ISO/IEC TS 15504-8:2012
(Main)Information technology — Process assessment — Part 8: An exemplar process assessment model for IT service management
Information technology — Process assessment — Part 8: An exemplar process assessment model for IT service management
ISO/IEC TS 15504-8:2012 provides an example of an IT Service Management Process Assessment Model (PAM) for use in performing a conformance assessment in accordance with the requirements of ISO/IEC 15504-2. It enables implemented processes of ISO/IEC 20000-1 to be assessed according to the requirements of ISO/IEC 15504-2. An integral part of conducting an assessment is to use a PAM that is constructed for that purpose. A PAM is related to a Process Reference Model (PRM) and is conformant with ISO/IEC 15504-2.
Technologies de l'information — Évaluation des procédés — Partie 8: Un modèle d'évaluation des procédés exemplaire pour le management des services IT
General Information
Relations
Standards Content (Sample)
TECHNICAL ISO/IEC
SPECIFICATION TS
15504-8
First edition
2012-09-15
Information technology — Process
assessment —
Part 8:
An exemplar process assessment model
for IT service management
Technologies de l'information — Évaluation des procédés —
Partie 8: Un modèle d'évaluation des procédés exemplaire pour le
management des services IT
Reference number
ISO/IEC TS 15504-8:2012(E)
©
ISO/IEC 2012
---------------------- Page: 1 ----------------------
ISO/IEC TS 15504-8:2012(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2012
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56 CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO/IEC 2012 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC TS 15504-8:2012(E)
Contents Page
Foreword . v
Introduction . vi
1 Scope . 1
2 Normative references . 2
3 Terms and definitions . 2
4 Overview of the exemplar Process Assessment Model . 2
4.1 Introduction to Overview . 2
4.2 Structure of the exemplar Process Assessment Model . 3
4.2.1 Processes . 4
4.2.2 Process dimension . 5
4.2.3 Capability dimension . 5
4.3 Assessment Indicators . 6
4.3.1 Process Capability Indicators . 8
4.3.2 Process Performance Indicators . 9
4.4 Measuring process capability . 10
5 The process dimension and process performance indicators (Level 1) . 11
5.1 General . 11
5.2 CON.1 Change management . 12
5.3 CON.2 Configuration management . 13
5.4 CON.3 Release and deployment management . 14
5.5 DTR.1 Service requirements . 15
5.6 DTR.2 Service design . 16
5.7 DTR.3 Service transition . 16
5.8 DTR.4 Service planning . 17
5.9 REL.1 Business relationship management. 18
5.10 REL.2 Supplier management . 20
5.11 RES.1 Incident management . 21
5.12 RES.2 Service request management . 21
5.13 RES.3 Problem management . 22
5.14 SDE.1 Budgeting and accounting for IT services . 23
5.15 SDE.2 Capacity management . 24
5.16 SDE.3 Information security management . 25
5.17 SDE.4 Service availability management . 26
5.18 SDE.5 Service continuity management . 27
5.19 SDE.6 Service level management . 28
5.20 SDE.7 Service reporting. 28
5.21 SMS.1 Audit . 29
5.22 SMS.2 Improvement . 30
5.23 SMS.3 Information item management . 31
5.24 SMS.4 Management review. 32
5.25 SMS.5 Resource management . 34
5.26 SMS.6 Risk management . 34
5.27 SMS.7 Service measurement . 35
5.28 SMS.8 SMS Establishment and improvement . 36
5.29 SMS.9 SMS Implementation and operation . 37
6 Process capability indicators (Level 1 to 5) . 38
6.1 Level 1: Performed process . 39
6.1.1 PA 1.1 Process performance attribute. . 39
6.2 Level 2: Managed process . 39
© ISO/IEC 2012 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/IEC TS 15504-8:2012(E)
6.2.1 PA 2.1 Performance management attribute .39
6.2.2 PA 2.2 Work product management attribute .42
6.3 Level 3: Established process .44
6.3.1 PA 3.1 Process definition attribute .44
6.3.2 PA 3.2 Process deployment attribute .46
6.4 Level 4: Predictable process .48
6.4.1 PA 4.1 Process measurement attribute .49
6.4.2 PA 4.2 Process control attribute .51
6.5 Level 5: Optimizing process .53
6.5.1 PA 5.1 Process innovation attribute .53
6.5.2 PA 5.2 Process optimization attribute .55
6.6 Related Processes for Process Attributes .57
Annex A (informative) Conformity of the exemplar Process Assessment Model .58
Annex B (informative) Input and output characteristics .65
Annex C (informative) Process Capability for ISO/IEC 20000-1 requirements. 101
Bibliography . 204
iv © ISO/IEC 2012 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC TS 15504-8:2012(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are members of
ISO or IEC participate in the development of International Standards through technical committees
established by the respective organization to deal with particular fields of technical activity. ISO and IEC
technical committees collaborate in fields of mutual interest. Other international organizations, governmental
and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information
technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as
an International Standard requires approval by at least 75 % of the national bodies casting a vote.
In other circumstances, particularly when there is an urgent market requirement for such documents, the joint
technical committee may decide to publish an ISO/IEC Technical Specification (ISO/IEC TS), which
represents an agreement between the members of the joint technical committee and is accepted for
publication if it is approved by 2/3 of the members of the committee casting a vote.
An ISO/IEC TS is reviewed after three years in order to decide whether it will be confirmed for a further three
years, revised to become an International Standard, or withdrawn. If the ISO/IEC TS is confirmed, it is
reviewed again after a further three years, at which time it must either be transformed into an International
Standard or be withdrawn.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO/IEC TS 15504-8:2012 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information
technology, Subcommittee SC 7, Software and systems engineering.
ISO/IEC TS 15504-8 consists of the following parts, under the general title Information technology — Process
assessment:
Part 1: Concepts and vocabulary
Part 2: Performing an assessment
Part 3: Guidance on performing an assessment
Part 4: Guidance on use for process improvement and process capability determination
Part 5: An exemplar software life cycle process assessment model
Part 6: An exemplar system life cycle process assessment model
Part 7: Assessment of organizational maturity [Technical Report]
Part 8: An exemplar process assessment model for IT service management [Technical Specification]
Part 9: Target process profiles [Technical Specification]
Part 10: Safety extension [Technical Specification]
© ISO/IEC 2012 – All rights reserved v
---------------------- Page: 5 ----------------------
ISO/IEC TS 15504-8:2012(E)
Introduction
This part of ISO/IEC 15504 provides an example of an IT Service Management Process Assessment Model
(PAM) for use in performing a conformant assessment in accordance with the requirements of
ISO/IEC 15504-2. It enables implemented processes of ISO/IEC 20000-4 to be assessed according to the
requirements of ISO/IEC 15504-2.
An integral part of conducting an assessment is to use a Process Assessment Model (PAM) that is
constructed for that purpose. A PAM is related to a Process Reference Model (PRM) and is conformant with
ISO/IEC 15504-2. ISO/IEC 15504-2 sets out the minimum requirements for performing an assessment in
order to ensure consistency and repeatability of the ratings. ISO/IEC 15504-2 addresses the assessment of
process and the application of process assessment for improvement and capability determination. Results of
conformant process assessments may be compared when the scopes of the assessments are considered to
be similar. The requirements for process assessment defined in ISO/IEC 15504-2 form a structure which:
a) facilitates self-assessment;
b) provides a basis for use in process improvement and capability determination;
c) takes into account the context in which the assessed process is implemented;
d) produces a process rating;
e) addresses the ability of the process to achieve its purpose;
f) is applicable across all application domains and sizes of organization;
g) may provide an objective benchmark between organizations.
The PRM defined in ISO/IEC TR 20000-4 has been used as the basis for the PAM in this part of
ISO/IEC 15504. The relationship between ISO/IEC 20000-1, ISO/IEC TR 20000-4 and ISO/IEC 15504-2 is
shown in Figure 1.
ISO/IEC 20000-1 – Service ISO/IEC TR 24774 - Guidelines for
Management System Requirements process definition
informs
Provides processes to support
ISO/IEC TR 20000-4 Service
Management – Process Reference
Model
Capability of processes is
assessed by
ISO/IEC 15504-2 – Performing an Assessment
ISO/IEC TS 15504-8 – An exemplar process assessment
model for IT service management
Figure 1 —Relationship between ISO/IEC 20000-1, ISO/IEC TR 20000-4 and ISO/IEC 15504-2
vi © ISO/IEC 2012 – All rights reserved
---------------------- Page: 6 ----------------------
ISO/IEC TS 15504-8:2012(E)
Any organisation may use processes with additional elements in order to suit it to the environment and
circumstances. The Process Reference Model (PRM) that is the basis for this Process Assessment Model is
ISO/IEC 20000-4:2010. This PRM may not be fully aligned with ISO/IEC 20000-1:2011 as it was developed to
align to ISO/IEC 20000-1:2005. A revised PRM aligned to ISO/IEC 20000-1:2011 is being developed and it is
expected that this revised PRM will address and resolve these identified incompatibilities. Due to the
development status of this PRM, it is known to be unverified and subject to change in the future.
This PAM contains a set of indicators to be considered when interpreting the intent of its PRM. It provides
greater detail to indicate process performance and capability. The indicators may also be used when
implementing a process improvement program or to help evaluate and select an assessment model, method,
methodology or tools.
As an exemplar, this PAM embodies the core characteristics that could be expected of any PAM consistent
with ISO/IEC 15504-2. Nevertheless any other PAMs meeting the requirements of ISO/IEC 15504-2 may be
used in a conformant assessment.
This Part of ISO/IEC 15504 has a similar structure to ISO/IEC 15504 Parts 5 and 6. It may be used in
conjunction with them for joint assessment of service management processes and system/software life cycle
processes.
Within this part of ISO/IEC 15504:
clause 4 provides a detailed description of the structure and key components of a PAM, which
includes two dimensions: a process dimension and a capability dimension. Assessment indicators
are introduced in this clause;
clause 5 addresses the process dimension. It uses process definitions from ISO/IEC TR 20000-4 to
designate the PRM. The processes of the PRM are described in the PAM in terms of purpose and
outcomes. The PAM expands the PRM process definitions by including a set of process performance
indicators called base practices for each process. The PAM also defines a second set of indicators of
process performance by associating inputs and outputs with each process. Clause 5 is also linked
directly to Annex B, which defines the inputs/outputs characteristics;
clause 6 addresses the capability dimension. It duplicates the definitions of the capability levels and
process attributes from ISO/IEC 15504-2, and expands each of the nine attributes through the
inclusion of a set of generic practices. These generic practices belong to a set of indicators of
process capability, in association with generic resource indicators, and generic inputs/outputs
indicators. Annex B is also linked directly to Clause 6 as it defines the inputs/outputs characteristics;
Annex A provides a statement of conformance of the PAM to the requirements defined in
ISO/IEC 15504-2;
Annexes B provides selected characteristics for typical inputs/outputs to assist the assessor in
evaluating the capability level of processes;
Annex C contains a capability process profile linking the requirements of ISO/IEC 20000-1 to base
practices and information items;
the Bibliography contains a list of informative references.
© ISO/IEC 2012 – All rights reserved vii
---------------------- Page: 7 ----------------------
TECHNICAL SPECIFICATION ISO/IEC TS 15504-8:2012(E)
Information technology — Process assessment —
Part 8:
An exemplar process assessment model for IT service
management
1 Scope
This part of ISO/IEC 15504:
defines an exemplar PAM that meets the requirements of ISO/IEC 15504-2 and that supports the
performance of an assessment by providing indicators for guidance on the interpretation of the process
purposes and outcomes as defined in ISO/IEC TR 20000-4 and the process attributes as defined in
ISO/IEC 15504-2;
provides guidance, by example, on the definition, selection and use of assessment indicators.
A PAM comprises a set of indicators of process performance and process capability. The indicators are used
as a basis for collecting the objective evidence that enables an assessor to assign ratings. The set of
indicators included in this part of ISO/IEC 15504 is not intended to be an all-inclusive set nor is it intended to
be applicable in its entirety. Subsets that are appropriate to the context and scope of the assessment should
be selected, and possibly augmented with additional indicators (see Annex C).
The PAM in this part of ISO/IEC 15504 is directed at assessment sponsors and competent assessors who
wish to select a model, and associated documented process method, for assessment (for either capability
determination or process improvement). Additionally it may be of use to developers of assessment models in
the construction of their own model, by providing examples of good service management practices. It can be
used by:
a) service providers to assess and improve a Service Management System (SMS), including processes,
for the design, development, transition and delivery of services that fulfil service requirements;
b) organizations that are seeking services from service providers and requiring assurance that their
service requirements will be fulfilled;
c) service providers to demonstrate their capability for the design, development, transition and delivery
of services that fulfil service requirements.
Any PAM meeting the requirements defined in ISO/IEC 15504-2 concerning models for process assessment
may be used for assessment. Different models and methods may be needed to address differing business
needs. The assessment model in this part of ISO/IEC 15504 is provided as an exemplar of a model meeting
all the requirements expressed in ISO/IEC 15504-2.
The scope of this Part of ISO/IEC 15504 is consistent with the scope of Part 5 and 6 of ISO/IEC 15504 in
order to assist situations where assessment is being made of both service management and system/software
life cycle processes.
© ISO/IEC 2012 – All rights reserved 1
---------------------- Page: 8 ----------------------
ISO/IEC TS 15504-8:2012(E)
NOTE: Copyright release for the Exemplar PAM: Users of this part of ISO/IEC 15504 may freely reproduce the
detailed descriptions contained in the exemplar assessment model as part of any tool or other material to support the
performance of process assessments, so that it can be used for its intended purpose.
2 Normative references
The following normative documents contain provisions which, through reference in this text, constitute
provisions of this part of ISO/IEC 15504. For dated references, subsequent amendments to, or revisions of,
any of these publications do not apply. However, parties to agreements based on this part of ISO/IEC 15504
are encouraged to investigate the possibility of applying the most recent editions of the normative documents
indicated below. For undated references, the latest edition of the normative document referred to applies.
Members of ISO and IEC maintain registers of currently valid International Standards.
ISO/IEC 20000-1:2011, Information technology — Service management — Part 1: Service management
system requirements
ISO/IEC TR 20000-4:2010, Information technology — Service management — Part 4: Process Reference
Model
ISO/IEC 15504-1:2004, Information technology — Process assessment — Part 1: Concepts and Vocabulary
ISO/IEC 15504-2:2003, Information technology — Process assessment — Part 2: Performing an Assessment
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 15504-1 and ISO/IEC 20000-1
apply.
4 Overview of the exemplar Process Assessment Model
4.1 Introduction to Overview
This part of ISO/IEC 15504 provides an exemplar PAM that includes examples of assessment indicators.
The PRM defined in ISO/IEC TR 20000-4, associated with the process attributes defined in ISO/IEC 15504-2,
establish a PAM used as a common basis for performing assessments of service management system
process capability, allowing for the reporting of results using a common rating scale.
The PAM is a two-dimensional model of process capability. In one dimension, the process dimension, the
processes are defined. In the other dimension, the capability dimension, a set of process attributes grouped
into capability levels is defined. The process attributes provide the measurable characteristics of process
capability.
2 © ISO/IEC 2012 – All rights reserved
---------------------- Page: 9 ----------------------
ISO/IEC TS 15504-8:2012(E)
CAPABILITCAPABILITYY
DimensionDimension
ISO/IEC 15504-2
---- 55 OptimOptimiizingzing (2 at(2 attributributteses))
LeLevveel l : :
---- 44 PredictaPredictable (2 attributeble (2 attributess))
LeLevveel l : :
ISO/IEC TR 20000-4
---- 33 EstablisheEstablished (2 atd (2 attributributteses))
LeLevveel l : :
---- 22 ManagManageed (2 attributed (2 attributess))
LeLevveel l : :
---- 11 PerformePerformed (1 attributed (1 attribute))
Level : : ProcessProcess ReferenceReference
Model (PRM)Model (PRM)
Level
---- 00 IncompleteIncomplete
: :
SMS General
PROCESSPROCESS
processes
DimensionDimension
ProcessesProcesses
Design and transition
of new or changed
ProcesseProcessess
Service delivery
services processes
Control
processes
Resolution
processes
Relationship
processes
processes
Figure 2 — Relationship between the Process Assessment Model and its inputs
Figure 2 shows the relationship between the general structure of the PAM, ISO/IEC 15504-2 and ISO/IEC TR
20000-4.
A PRM and a capability dimension defined in ISO/IEC 15504-2 cannot be used alone as the basis for
conducting reliable and consistent assessments of process capability since the level of detail provided is not
sufficient. The descriptions of process purpose and outcomes in a PRM, and the process attribute definitions
in ISO/IEC 15504-2, need to be supported with a comprehensive set of indicators of process performance and
process capability that are used for assessment performance.
The exemplar PAM defined in this part of ISO/IEC 15504 is conformant with the ISO/IEC 15504-2
requirements for a PAM, and can be used as the basis for conducting an assessment of IT service
management process capability.
In order to meet the PAM requirements of ISO/IEC 15504-2, a documented process supporting other
requirements of ISO/IEC 15504-2 is also required. This need may be met, for example, by the adoption of a
supporting method for conducting assessments.
4.2 Structure of the exemplar Process Assessment Model
This clause describes the detailed structure of the PAM and its key components.
This PAM expands upon the PRM by including a defined set of assessment indicators. Assessment indicators
comprise indicators of process performance and process capability and are defined to support an assessor’s
judgment of the performance and capability of an implemented process.
© ISO/IEC 2012 – All rights reserved 3
---------------------- Page: 10 ----------------------
ISO/IEC TS 15504-8:2012(E)
Clause 5, together with its associated Annex B, describes the components of the process dimension, and
clause 6 describes the components of the capability dimension. Annex A provides a statement of
conformance of the PAM to the requirements defined in ISO/IEC 15504-2.
ISO/IEC 15504-2 requires that processes included in a PRM satisfy the following:
"The fundamental elements of a Process Reference Model are the set of descriptions of the processes within
the scope of the model. These process descriptions shall meet the following requirements:
a) A process shall be described in terms of its Purpose and Outcomes.
b) In any description the set of process outcomes shall be necessary and sufficient to achieve the purpose of
the process.
c) Process descriptions shall be such that no aspects of the measurement framework as described in clause 5
of this International Standard beyond level 1 are contained or implied."
As processes are derived directly from ISO/IEC TR 20000-4, these requirements are satisfied.
4.2.1 Processes
Figure 3 shows the processes from ISO/IEC TR 20000-4, which are included in the process dimension of the
exemplar PAM for service management.
SMS General Processes Design and Transition of New or Changed
Services Processes
SMS.1 Audit
DTR.1 Service requirements
SMS.2 Improvement
DTR.2 Service design
SMS.3 Information item management
DTR.3 Service transition
SMS.4 Management review
DTR.4 Service planning
SMS.5 Resource management
SMS.6 Risk management
SMS.7 Service measurement
Service Delivery Processes
SMS.8 Establishment and improvement
SDE.1 Budgeting and accounting for services
SMS.9 Implementation and operation
SDE.2 Capacity management
SDE.3 Information security management
SDE.4 Service availability management
Control Processes
SDE.5 Service continuity management
CON.1 Change management
SDE.6 Service level management
CON.2 Configuration management
SDE.7 Service reporting
CON.3 Release and deployment management
Resolution Processes
RES.1 Incident management
Relationship Processes
RES.2 Service request management
REL.1 Business relationship management
RES.3 Problem management
REL.2 Supplier management
Figure 3 — Processes in the Process Reference Model
4 © ISO/IEC 2012 – All rights reserved
---------------------- Page: 11 ----------------------
ISO/IEC TS 15504-8:2012(E)
4.2.2 Process dimension
The process dimension of the PAM includes all processes from the PRM contained in ISO/IEC TR 20000-4
and shown in Figure 3. Each proce
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.