1 Scope
1.1 Purpose
This standard describes the risk management process in the process of software acquisition, supply, development, operation and maintenance. It is recommended that technical and managerial personnel throughout the organization use this standard.
The purpose of this standard is to provide software suppliers, demanders, developers and managers with a set of process requirements suitable for managing a wide variety of risks. This standard does not provide detailed and clear risk management technology, but is committed to defining a risk management process to which any technology can be applied.
1.2 Field of application
This standard defines a risk management process that runs through the software life cycle. It is suitable for adoption by organizations and is used for all appropriate projects or individual projects. Although this standard is written for risk management in software projects, it may also be used for system-level or organization-level risk management.
This standard may be used in conjunction with GB/T 8566 or used alone.
1.2.1 Use in conjunction with GB/T 8566
GB/T 8566 describes the standard process of software acquisition, supply, development, operation and maintenance. It takes into account that active risk management is a key factor for successful software project management. It mentions risks and risk management in many places, but it does not give the process of risk management. While this standard gives this process. In order to support the views of managers, participants and other stakeholders, this standard can be used to manage organization-level or project-level risks in any field or in any life cycle phase.
In the framework for life cycle processes given in GB/T 8566, risk management is an "organizational life cycle process". In an organizational life cycle process, the organization using the process is responsible for the activities and tasks in the process. Therefore, the organization shall ensure that the process exists and functions.
When used in conjunction with GB/T 8566, this standard assumes that other management and technical processes of GB/T 8566 perform risk treatment, and also describes the correct relationship with these processes.
1.2.2 Use of this standard alone
This standard may be used independently of any specific software life cycle process standard. When used in this way, the additional clauses for risk treatment in this standard will apply.
1.3 Conformance
An organization or project can claim conformance with this standard if it lists in its plan and implements all requirements in the activities and tasks described in Clause 5 of this standard (the requirements with the word “shall” are mandatory).
In those instances where this standard is used independently of GB/T 8566, additional requirements for risk management are given in 5.1.4.2.
Foreword II
Introduction III
1 Scope
2 Normative references
3 Terms and definitions
4 Application of this standard
5 Risk management in software life cycle
Annex A (Informative) Risk management plan
Annex B (Informative) Risk action request
Annex C (Informative) Risk treatment plan
Bibliography
Standard
GB/T 20918-2007 Information technology—Software life cycle processes—Risk management (English Version)
Standard No.
GB/T 20918-2007
Status
valid
Language
English
File Format
PDF
Word Count
12000 words
Price(USD)
240.0
Implemented on
2007-7-1
Delivery
via email in 1 business day
Detail of GB/T 20918-2007
Standard No.
GB/T 20918-2007
English Name
Information technology—Software life cycle processes—Risk management
1 Scope
1.1 Purpose
This standard describes the risk management process in the process of software acquisition, supply, development, operation and maintenance. It is recommended that technical and managerial personnel throughout the organization use this standard.
The purpose of this standard is to provide software suppliers, demanders, developers and managers with a set of process requirements suitable for managing a wide variety of risks. This standard does not provide detailed and clear risk management technology, but is committed to defining a risk management process to which any technology can be applied.
1.2 Field of application
This standard defines a risk management process that runs through the software life cycle. It is suitable for adoption by organizations and is used for all appropriate projects or individual projects. Although this standard is written for risk management in software projects, it may also be used for system-level or organization-level risk management.
This standard may be used in conjunction with GB/T 8566 or used alone.
1.2.1 Use in conjunction with GB/T 8566
GB/T 8566 describes the standard process of software acquisition, supply, development, operation and maintenance. It takes into account that active risk management is a key factor for successful software project management. It mentions risks and risk management in many places, but it does not give the process of risk management. While this standard gives this process. In order to support the views of managers, participants and other stakeholders, this standard can be used to manage organization-level or project-level risks in any field or in any life cycle phase.
In the framework for life cycle processes given in GB/T 8566, risk management is an "organizational life cycle process". In an organizational life cycle process, the organization using the process is responsible for the activities and tasks in the process. Therefore, the organization shall ensure that the process exists and functions.
When used in conjunction with GB/T 8566, this standard assumes that other management and technical processes of GB/T 8566 perform risk treatment, and also describes the correct relationship with these processes.
1.2.2 Use of this standard alone
This standard may be used independently of any specific software life cycle process standard. When used in this way, the additional clauses for risk treatment in this standard will apply.
1.3 Conformance
An organization or project can claim conformance with this standard if it lists in its plan and implements all requirements in the activities and tasks described in Clause 5 of this standard (the requirements with the word “shall” are mandatory).
In those instances where this standard is used independently of GB/T 8566, additional requirements for risk management are given in 5.1.4.2.
Contents of GB/T 20918-2007
Foreword II
Introduction III
1 Scope
2 Normative references
3 Terms and definitions
4 Application of this standard
5 Risk management in software life cycle
Annex A (Informative) Risk management plan
Annex B (Informative) Risk action request
Annex C (Informative) Risk treatment plan
Bibliography
