GB/T 20918-2007: Information technology - Software life cycle processes - Risk management

Delivery: 9 seconds. Download (and Email) true-PDF + Invoice.
Get Quotation: Click GB/T 20918-2007 (Self-service in 1-minute)
Newer / historical versions: GB/T 20918-2007

Preview True-PDF

Scope

1.1 Purpose
This standard describes a process for the management of risk during software
acquisition, supply, development, operations, and maintenance. It is intended that both
technical and managerial personnel throughout an organization apply this standard.
The purpose of this standard is to provide software suppliers, acquirers, developers,
and managers with a single set of process requirements suitable for the management
of a broad variety of risks. This standard does not provide detailed risk management
techniques, but instead focuses on defining a process for risk management in which
any of several techniques may be applied.
1.2 Field of application
This standard defines a process for the management of risk throughout the software
life cycle. It is suitable for adoption by an organization for application to all appropriate
projects or for use in an individual project. Although the standard is written for the
management of risk in software projects, it may also be useful for the management of
both system-level and organization-level risks.
This standard is written so that it may be applied in conjunction with GB/T 8566 or
applied independently.
1.2.1 Application with GB/T 8566
GB/T 8566 describe standard processes for the acquisition, supply, development,
operations, and maintenance of software. The standard recognizes that actively
managing risk is a key success factor in the management of a software project. GB/T
8566 mentions risk and risk management in several places, but does not provide a
process for risk management. This risk management standard provides that process.
This standard may be used for managing organizational-level risk or project-level risk,
in any domain or life cycle phase, to support the perspectives of managers, participants,
and other stakeholders.
In the life cycle process framework provided by GB/T 8566, risk management is an
“organizational life cycle process.” The activities and tasks in an organizational process
are the responsibility of the organization using that process. The organization therefore
ensures that the process exists and functions.
When used with GB/T 8566, this standard assumes that the other management and
technical processes of GB/T 8566 perform the treatment of risk. Appropriate
relationships to those processes are described.
1.2.2 Application independently
This standard may be used independently of any particular software life cycle process
standard. When used in this manner, the standard applies additional provisions for the
treatment of risk.
1.3 Conformance
An organization or project may claim conformance to this standard by implementing a
process, demonstrating through plans and performance all of the requirements
(specified as mandatory by the word shall) in the activities and tasks described in
Clause 5.
In those instances where this standard is applied independently of GB/T 8566, an
additional set of requirements for risk treatment is provided in 5.1.4.2.
1.4 Disclaimer
This standard establishes minimum requirements for a software risk management
process, activities and tasks. Implementing these requirements or the preparation of
software risk management plans or software risk action requests according to this
standard does not ensure an absence of software related or other risks. Conformance
with this standard does not absolve any party from any social, moral, financial, or legal
obligation.

Basic Data

Standard ID	GB/T 20918-2007 (GB/T20918-2007)
Description (Translated English)	Information technology - Software life cycle processes - Risk management
Sector / Industry	National Standard (Recommended)
Classification of Chinese Standard	L77
Classification of International Standard	35.080
Word Count Estimation	21,273
Date of Issue	2007-04-30
Date of Implementation	2007-07-01
Regulation (derived from)	GB Notice 2007 No. 4 (No. 104 overall)
Issuing agency(ies)	General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China
Summary	This standard specifies the software was married to the supply, development, operation and maintenance of the process of risk management process. This standard applies to software project risk management, can also be used for system -level risk management or organizational level.