ISO/IEC 30105-5:2016

INTERNATIONAL ISO/IEC
STANDARD 30105-5
First edition
2016-11-15
Information technology — IT
Enabled Services-Business Process
Outsourcing (ITES-BPO) lifecycle
processes —
Part 5:
Guidelines
Technologies de l’information — Processus du cycle de vie de la
délocalisation du processus d’affaires des services activés par IT —
Partie 5: Lignes directrices
Reference number
©
ISO/IEC 2016
© ISO/IEC 2016, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO/IEC 2016 – All rights reserved

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Purpose . 2
5 ITES-BPO process context . 3
6 ITES-BPO process structure . 4
7 Stakeholders and stakeholder value definition . 8
8 Process reference model .10
9 Process assessment model .11
10 Framework for assessment of process capability .15
10.1 Components of assessment .15
10.2 Measurement framework .17
11 Organization maturity model .19
12 Process capability assessment .22
12.1 Process capability initiation .22
12.2 Process assessment output .22
13 Process risk determination .24
13.1 Process risk determination — Introduction .24
13.2 Process risk determination — Steps.25
13.2.1 Step 1 — Initiate process risk determination .25
13.2.2 Step 2 — Set target capability .26
13.2.3 Step 3 — Assess current capability .26
13.2.4 Step 4 — Determine proposed capability .26
13.2.5 Step 5 — Verify proposed capability .27
13.2.6 Step 6 — Analyse process related risks and act on results .27
14 Process improvement .28
14.1 Process improvement — purpose and outcomes .28
14.2 Types of process improvement .28
14.3 Process improvement programme .30
14.3.1 Examine organization’s business goals to set improvement objectives .30
14.3.2 Initiate process improvement cycle .31
14.3.3 Identify improvement areas . .32
14.3.4 Analyse assessment strengths and weaknesses .32
14.3.5 Review organizational improvement objectives .33
14.3.6 Generate and identify improvement areas .33
14.3.7 Derive action plan .33
14.3.8 Implement improvements .34
14.3.9 Monitoring implementation .35
14.3.10 Confirm improvements .35
14.3.11 Sustain and monitor improvements .35
Bibliography .37
© ISO/IEC 2016 – All rights reserved iii

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for
the different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment,
as well as information about ISO’s adherence to the World Trade Organization (WTO) principles in the
Technical Barriers to Trade (TBT) see the following URL: www.iso.org/iso/foreword.html.
The committee responsible for this document is ISO/IEC JTC 1, Information technology, Subcommittee
SC 40, IT Service Management and IT Governance.
A list of all parts in the ISO/IEC 30105 series can be found on the ISO website.
iv © ISO/IEC 2016 – All rights reserved

Introduction
ITES-BPO services encompass the delegation of one or more IT enabled business processes to a
service provider who uses appropriate technology to deliver service. Such a service provider manages,
delivers, improves and administers the outsourced business processes in accordance with predefined
and measurable performance metrics. This covers diverse business process areas such as finance,
human resource management, administration, health care, banking and financial services, supply
chain management, travel and hospitality, media, market research, analytics, telecommunication,
manufacturing, etc. These services provide business solutions to customers across the globe and form
part of the core service delivery chain for customers.
ISO/IEC 30105 (all parts) specifies the lifecycle processes requirements involved in the ITES-BPO
industry.
— It provides an overarching standard for all aspects of ITES-BPO industry from the view of the
service provider that performs the outsourced business processes. This is applicable for any ITES-
BPO service provider providing services to customers through contracts and in industry verticals.
— It covers the entire outsourcing lifecycle and defines the processes that are considered to be good
practices.
— It is an improvement standard that enables risk determination and improvement for service
providers performing outsourced business processes. It also serves as a process reference model
for service providers.
— It focuses on IT enabled business processes which are outsourced.
— It is generic and can be applied to all IT enabled business process outsourced services, regardless of
type, size and the nature of the services delivered.
— Process improvement implemented using ISO/IEC 30105 (all parts) can lead to clear return on
investment for customers and service providers.
— Alignment to ISO/IEC 30105 (all parts) can improve consistency, delivery quality and predictability
in delivery of services.
Figure 1 illustrates the key entities and relationships involved in an ITES-BPO service. It includes the
customer, the ITES-BPO service provider and various levels of suppliers. This is in line with the supply
chain relationship depicted in ISO/IEC 20000-1:2011, 7.2.
Figure 1 — ITES-BPO key entities
This document provides guidance to the other parts of ISO/IEC 30105 and the requirements for
assessing processes. This document, in such a context, provides guidance on the application of the
process assessment model, how to strategically leverage the assessment and then how to use it in the
context of an improvement programme for an ITES-BPO organization.
© ISO/IEC 2016 – All rights reserved v

INTERNATIONAL STANDARD ISO/IEC 30105-5:2016(E)
Information technology — IT Enabled Services-Business
Process Outsourcing (ITES-BPO) lifecycle processes —
Part 5:
Guidelines
1 Scope
ISO/IEC 30105 specifies the lifecycle process requirements performed by the IT enabled business
process outsourcing service provider for the outsourced business processes. It defines the processes to
plan, establish, implement, operate, monitor, review, maintain and improve its services. This document:
— covers IT enabled business processes that are outsourced;
— is not intended to cover IT services but includes similar, relevant process for completeness;
— is applicable to the service provider, not to the customer;
— is applicable to all lifecycle processes of ITES-BPO;
— provides guidance on application of the process assessment model, how to strategically leverage
the assessment and to use it in the context of an improvement programme or risk assessment for an
ITES-BPO service provider organization.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO/IEC 30105-2:2016, Information technology — IT Enabled Services-Business Process Outsourcing
(ITES-BPO) lifecycle processes — Part 2: Process assessment model (PAM)
ISO/IEC 30105-3:2016, Information technology — IT Enabled Services-Business Process Outsourcing (ITES-
BPO) lifecycle processes — Part 3: Measurement framework (MF) and organization maturity model (OMM)
ISO/IEC 33020, Information technology — Process assessment — Process measurement framework for
assessment of process capability
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 30105-4, ISO/IEC 33001
and ISO/IEC 33020 apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— IEC Electropedia: available at http://www.electropedia.org/
— ISO Online browsing platform: available at http://www.iso.org/obp
© ISO/IEC 2016 – All rights reserved 1

4 Purpose
This document aims to provide guidance on the following:
a) the key parts of ISO/IEC 30105 (all parts), including the process assessment model, measurement
framework and the organization maturity model;
b) how to undertake process assessment and determine organization maturity through assessment of
process risk;
c) the approach to the organization maturity model (OMM), including the organization maturity
rating scale. This scale represents the extent to which an organization is able to demonstrate its
maturity through process quality. Process quality is demonstrated through assessment of the
organization’s ability to establish, manage and execute its processes with high capability;
d) use of the assessment and outcomes as part of a framework for performing process improvement
(PI) in a continual cycle.
Assessment of process capability is concerned with analysing the output of conformant process
assessments to identify the strengths, weaknesses and risks associated with deploying the processes
to meet a specific requirement.
Assessment of process risk is applicable across all ITES-BPO domains and to any ITES-BPO service
provider organization wanting to determine the process risks of its own processes.
PI uses the results of a current state assessment for an ITES-BPO service provider organization to
formulate and prioritize improvement plans. These plans improve the processes, thus creating the
inherent ability to support continual improvement.
Analysis of the output from a process assessment and process risk determination findings against
an organizational unit’s business goals and the joint business goals of a customer-service provider
engagement will lead to identification of the strengths, weaknesses and risks related to the processes,
operations, structure, etc. This can help to determine whether the processes are effective in achieving
business goals and provide the critical triggers for making improvements.
The guidance on assessment of process risk covers the following:
— overview of process capability: target capability, process oriented risk analysis;
— guidance for conducting an assessment of process capability: core and extended.
The guidance on PI provides the following:
a) overview of PI: the factors which drive ITES-BPO process improvement and the underlying general
principles;
b) methodology for PI: improving ITES-BPO processes within a continual improvement cycle;
c) measurement framework and management: ITES-BPO process improvement from a management
perspective, including an overall framework for process measurement.
The PAM is designed to provide organizations with an integrated approach to organizational
performance management that results in the following:
— delivery of increased effectiveness in driving outcomes to customers and stakeholders, contributing
to organizational sustainability;
— improvement of overall organizational effectiveness and capabilities;
— organizational and personal learning.
These service provider improvements can be marketed to outsourcing companies (customers) and can
provide increased value to customers and stakeholders.
2 © ISO/IEC 2016 – All rights reserved

For all practical purposes, “value” can be considered as business outcomes achieved in line with the
requirements of the customer contract or customer requirements.
The adoption and implementation of ISO/IEC 30105 (all parts) can lead to the following benefits:
a) a greater degree of standardization of base practices in this important industry segment;
b) benchmarking for useful comparisons across adopting service provider organizations;
c) improved process efficiency and productivity, improved asset utilization and reduced
internal/external failures or potential failures, thereby improving the quality of output and
services;
d) improved customer focus and customer satisfaction, leading to a clear return on investment from
the maturity assessment journey. This also creates an ability to achieve and communicate the
business benefits to the customers and all direct stakeholders;
e) reduced time to maturity for new start-up service providers and new services for existing service
providers through the adoption of the ITES-BPO process reference model;
f) for customers (who use the ITES-BPO services), a mechanism to understand the capabilities of
service providers through a common standard, leading to increased levels of transparency and
trust. It also provides a mechanism to jointly solve issues proactively and to work on the strategic
programmes;
g) over a period of time, improved processes, shorter transition lead time for new processes, reduced
defect rates, improved cycle time, improved time to market, better risk determination, improved
productivity, etc. This can then lead to direct/indirect benefits to outsourcing companies due to
greater maturity and value from service providers, which can be further leveraged.
5 ITES-BPO process context
The processes in an ITES-BPO service provider organization have two distinct characteristics. Firstly,
operational service delivery, i.e. process execution, happens in real time. Secondly, the processes are
driven by service level agreements (SLAs) and key performance indicators (KPIs), which measure the
performance and quality of delivery and the quality of experience.
ITES-BPO services are based on delivery of business process transactions, which are of varied
complexity and have direct impact on the customer organization’s business delivery. Typically, an
outsourcing approach is adopted by a customer to gain overall process efficiency, economies of scale
and transformation savings through an expert service provider.
This allows the outsourcing customer organization to stay focused on its core strategic goals, end-
customer management and business growth, while the service provider organization takes full
ownership of process delivery.
One of the key requirements in outsourcing is business continuity management (BCM) for the
outsourced operations so that the overall system works at the desired level of assurance.
Figure 2 shows the service provider view for a typical customer engagement lifecycle.
© ISO/IEC 2016 – All rights reserved 3

Figure 2 — End-to-end view of ITES-BPO engagement lifecycle
ISO/IEC 30105 (all parts) addresses the following key questions for an ITES-BPO organization.
— How to manage performance across the framework of people, process and technology?
— How to best stabilize and improve the processes?
— How to optimize and sustain the processes?
— How to align improvement and process efforts to desired results?
— How to ensure process improvement benefits and quality results?
— How to achieve a differentiated approach for maturity?
6 ITES-BPO process structure
Figure 3 lists the processes from ISO/IEC 30105-1 that are included in the process dimension of the
process assessment model for ITES-BPO. It includes all aspects of an ITES-BPO outsourced service,
from developing an ITES-BPO solution through service delivery and to transitioning out. It includes the
leadership, relationship management and enabling processes which support the outsourced business
across its lifecycle.
4 © ISO/IEC 2016 – All rights reserved

Figure 3 — ITES-BPO lifecycle process categories
The ITES-BPO process categories are as follows.
— Strategic enablement processes: include strategic direction and review of the business
performance against plan for the service provider organization and Innovation process to bring in
breakthrough changes.
— Relationship processes: cover the relationship of the service provider with the customer and the
suppliers.
— Solution processes: include details on how the ITES-BPO solution is envisaged and the contract
developed and managed.
— Transition in processes: cover the movement of business process delivery from the customer to
the service provider, establishing the required management, people and infrastructure capability,
and concluding with piloting the transitioned service.
— Service delivery processes: include all the processes that are required for the day to day
management and delivery of ITES-BPO services.
— Transition out process: covers the movement of the business process delivery back to the customer
or to a different service provider.
— Tactical enablement processes: involve a set of processes that enables achievement of the objective
of the core service delivery processes. These are tactical in nature.
— Operational enablement processes: involve a set of processes that ensures day to day operations
of service delivery are supported and are performed alongside the service delivery processes.
The process reference model, as shown in Figure 3, categorizes the ITES-BPO lifecycle processes:
— strategic enablement;
— relationship;
— solution;
— transition in;
© ISO/IEC 2016 – All rights reserved 5

— service delivery;
— transition out;
— tactical enablement;
— operational enablement.
The purpose of the process categories is to give clarity on the ways of working, as a group of linked and
inter-dependant processes within the process framework, for ease of understanding for the reader.
The ITES-BPO lifecycle processes have been categorized as below.
a) Strategic enablement processes: include strategic direction and review of the business
performance against plan for the service provider organization and innovation process to bring in
breakthrough changes.
Senior leaders should set business objectives, create a customer focus, establish clear and visible
organizational values and set high expectations for the workforce. The directions, values and
expectations should balance the needs of all direct stakeholders. Leaders should ensure the creation
of strategies, systems, organizational roadmap and methods for achieving performance excellence,
stimulating innovation, building knowledge and capabilities and ensuring organizational
sustainability. Senior leaders need to inspire and encourage the entire workforce to contribute, to
develop and learn, to be innovative and to embrace meaningful change. Senior leaders need to be
responsible to the organization’s governance body for their actions, performance and conformance.
There are two processes under this category. These are strategic planning and direction setting
and innovation management.
b) Relationship processes: cover the relationship of the service provider with the customer and the
suppliers.
These processes are aimed at ensuring superior engagement with customers and suppliers for
seamless business delivery.
Performance and quality are judged by an organization’s customers. Thus, the service provider
organization should take into account all product features and characteristics, modes of customer
access and support that contribute value to customers. This can lead to customer acquisition,
satisfaction, preference and loyalty, to positive referrals and to business sustainability. Customer-
driven excellence has both current and future components: understanding today’s customer needs
and anticipating future customer requirements and market place potential.
This also includes managing any suppliers who are linked to the delivery and their performance.
Service providers can also outsource some areas (e.g. invoice scanning, creating content) to a sub-
contracting supplier if there is a further need for optimized value delivery.
c) Solution processes: detail how the ITES-BPO solution is envisaged and the contract developed and
managed.
This category covers the development of feasible solutions and proposals to transfer knowledge,
mobilize people and create the infrastructure. It plans for transition, service delivery risk
management, information security and business continuity.
It includes the drafting, negotiation and agreement of a formal contract, and defining and
monitoring obligations.
d) Transition in processes: cover the movement of business process delivery from the customer to
the service provider, establishing the required management, people and infrastructure capability,
and conclude with piloting the transitioned service.
This category covers the mobilization of sufficient people with the required skills, creating the
required infrastructure, transferring appropriate knowledge, planning for service delivery and
6 © ISO/IEC 2016 – All rights reserved

piloting the service delivery on a limited scale. This should be achieved with minimal disruption
to the customer’s business performance during this activity. This establishes the operational
ITES-BPO service for delivery from the service provider organization in line with the contracted
commitments, including service performance and quality targets.
e) Service delivery processes: include all the processes that are required for the day to day
management and delivery of ITES-BPO services.
This category of processes focuses on seamless operational delivery of business processes to
achieve the required service levels and good customer experience. It aims to manage, operate and
control the ongoing service delivery to achieve the desired performance levels. Service delivery
is monitored against the operational performance targets, and a governance framework is
implemented to produce timely and accurate service reports to support effective communication
and decision-making.
These processes also help to manage delivery of business processes, aligned to customer
requirements and related external requirements, where necessary, to ensure consistency,
reliability, quality, efficiency, effectiveness, continual improvement and regulatory compliance.
Services are delivered continuously and in response to service requests, in accordance with service
level agreements.
f) Transition out process: covers the movement of the business process delivery back to the
customer or to a different service provider if needed.
This process defines how to transfer the services, in part or full, to meet defined requirements,
sustained performance and contractual commitments with minimal disruption to the customer.
g) Tactical enablement processes: involve a set of processes that enable the achievement of the
objective of the core service delivery processes. These are tactical in nature.
There are eight processes under this category. These are management review, financial
management, change management, knowledge management, business continuity management,
audit management, risk management and continual improvement.
h) Operational enablement processes: involve a set of processes that ensure day to day operations
of service delivery are supported and are performed alongside the service delivery processes.
There are seven processes under this category. These are transaction quality management,
information security management, compliance management, human resource management,
infrastructure and technology management, work environment management and issue
management.
Figure 4 shows the processes within the process categories in the ITES-BPO lifecycle.
© ISO/IEC 2016 – All rights reserved 7

Figure 4 — ITES-BPO lifecycle process categories and processes
Each process is further described in terms of process purpose and outcomes in ISO/IEC 30105-1, the
ITES-BPO process reference model. ISO/IEC 30105-2, the ITES-BPO process assessment model, further
expands this model to include the base practices, generic practices, generic resources and generic and
specific work products to achieve the defined outcomes.
A process assessment model consists of a set of indicators for process performance and process
capability. The indicators are used as a basis for collecting the objective evidence that enables an
assessor to determine ratings. The set of indicators included in ISO/IEC 30105 (all parts) is not intended
to be an all-inclusive set nor is it intended to be applicable in its entirety. Supersets and subsets that are
appropriate to the context and scope of the assessment should be selected.
The process assessment model in ISO/IEC 30105-2 is directed at assessment sponsors and assessors
who wish to select a model, and associated documented assessment process, for the ITES-BPO lifecycle
processes, for risk determination or process improvement or for both.
7 Stakeholders and stakeholder value definition
Stakeholders for ITES-BPO service provider organizations can be external and internal. They can have
many different needs, often conflicting in nature.
The key direct stakeholders are as follows:
— senior management of the service provider organization;
8 © ISO/IEC 2016 – All rights reserved

— entire workforce, including leaders;
— customer organization.
The key indirect stakeholders are as follows:
a) suppliers and partners;
b) analyst community — these are the third party rating agencies, analysts who study and rate service
providers based on their cost efficiency, brand image and automation capabilities in an ITES-BPO
context.
An organization’s performance measurements need to focus on key objectives and results. Results
should be used to create and balance value for the service provider’s key stakeholders. By creating
value for the key stakeholders, the service provider organization builds loyalty.
The use of a balanced composite of leading and lagging performance measures offers an effective
means to communicate short and longer-term priorities, monitors actual performance and provides a
clear basis for improving results.
Stakeholder needs are influenced by a number of drivers, e.g. strategy changes, a changing business and
regulatory environment and technology evolutions.
The key impacts of adopting ISO/IEC 30105 (all parts) for the primary stakeholders are as follows.
Senior management of service provider organizations:
— delivery rigour — consistency and predictability in each transaction and overall operations;
— stronger focus on internal delivery performance management;
— focus on innovation and continual improvement;
— a conscious impact to deliver towards a customer’s business objectives and financial targets, as
applicable;
— improved customer focus and customer satisfaction, leading to a clear return on investment from
adopting ISO/IEC 30105 (all parts);
— reduced time to maturity for new start-up service providers, through the adoption of the defined
ITES-BPO process reference model;
— cost efficiency;
— identification of waste/inefficiency in structured way;
— ability to use as a benchmark and identify transformation goals and drive organization wide change
management programme;
— ability to grow the business.
For workforce:
a) ability to manage better with known control points;
b) overall learning and growth.
Customer organizations:
— clarity in understanding the maturity of service providers;
— improved productivity and the quality of services;
— simplification of ITES-BPO provider selection and contracting;
© ISO/IEC 2016 – All rights reserved 9

— cost efficiency;
— identification of waste/inefficiency in structured way;
— ability to use a benchmark and identify transformation goals and drive organization-wide change
management programme;
— improved customer experience and engagement (moments of truth) throughout service and
management of interactions;
— improved support for achievement of the customer’s business objectives and financial targets, as
relevant and applicable.
The key impacts of adopting ISO/IEC 30105 (all parts) for the secondary stakeholders are as follows:
a) ability to objectively rate and compare ITES-BPO service provider organizations;
b) understand and interpret the key process maturity measures.
While the impact to the service provider organization is direct and clear, impact to the customer
organization is more implied and expected.
Value and satisfaction can be influenced by many factors throughout the customer’s overall experience
with the service provider organization. These factors include the service provider organization’s
customer relationships, which help to build trust, confidence and loyalty.
Customer-driven excellence means much more than reducing defects and errors, meeting requirements
or reducing complaints. In addition, the service provider organization’s success in recovering from
defects, service errors and mistakes is crucial for retaining customers and engaging customers for the
long-term.
A customer-driven organization addresses not only the product and service characteristics that
meet basic customer requirements but also those features and characteristics that differentiate
the organization from its competitors. Such differentiation can be based on innovative offerings,
combinations of product and service offerings, customization of offerings, multiple access channels,
rapid response or special relationships.
Customer-driven excellence is a strategic concept. It is directed toward customer retention and loyalty,
market share gain and business growth. It demands constant sensitivity to changing and emerging
customer and market requirements and to the factors that drive customer engagement. It demands
close attention to the voice of the customer, managing and improving the customer experience and
end-customer journey at every point of engagement and interaction. It demands anticipating changes
in the marketplace. Therefore, customer-driven excellence demands a customer-centric culture and
organizational agility.
8 Process reference model
The process reference model (PRM) defines the processes in the ITES-BPO lifecycle, described in terms
of process purpose and outcomes, together with an architecture describing relationships between the
processes.
ISO/IEC 33004 requires that processes included in a process reference model satisfy the following.
A process description shall meet the following requirements.
a) A process shall be described in terms of its purpose and outcomes.
b) The set of process outcomes shall be necessary and sufficient to achieve the purpose of the process.
c) Process descriptions shall not contain or imply aspects of the process quality characteristic beyond the
basic level of any relevant process measurement framework conformant with ISO/IEC 33003.
10 © ISO/IEC 2016 – All rights reserved

Each process in the PRM has the following descriptive elements.
— Name: the name of a process is a short noun phrase that summarizes the scope of the process, identifying
the principal concern of the process, and distinguishes it from other processes within scope of the process
reference model.
— Context: for each process, a brief overview describes the intended context of the application of the
process.
— Purpose: the purpose of the process is a high-level and overall goal for performing the process.
— Outcomes: an outcome is an observable result of the successful achievement of the process purpose.
Outcomes are measurable, tangible technical or business results that are achieved by a process.
They are observable and assessable.
The PRM aligns outcomes to the business benefits derived by the customer and the service provider.
A PRM cannot be used alone as the basis for conducting reliable and consistent assessments of process
capability since the level of process detail available is not sufficient.
The PAM replicates the PRM and extends it to include the attributes required to undertake a process
capability assessment against this process reference model.
The purpose of a process reference model is to define a set of processes that collectively can support
the primary aims of a community of interest. A process reference model can provide the basis for one
or more process assessment models. The process assessment model uses the same process descriptions
provided in the process reference model.
For new start-up ITES-BPO organizations or those with a less mature process framework, this PRM can
be used to expedite the creation and maturity of their processes by adoption and adaption of this ITES-
BPO PRM.
9 Process assessment model
In ISO/IEC 33001, the process assessment model (PAM) is described as a model suitable for the purpose
of assessing a specified process quality characteristic, based on one or more process reference models.
The process reference model defined in ISO/IEC 30105-1, associated with the process attributes
defined in ISO/IEC 30105-3, establishes a process assessment model that provides a common basis for
performing assessments on ITES-BPO lifecycle processes, enabling the results to be reported using a
common rating scale.
The process assessment model defines a two-dimensional model of process capability.
— Process dimension: processes are defined and classified into process categories.
— Capability dimension: a set of process attributes grouped into capability levels is defined.
The process attributes provide the measurable characteristics of process capability.
Process dimension
All processes in Figure 4 are included within the process dimension of the process assessment model.
Each process in the PAM is described by a purpose statement which contains the objectives of the
process and a set of specific expected outcomes. The outcomes are associated with each of the process
purpose statements and indicate the expected positive result of the process performance.
Satisfying the purpose statements of a process represents the only step in achieving a level 1 process
capability, where the expected outcomes are observable.
© ISO/IEC 2016 – All rights reserved 11

Capability dimension
Process capability levels are defined in ISO/IEC 30105-3 and detailed definitions of the process
capability levels and process attributes are set out in ISO/IEC 30105-2:2016, Clause 6, together with the
relevant process capability indicators. Process capability is expressed in the PAM by grouping process
attributes into capability levels.
Process attributes are process features which can be evaluated on a scale of achievement to provide
a process capability measure. Each process attribute describes a feature of the overall capability of
managing and improving process effectiveness in achieving its purpose and contributing to the
organization’s business goals.
A capability level is a set of process attribute(s) that together describe an ability to operate and perform
a process at a given capability level. The existence or not of evidence to meet these process attribute(s)
helps determine the capability levels. The levels constitute a rational path for improving capability for
any process and are defined in ISO/IEC 30105-3. The assessment of process attributes is determined
on the basis of assessment indicator evidence. There are two types of assessment indicators: process
capability indicators (PCI), which apply to capability levels 1 to 5, and process performance indicators
(PPI), which apply exclusively to capability level 1.
These indicators enable the assessment of the extent of achievement of a process attribute in the
implemented process. These indicators concern significant activities, resources or results associated
with the achievement of the attribute purpose by a process.
Figure 5 — Process assessment indicators
The three types of process capability indicators related to levels 1 to 5 are identified in Figure 5. They
are intended to be applicable to all processes.
All the process capability indicators relate to the process attributes defined in the capability dimension
of the process assessment model. They represent the type of evidence that would support judgments
of the extent to which the attributes are achieved. Evidence of their effective performance or existence
12 © ISO/IEC 2016 – All rights reserved
...