ISO/IEC TR 29110-5-2-1:2016

TECHNICAL ISO/IEC TR
REPORT 29110-5-2-1
First edition
Systems and software engineering —
Lifecycle profiles for Very Small
Entities (VSEs) —
Part 5-2-1:
Organizational management
guidelines
Ingénierie des systèmes et du logiciel — Profils de cycle de vie pour
très petits organismes (TPO) —
Partie 5-2-1: Guide de gestion organisationnelle
PROOF/ÉPREUVE
Reference number
ISO/IEC TR 29110-5-2-1:2016(E)
©
ISO/IEC 2016

---------------------- Page: 1 ----------------------
ISO/IEC TR 29110-5-2-1:2016(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2016, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO/IEC 2016 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC TR 29110-5-2-1:2016(E)

Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
1.1 Fields of application . 1
1.2 Target audience . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Conventions and abbreviated terms . 1
4.1 Naming, diagramming and definition conventions . 1
4.2 Abbreviated terms . 3
5 Overview . 3
6 Organizational Management (OM) process . 5
6.1 OM purpose . 5
6.2 OM objectives . 5
6.3 OM input products . 5
6.4 OM output products . 5
6.5 OM internal products . 6
6.6 OM roles involved . 6
6.7 OM process description . 6
6.7.1 OM diagram . 6
6.7.2 OM activities . 7
6.8 OM incorporation to the Organizational Repository .10
7 Resource Management (RM) process.10
7.1 RM purpose .10
7.2 RM objectives .11
7.3 RM input products .11
7.4 RM output products .11
7.5 RM internal products .11
7.6 RM roles involved .12
7.7 RM diagram .12
7.8 RM activities .12
7.8.1 RM.1 Resource planning and preparation (RM.01) .13
7.8.2 RM.2 Obtain and provide resources (RM.02) .14
7.8.3 RM.3 Periodic evaluations, monitoring and control of resources (RM.03) .15
7.9 RM incorporation to the Organizational Repository .16
8 Process Management (PSM) process .17
8.1 PSM purpose .17
8.2 PSM objectives .17
8.3 PSM input products .17
8.4 PSM output products .17
8.5 PSM internal products .18
8.6 PSM roles involved .18
8.7 PSM diagram .18
8.8 PSM activities .19
8.8.1 PSM.1 Process management planning and monitoring (PSM.01, PSM.05) .19
8.8.2 PSM.2 Process definition, deployment and improvement (PSM.01,
PSM.02, PSM.04, PSM.05) .21
8.8.3 PSM.3 Process evaluation (PSM.01, PSM.03, PSM.05) .22
8.8.4 PSM.4 Results gathering, analysis and reporting (PSM.03, PSM.04, PSM.05) .23
8.9 PSM incorporation to the Organizational Repository .24
9 Project Portfolio Management (PPM) process .24
© ISO/IEC 2016 – All rights reserved PROOF/ÉPREUVE iii

---------------------- Page: 3 ----------------------
ISO/IEC TR 29110-5-2-1:2016(E)

9.1 PPM purpose .24
9.2 PPM objectives .25
9.3 PPM input products .25
9.4 PPM output products .25
9.5 PPM internal products .25
9.6 PPM roles involved .26
9.7 PPM diagram .26
9.8 PPM activities .27
9.8.1 PPM.1 Preparation and scheduling (PPM.01) .27
9.8.2 PPM.2 Generate and activate projects (PPM.01, PPM.02) .28
9.8.3 PPM.3 Evaluation and control of projects and customer accounts (PPM.01,
PPM.03) .28
9.8.4 PPM.4 Project organization’s closure (PPM.01, PPM.03) .29
9.9 PPM incorporation to the Organizational Repository .30
10 Roles .30
11 Product description.31
12 Software tools requirements .40
12.1 Resource Management process .40
12.2 Process Management process .41
12.3 Project Portfolio Management process .41
12.4 Organizational Management process .41
Annex A (informative) Interactions between the Basic Profile and the Organizational Profile .42
Annex B (informative) Mapping between the objectives of this part of ISO/IEC 29110 and
base standards .49
Bibliography .55
iv PROOF/ÉPREUVE © ISO/IEC 2016 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/IEC TR 29110-5-2-1:2016(E)

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for
the different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment,
as well as information about ISO’s adherence to the World Trade Organization (WTO) principles in the
Technical Barriers to Trade (TBT) see the following URL: www.iso.org/iso/foreword.html.
The committee responsible for this document is ISO/IEC JTC 1, Information technology, Subcommittee
SC 7, Software and systems engineering.
The full list of parts of ISO/IEC 29110 is available here.
© ISO/IEC 2016 – All rights reserved PROOF/ÉPREUVE v

---------------------- Page: 5 ----------------------
ISO/IEC TR 29110-5-2-1:2016(E)

Introduction
Very Small Entities (VSEs) around the world are creating valuable products and services. For the
purpose of ISO/IEC 29110, a Very Small Entity (VSE) is an enterprise, an organization, a department
or a project having up to 25 people. Since many VSEs develop and/or maintain system and software
components used in systems, either as independent products or incorporated in larger systems, a
recognition of VSEs as suppliers of high quality products is required.
According to the Organization for Economic Co-operation and Development (OECD) SME and
Entrepreneurship Outlook report (2005), “Small and Medium Enterprises (SMEs) constitute the
dominant form of business organization in all countries worldwide, accounting for over 95 % and
up to 99 % of the business population depending on country”. The challenge facing governments
and economies is to provide a business environment that supports the competitiveness of this large
heterogeneous business population and that promotes a vibrant entrepreneurial culture.
From studies and surveys conducted, it is clear that the majority of International Standards do not
address the needs of VSEs. Implementation of and conformance with these International Standards
is difficult, if not impossible. Consequently, VSEs have no, or very limited, ways to be recognized as
entities that produce quality systems/system elements including software in their domain. Therefore,
VSEs are excluded from some economic activities.
It has been found that VSEs find it difficult to relate International Standards to their business needs and
to justify the effort required to apply International Standards to their business practices. Most VSEs can
neither afford the resources, in terms of number of employees, expertise, budget and time, nor do they
see a net benefit in establishing over-complex systems or software lifecycle processes. To address some
of these difficulties, a set of guides has been developed based on a set of VSE characteristics. The guides
are based on subsets of appropriate standards processes, activities, tasks and outcomes, referred to as
“profiles”. The purpose of a profile is to define a subset of International Standards relevant to the VSEs’
context; for example, processes, activities, tasks and outcomes of ISO/IEC/IEEE 12207 for software; and
processes, activities, tasks and outcomes of ISO/IEC/IEEE 15288 for systems; and information products
(documentation) of ISO/IEC/IEEE 15289 for software and systems.
VSEs can achieve recognition through implementing a profile and by being audited against
ISO/IEC 29110 specifications.
The ISO/IEC 29110 series can be applied at any phase of system or software development within
a life cycle. The ISO/IEC 29110 series is intended to be used by VSEs that do not have experience or
expertise in adapting/tailoring ISO/IEC/IEEE 12207 or ISO/IEC/IEEE 15288 to the needs of a specific
project. VSEs that have expertise in adapting/tailoring ISO/IEC/IEEE 12207 or ISO/IEC/IEEE 15288 are
encouraged to use those International Standards instead of ISO/IEC 29110.
ISO/IEC 29110 is intended to be used with any lifecycle such as waterfall, iterative, incremental,
evolutionary or agile.
The ISO/IEC 29110 series, targeted by audience, has been developed to improve system or software
and/or service quality and process performance (see Table 1).
vi PROOF/ÉPREUVE © ISO/IEC 2016 – All rights reserved

---------------------- Page: 6 ----------------------
ISO/IEC TR 29110-5-2-1:2016(E)

Table 1 — ISO/IEC 29110 target audience
ISO/IEC 29110 Title Target audience
Part 1 Overview VSEs and their customers, assessors,
standards producers, tool vendors and
methodology vendors
Part 2 Framework for profile Profile producers, tool vendors and
preparation methodology vendors
Not intended for VSEs
Part 3 Certification and assessment VSEs and their customers, assessors,
guidance accreditation bodies
Part 4 Profile specifications VSEs, customers, standards producers,
tool vendors and methodology vendors
Part 5 Management, engineering and VSEs and their customers
service delivery guides
Part 6 Management and engineering VSEs and their customers
guides not tied to a specific
profile
If a new profile is needed, ISO/IEC 29110-4 and ISO/IEC TR 29110-5 can be developed with minimal
impact to existing documents.
ISO/IEC 29110-1 defines the terms common to the ISO/IEC 29110 series. It introduces processes,
lifecycle and standardization concepts, the taxonomy (catalogue) of ISO/IEC 29110 profiles and the
ISO/IEC 29110 series. It also introduces the characteristics and needs of a VSE and clarifies the rationale
for specific profiles, documents, standards and guides.
ISO/IEC 29110-2-1 introduces the concepts for systems and software engineering profiles for VSEs.
It establishes the logic behind the definition and application of profiles. For standardized profiles, it
specifies the elements common to all profiles (structure, requirements, conformance, assessment). For
domain-specific profiles (profiles that are not standardized and developed outside of the ISO process),
it provides general guidance adapted from the definition of standardized profiles.
ISO/IEC 29110-3 defines certification schemes, assessment guidelines and compliance requirements
for process capability assessment (ISO/IEC 33020), conformity assessments (ISO/IEC 17021-1) and self-
assessments for process improvements. ISO/IEC 29110-3 also contains information that can be useful
to developers of certification and assessment methods and developers of certification and assessment
tools. ISO/IEC 29110-3 is addressed to people who have direct involvement with the assessment
process, e.g. the auditor, certification and accreditation bodies and the sponsor of the audit, who need
guidance on ensuring that the requirements for performing an audit have been met.
ISO/IEC 29110-4-m provides the specification for all profiles in one profile group that are based on
subsets of appropriate standards elements.
ISO/IEC TR 29110-5-m-n provides management, engineering and service delivery guides for the profiles
in a profile group.
The future ISO/IEC TR 29110-6-x provides management and engineering guides not tied to a specific
profile.
This part of ISO/IEC 29110 provides organizational management processes to VSEs which have already
implemented the processes of the system engineering and/or the software engineering Basic profile.
Figure 1 describes the ISO/IEC 29110 International Standards (IS) and Technical Reports (TR) and
positions the parts within the framework of reference. Overview, assessment guide, management and
engineering guide are available from ISO as freely available Technical Reports (TR). The Framework
document, profile specifications and certification schemes are published as International Standards (IS).
© ISO/IEC 2016 – All rights reserved PROOF/ÉPREUVE vii

---------------------- Page: 7 ----------------------
ISO/IEC TR 29110-5-2-1:2016(E)

Figure 1 — ISO/IEC 29110 series
viii PROOF/ÉPREUVE © ISO/IEC 2016 – All rights reserved

---------------------- Page: 8 ----------------------
TECHNICAL REPORT ISO/IEC TR 29110-5-2-1:2016(E)
Systems and software engineering — Lifecycle profiles for
Very Small Entities (VSEs) —
Part 5-2-1:
Organizational management guidelines
1 Scope
1.1 Fields of application
This part of ISO/IEC 29110 is applicable to Very Small Entities (VSEs). VSEs are enterprises, organizations,
departments or projects having up to 25 people. The lifecycle processes described in the ISO/IEC 29110
series are not intended to preclude or discourage their use by organizations bigger than VSEs.
This part of ISO/IEC 29110 is the Organizational management guidance for profiles described in
ISO/IEC 29110-4-1 through Organizational Management, Project Portfolio Management, Resource
Management and Process Management Processes. It is not intended for a VSE to use the standardized
profile to implement this part of ISO/IEC 29110.
Using this part of ISO/IEC 29110, a VSE can obtain benefits in the following aspects:
— multiple project execution and supervision of its performance, making sure all processes are
executed according to the organizational strategy;
— continuous monitoring of the customer satisfaction;
— deployment and improvement of the organizational standard processes in all projects;
— controlled provision of required resources.
1.2 Target audience
This part of ISO/IEC 29110 is targeted at VSEs which already use at least ISO/IEC TR 29110-5-6-2
and/or ISO/IEC TR 29110-5-1-2 for their software projects.
This part of ISO/IEC 29110 is intended to be used with any processes, techniques and methods that
enhance the VSEs’ customer satisfaction, quality and productivity.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 29110-2-1 apply.
4 Conventions and abbreviated terms
4.1 Naming, diagramming and definition conventions
The following process structure description and notation are used to describe the processes.
© ISO/IEC 2016 – All rights reserved PROOF/ÉPREUVE 1

---------------------- Page: 9 ----------------------
ISO/IEC TR 29110-5-2-1:2016(E)

Name — process identifier, followed by its abbreviation in parentheses “()”.
Purpose — general goals and results expected of the effective implementation of the process. The
implementation of the process should provide tangible benefits to the stakeholders. The purpose is
identified by the abbreviation of the process name.
Objectives — specific goals to ensure the accomplishment of the process purpose. The objectives are
identified by the abbreviation of the process name, followed by a consecutive number, for example
RM.01, PSM.02, etc. Each objective is followed by the square box which includes a list of the chosen
processes for the Basic profile from ISO/IEC/IEEE 15288 or ISO/IEC/IEEE 12207 and its outcomes
related to the objective.
Input Products — products required to perform the process and its corresponding source, which can
be another process or an external entity to the process, such as the Customer. Input products identified
by the abbreviation of the process name and showed as two-column table of product names and sources.
Output Products — products generated by the process and its corresponding destination, which can be
another process or an external entity to the project, such as Customer or Organizational Management.
Output products identified by the abbreviation of the process name and showed as two-column table of
product names and destinations.
Internal Products — products generated and consumed by the process. Internal products identified
by the abbreviation of the process name and showed as one-column table of the product names.
All products’ names are printed in cursive and initiate with capital letters. Some products have one
or more statuses attached to the product name surrounded by square brackets “[ ]” and separated by
“,”. The product status may change during the process execution. See Clause 9 for the alphabetical list
of the products, its descriptions, possible statuses and the source of the product. The source can be
another process or an external entity to the project, such as the Customer.
Roles involved — names and abbreviation of the functions to be performed by project team members.
Several roles may be played by a single person and one role may be assumed by several persons.
Roles are assigned to project participants based on the characteristics of the project. The role list is
identified by the abbreviation of the process name and showed as two-column table. See Clause 11 for
the alphabetical list of the roles, its abbreviations and required competencies description.
Diagram — graphical representation of the processes. The large round-edged rectangles indicate
process or activities and the smaller square-edged rectangles indicate the products. The directional or
bidirectional thick arrows indicate the major flow of information between processes or activities. The
thin directional or bidirectional arrows indicate the input or output products. The notation used in the
diagrams does not imply the use of any specific process lifecycle.
Activity — a set of cohesive tasks. Task is a requirement, recommendation, or pe
...