations involving, for example, future capability. The guidance on conducting process capability determination is applicable either for use within an organization to determine its own capability, or by an acquirer to determine the capability of a (potential) supplier.
Part 9 (normative) is a consolidated vocabulary of all terms specifically defined for the purposes of ISO/IEC TR 15504
Purpose and Scope

ISO/IEC TR 15504 provides a framework for the assessment of software processes. This framework can be used by organizations involved in planning, managing, monitoring, controlling, and improving the acquisition, supply, development, operation, evolution and support of software.

ISO/IEC TR 15504 provides a structured approach for the assessment of software processes for the following purposes:

  • by or on behalf of an organization with the objective of understanding the state of its own processes for process improvement;
  • by or on behalf of an organization with the objective of determining the suitability of its own processes for a particular requirement or class of requirements;
  • by or on behalf of one organization with the objective of determining the suitability of another organization's processes for a particular contract or class of contracts.

Process assessment has two principal contexts for its use:

  • for process assessment and
  • for process capability determination

Within a process improvement context, process assessment provides the means of characterizing the current practice within an organizational unit in terms of the capability of the selected processes. Analysis of the results in the light of the organization's business needs identifies strengths, weaknesses and risks inherent in the processes. This, in turn, leads to the ability to determine whether the processes are effective in achieving their goals, and to identify significant causes of poor quality, or overruns in time or cost. These provide the drivers for prioritizing improvements to processes.

Process capability determination is concerned with analysing the proposed capability of selected processes against a target process capability profile in order to identify the risks involved in undertaking a project using the selected processes. The proposed capability may be based on the results of relevant previous process assessments, or may be based on an assessment carried out for the purpose of establishing the proposed capability.

Perfroming an Assessment

There are three important elements that you need for conducting an assessment:

  • An Assessment Model
  • An Assessment Method
  • One or more Competent Assessors

ISO/IEC TR 15504 defines a set of requirements for an Assessment Model and an Assessment Method in the normative parts of the document set (parts 2 and 3 respectively). An assessment that meets these requirements is referred to as a 15504-conformant assessment.

ISO/IEC TR 15504 also defines a Reference Model for software processes and process capability that forms the basis for software process assessment. The Reference Model is applicable to any software organization wishing to establish and subsequently improve its capabilities in the acquisition, supply, development, operation, evolution and support of software. The model does not presume particular organizational structures, management philosophies, software life cycle models, software technologies, or development methodologies.

An actual software process assessment is conducted using an Assessment Model, not the Reference Model.

There can be more than one Assessment Model that satisfies this architecture and its requirements. In the ISO/IEC TR 15504 there is a complete exemplar Assessment Model that can be used during an assessment. Additional Assessment Models that are claimed to be conformant to the above architecture and the requirements defined by ISO/IEC TR 15504 are being provided by vendors and service providers in the marketplace.

ISO/IEC TR 15504 does not define an explicit assessment method. It does, however, define the requirements for an assessment method. This means that there may be many assessment methods available, all of which meet these requirements. There are a number of organisations that provide public or commercial assessment methods that are claimed to meet the method requirements defined by ISO/IEC TR 15504.

There are a few additional requirements for 15504-conformant assessments that are defined in the normative parts of ISO/IEC TR 15504. These requirements are intended to ensure that good assessment practices are followed, and also to ensure consistency across all assessments that are based on ISO/IEC TR 15504.

How to Obtain ISO/IEC TR 15504

ISO/IEC TR 15504 has now been re-published as ISO/IEC 15504 and all parts of ISO/IEC TR 15504 have been withdrawn.