ISO/IEC 29110-3-2:2018
Current
The latest, up-to-date edition.
Systems and software engineering — Lifecycle profiles for Very Small Entities (VSEs) — Part 3-2: Conformity certification scheme
Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users
English
26-04-2018
This document:
- defines the rules applicable for certification of the implementation of systems engineering, software engineering and service delivery processes complying with the requirements given in ISO/IEC 29110‑4-m, Profile specifications; and
- provides the necessary information and confidence to customers about the way certification of their suppliers has been granted.
Certification of the implementation of systems and software engineering processes (named "certification" in this document) is a third-party conformity assessment activity (see ISO/IEC 17000:2004, 5.5). Bodies performing this activity are therefore third-party conformity assessment bodies (named "certification body/bodies" in this document).
NOTE This document is primarily intended to be used as a criteria document for the accreditation or peer assessment of certification bodies which seek to be recognized as being competent to certify that a Very Small Entity (VSE) complies with ISO/IEC 29110‑4-m, Profile Specifications. Some of its requirements could also be found useful by any other parties involved in the conformity assessment of such certification bodies.
Systems and software engineering processes certification does not attest the fitness of the systems and or software products offered by a VSE.
It is important to note that certification of the implementation of systems and software engineering processes according to ISO/IEC 29110‑4-m, Profile Specifications, is a process certification and not a management systems certification neither a product certification.
Certification of the implementation of systems and software engineering processes (SEP) of a very small entity (VSE) is one means of providing assurance that the VSE has implemented systems and software engineering processes to the development or maintenance of systems and or software.
Requirements for the implementation of SEP can originate from a number of sources, and this International Standard has been developed to assist in the certification of SEP that fulfil the requirements of ISO/IEC 29110‑4-m, Profile Specifications. The contents of this document can also be used to support certification of SEP that are based on other sets of specified SEP requirements.
This document is intended for use by bodies that carry out audit and certification of SEP for VSEs. It gives generic requirements for such certification bodies performing audit and certification in the field of SEP for VSEs. Such bodies are referred to as certification bodies. This wording is not intended to be an obstacle to the use of this document by bodies with other designations that undertake activities covered by the scope of this document. Indeed, this document is intended to be usable by anyone involved in the assessment of SEP for VSEs.
Certification activities involve the audit of a VSE's SEP. The form of attestation of conformity of a VSE's SEP to a specific lifecycle profile standard setting the applicable SEP (for example ISO/IEC 29110‑4-1 or ISO/IEC 29110‑4-3) or other specified requirements are normally a certification document or a certificate.
This certification is outside the scope of ISO/IEC 29169 to the assessment to process quality characteristics and organizational maturity, and does not cover the results of process assessment. ISO/IEC 29110-3-3 describes such a scheme.
It is for the VSE being certified to develop its own processes (including ISO/IEC 29110‑4-m SEP), other sets of specified SEP requirements, other processes and it is for the VSE to decide how the various components of these will be arranged. It is therefore for certification bodies that operate in accordance with this document to take into account the culture and practices of their clients with respect to the implementation of SEP, including, if applicable, within the wider organization.
DocumentType |
Standard
|
Pages |
22
|
PublisherName |
International Organization for Standardization
|
Status |
Current
|
Standards | Relationship |
CSA ISO/IEC 29110-3-2:19 | Identical |
BS ISO/IEC 29110-3-2:2018 | Identical |
ISO/IEC 17065:2012 | Conformity assessment — Requirements for bodies certifying products, processes and services |
ISO/IEC 17000:2004 | Conformity assessment Vocabulary and general principles |
ISO 19011:2011 | Guidelines for auditing management systems |
ISO/IEC 17021:2011 | Conformity assessment Requirements for bodies providing audit and certification of management systems |
ISO 31000:2009 | Risk management Principles and guidelines |
ISO/PAS 17001:2005 | Conformity assessment Impartiality Principles and requirements |
ISO/PAS 17004:2005 | Conformity assessment Disclosure of information Principles and requirements |
ISO/IEC 17030:2003 | Conformity assessment General requirements for third-party marks of conformity |
ISO/IEC Guide 23:1982 | Methods of indicating conformity with standards for third-party certification systems |
ISO/PAS 17002:2004 | Conformity assessment Confidentiality Principles and requirements |
ISO/PAS 17005:2008 | Conformity assessment Use of management systems Principles and requirements |
ISO 9001:2015 | Quality management systems — Requirements |
ISO 9000:2015 | Quality management systems — Fundamentals and vocabulary |
ISO/IEC 17007:2009 | Conformity assessment — Guidance for drafting normative documents suitable for use for conformity assessment |
ISO/IEC Guide 28:2004 | Conformity assessment Guidance on a third-party certification system for products |
ISO/PAS 17003:2004 | Conformity assessment Complaints and appeals Principles and requirements |
ISO/IEC 29110-4-1:2011 | Software engineering Lifecycle profiles for Very Small Entities (VSEs) Part 4-1: Profile specifications: Generic profile group |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.