I have just returned from an international standards conference in Hyderabad, India that was hosted by NASSCOM. The conference was extremely well organized and we had the pleasure of many new and enthusiastic Indian delegates. NASCOM has more than 1200 members, that include both Indian and multinational companies that have a presence in India. It’s members are in a range of IT enabled businesses. NASSCOM’s membership base constitutes over 95% of the industry revenues in India and employs over 2.24 million professionals – a staggering figure.
The ISO conference was the 2009 plenary session for ISO JTC1 SC7, the committee responsible for developing ISO standards in the area of Software and Systems Engineering and IT Service management. IT service management was added to the portfolio when BS 15000 was fast tracked to become ISO/IEC 20000-1 in 2005. Working Group 25 (WG25) is responsible for the development of IT Service management standards and guidance - see Jenny Dugmore’s blog for more on this.
SC7 Working Group 10 (WG10) is responsible for the development of standards and guidelines covering methods, practices and application of process assessment in procurement, development, delivery, operation, evolution and support. It is responsible for the ISO/IEC 15504: Information technology – Process Assessment standards that are frequently referred to as SPICE. As the UK principle expert on WG10, I am helping to introduce IT Service management into this set of standards.
Two key initial developments are:
- Process Reference Model (PRM) for IT Service Management that will support harmonisation with other SC7 standards
- Process Assessment Model (PAM) for IT Service Management that builds on the success of the ISO/IEC 15504 process assessment standards (ISO/IEC 15504-8)
In Juan Jimenez’s blog last week, Juan encourages organizations to develop their own maturity assessment methodology. In my experience, organizations want such a methodology to be based on an effective framework that will ensure effective conformity assessment and certification of assessment results. Last week we made significant advances in this direction. Initially we had struggled to develop the Process Reference Model because of the differences in approach between a management system standard such as ISO/IEC 20000 and the SC7 Systems and software engineering standards, that include ISO/IEC 12207 Software life cycle processes and ISO/IEC 15288 - System life cycle processes. We made great progress last week and identified an approach that works. Once the process reference model is stable, we can continue development of the process assessment model that builds on the success of the 15504 series. This will mean an organisation can use either the management system or the multi-level assessment, or even better they can use one to support the other, without any need to force a fit between the two different approaches.
During the struggle to identify an approach for the PRM we identified key issues and improvements that have been fed into the continual improvement of SC7 standards work. These initiatives include enhancements to the process description guide (24774), adding IT Service Management into the work of the Lifecycle Process Harmonization Group and improvements to the 15504 series of standards.
Last week SC7 made the decision to replace 15504 with the 31001 series of standards. This follows on from a year long Study with wide industry consultation. The Study report sets out the strategy and requirements for the revision of ISO/IEC 15504. It identifies issues that require attention during the revision, and provides guidance on aspects of the revision, and on how the requirements can be met. It will build on the existing Measurement Framework for evaluating process capability that has been shown, through intensive empirical study, to be consistent and repeatable.
The new framework envisages potentially several different conformant products that could be submitted for endorsement as Publicly Available Specifications (PAS) – Documented Assessment Processes, Measurement Frameworks, Process Reference Models Process Assessment Models and Organizational Maturity Models. Work on the new 31001 series has commenced with the raising of new work item proposals for balloting. The overall standards development will take several years to complete.
However, you do not have to wait until then – you can use the 15504 framework today with ISO/IEC 20000. Then you will be able to use the Process Reference Model and Process Assessment Model for IT Service Management.
Any feedback and comments are always welcome!
3rd June 2009
Is there a process design ISO standard?
Director, IT and
IT Service Management Programs
University of Dallas