SlideShare a Scribd company logo

Enterprise Spice Scope

Download as PPT, PDF
E
espice

This document discusses determining the scope for Enterprise SPICE, which includes deciding which disciplines and standards to include. It provides steps for determining the initial scope, including developing criteria for additional disciplines, receiving stakeholder input, and approval from an Advisory Board. Current disciplines addressed include software engineering, systems engineering, and others. Additional disciplines and standards will be determined based on relevance, need, and value to stakeholders. The scope may evolve through phases to address more disciplines over time based on experience.

TechnologyBusiness
1 of 10
Downloaded 52 times
1
2
3
4
5
6
7
8
9
10
Enterprise SPICE Scope Linda Ibrahim
First Technical Decisions We need to decide Enterprise SPICE scope. This entails the following: What disciplines will Enterprise SPICE address? What standards will be integrated into Enterprise SPICE regarding those agreed disciplines?
Scope Determination Process Steps to determine Enterprise SPICE initial scope: Develop criteria for additional disciplines and source standards Receive approval from Advisory Board on criteria Request and receive stakeholder inputs on suggested disciplines and source standards Review stakeholder inputs on suggested disciplines and source standards and provide recommendations to Advisory Board Receive approval from Advisory Board on disciplines and source standards to be included (in initial baseline model, in subsequent releases, etc according to prioritization discussions/decisions) Suggest this be accomplished within ~3 months Upon completion of scope determination, Technical Author Team and Authors will develop plan for product development
Discipline Scope Current discipline scope for Enterprise SPICE, based on disciplines addressed in the iCMM and its extensions, includes: full lifecycle software engineering, full lifecycle systems engineering, acquisition, quality management, enterprise leadership and strategic processes, integrated process/product development, safety and security Examples of additional disciplines that might be considered: service management, human resource management, financial/ investment management, supply chain management, marketing, manufacturing, or other broad enterprise processes (etc) Discipline selection will be determined by Enterprise SPICE Advisory Board based on recommendations of collaborators and stakeholders. Criteria for discipline selection might include: relevance to stakeholder enterprises, perceived need for assessing processes in these disciplines in stakeholder enterprises, value of including these disciplines in enterprise assessments, etc. It is recommended disciplines be broad in focus, not industry-specific . It is recommended disciplines be prioritized in terms of criticality or need for inclusion.
Discipline Scope Discussion Questions What criteria should be used to decide Enterprise SPICE discipline scope? What disciplines might be included in Enterprise SPICE?
Source Material Sources: Once discipline scope is decided, source documents and reference documents need to be selected for agreed discipline scope Source documents are documents from which Enterprise SPICE practices are derived. Mapping of Enterprise SPICE practices to source practices is required and coverage of source documents, at an appropriate level of detail, will be demonstrated. Reference documents are documents identified as useful in developing best practice in certain areas, but full coverage and detailed mapping is not required. Source material will be determined by Enterprise SPICE Advisory Board based on recommendations of Enterprise SPICE collaborators and stakeholders. Criteria recommended for source material selection: only major, essential, widely-recognized standards/models be selected as source documents number of sources for a discipline limited to 3 to 5 for a given area.
Current Source Material Current Source Material, based on disciplines in iCMM and its extensions, includes 18 sources : Four ISO Standards: ISO 9001:2000 Quality Management Systems ISO/IEC 12207* Software life cycle processes (ISO/IEC 15504-5) ISO/IEC 15288 ** System Life Cycle Processes (ISO/IEC 15504-6) ISO/IEC 15504 ** Process assessment Performance Excellence Criteria: Malcolm Baldrige National Quality Award/President’s Quality Award Criteria ** Five Capability Models: EIA 731 Systems Engineering Capability CMMI CMM Integrated SW-CMM CMM for Software SA-CMM Software Acquisition CMM SE-CMM Systems Engineering CMM * Need to address 12207 amendments ** selected aspects of human resource management not currently in iCMM scope
Current Source Material (continued) Four Safety Sources: MIL-STD-882C: System Safety Program Requirements MIL-STD-882D: Standard Practice for System Safety IEC 61508: Functional Safety of Electrical/ Electronic/ Programmable Electronic Systems DEF STAN 00-56: Safety Mgmt Requirements for Defence Systems Four Security Sources: ISO 17799: Information Technology - Code of practice for information security management ISO 15408: The Common Criteria - Mapping of Assurance Levels and Families ISO/IEC 21827: SSE-CMM: Systems Security Engineering CMM NIST 800-30: Risk Mgmt Guide for Information Technology Systems
Source Material Discussion Questions What criteria should be used to decide Enterprise SPICE source standards? What source standards might be included in Enterprise SPICE?
Scope Prioritization Phases: Enterprise SPICE may evolve through phases to address broadening scope or evolving needs over time, and based on experience in enterprise assessments, e.g., Phase 1: Enterprise SPICE scope initially includes the baseline disciplines and standards/models (latest versions) addressed in the iCMM and extensions. Phase 2: Enterprise SPICE scope additionally includes service management plus any other high priority discipline. Phase 3: Enterprise SPICE scope addresses next highest priority set of disciplines.

More Related Content

PDF
Identify Applicable EHS Regulatory Documents
Nimonik
 
PPTX
Safety system life cycle
Lijo M Loyid
 
PPTX
Hipaa hitech requirements
DQS Inc.
 
PPTX
Compliance Framework
barnetdh
 
PPTX
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
ControlCase
 
PPTX
ISO 27001:2013 IS audit plan - by software outsourcing company in india
iFour Consultancy
 
PPT
Process
meenakshi sv
 
PPTX
D1 security and risk management v1.62
AlliedConSapCourses
 
Identify Applicable EHS Regulatory Documents
Nimonik
 
Safety system life cycle
Lijo M Loyid
 
Hipaa hitech requirements
DQS Inc.
 
Compliance Framework
barnetdh
 
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
ControlCase
 
ISO 27001:2013 IS audit plan - by software outsourcing company in india
iFour Consultancy
 
Process
meenakshi sv
 
D1 security and risk management v1.62
AlliedConSapCourses
 

What's hot (17)

PPT
Ais Romney 2006 Slides 19 Ais Development Strategies
Sharing Slides Training
 
PPTX
ISO 27001 management clause 7 support - by software development company in india
iFour Consultancy
 
PDF
How to Effectively Audit your IT Infrastructure
Netwrix Corporation
 
PDF
Iso 27001 metrics and implementation guide
mfmurat
 
PPTX
Iso 27001 transition to 2013 03202014
DQS Inc.
 
PDF
NQA ISO 22301 Transition Gap Guide
NQA
 
PDF
Swetana A Purohit
Swetana Purohit
 
PPTX
IS audit checklist
iFour Consultancy Services
 
PPTX
Is audit plan
ifourkhushbooshah
 
PPT
The best way to use ISO 27001
powertech
 
PDF
Defining Segregation of Duties
Will Kelly
 
PPTX
Planning for security and security audit process
Divya Tiwari
 
PPTX
IT Audit For Non-IT Auditors
Ed Tobias
 
PPT
IT Audit methodologies
genetics
 
PDF
CISA Domain 3 - Information Systems Acquisition, Development and Implementation
InfosecTrain
 
PDF
Transitioning to iso 27001 2013
SAIGlobalAssurance
 
PDF
Iso 27001 audits_guide
Rico Firmansyah
 
Ais Romney 2006 Slides 19 Ais Development Strategies
Sharing Slides Training
 
ISO 27001 management clause 7 support - by software development company in india
iFour Consultancy
 
How to Effectively Audit your IT Infrastructure
Netwrix Corporation
 
Iso 27001 metrics and implementation guide
mfmurat
 
Iso 27001 transition to 2013 03202014
DQS Inc.
 
NQA ISO 22301 Transition Gap Guide
NQA
 
Swetana A Purohit
Swetana Purohit
 
IS audit checklist
iFour Consultancy Services
 
Is audit plan
ifourkhushbooshah
 
The best way to use ISO 27001
powertech
 
Defining Segregation of Duties
Will Kelly
 
Planning for security and security audit process
Divya Tiwari
 
IT Audit For Non-IT Auditors
Ed Tobias
 
IT Audit methodologies
genetics
 
CISA Domain 3 - Information Systems Acquisition, Development and Implementation
InfosecTrain
 
Transitioning to iso 27001 2013
SAIGlobalAssurance
 
Iso 27001 audits_guide
Rico Firmansyah
 
Ad

Viewers also liked (7)

PDF
Touchpoints and security
Mohan Datar
 
PPTX
Security Vulnerabilities in Third Party Code - Fix All the Things!
Kymberlee Price
 
PPTX
Security in the Development Lifecycle - lessons learned
Boaz Shunami
 
PPTX
SSE
SagehenCapitalManagement
 
PDF
Security Maturity Models.
Priyanka Aash
 
PPT
How to Avoid the Top Ten Software Security Flaws
Cigital
 
PPTX
Secure Design: Threat Modeling
Cigital
 
Touchpoints and security
Mohan Datar
 
Security Vulnerabilities in Third Party Code - Fix All the Things!
Kymberlee Price
 
Security in the Development Lifecycle - lessons learned
Boaz Shunami
 
SSE
SagehenCapitalManagement
 
Security Maturity Models.
Priyanka Aash
 
How to Avoid the Top Ten Software Security Flaws
Cigital
 
Secure Design: Threat Modeling
Cigital
 
Ad

Similar to Enterprise Spice Scope (20)

PPT
Enterprise Spice Kickoff Overview
espice
 
PDF
Internal Audits and Assessments with help of Enterprise SPiCE
Ernest Wallmueller
 
PDF
Strategies and Process Improvement with Enterprise SPICE®
Ernest Wallmueller
 
PPT
Spice
Oana Feidi
 
PDF
Internal Audits and Assessments with help of Enterprise SPiCE
Ernest Wallmueller
 
PPT
What Is Iso/iec 15504
pax_isp
 
PPT
ISO/IEC 15504
pax_isp
 
PPT
ISO/IEC 15504
pax_isp
 
PPT
Spice
Oana Feidi
 
PPTX
software process improvement
Mohammad Xaviar
 
PDF
Enterprise Spice Agenda Draft18 October
espice
 
PDF
Looking for my fittest process' model
Enrique Morey
 
PDF
1. bussiness process diagonistic tool for cpm
Jyoti Trivedi
 
PPT
How Does IT Provide A Consistently Effective Service
Justo Stoll
 
PPT
Spice
Oana Feidi
 
PPSX
Spice a resource for leadership and innovation
PeopleInnovate
 
DOC
Optimize Workloads with IBM Solutions and Services
IBM India Smarter Computing
 
PPTX
Software Process Improvement - RKREDDY
Ramakrishna Reddy Bijjam
 
PDF
Adopt Adapt and Apply IT Best Practices - David Ratcliffe
Pink Elephant
 
DOCX
Managing and Using Information Systems A Strategic Approach –.docx
tienboileau
 
Enterprise Spice Kickoff Overview
espice
 
Internal Audits and Assessments with help of Enterprise SPiCE
Ernest Wallmueller
 
Strategies and Process Improvement with Enterprise SPICE®
Ernest Wallmueller
 
Spice
Oana Feidi
 
Internal Audits and Assessments with help of Enterprise SPiCE
Ernest Wallmueller
 
What Is Iso/iec 15504
pax_isp
 
ISO/IEC 15504
pax_isp
 
ISO/IEC 15504
pax_isp
 
Spice
Oana Feidi
 
software process improvement
Mohammad Xaviar
 
Enterprise Spice Agenda Draft18 October
espice
 
Looking for my fittest process' model
Enrique Morey
 
1. bussiness process diagonistic tool for cpm
Jyoti Trivedi
 
How Does IT Provide A Consistently Effective Service
Justo Stoll
 
Spice
Oana Feidi
 
Spice a resource for leadership and innovation
PeopleInnovate
 
Optimize Workloads with IBM Solutions and Services
IBM India Smarter Computing
 
Software Process Improvement - RKREDDY
Ramakrishna Reddy Bijjam
 
Adopt Adapt and Apply IT Best Practices - David Ratcliffe
Pink Elephant
 
Managing and Using Information Systems A Strategic Approach –.docx
tienboileau
 

Recently uploaded (20)

PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Getting Started with Data Integration: FME Form 101
Safe Software
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PPTX
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PPTX
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PPTX
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Getting Started with Data Integration: FME Form 101
Safe Software
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 

Enterprise Spice Scope

  • 1. Enterprise SPICE Scope Linda Ibrahim
  • 2. First Technical Decisions We need to decide Enterprise SPICE scope. This entails the following: What disciplines will Enterprise SPICE address? What standards will be integrated into Enterprise SPICE regarding those agreed disciplines?
  • 3. Scope Determination Process Steps to determine Enterprise SPICE initial scope: Develop criteria for additional disciplines and source standards Receive approval from Advisory Board on criteria Request and receive stakeholder inputs on suggested disciplines and source standards Review stakeholder inputs on suggested disciplines and source standards and provide recommendations to Advisory Board Receive approval from Advisory Board on disciplines and source standards to be included (in initial baseline model, in subsequent releases, etc according to prioritization discussions/decisions) Suggest this be accomplished within ~3 months Upon completion of scope determination, Technical Author Team and Authors will develop plan for product development
  • 4. Discipline Scope Current discipline scope for Enterprise SPICE, based on disciplines addressed in the iCMM and its extensions, includes: full lifecycle software engineering, full lifecycle systems engineering, acquisition, quality management, enterprise leadership and strategic processes, integrated process/product development, safety and security Examples of additional disciplines that might be considered: service management, human resource management, financial/ investment management, supply chain management, marketing, manufacturing, or other broad enterprise processes (etc) Discipline selection will be determined by Enterprise SPICE Advisory Board based on recommendations of collaborators and stakeholders. Criteria for discipline selection might include: relevance to stakeholder enterprises, perceived need for assessing processes in these disciplines in stakeholder enterprises, value of including these disciplines in enterprise assessments, etc. It is recommended disciplines be broad in focus, not industry-specific . It is recommended disciplines be prioritized in terms of criticality or need for inclusion.
  • 5. Discipline Scope Discussion Questions What criteria should be used to decide Enterprise SPICE discipline scope? What disciplines might be included in Enterprise SPICE?
  • 6. Source Material Sources: Once discipline scope is decided, source documents and reference documents need to be selected for agreed discipline scope Source documents are documents from which Enterprise SPICE practices are derived. Mapping of Enterprise SPICE practices to source practices is required and coverage of source documents, at an appropriate level of detail, will be demonstrated. Reference documents are documents identified as useful in developing best practice in certain areas, but full coverage and detailed mapping is not required. Source material will be determined by Enterprise SPICE Advisory Board based on recommendations of Enterprise SPICE collaborators and stakeholders. Criteria recommended for source material selection: only major, essential, widely-recognized standards/models be selected as source documents number of sources for a discipline limited to 3 to 5 for a given area.
  • 7. Current Source Material Current Source Material, based on disciplines in iCMM and its extensions, includes 18 sources : Four ISO Standards: ISO 9001:2000 Quality Management Systems ISO/IEC 12207* Software life cycle processes (ISO/IEC 15504-5) ISO/IEC 15288 ** System Life Cycle Processes (ISO/IEC 15504-6) ISO/IEC 15504 ** Process assessment Performance Excellence Criteria: Malcolm Baldrige National Quality Award/President’s Quality Award Criteria ** Five Capability Models: EIA 731 Systems Engineering Capability CMMI CMM Integrated SW-CMM CMM for Software SA-CMM Software Acquisition CMM SE-CMM Systems Engineering CMM * Need to address 12207 amendments ** selected aspects of human resource management not currently in iCMM scope
  • 8. Current Source Material (continued) Four Safety Sources: MIL-STD-882C: System Safety Program Requirements MIL-STD-882D: Standard Practice for System Safety IEC 61508: Functional Safety of Electrical/ Electronic/ Programmable Electronic Systems DEF STAN 00-56: Safety Mgmt Requirements for Defence Systems Four Security Sources: ISO 17799: Information Technology - Code of practice for information security management ISO 15408: The Common Criteria - Mapping of Assurance Levels and Families ISO/IEC 21827: SSE-CMM: Systems Security Engineering CMM NIST 800-30: Risk Mgmt Guide for Information Technology Systems
  • 9. Source Material Discussion Questions What criteria should be used to decide Enterprise SPICE source standards? What source standards might be included in Enterprise SPICE?
  • 10. Scope Prioritization Phases: Enterprise SPICE may evolve through phases to address broadening scope or evolving needs over time, and based on experience in enterprise assessments, e.g., Phase 1: Enterprise SPICE scope initially includes the baseline disciplines and standards/models (latest versions) addressed in the iCMM and extensions. Phase 2: Enterprise SPICE scope additionally includes service management plus any other high priority discipline. Phase 3: Enterprise SPICE scope addresses next highest priority set of disciplines.