ISO/IEC/IEEE 16085:2006 pdf free.Systems and software engineering — Life cycle processes — Risk management.
ISO/IEC 16085:2006 defines a process for the management of risk in the life cycle. It can be added to the existing set of system and software life cycle processes defined by ISO/IEC 15288 and ISO/IEC 12207, or it can be used independently. ISO/IEC 16085:2006 can be applied equally to systems and software.
Risk management is a key discipline for making effective decisions and communicating the results within organizations. The purpose of risk management is to identify potential managerial and technical problems before they occur so that actions can be taken that reduce or eliminate the probability and/or impact of these problems should they occur. It is a critical tool for continuously determining the feasibility of project plans, for improving the search for and identification of potential problems that can affect life cycle activities and the quality and performance of products, and for improving the active management of projects.
This standard prescribes a continuous process fur risk management. Clause 1 provides an overview and describes the purpose, scope, and field of application. as well as prescribing the conformance criteria. Clause 2 lists the normatie references; informative references are provided in Annex E Clause 3 provides definitions Clause 4 describes how risk management is applied to the life cycle Clause S prescribes the requirements for a risk management process.
There are several informative annexes. Annex A, Annex 13. and Annex C recommend content of three documents: Risk Management Plan. Risk Action Request, and Risk Treatment Plan. Annex 1) summarizes where risk management is mentioned in the ISO/IEC 12207 series of software life cycle process standards. An equivalent annex is not included for ISO/IEC 15288. the system life cycle process standard, since it includes a risk management process. Annex E, as previously mentioned, is an annotated bibliography of standards and other documents related to the material covered in this standard.
1.1 Scope
This standard describes a process for the management of risk during systems or software acquisition, supply, development. operations, and maintenance.
1.2 Purpose
The purpose of this standard is to provide suppliers, acquirers, developers, and managers with a single set of process requirements suitable for the management of a broad variety of risks. This standard does not provide detailed risk management techniques. but instead focuses on defining a process for risk management in which any of several techniques may be applied.
1.3 Field of application
This standard defines a process for the management of risk throughout the life cycle. This standard is suitable for adoption by an organization for application to all appropriate projects. This standard is useful for managing the risks associated with organizations dealing with system or software issues.