ISO/IEC/IEEE 15289:2019

INTERNATIONAL ISO/IEC/
STANDARD IEEE
Fourth edition
2019-07
Systems and software engineering —
Content of life-cycle information items
(documentation)
Ingénierie des systèmes et du logiciel — Contenu des articles
d'information du cycle de vie (documentation)
Reference number
©
ISO/IEC 2019
©
IEEE 2019
© ISO/IEC 2019
© IEEE 2019
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office Institute of Electrical and Electronics Engineers, Inc
CP 401 • Ch. de Blandonnet 8 3 Park Avenue, New York
CH-1214 Vernier, Geneva NY 10016-5997, USA
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org stds.ipr@ieee.org
www.iso.org www.ieee.org
Published in Switzerland
© ISO/IEC 2019 – All rights reserved
ii © IEEE 2019 – All rights reserved

Contents Page
Foreword .vi
Introduction .vii
1 Scope . 1
2 Normative references . 2
3 Terms, definitions and abbreviated terms . 2
3.1 Terms and definitions . 2
3.2 Abbreviated terms . 5
4 Applicability . 5
4.1 Purpose . 5
4.2 Intended users of this document . 6
4.3 Applicability to work efforts . 6
4.4 Applicability to information item audiences . 6
5 Conformance . 7
5.1 Definition of conformance . 7
5.2 Conformance situations . 7
5.3 Type of conformance . 8
6 Life-cycle data and information items . 8
6.1 Life-cycle data characteristics . 8
6.2 Records compared to information items (documents) . 8
6.3 Management of life-cycle data (records) . 9
6.4 Management of information items (documents) . 9
6.4.1 General. 9
6.4.2 Developing the information management plan .10
6.4.3 Managing and controlling information items .10
7 Generic types of information items .10
7.1 Use of generic types .10
7.2 Description — Generic content .11
7.3 Plan — Generic content .11
7.4 Policy — Generic content .13
7.5 Procedure — Generic content .13
7.6 Report — Generic content .14
7.7 Request — Generic content .15
7.8 Specification — Generic content .16
8 Mapping of information items to the life cycle processes .17
8.1 The process model .17
8.2 Mapping Considerations .18
8.3 Mapping of information items to the system life cycle .18
8.4 Mapping of information items to the software life cycle .23
9 Records .30
9.1 General .30
9.2 Record — Generic content .31
9.3 Specific record contents .31
10 Specific information item (document) contents .35
10.1 General .35
10.2 Acceptance plan .36
10.3 Acceptance report .36
10.4 Acquisition plan .36
10.5 Capacity plan .37
10.6 Change request .37
10.7 Complaint procedure .38
© ISO/IEC 2019 – All rights reserved
© IEEE 2019 – All rights reserved iii

10.8 Concept of operations .38
10.9 Configuration management plan .39
10.10 Configuration management procedure .39
10.11 Configuration status report .40
10.12 Contract .40
10.13 Customer satisfaction survey .41
10.14 Database design description .41
10.15 Design description .42
10.16 Development plan .43
10.17 Evaluation report .43
10.18 Implementation procedure .44
10.19 Improvement plan.44
10.20 Incident management procedure.45
10.21 Incident report .45
10.22 Information management plan .46
10.23 Information management procedure .46
10.24 Information security plan .47
10.25 Installation report .47
10.26 Integration and test report .48
10.27 Integration plan .48
10.28 Interface description .48
10.29 Life-cycle policy .49
10.30 Life-cycle procedure .49
10.31 Maintenance plan .49
10.32 Maintenance procedure .50
10.33 Measurement procedure .50
10.34 Monitoring and control report .50
10.35 Operational concept .50
10.36 Problem management procedure .51
10.37 Problem report .51
10.38 Process description .52
10.39 Process improvement report .52
10.40 Product need assessment .53
10.41 Progress report .53
10.42 Project management plan .53
10.43 Proposal .55
10.44 Quality management plan .55
10.45 Quality management policy .55
10.46 Quality management procedure .56
10.47 Release plan .56
10.48 Request for proposal (RFP) .57
10.49 Resource request .57
10.50 Review minutes .57
10.51 Risk action request .58
10.52 Risk management plan .58
10.53 Service catalog .58
10.54 Service continuity and availability plan .58
10.55 Service level agreement (SLA) .59
10.56 Service report .59
10.57 Supplier management procedure .60
10.58 System architecture description .60
10.59 System element description .61
10.60 System requirements specification .61
10.61 Test procedure .62
10.62 Test report .63
10.63 Training documentation .63
10.64 Training plan .63
10.65 Transition plan .63
© ISO/IEC 2019 – All rights reserved
iv © IEEE 2019 – All rights reserved

10.66 Transition procedure .64
10.67 User documentation .64
10.68 User notification .65
10.69 Validation plan .65
10.70 Validation procedure .65
10.71 Validation report .66
10.72 Verification plan .66
10.73 Verification procedure .67
10.74 Verification report .67
Annex A (informative) Procedure for identifying information items and their contents .68
Annex B (informative) Information items and records by source .69
Bibliography .72
IEEE notices and abstract .74
© ISO/IEC 2019 – All rights reserved
© IEEE 2019 – All rights reserved v

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
rules given in the ISO/IEC Directives, Part 2 (see www .iso .org/directives).
IEEE Standards documents are developed within the IEEE Societies and the Standards Coordinating
Committees of the IEEE Standards Association (IEEE-SA) Standards Board. The IEEE develops its
standards through a consensus development process, approved by the American National Standards
Institute, which brings together volunteers representing varied viewpoints and interests to achieve the
final product. Volunteers are not necessarily members of the Institute and serve without compensation.
While the IEEE administers the process and establishes rules to promote fairness in the consensus
development process, the IEEE does not independently evaluate, test, or verify the accuracy of any of
the information contained in its standards.
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www .iso .org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso
.org/iso/foreword .html.
This document was prepared by the Joint Technical Committee ISO/IEC JTC 1, Information Technology,
Subcommittee SC 7, Software and systems engineering, in cooperation with the Systems and Software
Engineering Standards Committee of the IEEE Computer Society, under the Partner Standards
Development Organization cooperation agreement between ISO and IEEE.
This fourth edition cancels and replaces the third edition (ISO/IEC/IEEE 15289:2017), which has been
technically revised.
The main changes compared to the previous edition are as follows:
— made changes to reflect ISO/IEC/IEEE 12207:2017, which replaces ISO/IEC 12207:2008;
— removed references to ISO/IEC 20000-1:2011 and ISO/IEC 20000-2:2012, which are no longer within
the scope of ISO/IEC JTC 1/SC 7 and have been superseded.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these national standards bodies can be found at www .iso .org/members .html.
© ISO/IEC 2019 – All rights reserved
vi © IEEE 2019 – All rights reserved

Introduction
The purpose of this document is to provide requirements for identifying and planning the specific
information items (information products) to be developed and revised during systems and software life
cycles and service processes. This document specifies the purpose and content of all identified systems
and software life-cycle information items, as well as information items for information technology
service management. The information item contents are defined according to generic document types
and the specific purpose of the document. Information items are combined or subdivided as needed for
project or organizational purposes.
This document is based on the life-cycle processes specified in ISO/IEC/IEEE 12207:2017 and
ISO/IEC/IEEE 15288:2015. ISO/IEC/IEEE 12207:2017 and ISO/IEC/IEEE 15288:2015 establish a
common framework for system and software life-cycle processes. These standards define an identical
process model for the process purposes and outcomes, though their tasks and activities differ. Their
process reference model does not represent a particular process implementation approach, nor does it
prescribe a system/software life-cycle model, methodology or technique. Their processes are grouped
in four categories: agreement, organizational project-enabling, technical management and technical.
ISO/IEC/IEEE 12207:2017 and ISO/IEC/IEEE 15288:2015 establish a common Information Management
process as part of a framework for systems and software life-cycle processes, and identify, recommend
or require a number of information items (documentation). ISO/IEC/IEEE 12207:2017 does not always
specify when software information items are to be prepared, nor does it identify information item
1)
contents. This document is intended to be used in this context. IEEE contributed IEEE 12207.1-1997 as
a source for the first edition of this document.
1) Guide for Information Technology — Software Life Cycle Processes — Life Cycle Data.
© ISO/IEC 2019 – All rights reserved
© IEEE 2019 – All rights reserved vii

INTERNATIONAL STANDARD ISO/IEC/IEEE 15289:2019(E)
Systems and software engineering — Content of life-cycle
information items (documentation)
1 Scope
This document specifies the purpose and content of all identified systems and software life-cycle and
service management information items (documentation). The information item contents are defined
according to generic document types, as presented in Clause 7, and the specific purpose of the document,
as presented in Clause 10.
This document assumes an organization is performing life-cycle processes, or delivering system or
software engineering services, using either or both of the following:
— ISO/IEC/IEEE 12207:2017 software life cycle processes;
— ISO/IEC/IEEE 15288:2015 system life cycle processes.
ISO/IEC/IEEE 12207:2017 and ISO/IEC/IEEE 15288:2015 define an Information Management process,
but do not “detail information items in terms of name, format, explicit content, and recording media”
(ISO/IEC/IEEE 12207:2017, 1.4). These standards identify, recommend or require a number of
documentation items. This document provides a mapping of processes from the above standards to a set
of information items. It provides a consistent approach to meeting the information and documentation
requirements of systems and software engineering and engineering service management.
The generic document types defined in this document are used to identify the information necessary
to support the processes required by ISO/IEC/IEEE 12207:2017 and ISO/IEC/IEEE 15288:2015. The
generic document types (which can be referred to as information item types) are used to identify the
information necessary to support the processes.
For each life-cycle process or service, it would be possible to prepare a policy, plan, procedures and
reports, as well as numerous records, requests, descriptions and specifications. Such an elaboration
of the documentation schema would be more rigorous than specified by ISO/IEC/IEEE 12207:2017 or
ISO/IEC/IEEE 15288:2015. As ISO/IEC/IEEE 15288:2015, 1.4 points out, “The users of this document
are responsible for selecting a life cycle model for the project and mapping the processes, activities,
and tasks in this document into that model. The parties are also responsible for selecting and applying
appropriate methodologies, methods, models and techniques suitable for the project.” Thus, information
items are combined or subdivided consistent with the life cycle model, as needed for project or
organizational purposes, as further defined in Clause 4 and Clause 5.
This document is not a management system standard and does not establish a service management
system, quality management system, or asset management system. The scope of this document does
not include the following:
a) the format or content of recommended input data or input information items, except for the content
of those input items that are also output information items;
b) instructions on combining or subdividing information items and information item contents of a
similar nature;
c) guidance on selecting an appropriate presentation format, delivery media and maintenance
technology for systems or software life-cycle data, records, information items or documentation,
such as electronic publishing systems, content management systems or data repositories;
NOTE ISO/IEC/IEEE 26531 provides requirements for content management and component content
management systems. ISO/IEC 26514 provides guidance on formats for user documentation (information
for users).
© ISO/IEC 2019 – All rights reserved
© IEEE 2019 – All rights reserved 1

d) detailed content for information items related to general business, contractual, organizational and
financial management that is not specific to systems and software engineering and engineering
service management, such as business strategies, contract change notices (agreement change
report), human resources and investment policies, personnel selection criteria, financial budgeting
and accounting policies and procedures, cost reports, or payroll data;
e) information items showing only approval of an ISO/IEC/IEEE 12207:2017 or
ISO/IEC/IEEE 15288:2015 subclause, such as ISO/IEC/IEEE 12207:2017, 6.4.10.3 c) 3);
f) any ISO/IEC/IEEE 15288:2015 or ISO/IEC/IEEE 12207:2017 subclause not explicitly or
implicitly identifying the recording of information about a process, activity or task, for example,
ISO/IEC/IEEE 12207:2017, 6.2.4.3 c);
g) work products, models, software, and other artifacts of life-cycle products and services that are
not information items or records used in information items.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO/IEC/IEEE 12207:2017, Systems and software engineering — Software life cycle processes
ISO/IEC/IEEE 15288:2015, Systems and software engineering — System life cycle processes
3 Terms, definitions and abbreviated terms
3.1 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
NOTE For additional terms and definitions in the field of systems and software engineering, see
ISO/IEC/IEEE 24765, which is published periodically as a “snapshot” of the SEVOCAB (Systems and software
Engineering Vocabulary) database and is publicly accessible at www .computer .org/sevocab.
ISO, IEC, and IEEE maintain terminological databases for use in standardization at the following
addresses:
— ISO Online browsing platform: available at http: //www .iso .org/
— IEC Electropedia: available at http: //www .electropedia .org/
— IEEE Standards Dictionary Online: available at http: //ieeexplore .ieee .org/xpls/dictionary .jsp
3.1.1
approval
notification by an authorized representative that a deliverable item appears to satisfy requirements
and is complete (3.1.3)
Note 1 to entry: Such approval does not shift responsibility from the supplier to meet requirements under a two-
party situation.
3.1.2
complaint
record (3.1.21) of perceived non-compliance with a service level agreement or customer dissatisfaction
with service
© ISO/IEC 2019 – All rights reserved
2 © IEEE 2019 – All rights reserved

3.1.3
complete
including all critical information (3.1.7) and any necessary, relevant information for
the intended audience
3.1.4
consistent
without internal conflicts
3.1.5
Commercial-Off-The-Shelf
COTS
product available for purchase and use without the need to conduct development activities
3.1.6
criteria
rules on which a judgment or decision can be based, or by which a product, service, result, or process
(3.1.20) can be evaluated
3.1.7
critical information
information describing the safe use of the system, the security of the information created with the
system, or the protection of the sensitive personal information created by or stored with the system
3.1.8
database
collection of data organized according to a conceptual structure describing the characteristics of the
data and the relationships among their corresponding entities, supporting one or more application areas
3.1.9
description
information item (3.1.12) that represents a planned or actual concept, function, design, or object
3.1.10
document
uniquely identified unit of information for human use
EXAMPLE A report (3.1.22), specification (3.1.26), manual or book, in printed or electronic form.
Note 1 to entry: A document can be a single information item or part of a larger information item.
3.1.11
include
has either the information or a reference to the information
3.1.12
information item
information product
separately identifiable body of information that is produced, stored, and delivered for human use
Note 1 to entry: A document (3.1.10) produced to meet information requirements can be an information item,
part of an information item, or a combination of several information items.
Note 2 to entry: An information item can be produced in several versions during a project or system life cycle.
3.1.13
information item content
information included in an information item (3.1.12), associated with a system, product or service, to
satisfy a requirement or need
© ISO/IEC 2019 – All rights reserved
© IEEE 2019 – All rights reserved 3

3.1.14
information item type
generic document type
group of information items (3.1.12) consistent (3.1.4) with a pre-arranged set of generic criteria (3.1.6)
EXAMPLE A “plan” is the information item type for all plans (3.1.16) and “report” is the information item
type for all reports (3.1.22).
3.1.15
modifiable
structured and having a style such that changes can be made completely, consistently, and correctly
while retaining the structure
3.1.16
plan
information item (3.1.12), that presents a systematic course of action for achieving a declared purpose,
including when, how, and by whom specific activities are to be performed
3.1.17
policy
clear and measurable statement of preferred direction and behavior to condition the decisions made
within an organization
3.1.18
presentable
retrievable and viewable
3.1.19
procedure
information item (3.1.12) that presents an ordered series of steps to perform a process (3.1.20),
activity, or task
Note 1 to entry: A procedure defines an established and approved way or mode of conducting business in an
organization. It details permissible or recommended methods in order to achieve technical or managerial goals
or outcomes.
Note 2 to entry: According to ISO 9000, procedures can be documented or not.
3.1.20
process
set of interrelated or interacting activities which transforms inputs into outputs
3.1.21
record
set of related data items treated as a unit
3.1.22
report
information item (3.1.12) that describes the results of activities such as investigations, observations,
assessments, or tests
3.1.23
request
information item (3.1.12), that initiates a defined course of action or change to fulfil a need
3.1.24
service request
request (3.1.23) for information or for a routine change or procedure (3.1.19) with previously
evaluated risk
EXAMPLE A request to provide access to a controlled application, a request to move hardware.
© ISO/IEC 2019 – All rights reserved
4 © IEEE 2019 – All rights reserved

3.1.25
software item
identifiable part of a software product
EXAMPLE Identification and descriptions (3.1.9) of the software product, source code, software life-cycle
data, archive and release data, and instructions for building the executable object code.
3.1.26
specification
information item (3.1.12), that identifies, in a complete (3.1.3) precise, and verifiable (3.1.29) manner,
the requirements, design, behavior, or other expected characteristics of a system, service, or process
(3.1.20)
3.1.27
traceable
having components whose origin can be determined
3.1.28
unambiguous
described in terms that allow only a single interpretation, aided, if necessary, by a definition
3.1.29
verifiable
can be checked for correctness by a person or tool
3.2 Abbreviated terms
CFP call for proposals
CM configuration management
CONOPS concept of operations
COOP continuity of operations plan
ITT invitation to tender
OPSCON operational concept
RFP request for proposal
SLA service level agreement
4 Applicability
4.1 Purpose
The purpose of this document is to provide requirements for users of ISO/IEC/IEEE 12207:2017 and
ISO/IEC/IEEE 15288:2015 for identifying and planning the specific information items (information
products) to be developed and revised during systems and software life cycles and service management.
This document is intended for use as follows:
a) to address the technical information needed by those involved in ISO/IEC/IEEE 15288:2015 and
ISO/IEC/IEEE 12207:2017 processes;
b) to specify information in an agreement process or two-party situation as described in
ISO/IEC/IEEE 15288:2015 or ISO/IEC/IEEE 12207:2017. The two-party situation may range from
an informal agreement within an organization to a legally binding contract between organizations;
© ISO/IEC 2019 – All rights reserved
© IEEE 2019 – All rights reserved 5

c) to develop information items that provide evidence for process assessment performed with respect
to ISO/IEC 33001, and to guide process improvement activities; and
d) to guide a single party in self-imposed tasks.
4.2 Intended users of this document
This document is applicable for use by the following:
a) project managers responsible for the Information Management process of ISO/IEC/IEEE 12207:2017,
6.3.6 and ISO/IEC/IEEE 15288:2015, 6.3.6 during a system life cycle (including software systems);
b) project managers responsible for identifying information item requirements and document contents
when using ISO/IEC/IEEE 12207:2017, or any other software engineering life-cycle process, to help
determine what should be documented, when the documentation should be developed, and what
the contents of the documents should be;
c) acquirers responsible for determining what information items are needed to help ensure the
quality of the project, or delivered system, product or service;
d) individuals who write or support the design and development of service, systems and software
information items;
e) individuals responsible for identifying information items required to claim conformance with
ISO/IEC/IEEE 12207:2017 or
...