Information technology — Process assessment — An exemplar documented assessment process (Adopted ISO/IEC TS 33030:2017, first edition, 2017-04)
Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the SCC Mirror Committee (SMC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T).
For brevity, this Standard will be referred to as CSA ISO/IEC TS 33030 throughout.
At the time of publication, ISO/IEC TS 33030:2017 is available from ISO and IEC in English only. CSA Group will publish the French version when it becomes available from ISO and IEC.
This Standard has been formally approved, without modification, by the Technical Committee and has been developed in compliance with Standards Council of Canada requirements for National Standards of Canada. It has been published as a National Standard of Canada by CSA Group.
This document contains an exemplar documented assessment process, and serves as guidance on the nature of activities required by this document. The content of this exemplar contains the minimum elements of a documented assessment process applicable for performing all classes of assessments as defined in ISO/IEC 33002. See also Annex B.
This document is suitable for all classes of assessments defined in ISO/IEC 33002.
This exemplar includes the activities by describing the tasks, inputs, outputs and the assessment-related roles and responsibilities. This description implicitly contains other elements that could comprise the process, like purpose, initial/end conditions, additional supporting roles/responsibilities or necessary resources.
While this exemplar contains all of the activities that are considered to be required for a process assessment, it is the case that variation exists in individual process assessments, and therefore, some degree of tailoring of this assessment process could be required. Tailoring of the assessment process is permitted, though it is the responsibility of the Lead Assessor and it would need to be conformant to the requirements of ISO/IEC 33002.
This document is not intended for use in performing organizational maturity assessments.