ISO/IEC/IEEE 15289:2017

INTERNATIONAL ISO/IEC/
STANDARD IEEE
Third edition
2017-06
Systems and software engineering —
Content of life-cycle information items
(documentation)
Ingénierie des systèmes et du logiciel — Contenu des articles
d’information du cycle de vie (documentation)
Reference number
©
ISO/IEC 2017
©
IEEE 2017
© ISO/IEC 2017, Published in Switzerland
© IEEE 2017
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or
by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written
permission. Permission can be requested from either ISO or IEEE at the address below or ISO’s member body in the country of
the requester.
ISO copyright office Institute of Electrical and Electronics Engineers, Inc
Ch. de Blandonnet 8 • CP 401 3 Park Avenue, New York
CH-1214 Vernier, Geneva, Switzerland NY 10016-5997, USA
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org stds.ipr@ieee.org
www.iso.org www.ieee.org
ii © ISO/IEC/IEEE 2017 – All rights reserved

Contents Page
Foreword . vi
Introduction . vii
1 Scope . 1
2 Normative references . 3
3 Terms, definitions, and abbreviated terms . 3
3.1 Terms and definitions . 3
3.2 Abbreviated terms . 6
4 Applicability . 6
4.1 Purpose . 6
4.2 Intended users of this document . 6
4.3 Applicability to work efforts . 7
4.4 Applicability to information item audiences . 7
5 Conformance . 7
5.1 Definition of conformance . 7
5.2 Conformance situations . 8
5.3 Type of conformance . 9
6 Life-cycle data and information items . 9
6.1 Life-cycle data characteristics . 9
6.2 Records compared to information items (documents) . 9
6.3 Management of life-cycle data (records) . 10
6.4 Management of information items (documents) . 10
6.4.1 Developing the documentation plan . 10
6.4.2 Managing and controlling information items . 11
7 Generic types of information items . 11
7.1 General . 11
7.2 Description – generic content . 11
7.3 Plan – generic content . 12
7.4 Policy – generic content . 14
7.5 Procedure – generic content . 15
7.6 Report – generic content . 16
7.7 Request – generic content . 18
7.8 Specification – generic content . 18
8 Mapping of information items to the life cycle and service management processes . 19
8.1 Mapping of information items to the system life cycle . 20
8.2 Mapping of information items to the software life cycle . 25
8.3 Mapping of information items to the service management processes . 32
9 Records . 37
9.1 Record – generic content . 37
9.2 Specific record contents . 38
10 Specific information item (document) contents . 41
10.1 General . 41
10.2 Acceptance plan . 41
10.3 Acceptance report . 41
10.4 Acquisition plan . 42
10.5 Asset management plan . 42
10.6 Audit acknowledgement report . 42
10.7 Audit plan . 43
iii
© ISO/IEC 2017 – All rights reserved
© IEEE 2017 – All rights reserved

10.8 Audit procedure . 43
10.9 Audit report . 43
10.10 Capacity plan . 43
10.11 Capacity management procedure . 44
10.12 Change request . 44
10.13 Communication procedure . 44
10.14 Complaint procedure . 44
10.15 Concept of operations . 45
10.16 Configuration management plan and policy . 45
10.17 Configuration management procedure . 46
10.18 Configuration status report . 47
10.19 Contract . 47
10.20 Customer satisfaction survey . 48
10.21 Database design description . 48
10.22 Development plan . 49
10.23 Disposal plan . 49
10.24 Documentation plan . 50
10.25 Documentation procedure . 50
10.26 Domain engineering plan . 50
10.27 Evaluation report . 50
10.28 Implementation procedure . 51
10.29 Improvement plan. 51
10.30 Improvement procedure . 51
10.31 Incident management procedure . 52
10.32 Incident report . 52
10.33 Information management plan . 53
10.34 Information management procedure . 53
10.35 Information security plan . 53
10.36 Information security policy . 54
10.37 Information security procedure . 54
10.38 Installation plan . 55
10.39 Installation report . 55
10.40 Integration and test report . 55
10.41 Integration plan . 55
10.42 Interface description . 56
10.43 Life-cycle policy and procedure . 56
10.44 Maintenance plan . 56
10.45 Maintenance procedure . 57
10.46 Measurement plan . 57
10.47 Measurement procedure . 57
10.48 Monitoring and control report . 57
10.49 Operational test procedure . 58
10.50 Problem management procedure . 58
10.51 Problem report . 58
10.52 Process assessment procedure . 59
10.53 Process improvement report . 59
10.54 Product need assessment . 59
10.55 Progress report . 60
10.56 Project management plan . 60
10.57 Proposal . 61
10.58 Qualification test procedure . 61
10.59 Qualification test report . 62
10.60 Quality management plan . 62
10.61 Quality management policy and procedure . 62
10.62 Release plan (and policy) . 63
10.63 Request for proposal (RFP) . 64
10.64 Resource request . 64
10.65 Reuse plan . 64
10.66 Review minutes . 65
10.67 Risk action request . 65
iv
© ISO/IEC 2017 – All rights reserved
© IEEE 2017 – All rights reserved

10.68 Risk management policy and plan . 65
10.69 Service catalog . 65
10.70 Service continuity and availability plan . 65
10.71 Service level agreement (SLA) . 66
10.72 Service management plan (and policy) . 67
10.73 Service plan . 67
10.74 Service report . 68
10.75 Software architecture description . 68
10.76 Software design description . 69
10.77 Software requirements specification . 70
10.78 Software unit description . 71
10.79 Software unit test procedure . 71
10.80 Software unit test report . 71
10.81 Supplier management procedure . 71
10.82 Supplier selection procedure . 72
10.83 System architecture description . 72
10.84 System element description . 73
10.85 System requirements specification . 73
10.86 Training documentation . 74
10.87 Training plan . 74
10.88 User documentation . 74
10.89 User notification . 75
10.90 Validation plan . 75
10.91 Validation procedure (validation test specification) . 75
10.92 Validation report . 75
10.93 Verification plan . 75
10.94 Verification procedure . 77
10.95 Verification report . 77
Annex A (informative)  Procedure for identifying information items and their contents . 78
Annex B (informative) Information items and records by source . 80
Bibliography . 84

List of Tables
Table 1 — Mapping of ISO/IEC/IEEE 15288:2015, clauses to information items for each system life-
cycle process . 21
Table 2 — Mapping of ISO/IEC 12207:2008 (IEEE Std 12207-2008) clauses to information items
for each software life-cycle process . 26
Table 3 — Mapping of ISO/IEC 20000-1:2011 (IEEE Std 20000-1:2013) and ISO/IEC 20000-2:2012
(IEEE Std 20000-2:2013) clauses to information items for each service management process . 33
Table 4 — Record references and contents . 38
Table B.1 — Information items by source . 80
Table B.2 — Records by source . 83

v
© ISO/IEC 2017 – All rights reserved
© IEEE 2017 – All rights reserved

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission)
form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC
participate in the development of International Standards through technical committees established by the
respective organization to deal with particular fields of technical activity. ISO and IEC technical committees
collaborate in fields of mutual interest. Other international organizations, governmental and non‐governmental, in
liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have
established a joint technical committee, ISO/IEC JTC 1.
IEEE Standards documents are developed within the IEEE Societies and the Standards Coordinating Committees of
the IEEE Standards Association (IEEE‐SA) Standards Board. The IEEE develops its standards through a consensus
development process, approved by the American National Standards Institute, which brings together volunteers
representing varied viewpoints and interests to achieve the final product. Volunteers are not necessarily members
of the Institute and serve without compensation. While the IEEE administers the process and establishes rules to
promote fairness in the consensus development process, the IEEE does not independently evaluate, test, or verify
the accuracy of any of the information contained in its standards.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
Attention is called to the possibility that implementation of this document may require the use of subject matter
covered by patent rights. By publication of this document, no position is taken with respect to the existence or
validity of any patent rights in connection therewith. ISO/IEC and IEEE are not responsible for identifying essential
patents or patent claims for which a license may be required, for conducting inquiries into the legal validity or scope
of patents or patent claims or determining whether any licensing terms or conditions provided in connection with
submission of a Letter of Assurance or a Patent Statement and Licensing Declaration Form, if any, or in any licensing
agreements are reasonable or non‐discriminatory. Users of this document are expressly advised that determination
of the validity of any patent rights, and the risk of infringement of such rights, is entirely their own responsibility.
Further information may be obtained from ISO or the IEEE Standards Association.
This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee
SC 7, Systems and software engineering, in cooperation with the Software & Systems Engineering Standards
Committee of the IEEE Computer Society, under the Partner Standards Development Organization cooperation
agreement between ISO and IEEE.
This third edition cancels and replaces the second edition (ISO/IEC/IEEE 15289:2015), of which it constitutes
a minor revision. This third edition reflects ISO/IEC/IEEE 15288:2015, Systems and software engineering—System
life cycle processes, which replaced ISO/IEC 15288:2008 (IEEE Std 15288:2008).
vi
© ISO/IEC 2017 – All rights reserved
© IEEE 2017 – All rights reserved

Introduction
The purpose of this document is to provide requirements for identifying and planning the specific information
items (information products) to be developed and revised during systems and software life cycles and service
processes. This document specifies the purpose and content of all identified systems and software life‐cycle
information items, as well as information items for information technology service management. The
information item contents are defined according to generic document types and the specific purpose of the
document. Information items are combined or subdivided as needed for project or organizational purposes.
This document is based on the life‐cycle processes specified in ISO/IEC 12207:2008 (IEEE Std 12207‐2008),
Systems and software engineering — Software life cycle processes; ISO/IEC/IEEE 15288:2015, Systems and software
engineering — System life cycle processes; and the service management processes specified in ISO/IEC 20000‐
1:2011 (IEEE Std 20000‐1:2013), Information technology — Service management — Part 1: Service Management
System Requirements; and ISO/IEC 20000‐2:2012 (IEEE Std 20000‐2:2013), Information technology — Service
management — Part 2: Guidance on the application of service management systems.
ISO/IEC 12207:2008 (IEEE Std 12207‐2008) and ISO/IEC/IEEE 15288:2015 define a set of processes for
managing and performing the stages of a system life cycle. They define an Information Management
process, but they do “not detail information items in terms of name, format, explicit content, and recording
media”. ISO/IEC/IEEE 15288:2015, and ISO/IEC 12207:2008 (IEEE Std 12207‐2008) establish a common
framework for systems and software life‐cycle processes and identify or require a number of documentation items.
Their process reference model does not represent a particular process implementation approach, nor does it
prescribe a system/software life‐cycle model, methodology, or technique. ISO/IEC 12207:2008 (IEEE Std 12207‐
2008) does not always specify when software information items are to be prepared, nor does it identify
information item contents. ISO/IEC 20000‐1:2011 (IEEE Std 20000‐1:2013) establishes comprehensive
requirements for documents and records, with some specific requirements. ISO/IEC 20000‐2:2012 (IEEE Std
20000‐2:2013), Information technology — Service management — Part 2: Guidance on the application of service
management systems provides guidance on the use of Part 1.
IEEE contributed IEEE 12207.1‐1997, Industry Implementation of International Standard ISO/IEC 12207:1995.
(ISO/IEC 12207) Standard for Information Technology — Software life cycle processes — Life cycle data, as a source
for the first edition of this document.
vii
© ISO/IEC 2017 – All rights reserved
© IEEE 2017 – All rights reserved

Systems and software engineering — Content of life-cycle
information items (documentation)
1 Scope
This document specifies the purpose and content of all identified systems and software life‐cycle and service
management information items (documentation). The information item contents are defined according to
generic document types, as presented in Clause 7, and the specific purpose of the document (Clause 10).
This document assumes an organization is performing life‐cycle processes, or practicing service management,
using one or more of the following:
— ISO/IEC 12207:2008 (IEEE Std 12207‐2008), Systems and software engineering — Software life cycle
processes;
— ISO/IEC/IEEE 15288:2015, Systems and software engineering — System life cycle processes;
— ISO/IEC 20000‐1:2011 (IEEE Std 20000‐1:2013), Information technology — Service management — Part 1:
Service management system requirements; and
— ISO/IEC 20000‐2 (IEEE Std 20000‐2:2013), Information technology — Service management — Part 2: Guidance
on the application of service management systems.
This document provides a mapping of processes from the above standards to a set of information items. It
provides a consistent approach to meeting the information and documentation requirements of systems and
software engineering and IT service management.
This document does not establish a service management system.
ISO/IEC 12207:2008 (IEEE Std 12207‐2008) and ISO/IEC/IEEE 15288:2015 define a set of processes for
managing and performing the stages of a software or system life cycle. They define an Information Management
process, but do not “detail information items in terms of name, format, explicit content, and recording media”.
ISO/IEC/IEEE 15288:2015 and ISO/IEC 12207:2008 (IEEE Std 12207‐2008) establish a common framework for
system and software life‐cycle processes. They identify or require a number of documentation items. Their
process reference model does not represent a particular process implementation approach, nor prescribe a
system/software life‐cycle model, methodology or technique.
ISO/IEC 20000‐1:2011 (IEEE Std 20000‐1:2013) establishes comprehensive requirements for documents and
records, with some specific requirements.
ISO/IEC 20000‐2:2012 (IEEE Std 20000‐2:2013), provides guidance on the use of ISO/IEC 20000‐1:2011 (IEEE
Std 20000‐1:2013).
The generic document types defined in this document are used to identify the information necessary to support
the following:
— the ISO/IEC/IEEE 15288:2015 agreement;
— organizational project‐enabling;
— technical management and processes;
— the ISO/IEC 12207:2008 (IEEE Std 12207‐2008) primary, supporting, and organizational life‐cycle processes;
and
© ISO/IEC 2017 – All rights reserved
© IEEE 2017 – All rights reserved

— the ISO/IEC 20000‐1:2011 (IEEE Std 20000‐1:2013) service management system (SMS), service delivery,
relationship, resolution, and control processes.
The generic document types (which can be referred to as information item types) are used to identify the
information necessary to support the ISO/IEC/IEEE 15288:2015 agreement, organizational project‐enabling,
technical management, and technical processes; the ISO/IEC 12207:2008 (IEEE Std 12207‐2008) primary,
supporting, and organizational life‐cycle processes; or the ISO/IEC 20000‐1:2011 (IEEE Std 20000‐1:2013)
service management system (SMS), service delivery, relationship, resolution, and control processes.
For each life‐cycle process or service, it would be possible to prepare a policy, plan, procedures, and reports, as
well as numerous records, requests, descriptions and specifications. Such an elaboration of the documentation
schema would be more rigorous than specified by ISO/IEC/IEEE 15288:2015 or ISO/IEC 12207:2008 (IEEE Std
12207‐2008). As ISO/IEC/IEEE 15288:2015 points out (1.4), “The users of this document are responsible for
selecting a life cycle model for the project and mapping the processes, activities, and tasks in this document into
that model. The parties are also responsible for selecting and applying appropriate methodologies, methods,
models and techniques suitable for the project.” Thus, information items are combined or subdivided consistent
with the life cycle model, as needed for project or organizational purposes, as further defined in Clause 4,
Applicability, and Clause 5, Conformance.
The scope of this document does not include the following:
a) the format or content of recommended input data or input information items, except for the content of
those input items that are also output information items;
b) instructions on combining or subdividing information items and information item contents of a similar
nature;
c) guidance on selecting an appropriate presentation format, delivery media, and maintenance technology
for systems or software life‐cycle data, records, information items, or documentation, such as
electronic publishing systems, content management systems, or data repositories;
NOTE 1 ISO/IEC 12207:2008 (IEEE Std 12207‐2008) does not always specify when software information items are to be
prepared, nor does it identify information item contents.
NOTE 2 ISO/IEC/IEEE 26531, System and software engineering – Content management for product life‐cycle, user, and
service management documentation, provides requirements for content management and component content management
systems.
d) detailed content for information items related to general business, contractual, organizational, and
financial management that is not specific to systems and software engineering and information
technology service management, such as business strategies, contract change notices, human resources
and investment policies, personnel selection criteria, financial budgeting and accounting policies and
procedures, cost reports, or payroll data;
e) information items showing only approval of an ISO/IEC 12207:2008 (IEEE Std 12207‐2008)
subclause, such as ISO/IEC 12207:2008 (IEEE Std 12207‐2008), 6.1.2.3.4.5;
f) any ISO/IEC/IEEE 15288:2015 or ISO/IEC 12207:2008 (IEEE Std 12207‐2008) subclause not explicitly
or implicitly identifying the recording of information about a process, activity or task, for example,
ISO/IEC 12207:2008 (IEEE Std 12207‐2008), 6.4.4;
g) work products, models, software, and other artifacts of life‐cycle products and services that are
not information items or records used in information items.
NOTE 3 ISO/IEC 26514:2008, Systems and software engineering — Requirements for designers and developers of user
documentation, provides guidance on formats for user documentation.
© ISO/IEC 2017 – All rights reserved
© IEEE 2017 – All rights reserved

2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes
requirements of this document. For dated references, only the edition cited applies. For undated references, the
latest edition of the referenced document (including any amendments) applies.
— ISO/IEC 12207:2008 (IEEE Std 12207‐2008), Systems and software engineering — Software life cycle processes
— ISO/IEC/IEEE 15288:2015, Systems and software engineering — System life cycle processes
— ISO/IEC 20000‐1:2011 (IEEE Std 20000‐1:2013), Information technology — Service management — Part 1:
Service management system requirements
3 Terms, definitions, and abbreviated terms
For the purposes of this document, the terms and definitions given in ISO/IEC/IEEE 24765 (available
at www.computer.org/sevocab) apply.
ISO, IEC, and IEEE maintain terminological databases for use in standardization at the following addresses:
— IEC Electropedia: available at http://www.electropedia.org/
— ISO Online browsing platform: available at http://www.iso.org/
— IEEE Standards Dictionary Online: available at http://ieeexplore.ieee.org/xpls/dictionary.jsp
NOTE ISO/IEC 20000‐1:2011 contains different definitions for the terms document, procedure, record and service
request. Those definitions are applicable when conforming to that document.
3.1 Terms and definitions
3.1.1
approval
notification by an authorized representative that a deliverable item appears to satisfy requirements and is
complete
Note 1 to entry: Such approval does not shift responsibility from the supplier to meet requirements under a two‐party
situation.
3.1.2
complaint
record of perceived non‐compliance with a service level agreement or customer dissatisfaction with service
3.1.3
complete [documentation]
including all critical information and any necessary, relevant information for the intended audience
3.1.4
consistent
without internal conflicts
3.1.5
Commercial-Off-The-Shelf
COTS
product available for purchase and use without the need to conduct development activities
3.1.6
criteria
rules on which a judgment or decision can be based, or by which a product, service, result, or process can be
evaluated
© ISO/IEC 2017 – All rights reserved
© IEEE 2017 – All rights reserved

3.1.7
critical information
information describing the safe use of the software, the security of the information created with the software,
or the protection of the sensitive personal information created by or stored with the software
[SOURCE: ISO/IEC 26514:2008]
3.1.8
database
collection of data organized according to a conceptual structure describing the characteristics of the data and the
relationships among their corresponding entities, supporting one or more application areas
3.1.9
description
information item that represents a planned or actual concept, function, design, or object
3.1.10
document
uniquely identified unit of information for human use
EXAMPLE A report, specification, manual or book, in printed or electronic form.
Note 1 to entry: A document can be a single information item, or part of a larger information item.
3.1.11
documentation plan
plan identifying the documents to be produced during the system or software life cycle
3.1.12
include [information]
having either the information or a reference to the information present in the document
3.1.13
information item
separately identifiable body of information that is produced, stored, and delivered for human use
Note 1 to entry: “Information product” is a synonym. A document produced to meet information requirements can be
an information item, or part of an information item, or a combination of several information items.
Note 2 to entry: An information item can be produced in several versions during a project or system life cycle.
3.1.14
information item content
information included in an information item, associated with a system, product or service, to satisfy a
requirement or need
3.1.15
information item type
group of information items consistent with a pre‐arranged set of generic criteria
Note 1 to entry: A “generic document type” is a synonym.
EXAMPLE A “plan” is the information item type for all plans and “report” is the information item type for all reports.
3.1.16
modifiable
structured and has a style such that changes can be made completely, consistently, and correctly while
retaining the structure
© ISO/IEC 2017 – All rights reserved
© IEEE 2017 – All rights reserved

3.1.17
plan
information item that presents a systematic course of action for achieving a declared pur
...