ISO/IEC TR 29110-3-4:2015

TECHNICAL ISO/IEC TR
REPORT 29110-3-4
First edition
2015-10-15
Systems and software engineering —
Lifecycle profiles for Very Small
Entities (VSEs) —
Part 3-4:
Autonomy-based improvement method
Ingénierie des systèmes et du logiciel — Profils de cycle de vie pour
très petits organismes (TPO) —
Partie 3-4: Guide pour la méthode d’amélioration fondée sur
l’autonomie
Reference number
ISO/IEC TR 29110-3-4:2015(E)
©
ISO/IEC 2015

---------------------- Page: 1 ----------------------
ISO/IEC TR 29110-3-4:2015(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2015, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO/IEC 2015 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC TR 29110-3-4:2015(E)

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
1.1 Fields of application . 1
1.2 Target audience . 1
2 Normative references . 1
3 Terms and definitions . 2
4 Conventions and abbreviated terms . 2
4.1 Naming, diagramming, and definition conventions . 2
4.2 Abbreviated terms . 2
5 Process improvement context for VSEs. 2
5.1 Considerations of related standards for VSEs . 2
5.2 Rationale of the process improvement for VSEs . 2
6 Process improvement approach for VSEs . 3
7 Characteristics for autonomy-based approach . 4
7.1 General . 4
7.2 Autonomy . 4
7.3 Conciseness and easiness to understand . 4
7.4 Low cost, quick cycle and controllable . 4
7.5 Confidence of effectiveness and necessity . 4
7.6 Communication with stakeholders and communities . 4
8 Framework of process improvement . 5
8.1 Initiation of improvement . 5
8.2 Activities of improvement . 5
8.2.1 Activity 1: Awareness of process problems . 5
8.2.2 Activity 2: Analysis of problems and their relationships . 5
8.2.3 Activity 3: Analysis of the root cause of problems . 5
8.2.4 Activity 4: Identification of a process or processes relating to the root cause . 5
8.2.5 Activity 5: Clarification of the fundamental purpose, outcomes, and
practices of the process . . 5
8.2.6 Activity 6: Study on best practices on the process . 6
8.2.7 Activity 7: Develop improvements to eliminate or mitigate problems . 6
8.2.8 Activity 8: Evaluate the improvement plan for feasibility and impact . 6
8.3 Continuous improvement cycle . 6
8.4 Improved communication and agreement. 6
8.5 Competency for improvement . 7
8.6 Enhancement tools for improvement. 7
8.7 Preparation or selection of a VSE profile . 7
9 Improvement means growth and innovation . 7
3
Annex A (informative) Example: SPINA CH method for the basic profile . 8
3
Annex B (informative) Adapting various profiles with the SPINA CH method .20
Bibliography .22
© ISO/IEC 2015 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/IEC TR 29110-3-4:2015(E)

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for
the different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity
assessment, as well as information about ISO’s adherence to the WTO principles in the Technical
Barriers to Trade (TBT) see the following URL: Foreword - Supplementary information
The committee responsible for this document is ISO/IEC JTC 1, Information technology, Subcommittee
SC 7, Software and systems engineering.
The full list of parts of ISO/IEC 29110 is available here.
iv © ISO/IEC 2015 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/IEC TR 29110-3-4:2015(E)

Introduction
Very Small Entities (VSEs) around the world are creating valuable products and services. For the
purpose of this part of ISO/IEC 29110, a Very Small Entity (VSE) is an enterprise, an organization, a
department or a project having up to 25 people. Since many VSEs develop and/or maintain system
and software components used in systems, either as independent products or incorporated in larger
systems, recognition of VSEs as suppliers of high quality products is required.
According to the Organization for Economic Co-operation and Development (OECD) SME and
Entrepreneurship Outlook report (2005), “Small and Medium Enterprises (SMEs) constitute the
dominant form of business organization in all countries world-wide, accounting for over 95 % and
up to 99 % of the business population depending on country”. The challenge facing governments
and economies is to provide a business environment that supports the competitiveness of this large
heterogeneous business population and that promotes a vibrant entrepreneurial culture.
From studies and surveys conducted, it is clear that the majority of International Standards do not
address the needs of VSEs. Implementation of and conformance with these standards is difficult, if not
impossible. Consequently VSEs, have no, or very limited, ways to be recognized as entities that produce
quality systems/system elements including software in their domain. Therefore, VSEs are excluded
from some economic activities.
It has been found that VSEs find it difficult to relate International Standards to their business needs
and to justify the effort required to apply standards to their business practices. Most VSEs can neither
afford the resources, in terms of number of employees, expertise, budget and time, nor do they see a
net benefit in establishing over-complex systems or software lifecycle processes. To address some of
these difficulties, a set of guides has been developed based on a set of VSE characteristics. The guides
are based on subsets of appropriate standards processes, activities, tasks, and outcomes, referred to as
Profiles. The purpose of a profile is to define a subset of International Standards relevant to the VSEs’
context; for example, processes, activities, tasks, and outcomes of ISO/IEC/IEEE 12207 for software;
and processes, activities, tasks, and outcomes of ISO/IEC/IEEE 15288 for systems; and information
products (documentation) of ISO/IEC/IEEE 15289 for software and systems.
VSEs can achieve recognition through implementing a profile and by being audited against
ISO/IEC 29110 specifications.
The ISO/IEC 29110 series of International Standard and Technical Reports can be applied at any phase
of system or software development within a lifecycle. ISO/IEC 29110 (all parts) is intended to be used
by VSEs that do not have experience or expertise in adapting/tailoring ISO/IEC/IEEE 12207 or ISO/IEC/
IEEE 15288 standards to the needs of a specific project. VSEs that have expertise in adapting/tailoring
ISO/IEC/IEEE 12207 or ISO/IEC/IEEE 15288 are encouraged to use those standards instead of
ISO/IEC 29110.
ISO/IEC 29110 is intended to be used with any lifecycle such as: waterfall, iterative, incremental,
evolutionary or agile.
The ISO/IEC 29110 series, targeted by audience, has been developed to improve system or software
and/or service quality, and process performance (see Table 1).
© ISO/IEC 2015 – All rights reserved v

---------------------- Page: 5 ----------------------
ISO/IEC TR 29110-3-4:2015(E)

Table 1 — ISO/IEC 29110 target audience
ISO/IEC 29110 Title Target audience
Part 1 Overview VSEs and their customers, assessors,
standards producers, tool vendors and
methodology vendors.
Part 2 Framework Profile producers, tool vendors and
methodology vendors.
Not intended for VSEs.
Part 3 Assessment guidance VSEs and their customers, assessors,
accreditation bodies.
Part 4 Profile specifications VSEs, customers, standards producers, tool
vendors and methodology vendors.
Part 5 Management and engineering VSEs and their customers.
guide
If a new profile is needed, ISO/IEC 29110-4 and ISO/IEC TR 29110-5 can be developed with minimal
impact to existing documents.
ISO/IEC TR 29110-1 defines the terms common to the ISO/IEC 29110 series. It introduces processes,
lifecycle and standardization concepts, the taxonomy (catalogue) of ISO/IEC 29110 profiles and
the ISO/IEC 29110 series. It also introduces the characteristics and needs of a VSE, and clarifies the
rationale for specific profiles and International Standards.
ISO/IEC 29110-2 introduces the concepts for systems and software engineering profiles for VSEs. It
establishes the logic behind the definition and application of profiles. For standardized profiles, it
specifies the elements common to all profiles (structure, requirements, conformance, and assessment).
For domain-specific profiles (profiles that are not standardized and developed outside of the ISO
process), it provides general guidance adapted from the definition of standardized profiles.
ISO/IEC 29110-3 defines certification schemes, assessment guidelines and compliance requirements
for process capability assessment (ISO/IEC 33xxx), conformity assessments (ISO/IEC 17xxx), and self-
assessments for process improvements. ISO/IEC 29110-3 also contains information that can be useful
to developers of certification and assessment methods and developers of certification and assessment
tools. ISO/IEC 29110-3 is addressed to people who have direct involvement with the assessment
process, e.g. the auditor, certification and accreditation bodies and the sponsor of the audit, who need
guidance on ensuring that the requirements for performing an audit have been met.
ISO/IEC 29110-4-m provides the specification for all profiles in one profile group that are based on
subsets of appropriate standards elements.
ISO/IEC TR 29110-5-m-n provides a management and engineering guide for each profile in one
profile group.
ISO/IEC TR 29110-6-x provides management and engineering guides not tied to a specific profile.
This part provides a guide for an autonomy-based improvement method for VSEs developing systems
and/or software.
Figure 1 describes the International Standards (IS) and Technical Reports (TR) of ISO/IEC 29110 and
positions the parts within the framework of reference. Overview, assessment guide, management and
engineering guide are available from ISO as freely available Technical Reports (TR). The Framework
document, profile specifications and certification schemes are published as International Standards (IS).
vi © ISO/IEC 2015 – All rights reserved

---------------------- Page: 6 ----------------------
ISO/IEC TR 29110-3-4:2015(E)

Figure 1 — ISO/IEC 29110 series
© ISO/IEC 2015 – All rights reserved vii

---------------------- Page: 7 ----------------------
TECHNICAL REPORT ISO/IEC TR 29110-3-4:2015(E)
Systems and software engineering — Lifecycle profiles for
Very Small Entities (VSEs) —
Part 3-4:
Autonomy-based improvement method
1 Scope
1.1 Fields of application
ISO/IEC 29110 series is applicable to Very Small Entities (VSEs). A VSE is an enterprise, an organization,
a department or a project having up to 25 people. The lifecycle processes described in ISO/IEC 29110
are not intended to preclude or discourage their use by organizations bigger than VSEs.
The lifecycle processes defined in ISO/IEC 29110 can be used by VSEs when acquiring, using, creating,
and supplying, a system or a software. They can be applied at any level in a system/software’s structure
and at any stage in the lifecycle. The processes described in ISO/IEC 29110 are not intended to preclude
or discourage the use of additional processes that VSEs find useful.
The autonomy-based improvement method, described in this part of ISO/IEC 29110, provides a tool to
improve the “way of work” (i.e. a process) regarding systems and software development practically.
This process includes defining a technological theme (objectives), the outcome regarding the theme,
and implementing activities to steadily gain the outcome.
This method can be used in various situations such as
— improvement tool for development teams,
— self-training or self-check tool for engineers, and
— improvement tool for the VSE.
This method expects practitioner’s self-help efforts and initiatives (both physically and mentally) to
make the most of the predecessors’ knowledge, experience or assets, which are required. Therefore,
this method encourages the utilization of the knowhow/knowledge through its available tools. Through
this method, the practitioner is encouraged to generate ideas for improvement but also to apply them to
their work using an ISO/IEC 29110 profile.
This part of ISO/IEC 29110 provides a guide for an autonomy-based improvement method for VSEs
developing systems or software products.
1.2 Target audience
This part of ISO/IEC 29110 is targeted at VSEs that want to improve their activities by using an
autonomy-based improvement method. And also this encourages tool/methodology vendors to provide
practical tools for VSE.
2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and are
indispensable for its application. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any amendments) applies.
© ISO/IEC 2015 – All rights reserved 1

---------------------- Page: 8 ----------------------
ISO/IEC TR 29110-3-4:2015(E)

ISO/IEC 29110-2, Software engineering — Lifecycle profiles for Very Small Entities (VSEs) — Part 2:
Framework and taxonomy
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 29110-2 and the
following apply.
3.1
process improvement
actions taken to improve the quality of the organization‘s processes aligned with the business needs
[SOURCE: ISO/IEC 33001:2014]
3.2
autonomy-based improvement
self-motivated and self-determined professional process improvement with an understanding of the
work (process) objectives, latest technology, and outcomes from product use
4 Conventions and abbreviated terms
4.1 Naming, diagramming, and definition conventions
None.
4.2 Abbreviated terms
SPI system/software process improvement
VSE very small entity
5 Process improvement context for VSEs
5.1 Considerations of related standards for VSEs
The VSE Profile is defined as a subset of processes and outcomes from ISO/IEC/IEEE 12207 or ISO/IEC/
IEEE 15288 and information items (documentation) from ISO/IEC/IEEE 15289. The processes, defined
in ISO/IEC 29110-4-m, are the minimum set for the VSE core business, systems/software development.
Their financial success depends on successful project completion within schedule and budget.
5.2 Rationale of the process improvement for VSEs
To implement a profile using a contract, statement of work, or agreement, the work must be defined
based on the customer requirements, supplemented by the VSE business practices/conventions, and
accepted by the customer.
A VSE system/software development project follows the VSE Management and Engineering Guide
to fulfil the statement of work or agreement and generate the products. The VSE can perform other
activities in support of a specific project.
In order to implement a profile, a VSE can follow ISO/IEC TR 29110-5-m-n, which is a collection of
selected and structured process elements such as: objectives, activities, tasks, roles and work products.
For concept definition, see ISO/IEC 29110-4-m.
To assess process capability of a VSE, ISO/IEC TR 29110-3-1 Capability Assessment guide with
Measurement Framework (MF) and Process Assessment Model (PAM), and ISO/IEC 29110-4-m Profile
2 © ISO/IEC 2015 – All rights reserved

---------------------- Page: 9 ----------------------
ISO/IEC TR 29110-3-4:2015(E)

specifications: Generic profile group with Process Reference Model (PRM), provide the assessment
scheme for the specific profile.
For self-improvement, this document should be used to look for opportunities and problems, through
awareness analysis, to improve the project in an autonomous manner.
The assessment and autonomy-based improvement are complementary and support each other.
Figure 2 illustrates the relationship between assessment and improvement in a project.
Business Practices / Customer
Conventions Requirements
ISO/IEC 29110-4-m
supplemented by based on
VSE Profile
Specification
Contract/Agreement
Process Reference ISO/IEC 29110-3-2
with Statement of Work
Model (PRM) Conformity
certification scheme
implements
depends on
ISO/IEC 29110-3-3
ISO/IEC TR 29110-
follows
certification req. for
A VSE system/software
5-m-nManagement
certificates
conformity assess.
development project
and Engineering
Guide
generates supports
Measurement
Framework (MF) and
Process Assessment
Products VSE activities
Model (PAM)
improves
enhances
specifies
ISO/IEC TR 29110-3-4
ISO/IEC TR 29110-3-1
Autonomy-based
Capability Assessment
assesses
Improvement Method
be aware of
guide
Figure 2 — Assessment and improvement for a project
NOTE The interpretation of the diagram notation is as follows: the rectangle represents the VSE elements;
the ellipse represents the standard, the round rectangle represents a subset of elements of the base standard;
dashed ellipses represent standards in work to be published; solid arrows are labelled relationship; and a circle
with a dashed arrow is the sequence of the step.
6 Process improvement approach for VSEs
When a VSE’s management or engineers want to improve their processes, they may need an
improvement approach that is easy for the VSE to apply. General guidance for process improvement is
given in ISO/IEC/TR 33014, which is focused on the organizational approach for improvement.
Excessive emphasis on organizational efforts sometimes reduces the practitioners’ awareness and
motivation for real improvement. This guide provides an autonomy-based process improvement
approach that places more emphasis on awareness and motivation factors for people working in VSEs
to improve their processes.
In addition, a self-check improvement cycle is an effective way for VSEs to recognize their improvement
when using this approach.
© ISO/IEC 2015 – All rights reserved 3

---------------------- Page: 10 ----------------------
ISO/IEC TR 29110-3-4:2015(E)

7 Characteristics for autonomy-based approach
7.1 General
Process improvement should be based on the needs and priorities of the VSE. The competence and the
will of the people impact the process improvement efforts of a VSE.
7.2 Autonomy
On-site day-to-day activities performed by a work team are subject of process improvement, with
autonomy. Process improvement awareness and motivation are essential for success and should be
based on the will of the people.
It is important to share the value of a good job with good performance for autonomy.
7.3 Conciseness and easiness to understand
A VSE may not have enough resources to perform sophisticated process improvement activities. The
methods (total framework, organization, activities, and documents) and guidelines for VSE process
improvement should be clear and concise.
The VSE staff may not have enough experience and knowledge of software engineering processes, process
models, methods and guidelines for process improvement, therefore they should be easy to understand.
7.4 Low cost, quick cycle and controllable
Performing process improvement activities within a VSE should be low cost and cost effective. VSEs
normally have small margins of technical resources and finances. Cost effectiveness can be demonstrated
by successful, quick, agile improvement cycles and flexible control of the improvement activities.
7.5 Confidence of effectiveness and necessity
Confidence in technical effectiveness and the necessity for improvement are key factors of autonomy-
based improvement. The methods and guidelines for process improvement for a VSE should offer
effective improvement activities.
Improvement should be based on the facts and reality of actual VSE projects. A rigid requirement on
processes, different than the VSE’s actual processes, may cause less motivation and productivity. The
lack of a standardized process may lead to difficulties, such as non-performing software, interrupted
software service, lack of sound labour environment, lack of maintainability, user complaints, etc.
— Collaborative efforts by the work team will positively contribute to effective confidence and overall
process improvement.
— Results of improvement activities should provide a positive effect on daily work, and should re-
enforce worker confidence.
— The awareness of continuous process improvement is an important and inevitable part of
system/software lifecycle processes that should be established throughout the improvement cycle.
7.6 Communication with stakeholders and communities
Process improvement should not be just for the VSE’s self-satisfaction. It should be understood and
accepted by all stakeholders that process improvement is important to develop better products, strong
relationships, and provide benefits to everyone. Collaboration is desirable between stakeholders when
performing process improvement.
4 © ISO/IEC 2015 – All rights reserved

---------------------- Page: 11 ----------------------
ISO/IEC TR 29110-3-4:2015(E)

Process improvement should reflect the experiences and technologies currently used in the system
or software project. A team leader, an improvement facilitator, and/or technical experts may support
technology transfers from outside of the VSE.
8 Framework of process improvement
8.1 Initiation of improvement
Process improvement should be initiated based on the awareness of process problems. Problems
may be identified by work team members, project managers, customers, or quality aware personnel.
Without a complete understanding of the problem, introducing a new system/software lifecycle
processes may influence various process problems. Also system/software product problems may be
related to process problems.
It is desirable to provide process improvement initiatives to the work team members. All process
improvement team activities should have management support.
Autonomy-based process improvement activities performed by a self-improvement team should include
the items shown in 8.2.
8.2 Activities of improvement
8.2.1 Activity 1: Awareness of process problems
Team identified problematic issue found in the system/software lifecycle workflow. This may be
presented as a diagram. See Figure A.2 for an example.
8.2.2 Activity 2: Analysis of problems and their relationships
The team analyses of all issues and determination of the relationships between them. If necessary, new
implicit issues are identified. As a result these relationships, the team can understand the overall situation.
8.2.3 Activity 3: Analysis of the root cause of problems
The purpose of this improvement app
...