ISO/IEC 21827

More documents

Recommendations

Info

ISO/IEC 21827:2002(E) Where process area PA13 Manage Configurations focuses on the general practices of configuration management, this generic practice is focussed on the deployment of these practices in relation to the work products of the individual process area under investigation. A.3.4 Common Feature 2.3 - Verifying Performance A.3.4.1 Common Feature Generic Practices A.3.4.1.1 Summary Description The Generic Practices of this Common Feature focus on confirming that the process has been performed as intended. Thus verification that the process was performed in compliance with the applicable standards and procedures, and the auditing of the work products are addressed. These Generic Practices form an important foundation for the ability to track the performance of the process. A.3.4.1.2 Generic Practices List This common feature comprises the following generic practices: • GP 2.3.1 - Verify Process Compliance; • GP 2.3.2 - Audit Work Products. A.3.4.2 GP 2.3.1 - Verify Process Compliance A.3.4.2.1 Description Verify compliance of the process with applicable standards and/or procedures. A.3.4.2.2 Notes None. A.3.4.2.3 Relationships Relationship to other generic practices: The applicable standards and procedures were documented in 2.1.3 and used in 2.2.1. The quality management and/or assurance process is described in PA12 Ensure Quality. A.3.4.3 GP 2.3.2 - Audit Work Products A.3.4.3.1 Description Verify compliance of work products with the applicable standards and/or requirements. A.3.4.3.2 Notes None. A.3.4.3.3 Relationships Relationship to other generic practices: The applicable standards and procedures were documented in 2.1.3 and used in 2.2.1. Product requirements are developed and managed in process area PA10 Specify Security Needs. Verification and validation is further addressed in PA11 Verify and Validate Security. 62 © ISO/IEC 2002 – All rights reserved
ISO/IEC 21827:2002(E) A.3.5 Common Feature 2.4 - Tracking Performance A.3.5.1 Common Feature Generic Practices A.3.5.1.1 Summary Description The Generic Practices of this Common Feature focus on the ability to control the progress of project performance. Thus tracking the performance of the process against a measurable plan, and taking corrective action when the performance of the process deviates significantly from that plan are addressed. These Generic Practices form an essential foundation to having the ability to achieve well-defined processes. A.3.5.1.2 Generic Practices List This common feature comprises the following generic practices: • GP 2.4.1 - Track with Measurement; • GP 2.4.2 - Take Corrective Action. A.3.5.2 GP 2.4.1 - Track with Measurement A.3.5.2.1 Description Track the status of the process area against the plan using measurement. A.3.5.2.2 Notes Building a history of measures is a foundation for managing by data, and is begun here. A.3.5.2.3 Relationships Relationship to other generic practices: The use of measurement implies that the measures have been defined and selected in 2.1.3 and 2.1.6, and data have been collected in 2.2.1. Project tracking is described in process area PA13 Monitor and Control Technical Effort. A.3.5.3 GP 2.4.2 - Take Corrective Action A.3.5.3.1 Description Take corrective action as appropriate when progress varies significantly from that planned. A.3.5.3.2 Notes Progress may vary because estimates were inaccurate, performance was affected by external factors, or the requirements, on which the plan was based, have changed. Corrective action may involve changing the process(es), changing the plan, or both. A.3.5.3.3 Relationships Relationship to other generic practices: The use of measurement implies that the measures have been defined and selected in 2.1.3 and 2.1.6, and data have been collected in 2.2.1. Project control is described in process area PA15 Monitor and Control Technical Effort. A.4 Capability Level 3 - Well Defined © ISO/IEC 2002 – All rights reserved 63
Page 1 and 2:
INTERNATIONAL STANDARD ISO/IEC 2182
Page 3 and 4:
ISO/IEC 21827:2002(E) Contents Fore
Page 5 and 6:
© ISO/IEC 2002 - All rights reserv
Page 7 and 8:
ISO/IEC 21827:2002(E) Specific Indu
Page 9 and 10:
INTERNATIONAL STANDARD ISO/IEC 2182
Page 11 and 12:
ISO/IEC 21827:2002(E) 3.11 Baseline
Page 13 and 14:
ISO/IEC 21827:2002(E) 3.36 Validati
Page 15 and 16:
ISO/IEC 21827:2002(E) 5 Structure o
Page 17 and 18:
ISO/IEC 21827:2002(E) • Communica
Page 19 and 20: ISO/IEC 21827:2002(E) Figure 3 - Se
Page 21 and 22: ISO/IEC 21827:2002(E) Figure 5 - Th
Page 23 and 24: ISO/IEC 21827:2002(E) Subsequent co
Page 25 and 26: ISO/IEC 21827:2002(E) • Level 1,
Page 27 and 28: ISO/IEC 21827:2002(E) Table 3 - 218
Page 29 and 30: ISO/IEC 21827:2002(E) of which cont
Page 31 and 32: ISO/IEC 21827:2002(E) • security
Page 33 and 34: ISO/IEC 21827:2002(E) 7.2.1.2 Goals
Page 35 and 36: ISO/IEC 21827:2002(E) 7.2.5.1 Descr
Page 37 and 38: ISO/IEC 21827:2002(E) information f
Page 39 and 40: ISO/IEC 21827:2002(E) 7.3.7 BP.03.0
Page 41 and 42: ISO/IEC 21827:2002(E) 7.4.4.3 Notes
Page 43 and 44: ISO/IEC 21827:2002(E) of existing s
Page 45 and 46: ISO/IEC 21827:2002(E) 7.5.5.1 Descr
Page 47 and 48: ISO/IEC 21827:2002(E) acceptable le
Page 49 and 50: ISO/IEC 21827:2002(E) 7.7.2 BP.07.0
Page 51 and 52: ISO/IEC 21827:2002(E) 7.8.1.3 Base
Page 53 and 54: ISO/IEC 21827:2002(E) response shou
Page 55 and 56: ISO/IEC 21827:2002(E) 7.9 PA09 - Pr
Page 57 and 58: ISO/IEC 21827:2002(E) rules and pra
Page 59 and 60: ISO/IEC 21827:2002(E) 7.10.1.3 Base
Page 61 and 62: ISO/IEC 21827:2002(E) information f
Page 63 and 64: ISO/IEC 21827:2002(E) In the intere
Page 65 and 66: ISO/IEC 21827:2002(E) Annex A (norm
Page 67 and 68: ISO/IEC 21827:2002(E) A.3.2.1 Commo
Page 69: ISO/IEC 21827:2002(E) A.3.2.7.2 Not
Page 73 and 74: ISO/IEC 21827:2002(E) A.4.2.2.3 Rel
Page 75 and 76: ISO/IEC 21827:2002(E) A.4.4.2.1 Des
Page 77 and 78: ISO/IEC 21827:2002(E) A.5.2.2.2 Not
Page 79 and 80: ISO/IEC 21827:2002(E) A.6.2.2.2 Not
Page 81 and 82: ISO/IEC 21827:2002(E) Annex B (norm
Page 83 and 84: ISO/IEC 21827:2002(E) B.3.2.1 Descr
Page 85 and 86: ISO/IEC 21827:2002(E) parameters;
Page 87 and 88: ISO/IEC 21827:2002(E) B.4.1.5 Proce
Page 91 and 92: ISO/IEC 21827:2002(E) B.5.2.3 Notes
Page 93 and 94: ISO/IEC 21827:2002(E) B.5.7 BP.14.0
Page 95 and 96: ISO/IEC 21827:2002(E) B.6.4.2 Examp
Page 97 and 98: ISO/IEC 21827:2002(E) BP.16.08 BP.1
Page 101 and 102: ISO/IEC 21827:2002(E) B.7.10.2 Exam
Page 103 and 104: ISO/IEC 21827:2002(E) • process a
Page 105 and 106: ISO/IEC 21827:2002(E) B.9.1.2 Summa
Page 107 and 108: ISO/IEC 21827:2002(E) B.9.5.2 Examp
Page 109 and 110: ISO/IEC 21827:2002(E) B.10.4.2 Exam
Page 111 and 112: ISO/IEC 21827:2002(E) B.11.2.1 Desc
Page 113 and 114: ISO/IEC 21827:2002(E) performance.
Page 115 and 116: ISO/IEC 21827:2002(E) B.12.3 BP.21.
Page 117 and 118: ISO/IEC 21827:2002(E) B.12.7 BP.21.
Page 119 and 120: ISO/IEC 21827:2002(E) B.13.2.1 Desc
Page 121 and 122:
ISO/IEC 21827:2002(E) • communica
Page 123 and 124:
ISO/IEC 21827:2002(E) produce the d
Page 125 and 126:
ISO/IEC 21827:2002(E) C.5.2 Organiz
Page 127 and 128:
ISO/IEC 21827:2002(E) C.5.12 Instit
Page 129 and 130:
ISO/IEC 21827:2002(E) Security Engi
Page 131 and 132:
ISO/IEC 21827:2002(E) GOODENOUGH93B
show all

ISO/IEC 21827

Create successful ePaper yourself

Delete template?

Save as template?