BS ISO 10006:2017 BSI Standards Publication Quality management — Guidelines for quality management in projects BS ISO 10006:2017 BRITISH STANDARD National foreword This British Standard is the UK implementation of ISO 10006:2017. It supersedes BS ISO 10006:2003, which is withdrawn. The UK participation in its preparation was entrusted to Technical Committee MS/2, Project, programme and portfolio management. A list of organizations represented on this committee can be obtained on request to its secretary. This standard does not purport to include all the necessary provisions of a contract. Users are responsible for its correct implementation. The British Committee draws users’ attention to the Introduction which explains the purpose of this document as a supporting standard. For further information on the generic concepts and requirements of ISO management systems users can refer to guidance on the ISO and BSI website. Users should also pay particular attention to how their project, programme and portfolio management systems are integrated into wider organizational frameworks. This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application. © The British Standards Institution 2017 Published by BSI Standards Limited 2017 ISBN 978 0 580 95385 9 ICS 03.120.10; 03.100.70 Compliance with a British Standard cannot confer immunity from legal obligations. This British Standard was published under the authority of the Standards Policy and Strategy Committee on 31 December 2017. Amendments/corrigenda issued since publication Date Text affected INTERNATIONAL STANDARD BS ISO 10006:2017 ISO 10006 Third edition 2017-11-30 Quality management — Guidelines for quality management in projects Management de la qualité — Lignes directrices pour le management de la qualité dans les projets Reference number ISO 10006:2017(E) © ISO 2017 BS ISO 10006:2017 ISO 10006:2017(E) COPYRIGHT PROTECTED DOCUMENT © ISO 2017, Published in Switzerland All rights reserved. Unless otherwise specified, no part o f this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of the requester. ISO copyright o ffice Ch. de Blandonnet 8 • CP 401 CH-1214 Vernier, Geneva, Switzerland Tel. +41 22 749 01 11 Fax +41 22 749 09 47 copyright@iso.org www.iso.org ii © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) Contents Page Foreword .......................................................................................................................................................................................................................................... v Introduction ................................................................................................................................................................................................................................ vi 1 Scope ................................................................................................................................................................................................................................. 1 2 Normative references ...................................................................................................................................................................................... 1 3 Terms and definitions ..................................................................................................................................................................................... 1 4 Quality management systems in projects ................................................................................................................................... 3 4.1 5 4.2 4.3 4.4 Management responsibility in projects ........................................................................................................................................ 6 5.1 5.2 5.3 6 Top management commitment................................................................................................................................................. 6 Strategic process .................................................................................................................................................................................... 6 5.2.1 Application of quality management principles through the strategic process .......... 6 5.2.2 Customer focus .................................................................................................................................................................. 6 5.2.3 Leadership ............................................................................................................................................................................. 7 5.2.4 Engagement of people ................................................................................................................................................. 7 5.2.5 Process approach ............................................................................................................................................................ 7 5.2.6 Improvement....................................................................................................................................................................... 8 5.2.7 Evidence-based decision making ...................................................................................................................... 8 5.2.8 Relationship management....................................................................................................................................... 9 Management reviews and progress evaluations ........................................................................................................ 9 5.3.1 Management reviews ................................................................................................................................................... 9 5.3.2 Progress evaluations .................................................................................................................................................... 9 Resource management in projects ................................................................................................................................................. 10 6.1 6.2 7 Context and characteristics of the project....................................................................................................................... 3 4.1.1 General...................................................................................................................................................................................... 3 4.1.2 Organizations ...................................................................................................................................................................... 4 4.1.3 Phases and processes in projects ...................................................................................................................... 4 4.1.4 Project management processes .......................................................................................................................... 4 Quality management principles ............................................................................................................................................... 5 Project quality management processes ............................................................................................................................. 5 Quality plan for the project .......................................................................................................................................................... 5 Resource-related processes ...................................................................................................................................................... 10 6.1.1 General................................................................................................................................................................................... 10 6.1.2 Resource planning ....................................................................................................................................................... 11 6.1.3 Resource control ........................................................................................................................................................... 11 Personnel-related processes .................................................................................................................................................... 11 6.2.1 General................................................................................................................................................................................... 11 6.2.2 Establishment of the project organizational structure ................................................................ 12 6.2.3 Allocation of personnel ........................................................................................................................................... 12 6.2.4 Team development ...................................................................................................................................................... 13 Product/service realization in projects .................................................................................................................................... 13 7.1 7.2 7.3 General ........................................................................................................................................................................................................ 13 Interdependent processes .......................................................................................................................................................... 13 7.2.1 General................................................................................................................................................................................... 13 7.2.2 Project initiation and project management plan development............................................ 14 7.2.3 Interaction management........................................................................................................................................ 15 7.2.4 Change management ................................................................................................................................................. 15 7.2.5 Process and project closure ................................................................................................................................. 16 Scope-related processes .............................................................................................................................................................. 16 7.3.1 General................................................................................................................................................................................... 16 7.3.2 Concept development ............................................................................................................................................... 17 7.3.3 Scope development and control ...................................................................................................................... 17 7.3 .4 D efinitio n o f activities .............................................................................................................................................. 17 7.3.5 Control of activities ..................................................................................................................................................... 17 © ISO 2017 – All rights reserved iii BS ISO 10006:2017 ISO 10006:2017(E) 7.4 Time-related processes ................................................................................................................................................................ 18 7.4.1 General................................................................................................................................................................................... 18 7.4.2 Planning of activity dependencies ................................................................................................................. 18 7.4.3 Estimation of duration ............................................................................................................................................. 18 7.4.4 Schedule development............................................................................................................................................. 18 7.4.5 Schedule control ............................................................................................................................................................ 19 7.5 Cost-related processes .................................................................................................................................................................. 19 7.5.1 General................................................................................................................................................................................... 19 7.5.2 Cost estimation ............................................................................................................................................................... 20 7.5.3 Budgeting ............................................................................................................................................................................ 20 7.5.4 Cost control ....................................................................................................................................................................... 20 7.6 Communication-related processes ..................................................................................................................................... 21 7.6.1 General................................................................................................................................................................................... 21 7.6.2 Communication planning ...................................................................................................................................... 21 7.6.3 Information management ..................................................................................................................................... 21 7.6.4 Communication control .......................................................................................................................................... 22 7.7 Risk-related processes ................................................................................................................................................................... 22 7.7.1 General................................................................................................................................................................................... 22 7.7.2 Risk identificatio n ........................................................................................................................................................ 23 7.7.3 Risk assessment............................................................................................................................................................. 23 7.7.4 Risk treatment ................................................................................................................................................................ 23 7.7.5 Risk control........................................................................................................................................................................ 24 7.8 Procurement processes ................................................................................................................................................................ 24 7.8.1 General................................................................................................................................................................................... 24 7.8.2 Procurement planning and control ............................................................................................................... 24 7.8.3 Documentation of procurement requirements .................................................................................. 25 7.8.4 External provider management and development ......................................................................... 25 7.8.5 Contracting ........................................................................................................................................................................ 25 7.8.6 Contract control ............................................................................................................................................................. 25 8 Measurement, analysis and improvement in projects ............................................................................................... 26 8.1 General ........................................................................................................................................................................................................ 26 8.2 Measurement and analysis ........................................................................................................................................................ 26 8.3 Improvement ......................................................................................................................................................................................... 26 8.3.1 Improvement by the originating organization .................................................................................... 26 8.3.2 Improvement by the project organization .............................................................................................. 27 Annex A (informative) Overview of processes for quality management in projects ....................................... 28 Annex B (informative) Cross reference matrix between this document, ISO 9001:2015 and ISO 21500:2012 ................................................................................................................................................................................................. 31 Bibliography ............................................................................................................................................................................................................................. 34 iv © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) Foreword ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization. The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types of ISO documents should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives). Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of any p atent rights identi fie d duri ng the development o f the do c u ment wi l l b e i n the I ntro duc tion a nd/or on the ISO list of patent declarations received (see www.iso.org/patents). Any trade name used in this document is information given for the convenience of users and does not constitute an endorsement. For a n expla nation on the volu nta r y natu re o f s tandard s , the me an i ng o f I S O s p e c i fic term s a nd expressions related to conformity assessment, as well as information about ISO’s adherence to the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following URL: www.iso.org/iso/foreword.html. This document was prepared by Technical Committee ISO/TC 176, Quality management and quality assurance, Subcommittee SC 2, Quality systems. This third edition cancels and replaces the second edition (ISO 10006:2003), which has been technically revised to align it with ISO 9000:2015, ISO 9001:2015 and ISO 21500:2012. © ISO 2017 – All rights reserved v BS ISO 10006:2017 ISO 10006:2017(E) Introduction This document provides guidelines for quality management in projects. It outlines quality management principles and practices, the implementation of which are important to, and have an impact on, the achievement of quality objectives in projects. It is aligned with ISO 9000:2015 and ISO 9001:2015, and supplements the guidance given in ISO 21500:2012. The guidelines given in this document are intended for a wide audience. They are applicable to projects which can take many forms, from the small to very large, from simple to complex, from being an individual project to being part of a programme or portfolio of projects. They are intended to be used by people who have experience in managing projects and need to ensure that their organization is applying the practices contained in the quality management and quality management system standards from ISO/TC 176, as well as those who have experience in quality management and are required to interact with project organizations in applying their knowledge and experience to the project. Inevitably, some us ers wi l l fi nd th at materi a l pre s ente d i n the gu idel i ne s i s u nne ce s s ari ly de tai le d other users require the detail. for them; however, This document employs the process approach, which incorporates the Plan-Do-Check-Act (PDCA) cycle and “risk based thinking”. The two concepts of “quality management in projects” and “quality management systems in projects” are distinguished as follows: ― qua l ity management i n proj e c ts i nclude s: qua l ity ma nagement s ys tem s i n proj e c ts , management responsibility in projects, resource management in projects, product/service realization in projects, and measurement, analysis and improvement in projects; ― qua l ity management s ys tem s in proj e c ts i nclude s: proj e c t cha rac teri s tic s , qua l ity management principles in projects, project quality management processes and a quality plan for the project. It is recognized that there are two aspects to the application of quality management in projects: the project processes that are managed within the project management system, and the quality of the project’s outputs in the form of products and services. Failure to meet either of these dual aspects ca n have s ign i fic ant e ffe c ts on the proj e c t’s pro duc ts a nd s er vice s , the proj e c t’s c u s tomer a nd o ther interested parties, and the project organization. NOTE The expression “products/services” is used as an abbreviation for “products and services” throughout the remainder of this document. These aspects also emphasize that the achievement of quality objectives is a top management responsibility, requiring a commitment to the achievement of quality objectives to be instilled at all levels within the organizations involved in the project; however, each level needs to retain responsibility for its respective processes and products/services. The creation and maintenance of process and product/service quality in a project requires a systematic approach. This approach needs to be aimed at ensuring that the stated and implied needs of the customer are understood and met, that other interested parties’ needs are understood and evaluated, and that the originating organization’s quality policy is taken into account for implementation in the management of the project. This document is designed to be used in the context of the requirements for quality management s ys tem s s p e ci fie d i n I S O 9 0 01 : 2 01 5 and the gu ida nce on proj e c t ma nagement pro ce s s e s provide d i n ISO 21500. Project management processes are described in ISO 21500. T he s truc tu re o f th i s do c u ment refle c ts its de s ign as a s upp or ti ng s ta ndard provid i ng gu ida nce rather than a management system standard. A matrix is presented in Annex B to provide a cross reference between this document, ISO 9001:2015 and ISO 21500:2012. vi © ISO 2017 – All rights reserved BS ISO 10006:2017 INTERNATIONAL STANDARD ISO 10006:2017(E) Quality management — Guidelines for quality management in projects 1 Scope This document gives guidelines for the application of quality management in projects. It is applicable to organizations working on projects of varying complexity, small or large, of short or long duration, being an individual project to being part of a programme or portfolio of projects, in different environments, and irrespective of the kind of product/service or process involved, with the intention of satisfying project interested parties by introducing quality management in projects. This can necessitate some tailoring of the guidance to suit a particular project. This document is not a guide to project management itself. Guidance on quality in project management processes is presented in this document. Guidance on project management and related processes is covered in ISO 21500. This document addresses the concepts of both “quality management in projects” and “quality management systems in projects”. These are distinguished by being addressed separately by the following topics and clauses: ― management i n proj e c ts i nclude s: qua l ity management s ys tem s i n proj e c ts (Clause 4); management responsibility in projects (Clause 5); resource management in projects (Clause 6); product/service realization in projects (Clause 7); and measurement, analysis and improvement in projects (Clause 8); qua l ity 4.1); quality management principles in projects (4.2); project quality management processes (4.3); and a quality plan for the project (4.4). ― qua l ity management s ys tem s i n proj e c ts i nclude s: proj e c t charac teri s tics ( 2 Normative references The following documents are referred to in the text in such a way that some or all of their content constitutes requirements of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO 9000:2015, Quality management systems — Fundamentals and vocabulary 3 Terms and definitions For the pu r p o s e s o f th i s do c u ment, the term s a nd defi n ition s given i n ISO 9000 and the following apply. ISO and IEC maintain terminological databases for use in standardization at the following addresses: — ISO Online browsing platform: available at http://www.iso.org/obp — IEC Electropedia: available at http://www.electropedia.org/ 3.1 activity identi fie d pie ce o f work that i s re qu i re d to b e under ta ken to comp le te a project (3.3) N o te 1 to entr y: T he ac tivity i n a p roj e c t c a n genera l l y b e re co gn i z e d a s the s m a l le s t identi fie d entity. © ISO 2017 – All rights reserved 1 BS ISO 10006:2017 ISO 10006:2017(E) 3.2 progress evaluation assessment of progress made on achievement of the project (3.3) objectives Note 1 to entry: This assessment should be carried out at appropriate phases/steps in the project life cycle (3.8) across project processes, based on criteria for project processes and product or service. Note 2 to entry: The results of progress evaluations can lead to revision of the project management plan (3.5). 3.3 project unique process undertaken to achieve an objective Note 1 to entry: A project generally consists of a set of coordinated and controlled activities (3.1) with start and finish dates, con forming to specific requirements, including the constraints o f time, cost and resources Note 2 to entry: An individual project can form part o f a larger project structure and generally has a defined start and finish date. Note 3 to entry: In some projects the objectives and scope are updated and the product or service characteristics defined progressively as the project proceeds. Note 4 to entry: The output of a project can be one or several units of product or service. Note 5 to entry: The project’s organization is normally temporary and established for the lifetime of the project. Note 6 to entry: The complexity of the interactions among project activities is not necessarily related to the project size. 3.4 project management planning, organizing, monitoring, controlling and reporting of all aspects of a project (3.3) and the motivation of all those involved in it to achieve the project objectives 3.5 project management plan document specifying what is necessary to meet the objective(s) of the project (3.3) Note 1 to entry: A project management plan should include or refer to the project’s quality plan (3.9). Note 2 to entry: The project management plan also includes or references other plans such as those relating to organizational structures, resources, schedule, budget, risk management, environmental management, health and safety management, and security management, as appropriate. 3.6 project organization temporary structure that includes project roles, responsibilities and levels of authority and boundaries that need to be defined and communicated to all interested parties o f the project (3.3) 3.7 project phase division of the project life cycle (3.8) into manageable sets of activities, such as conception, development, realization and termination 3.8 project life cycle defined set o f phases from the start to the end o f the project (3.3) [SOURCE: ISO 21500:2012, 2.12] 2 © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) 3.9 quality plan s p e ci fic ation o f the ac tion s , re s p on s ibi l itie s and a s s o ci ate d re s ou rce s to b e app l ie d to a s p e ci fic obj e c t [SOURCE: ISO 10005:— 1) , 3.2] 3.10 provider supplier organization that provides a product or a service EXAMPLE Producer, distributor, retailer or vendor of a product or a service. Note 1 to entry: A provider can be internal or external to the organization. Note 2 to entry: In a contractual situation a provider is sometimes called a “contractor”. Note 3 to entry: In the context of projects (3.3), “contractor” or “subcontractor” is often used in place of “provider”. [S OU RC E : I S O 9 0 0 0 : 2 01 5 , 3 . 2 . 5 , mo d i fie d ― No te 3 to entr y ha s b e en adde d .] 4 Quality management systems in projects 4.1 Context and characteristics of the project 4.1.1 General Both the project organization and the originating organization (see 4.1.2) should consider the context in which their project quality management systems operate. Some internal and external issues can affect the project’s ability to achieve the intended project results. Other issues can offer opportunities to work more effectively with internal and external parties (see ISO 9001:2015, 4.1). C on s ideration o f i nterna l a nd e xterna l i s s ue s th at c an i n fluence the proj e c t qua l ity management s ys tem enables both the project and originating organizations to: a) understand the needs and expectations of interested parties; b) establish or adopt project quality management processes necessary to achieve intended project results; c) determine risks and opportunities related to project processes and planned outputs. The main characteristics of projects are as follows: — they are unique, non-repetitive phases consisting of processes and activities; — they have some degree of risk and uncertainty; for — they are exp e c te d to del iver s p e c i fie d qua nti fie d re s u lts with i n pre de term i ne d p a rame ters , — they have pla nne d s tar ti ng a nd fi n i sh i ng date s , with i n cle a rly s p e ci fie d co s t and re s ource con s trai nts ; example, quality-related parameters; — they have outputs that can be one or several units of a product or service; — personnel may be temporarily assigned to a project organization for the duration of the project [the project organization may be assigned by an originating organization (see 4.1.2) and can be subject to change as the project progresses]; — they c a n b e o f a long du ration, a nd s ubj e c t to cha ngi ng i nterna l and e xterna l i n fluence s over ti me . 1) Under preparation. Stage at the time of publication: ISO/FDIS 10005:2017. © ISO 2017 – All rights reserved 3 BS ISO 10006:2017 ISO 10006:2017(E) 4.1.2 Organizations This document makes separate reference to an “originating organization” and to a “project organization”. The “originating organization” is the organization that decides to undertake the project. It can be constituted as a single organization, joint-venture, consortium or any other acceptable structure. The originating organization assigns the project to a project organization. The originating organization can undertake multiple projects, each of which should be assigned to a different project organization. The “project organization” carries out the project. The project organization may be a part of the originating organization. There should be a clear division of responsibility and authority between the project organization and other relevant interested parties (including the originating organization) for the project’s processes. These should be maintained as documented information. 4.1.3 Phases and processes in projects Phases and processes are two different aspects of a project. A project may be divided into interdependent processes and into phases, as a means of planning and monitoring the realization of objectives and assessing the related risks. Project phases divide the project life cycle into manageable sets of activities, such as conception, development, realization and termination. Project processes are those processes that are necessary for managing the project as well as those that are necessary to realize the project’s product or service. NOTE 1 ISO 21500 gives guidance on project management processes. Not all the processes discussed in this document will necessarily exist in a particular project, whereas in others additional processes can be necessary. In some projects, a distinction might need to be made between core and supporting processes. Annex A lists and summarizes the processes that are considered to be applicable for the majority of projects. NOTE 2 To facilitate the discussion of the guidance to quality management in projects, the “process approach” is adopted in this document (see 5.2.5). Additionally, the processes of a project have been grouped into two categories: the project management processes and the processes related to the project’s product or service (those primarily concerned with the project’s product or service such as design, production, etc.). T he pro ce s s e s a re group e d accord i ng to thei r a ffi n ity to one a no ther; processes are included in one group. for e xample, a l l ti me -relate d The strategic process covered in Clause 5 sets the direction for the project. Clause 6 addresses resource-related processes and personnel-related processes. Clause 7 covers processes related to interdependency, scope, time, cost, communication, risk and procurement. Processes related to measurement, analysis and continual improvement are covered in Clause 8. These clauses include a description of each process and provide guidance to quality management in the process. 4.1.4 Project management processes Project management includes the planning, organizing, monitoring, controlling and reporting of all processes of a project, including taking the necessary corrective and improvement actions, that are needed to achieve the project objectives, on a continual basis. The quality management principles (see 4.2, 5.2 and ISO 9000:2015, 2.3) should be applied to all the project management processes. Guidance on quality in project management processes is discussed in this document. NOTE 4 ISO 21500 gives guidance on project management and related processes. © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) 4.2 Quality management principles The guidelines for quality management of projects given in this document are based on the seven quality management principles (see ISO 9000:2015, 2.3): — customer focus; — leadership; — engagement of people; — process approach; — improvement; — evidence-based decision making; — relationship management. These generic principles should form the basis for quality management systems for both the originating and project organizations. NOTE Guidance on the application of the quality management principles to the planning carried out in the strategic process is given in 5.2. 4.3 Project quality management processes It is necessary to manage project processes within a quality management system in order to achieve project objectives. Where the project organization operates within the originating organization, the project quality management system should be aligned, as far as is possible, with the quality management system of the originating organization. Where a part or all of the project organization is external to the p er form i ng orga n i z ation, qua l ity management s ys tem re qu i rements m ight ne e d to b e s p e ci fie d to ensure that project processes are capable of interfacing effectively. Documented information needed and produced by the project organization to ensure the effective plan n i ng , i mplementation ISO 9001:2015, 7.5). a nd control of the proj e c t s hou ld be defi ne d and control le d (s e e 4.4 Quality plan for the project The project quality management system should be documented, maintained and included or referenced in a quality plan for the project. The quality plan should identify the activities and resources necessary for achieving the quality objectives of the project. The quality plan should be incorporated into, or referenced in, the project management plan. In specifying and developing the quality plan, both the originating and project organizations should apply risk-based thinking to quality management system processes involved in the achievement of project objectives. Risks and opportunities should be addressed in planning and support processes as well as in the project risk-related processes (see 7.7). In contractual situations, a customer may specify requirements for the quality plan. These requirements should not limit the scope of the quality plan used by the project organization. NOTE ISO 10005 gives guidance on quality plans. © ISO 2017 – All rights reserved 5 BS ISO 10006:2017 ISO 10006:2017(E) 5 Management responsibility in projects 5.1 Top management commitment The commitment and active involvement of the top management of both the originating and project organizations are essential for developing and maintaining an e ffective and e fficient quality management system for the project. Top management of both the originating and project organizations should create a culture for quality, which is an important factor in ensuring the success of the project. Top management of both the originating and project organizations should provide input into the strategic process (see 5.2). Since the project organization is likely to be disbanded upon completion of the project, the top management of the originating organization should ensure that continual improvement actions are implemented for current and future projects. Top management of both the originating and project organizations should facilitate a culture in which lessons learned lead to continuous improvement of current and future projects. 5.2 Strategic process 5.2.1 Application of quality management principles through the strategic process Planning for the establishment, implementation and maintenance of a quality management system based on the application of the quality management principles is a strategic process. This planning should be performed by the project organization. In this planning, it is necessary to focus on the quality of both processes and products/services to meet the project objectives. The general guidance given in 5.2.2 to 5.2.8 should also be applied to the processes described in 6.1, 6.2, 7.2 to 7.8, and in Clause 8 , in addition to the specific guidance given in those clauses. NOTE 5.2.2 See Annex A for an overview of processes. Customer focus Organizations depend on their customers and therefore should understand current and future customer needs, meet customer requirements and strive to exceed customer expectations (see ISO 9000:2015, 2.3.1). Satisfaction of the customer’s and other interested parties’ requirements is necessary for the success of the project. These requirements should be clearly understood to ensure that all processes focus on, and are capable of, meeting them. The project objectives, which may include the product/service requirements, should take into account the needs and expectations of the customer and other interested parties. The objectives may be refined during the course o f the project. The project objectives should be documented in the project management plan (see 7.2.2), and should detail what is to be accomplished (expressed in terms of time, cost and product/service quality) and what is to be measured. When determining the balance between time, cost and product/service quality, potential impacts on the project’s product or service should be evaluated, taking into consideration the customer’s and other interested parties’ requirements. Interfaces should be established with all the interested parties to facilitate the exchange of information, as appropriate, throughout the project. Any conflicts between the interested parties’ requirements should be resolved. 6 © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) When conflicts arise between the requirements o f the customer and other interested parties, the customer requirements will normally take precedence, bearing in mind that there can be statutory and regulatory requirements that can affect this. The resolution o f conflicts should be agreed to by the customer and other interested parties. Relevant interested parties’ agreements should be retained as documented information. Throughout the project, attention should be paid to changes in the requirements of the relevant interested parties, including additional requirements from new interested parties that join the project after it has started. 5.2.3 Leadership Leaders establish unity of purpose and direction for the organization. They should create and maintain the internal environment in which people can become fully involved in achieving the organization’s objectives (see ISO 9000:2015, 2.3.2). A project manager should be appointed as early as possible. The project manager is the individual with the defined responsibility and authority for managing the project and ensuring that the project’s quality management system is established, implemented and maintained. The authority delegated to the project manager should be commensurate with the assigned responsibility. The top management of both the originating and project organizations should assume leadership in creating a culture for quality: a) by setting the quality policy and identifying the objectives (including the quality objectives) for the project; b) by providing the infrastructure and resources to ensure achievement of project objectives; c) by promoting the use of the process approach and risk-based thinking; d) by supporting an organizational structure conducive to meeting project objectives; e) by making decisions based on data and factual information; f) by empowering and motivating all project personnel to improve the project processes and products/services, and by being aware of their contribution to the effectiveness of the processes; g) by planning for preventive actions. 5.2.4 Engagement of people People at all levels are the essence of an organization and their full engagement enables their abilities to be used for the organization’s benefit (see ISO 9000:2015, 2.3.3). Personnel in the project organization should have well-defined roles, responsibilities and authorities for their participation in the project. The authority delegated to the project participants should correspond to their assigned responsibility. Competent personnel should be assigned to the project organization. In order to improve the performance of the project organization, appropriate tools, techniques and methods should be provided to the personnel to enable them to operate, monitor and control the processes. In the case of multinational and multi-cultural projects, joint ventures, international projects, etc., the implications of cross-cultural management should be addressed. 5.2.5 Process approach A desired result is achieved more e fficiently when activities and related resources are managed as a process (see ISO 9000:2015, 2.3.4). © ISO 2017 – All rights reserved 7 BS ISO 10006:2017 ISO 10006:2017(E) Project processes and their interrelationships should be determined. Where necessary, the operation and control of these processes should be supported by documented information. The originating organization may communicate the experience gained in developing and using its own processes, or those from its other projects, to the project organization. The project organization can take account of this experience when establishing the project’s processes, but it might also need to establish processes that are unique to the project. In general, the process approach to management allows for the coordination and compatibility of an organization’s planned processes and a clear definition o f their inter faces. A project is carried out as a set of planned, interrelated and interdependent processes. The project organization controls the project processes. To do this, the processes should be defined and linked. They should be integrated and managed as a system aligned with the originating organization’s overall system. This can be accomplished: a) by identifying the appropriate processes for the project; b) by identifying the inputs, outputs and the objectives for the project’s processes; c) by identifying the process owners and establishing their authority and responsibility; d) by designing the project’s processes in the life cycle of the project; e) by defining the interrelations and interactions among the processes; f) by addressing the risks and opportunities associated with the project processes. Process e ffectiveness and e fficiency can be assessed through internal and external review. Assessments can also be made by benchmarking or evaluating the processes against a maturity scale. Maturity scales typically range in degrees of maturity from “no formal system” to “best-in-class”. NOTE International Standards on quality management and quality management systems developed by ISO/TC 176 provide guidance on a number of process-related and product/service-related quality management practices; these can assist an organization in meeting its project objectives. 5.2.6 Improvement Improvement of the organization’s overall performance should be a permanent objective of the organization (see ISO 9000:2015, 2.3.5). The cycle of continual improvement is based on the “Plan-Do-Check-Act” (PDCA) concept (see ISO 9001:2015, 0.3.2). Both the originating and project organizations are responsible for continually seeking to improve the e ffectiveness and e fficiency o f the processes for which they are responsible. To learn from experience, managing projects should be treated as a process rather than as an isolated task. A process should be put in place to record and analyse the information gained during a project for use in a continual improvement process (see ISO 9001:2015, 10.3). Provision should be made for self-assessments (see ISO 9004), internal audits and, where required, external audits (see ISO 9001:2015, 9.2 and 9.3) to identify opportunities for improvement. This should also take account of the time and resources needed. Lessons learned and information from previous projects should be analysed and used to support the improvement of current or future projects. 5.2.7 Evidence-based decision making Effective decisions are based on the analysis of data and information (see ISO 9000:2015, 2.3.6). 8 © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) Information about the project’s progress and performance should be recorded; for example, in a project status report. Performance and progress evaluations (see 5.3) should be carried out periodically in order to assess the project status. The project organization should analyse the information from performance and progress evaluations to make effective decisions regarding the project and for revising the project management plan. 5.2.8 Relationship management An organization and its interested parties are interdependent and a mutually beneficial relationship enhances the ability of both to create value (see ISO 9000:2015, 2.3.7). The project organization should work with its providers when defining its strategies for obtaining external products or services, especially in cases of products or services with long lead times. Risk sharing with providers may be considered. Requirements for providers’ processes and product or service specifications should be developed jointly by the project organization and its providers, in order to benefit from available provider knowledge. The project organization should also determine a provider’s ability to meet its requirements for processes or products or services, and should take into account the customer’s preferred list of providers or selection criteria. The possibility of a number of projects using a common provider should be investigated. 5.3 Management reviews and progress evaluations 5.3.1 Management reviews The project organization’s managers responsible for the project should review the project’s quality management system, at planned intervals, to ensure its continuing suitability, adequacy, e ffectiveness and e fficiency (see ISO 9001:2015, 9.3). The originating organization may be involved in management reviews. 5.3.2 Progress evaluations Progress evaluations should cover all the project’s processes and provide an opportunity to assess the achievement o f the project objectives. The outputs from progress evaluations can provide significant information on the performance of the project as an input into future management reviews. a) Progress evaluations should be used: 1) to assess the adequacy of the project management plan against project objectives and how the work performed conforms to it; 2) to evaluate how well the project processes are synchronized and interlinked; 3) to identify and evaluate activities and results that would adversely or favourably affect the achievement of the project objectives; 4) to obtain inputs for remaining work in the project; 5) to facilitate communication; 6) to drive process improvement in the project, by identifying deviations and changes in risks and opportunities. b) The planning for progress evaluations should include: 1) preparing an overall schedule for progress evaluations (for inclusion in the project management plan); © ISO 2017 – All rights reserved 9 BS ISO 10006:2017 ISO 10006:2017(E) 2) assigning responsibility for the management of individual progress evaluations; 3) specifying the purpose, assessment requirements, processes and outputs for each progress evaluation; 4) assigning personnel to participate in the evaluation (e.g. the individuals responsible for the project processes and other interested parties); 5) ensuring that appropriate personnel from the project processes being evaluated are available for questioning; 6) ensuring that relevant information is prepared and is available for the evaluation (e.g. the project management plan). c) Those performing the evaluations should: 1) understand the purpose of the processes being evaluated, and their effect on the project quality management system; 2) examine relevant process inputs and outputs; 3) review the monitoring and measuring criteria being applied to the processes; 4) determine if the processes are effective; 5) lo ok for p o tenti a l i mprovements i n pro ce s s e ffic ienc ie s; 6) develop reports, or other relevant outputs, with the progress evaluation results. d) Once a progress evaluation has been performed: 1) the outputs of the evaluation should be assessed against the project’s objectives, to determine whether the performance of the project against the planned objectives is acceptable; 2) responsibility should be assigned for actions resulting from the progress evaluation. The outputs of progress evaluations can also be used to provide information to the originating organ i z ation for conti nua l management processes. i mprovement of the e ffe c tivene s s and e fficienc y of the proj e c t 6 Resource management in projects 6.1 Resource-related processes 6.1.1 General The resource-related processes aim to plan and control resources. They help to identify any potential problem s with re s ou rce s . E xample s of re s ou rce s i nclude information, materials, computer software and services. p e ople, e quipment, fac i l itie s , fi nance, The resource-related processes are: a) resource planning (see 6.1.2); b) resource control (see 6.1.3). NOTE 1 See Annex A for an overview of processes. NOTE 2 This subclause applies to the quantitative aspects of people management. Other aspects, such as training, are covered in 6.2. 10 © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) 6.1.2 Resource planning for Re s ou rce s ne e de d the proj e c t s hou ld b e identi fie d . Re s ource pla n s shou ld s tate what re s ource s wi l l be needed by the project and when they will be required, according to the project schedule. The plans should indicate how, and from where, resources will be obtained and allocated. If applicable, the plans should also include the manner of disposition of resources at the completion of tasks and at the end of the project. The plans should be suitable for resource control. T he va l id ity o f the i nputs to re s ou rce pl an n i ng s hou ld be veri fie d . performance of organizations supplying resources should be evaluated. T he s tabi l ity, c ap abi l ity a nd The constraints on, and risks related to, resources should be taken into account. Examples of constraints include availability, safety, cultural considerations, international agreements, labour agreements, governmental regulations, funding and the impact of the project on the environment. Resource plans, including estimates, allocations and constraints, together with assumptions made, should be documented and included in the project management plan. 6.1.3 Resource control Reviews s hou ld be project objectives. p er forme d to en s u re that s u fficient re s ource s are avai lable to me e t the The timing of reviews, the frequency of associated data collection and forecasts of resource requirements should be documented in the project management plan. D evi ation s from re s ou rce plan s s hou ld b e identi fie d, ana lys e d, ac te d up on and re corde d . Decisions on actions to be taken should only be made after considering the implications for other project processes and objectives. Changes that affect the project objectives should be agreed with the customer and other interested parties before implementation. Changes in resource plans should be authorized as appropriate. Revisions of forecasts of resource requirements should be coordinated with other project processes when developing the plan for remaining work. Ro o t c au s e s for shor tage s or e xce s s e s i n re s ou rce s s hou ld b e identi fie d, re corde d and u s e d as i nput corrective action. for 6.2 Personnel-related processes 6.2.1 General The quality and success of a project will depend on the participating personnel; therefore, special attention should be given to the activities in the personnel-related processes. These processes aim to create an environment in which personnel can contribute effectively and e fficiently to the proj e c t. The personnel-related processes are: a) the establishment of the project organizational structure (see 6.2.2); b) the allocation of personnel (see 6.2.3); c) the team development (see 6.2.4). NOTE 1 See Annex A for an overview of processes. NOTE 2 The quantitative aspects of personnel management are covered in 6.1. The communication aspects of personnel management are covered in 7.6. © ISO 2017 – All rights reserved 11 BS ISO 10006:2017 ISO 10006:2017(E) 6.2.2 Establishment of the project organizational structure The project organizational structure should be established in accordance with the requirements and policies of the originating organization and the conditions particular to the project. Previous project experience should be recorded in the lessons learned and used, when available, for the selection of the most appropriate organizational structure. T he proj e c t organ i z ationa l s tr uc tu re s hou ld be de s igne d to encou rage communication and cooperation between all participants in the project. e ffe c tive and e ffic ient The project manager and the originating organization should ensure that the project organizational structure is appropriate to the project scope, the size of the project team, local conditions and the processes employed. This can result, for example, in a functional or matrix type project organizational structure. The division of authority and responsibility within the project organization structure should also take account of the division of authority and responsibility in the originating organization and its organizational structure. T he rel ation sh ip s o f the proj e c t organ i z ation s hou ld b e identi fie d and e s tabl i she d: a) to the customer and other interested parties; b) to the functions of the originating organization supporting the project (particularly those in charge of monitoring project functions such as schedules, quality and cost); c) to other relevant projects in the same originating organization. Job or role descriptions, including assignments of responsibility and authority, should be prepared and documented. The project function responsible for ensuring that the project’s quality management system is e s tabl i s he d, i mplemente d and mai nta i ne d s hou ld b e identi fie d . T he i nter face s o f th i s func tion other project functions, the customer and other interested parties should be documented. with Reviews of the project organizational structure should be planned and carried out regularly to determine whether it continues to be suitable and adequate. 6.2.3 T he Allocation of personnel ne ce s s a r y comp e tence in term s o f e duc ation, tra i n i ng a nd exp erience s hou ld be defi ne d for p ers on nel worki ng on the proj e c t (“comp e tence” i s defi ne d i n I S O 9 0 0 0 : 2 01 5 , 3 .10 .4, as the “abi l ity to apply knowle dge and s ki l l s to ach ieve i ntende d re s u lts ” ) . I n add ition, proj e c t s p e c i fic s ki l l s s hou ld be determined. Personal attributes should be considered in the selection of project personnel. Special attention should be given to the competence requirements of key personnel. Su fficient ti me shou ld b e a l lowe d for the re cru iti ng o f comp e tent p ers on nel, e s p e c ia l ly when d i ffic u ltie s are anticipated. Selection of personnel should be based on the job or role descriptions, and should take into account the competence of applicants and references from previous experience. Selection criteria should be developed and applied to all levels of personnel being considered for the project. When selecting a project manager priority should be given to leadership skills. The project manager should be involved in the selection of personnel for the project positions that are considered essential to the project’s success. The project manager should ensure that a representative of the project organization is appointed with responsibility for establishing, implementing and maintaining the project’s quality management system. When assigning members to project teams, their personal interests, personal relationships, strengths and weaknesses should be considered. Knowledge of personal characteristics and experience can help in identifying the best sharing of responsibilities among the members of the project organization. 12 © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) The job or role description should be understood and accepted by the person assigned. Whenever a member of the project organization is also reporting to a function in the originating organization, the role, the responsibility, authority and reporting lines of that individual should be documented. T he a s s ign ment o f p ers on nel to s p e ci fic j ob s or role s shou ld b e con fi rme d and com mun icate d to a l l concerne d . T he overa l l p er forma nce, i nclud i ng the e ffe c tivene s s and e fficienc y o f p ers on nel i n thei r j ob assignments, should be monitored to verify that the assignments are appropriate. Based on results, appropriate actions should be taken, such as retraining or recognizing achievement. Changes of personnel in the project organization should be communicated to the customer and other interested parties before implementation, when possible, if the change affects them. 6.2.4 Team development Effective team performance requires the team members to be individually competent, motivated and willing to cooperate with one another. To enhance team performance, the project team collectively, and the team members individually, should participate in team development activities. Personnel should receive training in, and be made aware of, the relevance and importance of their project activities in the attainment of the project and the quality objectives (see ISO 10015). Effective teamwork should be recognized and, where appropriate, rewarded. Managers in the project organization should ensure the establishment of a work environment that encourages excellence, effective working relationships, trust and respect within the team and with a l l o thers i nvolve d i n the proj e c t. C on s en s u s- b a s e d de c i s ion ma ki ng , s tr uc tu re d con fl ic t re s olution, clear, open and effective communication, and mutual commitment to customer satisfaction should be encouraged and developed (see 5.2.3 for a discussion of leadership). Wherever possible, personnel affected by changes in the project or in the project organization should be involved in planning and implementing the change. 7 Product/service realization in projects 7.1 General This clause covers project management process groupings that are necessary to produce the project’s product or service (see 4.1.3). 7.2 Interdependent processes 7.2.1 General Projects consist of a system of planned and interdependent processes and an action in one of these usually affects others. The overall management of the planned interdependencies among the project processes is the responsibility of the project manager. The project organization should also manage e ffe c tive and e ffic ient com mu n ic ation b e twe en d i fferent group s o f p ers on nel i nvolve d i n the proj e c t and establish clear assignment of their responsibility. The interdependent processes are: a) project initiation and project management plan development (see 7.2.2); b) interaction management (see 7.2.3); c) change management (see 7.2.4); d) process and project closure (see 7.2.5). © ISO 2017 – All rights reserved 13 BS ISO 10006:2017 ISO 10006:2017(E) NOTE 7.2.2 See Annex A for an overview of processes. Project initiation and project management plan development A project management plan, which should include or reference the project’s quality plan, should be established and kept up to date. The degree of detail included can depend on factors such as scope, size and complexity of the project. During project initiation, details of relevant past projects from the originating organization should be identi fie d a nd com mu n ic ate d to the proj e c t organ i z ation . T h i s wi l l enable the b e s t u s e to b e made o f the experience gained (e.g. lessons learned) from these previous projects. I f the pur p o s e o f a proj e c t i s fu l fi l to the re qu i rements o f a contrac t, contrac t reviews shou ld b e performed during the development of the project management plan to ensure that the contract requirements can be met. Where the project is not the result of a contract, an initial review should be under ta ken to e s tabl i sh the re qu i rements and con fi rm th at they are appropri ate and ach ievable . The project management plan should: a) refer to the customer’s and other interested parties’ documented requirements and the project objectives; the input source for each requirement should also be documented to allow traceability; b) identify and document the project processes and their purposes; c) identify organizational interfaces, giving particular attention to: 1) the project organization’s connection and reporting lines with the various functions of the originating organization; 2) interfaces between functions within the project organization; d) integrate plans resulting from the planning carried out in other project processes, review these plans for consistency and resolve any discrepancies; these plans include: 1) quality plan; 2) work breakdown structure (see 7.3.4); 3) project schedule (see 7.4.5); 4) project budget (see 7.5.3); 5) communication plan (see 7.6.2); 6) risk management plan (see 7.7.2); 7) procurement plan (see 7.8.2); e) identify, include or reference the product/service characteristics and how they should be measured and assessed; f) provide a baseline for progress measurement and control, to provide for planning the remaining work; plans for reviews and progress evaluations should be prepared and scheduled; g) defi ne p er formance i nd ic ators and how to me a s u re them, and assessment in order to monitor progress; these assessments should: ma ke provi s ion for regu la r 1) facilitate preventive and corrective actions; 2) h) 14 con fi rm th at the proj e c t obj e c tive s remai n va l id i n a ch angi ng proj e c t envi ron ment; provide for reviews o f the requirements of the contract; proj e c t re qu i re d by the contrac t to en s u re the fu l fi l ment o f the © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) i) b e reviewe d regu larly a nd a l s o when s ign i fic ant cha nge s o cc u r. The project quality management system should be documented or referenced in the project’s quality plan. Linkage should be established between the project’s quality plan and applicable parts of the quality management system of the originating organization. As far as is practicable, the project organization should adopt and, if necessary, adapt the quality management system and processes of the origi nati ng organ i z ation . I n c as e s where s p e ci fic re qu i rements for the qua l ity management s ys tem from other interested parties exist, it should be ensured that the project’s quality management system is compatible with these requirements. 7.2.3 Interaction management To facilitate the interdependencies (which are planned) between processes, the interactions (which are not planned) in the project should be managed. This should include the following: a) establishing processes for interface management; b) holding project inter-functional meetings; c) re s olvi ng i s s ue s , s uch as con fl ic ti ng re s p on s ibi l itie s or change s to ri sk e xp o s u re; d) measuring project performance, using such techniques as earned value analysis (a technique for monitoring overall project performance against a budget baseline); e) carrying out progress evaluations to assess project status and to plan for the remaining work. The progress evaluations should also be used to identify potential interface problems. It should be noted that risk is usually high at the interfaces. NOTE 7.2.4 C ha nge Project communication is an essential factor in project coordination and is discussed in 7.6. Change management management covers the identi fic ation, eva luation, authori z ation, do c u mentation, implementation and control of change. Before a change is authorized, the intent, extent and impact of the change should be analysed. Those changes that affect the project objectives should be agreed with the customer and other interested parties. Change management should also take the following into account: a) managing changes to the project scope, project objectives and project management plan; b) co ord i nati ng cha nge s acro s s i nter-l i n ke d proj e c t pro ce s s e s and re s olvi ng any con fl ic ts; c) processes for documenting change; d) improvement (see 8.3); e) aspects of change affecting personnel (see 6.2.4). C ha nge s c an re s u lt i n i mp ac ts on the proj e c t and s uch i mp ac ts s hou ld b e identi fie d as s o on a s p o s s ible . The root causes of impacts should be analysed and the results should be used to produce solutions and to implement improvements in the project process. Before implementation of any change, a change request should be submitted in accordance with the project processes established in the project management plan. The relevant documented information given with the re que s t s hou ld i nclude a j u s ti fic ation © ISO 2017 – All rights reserved for the cha nge . 15 BS ISO 10006:2017 ISO 10006:2017(E) An aspect o f change management is configuration management. For the management o f projects, it is taken to re fer to the configuration o f the project’s products or services. This can include both non- deliverable items (such as test tools and other installed equipment) and deliverable items. NOTE 7.2.5 Further guidance on configuration management is given in ISO 10007. Process and project closure The project itself consists of processes and special attention should be given to their closure. The closure o f processes and the project should be defined during the initiation stage o f the project and be included in the project management plan. When planning the closure of processes and projects, the experience gained from the closure of previous processes and projects (see Clause 8) should be taken into account. However, in certain cases it can be necessary to close the project earlier or later than planned, due to unpredicted events. At any time during the life cycle of a project, completed processes should be closed as planned. When a process is closed, it should be ensured that all documented information is compiled, distributed within the project and to the originating organization, as appropriate, and retained for a specified time. Whatever the reason for project closure, a complete review of project performance should be undertaken. This should take into account all relevant documented information, including that from progress evaluations and inputs from interested parties. Special consideration should be given to feedback from the customer and other interested parties. This feedback should be measurable where possible. Based on this review, appropriate reports should be prepared, highlighting experience that can be used by other projects and for continual improvement (see 8.3). At the closure of the project, there should be a formal handover of the project product/service to the customer. Project closure is not completed until the customer formally accepts the project product/service. The closure of the project should be communicated to interested parties. 7.3 Scope-related processes 7.3.1 General The project’s scope includes a description of the project’s product/service, its characteristics and how they are to be measured or assessed. The scope-related processes: a) aim: 1) to translate the customer’s and other interested parties’ needs and expectations into project requirements to be implemented to achieve the objectives of the project, and to organize activities required for the implementation; 2) to ensure that personnel work within the scope during the realization of these activities; 3) to ensure that the activities carried out in the project meet the requirements described in the scope; b) are: 1) concept development (see 7.3.2); 2) scope development and control (see 7.3.3); 3) definition o f activities (see 7.3.4); 16 © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) 4) control of activities (see 7.3.5). NOTE 7.3.2 See Annex A for an overview of processes. Concept development Customer needs and expectations for product/service and processes (both stated and generally implied), as well as any applicable statutory and regulatory requirements, should be determined and defined. These should be translated into documented requirements which, when required by the customer, should be mutually agreed. Other interested parties should be identified and their needs established. These should be translated into documented requirements and, where relevant, agreed to by the customer. 7.3.3 Scope development and control When developing the project scope, the characteristics of the project’s product or service should be identified and documented in measurable terms and as completely as possible. These characteristics should be used as the basis for design and development. It should be specified how these characteristics will be measured or how their conformity to the customer’s and other interested parties’ requirements will be assessed. Product/service and process characteristics should be traceable to the documented requirements of the customer and other interested parties. When alternative approaches and solutions are considered during scope development, supporting evidence (including the analyses performed and other considerations used) should be documented and referenced in the scope. NOTE 7.3.4 The management of changes to the scope is addressed by the change management process (see 7.2.4). Definition o f activities The project should be systematically structured into manageable activities to meet customer requirements for products/services and processes. NOTE Frequently, the term “breakdown structure” is used to describe the way in which a project can be divided by levels into discrete groups for programming, cost planning and control purposes. Also, terms such as “activities”, “tasks” and “work packages” are used for the elements of this structuring, and the result is usually known as a “work breakdown structure” (WBS). Personnel assigned to the project should participate in the definition o f these activities. This will enable the project organization to benefit from their experience and to gain their understanding, acceptance and ownership. Each activity should be defined in such a way that its results are measurable. The list o f activities should be checked for completeness. The activities defined should include quality management practices, progress evaluations, and the preparation and maintenance of a project management plan. The interactions between activities in a project that could potentially cause problems between the project organization and the interested parties should be identified, managed and documented. 7.3.5 Control of activities The activities within the project should be carried out and controlled in accordance with the project management plan. Process control includes control of the interactions between activities to minimize conflicts or misunderstandings. In processes involving new technologies, particular attention should be given to their control. Activities should be reviewed and evaluated to identi fy potential deficiencies and opportunities for improvement. The timing of reviews should be adapted to the complexity of the project. © ISO 2017 – All rights reserved 17 BS ISO 10006:2017 ISO 10006:2017(E) The results of reviews should be used for progress evaluations to assess process outputs and to plan for the remaining work. The revised plan for the remaining work should be documented. 7.4 Time-related processes 7.4.1 General The time-related processes aim to determine dependencies and the duration of activities, and to ensure timely completion of the project. The time-related processes are: a) planning of activity dependencies (see 7.4.2); b) estimation of duration (see 7.4.3); c) schedule development (see 7.4.4); d) schedule control (see 7.4.5). NOTE 7.4.2 See Annex A for an overview of processes. Planning of activity dependencies The interdependencies among the activities in a project should be identified and reviewed for consistency. Any need for changing the data from the activity identification process should be justified and documented. Whenever possible, during development of the project plan, standard or proven project network diagrams should be used to take advantage of previous experience. Their appropriateness to the project should be verified. 7.4.3 Estimation of duration Estimates of the duration of activities should be established by personnel with responsibility for those activities. Duration estimates from past experience should be verified for accuracy and applicability to present project conditions. The inputs should be documented and traceable to their origins. When collecting duration estimates, it is useful to obtain associated resource estimates at the same time as an input to resource planning (see 6.1.2). When duration estimation involves significant uncertainty, the risks should be evaluated, documented and mitigated. Allowance for remaining risks should be incorporated into the estimates. When required or appropriate, the customer or other interested parties should be involved in duration estimation. 7.4.4 Schedule development Input data for schedule development should be identified and checked for con formity to specific project conditions. Activities with long lead times or long durations should be taken into account when determining the critical path. The critical path is the sequence of activities that determine the earliest possible completion date for the project or phase, through the network diagram from project start to project end along dependent activities. It requires explicit identification. Standardized schedule formats, suitable for the different user needs, should be implemented. The relationships of duration estimates to activity dependencies should be checked for consistency. Any inconsistencies found should be resolved be fore schedules are finalized and issued. The schedules should identify critical and near-critical activities. 18 © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) T he s che du le s hou ld identi fy events that re qu i re s p e c i fic i nputs or de c i s ion s , or one s at wh ich maj or outputs are planned. These are sometimes referred to as “key events” or “milestones”. Progress evaluation activities should be included in the schedule. The customer and other interested parties should be involved with, and kept informed of, the development of the schedule when required. External inputs (e.g. customer-dependent inputs expected during the project) should be analysed and taken into account in the schedule. Appropriate schedules should be supplied to the customer and other interested parties for information or, if required, for approval. 7.4.5 Schedule control T he proj e c t organ i z ation shou ld c arr y out re gu l ar reviews o f the proj e c t s che du le, a s defi ne d i n the project management plan. To ensure adequate control over project activities, processes and related information, the timing of schedule reviews and the frequency of data collection should be established. Project progress should be analysed in order to identify trends and possible risks and opportunities in the work remaining in the project (see 7.7). Up-to-date schedules should be used in progress evaluations from the s che du le s hou ld b e identi fie d, and me e ti ngs . D eviation s Ro o t c au s e s for va ria nce s from s che du le, b o th favou rable ana lys e d and, i f s ign i fic ant, ac te d up on . a nd u n favou rable, shou ld be identi fie d . Action should be taken to ensure that unfavourable variances do not affect project objectives. Causes of both favourable and unfavourable variances should be used to provide data as a basis for continual improvement (see Clause 8). Possible impacts of schedule changes on the budget and resources of the project and on the quality of the product/service should be determined. Decisions on actions to be taken should only be made based on facts, after taking into account their implications for other project processes and objectives. Changes that affect the project objectives should be agreed with the customer and other relevant interested parties before implementation. When action is required to take account of variances, the personnel involved and their roles should be identi fie d . Revi s ion s o f the s che du le s hou ld b e co ord i nate d with o ther proj e c t pro ce s s e s developing the plan for the remaining work. when External inputs (e.g. customer-dependent inputs expected during the project) should be monitored. The customer and other interested parties should be kept informed of any proposed changes to the schedule and should be involved in making decisions that affect them. 7.5 Cost-related processes 7.5.1 General The cost-related processes aim to forecast and manage the project costs. This should ensure that the project is completed within budget constraints, and that cost information can be provided to the originating organization. The cost-related processes are: a) cost estimation (see 7.5.2); b) budgeting (see 7.5.3); c) cost control (see 7.5.4). NOTE 1 See Annex A for an overview of processes. NOTE 2 Further guidance on the economic effects of quality management is given in ISO 10014. © ISO 2017 – All rights reserved 19 BS ISO 10006:2017 ISO 10006:2017(E) 7.5.2 Cost estimation All project costs should be clearly identified (e.g. cost o f activities, overheads, products/services). Cost estimation should consider relevant sources of information and should be linked to the project’s breakdown structures (see 7.3.4). Cost estimates from past experience should be verified for accuracy and applicability to present project conditions. The costs should be documented and traceable to their origins. Particular attention should be given to budgeting su fficient funds for the establishment, implementation and maintenance of the project quality management system. Cost estimation should take into account present and forecast trends in the economic environment (e.g. inflation, taxation and exchange rates). When cost estimation involves significant uncertainties, these risks should be identified, evaluated, documented and acted upon (see 7.7.2). Allowance for remaining uncertainties, sometimes called “contingencies”, should be incorporated in the estimates. The cost estimates should be in a form that enables budgets to be established and developed in accordance with approved accounting processes as well as the project organization’s needs. 7.5.3 Budgeting The project budget should be based on the cost estimates and schedules with a defined process for its acceptance. The budget should be consistent with the project objectives. Any assumptions, uncertainties and contingencies should be identified and documented. The budget should include all authorized costs and should be in a form suitable for project cost control. 7.5.4 Cost control Prior to any expenditure, a cost control system and associated processes should be established, documented and communicated to those responsible for authorizing work or expenditure. The timing of reviews and the frequency of data collection and forecasts should be established. This ensures adequate control over project activities and related information. The project organization should verify that the remaining work can be carried out to completion within the remaining budget. Any deviation from the budget should be identified and, i f exceeding defined limits, the variance should be analysed and acted upon. Project cost trends should be analysed, using techniques such as “earned value analysis”. The plan for the remaining work should be reviewed to identify uncertainties. Root causes for variances to budget, both favourable and un favourable, should be identified. Action should be taken to ensure that unfavourable variances do not affect project objectives. Causes of both favourable and unfavourable variances should be used to provide data as a basis for continual improvement (see Clause 8). Decisions on actions to be taken should only be made based on facts, after taking into account the implications for other project processes and objectives. Changes in the cost of the project should be appropriately approved and authorized prior to expenditure. Revisions of the budget forecast should be coordinated with other project processes when developing the plan for remaining work. The information needed to ensure the timely release of funds should be made available and provided as input to the resource control process. The project organization should carry out regular reviews o f the project costs, as defined in the project management plan, and take into account any other financial reviews (e.g. external reviews by relevant interested parties). 20 © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) 7.6 Communication-related processes 7.6.1 General The communication-related processes aim to facilitate the exchange of information necessary for the project. They ensure timely and appropriate generation, collection, dissemination, storage and ultimate disposition of project information. The communication-related processes are: a) communication planning (see 7.6.2); b) information management (see 7.6.3); c) communication control (see 7.6.4). NOTE 1 See Annex A for an overview of processes. NOTE 2 Further information is given in ISO 9004. T he proj e c t organ i z ation s hou ld en s u re th at appropri ate com mu n ic ation pro ce s s e s a re defi ne d a nd that information is exchanged between the project’s processes as well as between the project, other relevant projects, the customer and other interested parties, and the originating organization. 7.6.2 Communication planning Both the originating and project organizations should ensure that appropriate communication processes are established for the project, and that communication takes place regarding the current status of the quality management system. Communication planning should take into account the needs of the originating organization, project organization, the customer and other interested parties, and should result in a documented communication plan. T he com mu n ic ation pla n shou ld defi ne the i n formation that wi l l b e forma l ly com mu nic ate d , the me d i a used to transmit it and the frequency of communication. The requirements for the purpose, frequency, ti m i ng and do c u mente d i n formation o f me e ti ngs s hou ld b e defi ne d i n the com mu nic ation pla n . The format, language and structure of the project documented information should be planned to en s ure comp atibi l ity. T he com mu n ic ation plan shou ld defi ne the i n formation ma nagement s ys tem (s e e 7.6.3), identify who will send and receive information, and should reference the relevant controls on documented information, including security processes. The format for progress evaluation reports should be designed to highlight deviations from the project management plan. NOTE 7.6.3 ISO 9001:2015, 7.5, provides further information on the control of documented information. Information management The project organization should identify its information needs and should establish a documented information management system. The project organization should also identify internal and external sources of information. The way in which information is managed should take into consideration the needs of both the project and originating organizations. In order to manage the proj e c t’s i n formation, pro ce s s e s defi n i ng the control s for i n formation prep aration, col le c tion, identi fic ation, cl as s i fic ation, up dati ng , d i s tribution, fi l i ng , s torage, pro te c tion, retrieval, retention time and disposition should be established. © ISO 2017 – All rights reserved 21 BS ISO 10006:2017 ISO 10006:2017(E) Documented information should indicate the conditions prevailing at the time the activity was recorded. T h i s wi l l a l low the va l id ity and releva nce o f the i n formation to b e veri fie d b e fore u s e i n o ther proj e c ts . The project organization should ensure appropriate security of information, taking into account con fidentia l ity, avai labi l ity a nd i ntegrity o f i n formation . Information should be relevant to the needs of the recipients, and should be clearly presented and distributed with strict adherence to time schedules. All agreements affecting the project performance, including informal ones, should be formally documented. Rules and guidelines for meetings should be established and should be appropriate to the type of meeting. Meeting agendas should be distributed in advance and should identify for each item the personnel whose attendance is required. Minutes of meetings should include details of the decisions made, the outstanding issues and the agreed actions (including due dates and the personnel assigned to carry them out). The minutes should be distributed to relevant interested parties within an agreed time. The project organization should use the data, information and knowledge to set and meet its objectives. T he managers o f the proj e c t and origi nati ng organ i z ation s shou ld eva luate the b enefits derive d the use of the information in order to improve the management of information (see Clause 8). from The information management system should be as simple as possible. 7.6.4 Communication control The communication system should be planned and implemented. It should be controlled, monitored and reviewed to ensure that it continues to meet the needs of the project. Particular attention should be given to interfaces between functions and organizations where misunderstandings and con fl ic ts c an o cc u r. 7.7 Risk-related processes 7.7.1 General Commonly “project risks” are the effects of uncertainty on project objectives. The management of project risks deals with uncertainties throughout the project. This requires a structured approach that should be documented in a risk management plan. The risk-related processes aim to minimize the impact of potential negative events and take advantage of opportunities for improvement and innovation related, not only to project processes, but also to increased value for the project, originating organizations, and the customer and other interested parties. Uncertainties are also related to either the project processes or to the project’s product/service. The risk-related processes are: a) ri s k identi fic ation (s e e 7.7.2); b) risk assessment (see 7.7.2); c) risk treatment (see 7.7.3); d) risk control (see 7.7.4). NOTE 1 See Annex A for an overview of processes. NOTE 2 Further information on risk management is given in ISO 31000. 22 © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) 7 . 7 . 2 R i s k i d e n t i f i c a t i o n Risk identification should be per formed at the initiation o f the project, at progress evaluations and other occasions when significant decisions are made. Experience and historical data from previous projects maintained by the originating organization (see 8.3.1) should be used for this purpose. The output of this process should be recorded in a risk management plan, which should be incorporated or referenced in the project management plan. Potential risks arising from activity-, process- and product/service-related interactions between the project organization, the originating organization and interested parties should be identified and recorded. Risk identification should consider, not only risks in cost, time and product/service, but also risks in areas such as product/service quality, security, dependability, professional liability, information technology, safety, health and environment, or potential changes to statutory and regulatory requirements. The risk identification process should consider: a) the interactions between different risks; b) the risks resulting from new technologies and developments. While identi fying risks, a lookout for potential opportunities is recommended. Identified opportunities and respective actions can o ffer important benefits regarding costs, quality, timeliness and image o f the project/service. Any identified risk with significant impact should be documented and a person should be assigned with the responsibility, authority and resources for managing that risk. 7.7.3 Risk assessment Risk assessment is the process o f analysing and evaluating identified risks to the project processes and to the project’s product/service. All identified risks should be assessed. In this assessment, experience and historical data from previous projects should be taken into account. The criteria and techniques to be used in the assessment should be evaluated. A qualitative analysis should be made and a quantitative analysis should follow wherever possible. NOTE There are various qualitative and quantitative methods of risk assessment available for performing such analyses. These are generally based on assessing the probability of occurrence and the impact of identified risks. Levels of risk acceptable for the project, and the means to determine when agreed-to levels of risk are exceeded, should be identified. The results of all analyses and evaluations should be recorded and communicated to relevant personnel. 7.7.4 Risk treatment Solutions to eliminate, mitigate, transfer, share or accept risks, and plans to take advantage of opportunities should preferably be based on known technologies or data from past experience. Consciously accepted risks should be identified and the reasons for accepting them recorded. When a solution to an identified risk is proposed, it should be verified that there will be no undesirable effects or new risks introduced by its implementation, and that the resulting residual risk is addressed. When contingencies to manage risks are made in the time schedule or in the budget, they should be identified and maintained separately. Special attention should be given to developing solutions for potential risks arising from activity-, process- and product/service-related interactions between the project organization, the originating organization and interested parties. © ISO 2017 – All rights reserved 23 BS ISO 10006:2017 ISO 10006:2017(E) 7.7.5 Risk control Throughout the project, risks should be monitored and controlled by an iterative process of risk identification, risk assessment and risk treatment. The project should be managed by taking into account that there are always risks. Personnel should be encouraged to anticipate and identify risks and report them to the project organization. Risk management plans should be maintained ready for use. Reports on project risk monitoring should be part of progress evaluations. 7.8 Procurement processes 7.8.1 General The procurement processes deal with obtaining products/services for the project. NOTE 1 ISO 9001:2015, 8.4, describes requirements for the control of externally provided processes and products/services. The procurement processes are: a) procurement planning and control (see 7.8.2); b) documentation of procurement requirements (see 7.8.3); c) external provider management and development (see 7.8.4); d) contracting (see 7.8.5); e) contract control (see 7.8.6). NOTE 2 See Annex A for an overview of processes. NOTE 3 The terms “purchase”, “acquisition” or “procurement” are also often used in this context. 7.8.2 Procurement planning and control A procurement plan should be prepared in which the products or services to be obtained are identified and scheduled, taking note o f product/service requirements including specification, time and cost. All products/services that are input to the project should be subjected to the same levels of procurement controls, regardless of whether they are obtained from external providers or from the originating organization (i.e. “in-house”). External products/services are normally obtained by contract. In-house products/services can be obtained using internal acquisition processes and controls. For in-house products/services, some o f the procurement controls described in this subclause may be simplified. Procurement should be planned so that the interfaces and interactions with external providers can be managed by the project organization. Adequate time should be allocated to complete the activities in the procurement processes. Previous experience of external provider performance should be used to plan for potential problems, such as the delivery of items with long delivery times. To provide adequate procurement control, the project organization should carry out regular reviews of the procurement progress, which should be compared to the procurement plan and action should be taken if needed. The results of the reviews should be input into progress evaluations. 24 © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) 7.8.3 Documentation of procurement requirements Procurement documents should identify the products/services, their characteristics, appropriate quality management system requirements and associated documented information. They should also include procurement responsibility, cost and delivery dates for the products/services, requirements for auditing (when necessary) and right of access to external provider premises. It should be ensured that customer requirements are taken into account in the procurement documented information. Tendering documented information (e.g. “requests for quotation”) should be structured to facilitate comparable and complete responses from potential external providers. Procurement documented information should be reviewed before distribution, to verify that all product/service-related requirements, and other aspects (such as procurement responsibility), are comple tely s p e ci fie d . 7.8.4 External provider management and development External providers to the project should be evaluated. An evaluation should consider all the aspects of an external provider that can impact on the project, such as technical experience, production capability, del iver y ti me s , qua l ity ma nagement s ys tem a nd fi nanci a l s tabi l ity. A register of approved external providers should be maintained by the project organization. A register may also be maintained by the originating organization and be communicated to the project organization, where applicable. 7.8.5 Contracting There should be a process for the project organization to contract with external providers to the project. It should include communication of the project’s quality management system requirements and, where applicable, the quality policy, quality objectives and contract quality plan requirements. The external provider should be requested to provide a contract quality plan as a part of the tender evaluation process. I n tender eva luation s , a l l devi ation s be identi fie d a nd ta ken i nto from accou nt in the s p e c i fication i n a n ex terna l provider prop o s a l s hou ld the eva luation . D evi ation s from the s p e c i fic ation, a nd recommendations for improvement, should be approved by the same functions that carried out the origi na l review a nd approva l o f the s p e ci fic ation . Cost evaluation of tenders should be based, not only on the price from external providers, but also on other associated costs, such as cost of operation, maintenance, licences, transport, insurance, customs duty, exchange rate variation, inspection, audits and resolution of deviations. The contract documented information should be reviewed to ensure that it includes the results of any pre-contract negotiation with the external provider. Before contracting for the supply of products/services, the external provider’s quality management system should be evaluated. The project organization should consider: a) the reliability of other evidence that the external provider is capable of meeting quality management system requirements; b) the surveillance of contract performance that will be required to ensure that project requirements, including quality requirements, will be met. 7.8.6 Contract control Contract control starts at the placing of the contract, or at the time of an agreement in principle to award the contract, such as a letter of intent. A system should be implemented to ensure that the contract conditions, including due dates and required documented information, are met. © ISO 2017 – All rights reserved 25 BS ISO 10006:2017 ISO 10006:2017(E) Contract control should include the establishment of appropriate contractual relationships and the integration of the outputs from these relationships into the overall management of the project. External providers’ performance should be monitored to ensure that it meets contract conditions. The results of monitoring should be fed back to external providers and any actions agreed. P rior to contrac t clo s u re, it s hou ld b e veri fie d th at a l l contrac t cond ition s h ave b e en me t and that feedback on external provider performance has been obtained to update the register of approved external providers. 8 Measurement, analysis and improvement in projects 8.1 General This clause provides guidance on how the originating and project organizations should learn from projects. Both organizations should use the results of measurement and the analysis of data from the project processes and should apply methods for correcting, preventing or reducing undesired effects (see ISO 9001:2015, Clause 10) to enable continual improvement in both current and future projects. 8.2 Measurement and analysis The originating organization should ensure that the measurement, collection and validation of data are e ffe c tive and e ffic ient, i n order to i mprove the origi nati ng orga n i z ation’s p er forma nce and to en h ance the satisfaction of the customer and other interested parties. Examples of the measurement of performance include: a) evaluation of individual activities and processes; b) auditing; c) evaluation of the actual resources used, together with cost and time, compared to the original estimates; d) evaluation of products/services; e) evaluation of external provider performance; f) achievement of project objectives; g) satisfaction of the customer and other interested parties. NOTE Further information on performance evaluation is given in ISO 9001:2015, Clause 9. The managers responsible for the project from the project organization should ensure that documented information on nonconformities and the disposition of the nonconformities in the project’s products/services and processes is analysed to assist learning and to provide data for improvement. The project organization, in conjunction with the customer, should decide which nonconformities should be recorded and which corrective actions undertaken. 8.3 Improvement 8.3.1 T he Improvement by the originating organization origi nati ng organ i z ation shou ld defi ne the i n formation it ne e d s to le arn from proj e c ts and should establish a system for identifying, collecting, storing, updating and retrieving information from projects. 26 © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) The originating organization should ensure that the information management system for its projects is designed to determine and collect relevant information from the projects, in order to improve project management processes. T he origi nati ng organ i z ation shou ld mai ntai n a l i s t o f a l l s ign i fic ant ri s ks manage d b y its proj e c ts (see 7.7.5). The originating organization should ensure that relevant information is used by other projects that it originates. The relevant information needed to learn from projects can be derived from information contained within the project, including feedback from the customer and other interested parties. Information can also be derived from other sources, such as project logs, appropriate closure reports, claims, audit results, analysis of data, corrective and preventive actions, and project reviews. Before using this i n formation, its va l id ity s hou ld b e veri fie d b y the origi nati ng organ i z ation . Just prior to closing the project, the originating organization should carry out reviews of the project’s performance, highlighting experience from the project that can be used by other projects. The results of the reviews should be retained as documented information. The project management plan should be used as the framework for conducting the review. If possible, these reviews should involve the customer and other interested parties. For long-term projects, interim reviews should be considered to collect information more effectively and to allow for timely improvements. 8.3.2 Improvement by the project organization The project organization should design the project’s information management system to implement the re qu i rements s p e ci fie d for le arn i ng from the proj e c t by the origi nati ng organ i z ation . The project organization should ensure that the information it provides to the originating organization is accurate and complete. The project organization should implement improvements using information relevant to the project, which has been established by the originating organization using the system described in 8.3.1. NOTE ISO 9001:2015, Clause 10, provides further information on improvement. © ISO 2017 – All rights reserved 27 BS ISO 10006:2017 ISO 10006:2017(E) Annex A (informative) Overview of processes for quality management in projects Table A.1 provides an overview of processes for quality management in projects. NOTE 1 ISO 21500 gives guidance on project management processes. NOTE 2 The processes listed might not be required in every project and some projects can require additional project management processes. Table A.1 — Overview of processes for quality management in projects Clause Clause 5 Management responsibility in projects Subclause 5.2 Strategic process 6.1 Resourcerelated processes Clause 6 Resource management in projects 6.2 Personnelrelated processes Subclause 7.2 Interdependent processes Strategic 6.1.2 Resource planning 6.1.3 Resource control D e fi n i ng a proj e c t orga n i z ation a l 6.2.2 Establishment of the project organizational structure 6.2.3 Allocation of personnel S ele c ti n g a nd a s s ign i ng s u ffic ient 6.2.4 Team development 7.2.3 7.2.4 7.2.5 28 Process description A direction-setting process which includes planning the establishment and implementation of the quality management system based on the application of the quality management principles. Identifying, estimating, scheduling and allocating all relevant resources. Comparing actual usage against resource plans and taking action if needed. — 7.2.2 Clause 7 Product/service realization in projects Process Project initiation and project management plan development Interaction management Change management Process and project closure structure tailored to suit the project needs, including identifying roles in the p roj e c t a nd de fi n i ng author ity a nd responsibility. personnel with the appropriate competence to suit the project needs. Developing individual and team skills and the ability to enhance project performance. Evaluating customer’s and other interested parties’ requirements, preparing a project management plan and initiating other processes. Managing interactions during the project. Anticipating change and managing it across all processes. Closing processes and obtaining feedback. © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) Clause Subclause Subclause 7.3.2 7.3 Scope-related processes 7.3.3 7.3.4 7.3.5 7.4.2 Clause 7 Product/service realization in projects 7.4 Time-related processes Schedule development 7.4.5 Schedule control 7.5.3 7.6.3 7.6.4 7.7.2 7.7.3 7.7.4 7.7.5 © ISO 2017 – All rights reserved Control of activities Planning of activity dependencies 7.4.4 7.6.2 7.7 Risk-related processes activities Estimation of duration 7.5.4 7.6 Communicationrelated processes D e fi n ition o f 7.4.3 7.5.2 7.5 Cost-related processes Process Concept development Scope development and control Process description D e fi n i n g the b ro ad o utl i ne s o f wh at the project product will do. Documenting the characteristics of the project product in measurable terms and controlling them. Identifying and documenting activities and steps required to achieve the project objectives. Controlling the actual work carried out in the project. Identifying interrelationships and the logical interactions and dependencies among project activities. Estimating the duration of each ac ti vity i n co n ne c tio n with the s p e c i fic conditions and the resources required. Interrelating the project time objectives, activity dependencies and their durations as the framework for developing general and detailed schedules. Controlling the realization of the proj e c t ac ti vitie s , for co n fi r m i n g the proposed schedule or for taking adequate actions for recovering from delays. cost estimates for the Cost estimation Developing project. Using results from cost estimation to Budgeting produce the project budget. Controlling costs and deviations from Cost control the project budget. Communication Planning the information and planning communication systems of the project. Making necessary information Information available to project organization management members and other interested parties. communication in Communication Controlling accordance with the planned control communication system. Risk Determining risks in the project. identi fic ation Evaluating the probability of Risk assessment occurrence of risk events and the impact of risk events on the project. Developing plans for responding to Risk treatment risks. Implementing and updating the risk Risk control plans. 29 BS ISO 10006:2017 ISO 10006:2017(E) Clause Subclause Subclause 7.8.2 Clause 7 Product/service realization in projects 7.8.3 7.8 Procurement processes 7.8.4 7.8.5 7.8.6 Clause 8 Measurement, analysis and improvement in projects 8.1 General — 8.2 Measurement and analysis — 8.3.1 8.3 Improvement 30 8.3.2 Process Procurement planning and control Documentation of procurement requirements External provider management and development Process description Identifying and controlling what is to be purchased and when. Compiling commercial conditions and technical requirements. Evaluating and determining which external providers and subcontractors should be invited to supply products. Issuing invitations to tender, tender evaluation, negotiation, preparation and placing of the subcontract. Ensuring that subcontractors’ Contract control performance meets contractual requirements. Gives guidance on how both the Improvement originating and project organizations should learn from projects. Gives guidance on the measurement, Measurement collection and validation of data for and analysis continual improvement. Improvement by The steps the originating organization the originating should take for continual improvement organization of the project process. The information that the project Improvement organization should supply to the by the project originating organization to enable organization continual improvement. Contracting © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) Annex B (informative) Cross reference matrix between this document, ISO 9001:2015 and ISO 21500:2012 Table B.1 provides a cross reference matrix between this document, ISO 9001:2015 and ISO 21500:2012. Table B.1 — Cross reference matrix between this document, ISO 9001:2015 and ISO 21500:2012 This document Foreword Introduction 1. Scope 2. Normative references ISO 9001:2015 Foreword Introduction 1. Scope 2. Normative references ISO 21500:2012 Foreword Introduction 1. Scope 3 . Terms and definitions 3 . Terms and definitions 2 . Terms and definitions 4. Quality management systems in projects 4.1 Context and characteristics of the project 4. Context of the organization 3. Project management concepts 4.1.1 General 4.1.2 Organizations 4.1.3 Phases and processes in projects 4.1.4 Project management processes 4.1 Understanding the organization 3.1 General and its context 3.2 Project 4.2 Understanding the needs and expectations of interested parties 3.4 Organizational strategy and projects 4.3 Determining the scope of the 3.5 Project environment quality management system 3.11 Project constraints 3.12 Relationship between project management concepts and processes 4. Project management processes 4.1 Project management process application 4.2 Process groups and subject groups 4.3 Processes 4.2 Quality management principles 4.3 Project quality management 4.4 Quality management system processes and its processes 4.4 Quality plan for the project 5. Management responsibility in 5. Leadership projects 4.3.32 to 4.3.34 3.3 Project management 3.6 Project governance 3.8 Stakeholders and project organization 5.1 Top management commitment 5.1 Leadership and commitment 5.2 Policy 5.2 Strategic process © ISO 2017 – All rights reserved 31 BS ISO 10006:2017 ISO 10006:2017(E) This document 5.3 Management reviews and progress evaluations 6. Resource management in projects 6.1 Resource-related processes 6.2 Personnel-related processes 7. Products/services realization in projects ISO 9001:2015 5.3 Organizational roles, responsibilities and authorities 9. Performance evaluation 9.2 Internal audit 9.3 Management review 7. Support 7.2 Competence 7.3 Awareness 7.4 Communication 7.5 Documented information 7.1 Resources 8. Operation ISO 21500:2012 4.3.15 to 4.3.20 4.3.6 to 4.3.31 3.9 Competencies of project personnel 3.7 Projects and operations 8.1 Operational planning and control 8.2 Requirements for products and services 8.3 Design and development of products and services 8.4 Control of externally provided processes, products and services 8.5 Production and service provision 8.6 Release of products and services 8.7 Control of nonconforming outputs 7.1 General 7.2 Interdependent processes 7.3 Scope-related processes 7.4 Time-related processes 6. Planning 4.3.21 to 4.3.24 6.2 Quality objectives and planning 4.3.9 to achieve them 6.3 Planning of changes 7.5 Cost-related processes 7.6 Communication-related processes 7.7 Risk-related processes 7.8 Procurement processes 8. Measurement, analysis and improvement in projects 8.1 General 8.2 Measurement and analysis 32 4.3.25 to 4.3.27 4.3.38 to 4.3.40 6.1 Actions to address risks and opportunities 4.3.28 to 4.3.31 4.3.35 to 4.3.37 10. Improvement 10.1 General 9.1 Monitoring, measurement, analysis and evaluation © ISO 2017 – All rights reserved BS ISO 10006:2017 ISO 10006:2017(E) This document 8.3 Improvement Annex A (informative): Overview of processes for quality management in projects Annex B (informative): Cross reference matrix between this document, ISO 9001:2015 and ISO 21500:2012 © ISO 2017 – All rights reserved ISO 9001:2015 10.2 Nonconformity and corrective action 10.3 Continual improvement ISO 21500:2012 4.3.8 Annex A (informative): Process group processes mapped to subject groups 33 BS ISO 10006:2017 ISO 10006:2017(E) Bibliography [1] [2] ISO 9001:2015, Quality management systems — Requirements ISO 9004, Managing for the sustained success ofan organization — A quality management approach [3] ISO 10005 2) , Quality management — Guidelines for quality plans [4] ISO 10007, Quality management — Guidelines for con figuration management [5] ISO/TR 10013, Guidelines for quality management system documentation [6] ISO 10014, Quality management — Guidelines for realizing financial and economic benefits [7] [8] [9] [10] [11] [12] [13] [14] [15] ISO 10015, Quality management — Guidelines for training ISO/TR 10017, Guidance on statistical techniques for ISO 9001:2000 ISO 19011, Guidelines for auditing management systems ISO 21500:2012, Guidance on project management ISO 31000, Risk management — Principles and guidelines ISO/IEC 12207, Systems and software engineering — Software life cycle processes ISO/IEC 17000, Conformity assessment — Vocabulary and general principles ISO Guide 73, Risk management — Vocabulary IEC 62198, Managing risk in projects — Application guidelines 2) Under preparation. Stage at the time of publication: ISO/FDIS 10005:2017. 34 © ISO 2017 – All rights reserved This page deliberately left blank NO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAW British Standards Institution (BSI) BSI is the national body responsible for preparing British Standards and other standards-related publications, information and services. BSI is incorporated by Royal Charter. British Standards and other standardization products are published by BSI Standards Limited. About us Reproducing extracts We bring together business, industry, government, consumers, innovators and others to shape their combined experience and expertise into standards -based solutions. For permission to reproduce content from BSI publications contact the BSI Copyright & Licensing team. The knowledge embodied in our standards has been carefully assembled in a dependable format and ref ned through our open consultation process. Organizations of all sizes and across all sectors choose standards to help them achieve their goals. Information on standards We can provide you with the knowledge that your organization needs to succeed. Find out more about British Standards by visiting our website at bsigroup.com/standards or contacting our Customer Services team or Knowledge Centre. Buying standards You can buy and download PDF versions of BSI publications, including British and adopted European and international standards, through our website at bsigroup.com/shop, where hard copies can also be purchased. If you need international and foreign standards from other Standards Development Organizations, hard copies can be ordered from our Customer Services team. Copyright in BSI publications All the content in BSI publications, including British Standards, is the property of and copyrighted by BSI or some person or entity that owns copyright in the information used (such as the international standardization bodies) and has formally licensed such information to BSI for commercial publication and use. Save for the provisions below, you may not transfer, share or disseminate any portion of the standard to any other person. You may not adapt, distribute, commercially exploit, or publicly display the standard or any portion thereof in any manner whatsoever without BSI’s prior written consent. Storing and using standards Standards purchased in soft copy format: • A British Standard purchased in soft copy format is licensed to a sole named user for personal or internal company use only. • The standard may be stored on more than 1 device provided that it is accessible by the sole named user only and that only 1 copy is accessed at any one time. • A single paper copy may be printed for personal or internal company use only. • Standards purchased in hard copy format: • A British Standard purchased in hard copy format is for personal or internal company use only. • It may not be further reproduced – in any format – to create an additional copy. This includes scanning of the document. If you need more than 1 copy of the document, or if you wish to share the document on an internal network, you can save money by choosing a subscription product (see ‘Subscriptions’). Subscriptions Our range of subscription services are designed to make using standards easier for you. For further information on our subscription products go to bsigroup.com/subscriptions. With British Standards Online (BSOL) you’ll have instant access to over 55,000 British and adopted European and international standards from your desktop. It’s available 24/7 and is refreshed daily so you’ll always be up to date. You can keep in touch with standards developments and receive substantial discounts on the purchase price of standards, both in single copy and subscription format, by becoming a BSI Subscribing Member. PLUS is an updating service exclusive to BSI Subscribing Members. You will automatically receive the latest hard copy of your standards when they’re revised or replaced. To f nd out more about becoming a BSI Subscribing Member and the benef ts of membership, please visit bsigroup.com/shop. With a Multi-User Network Licence (MUNL) you are able to host standards publications on your intranet. Licences can cover as few or as many users as you wish. With updates supplied as soon as they’re available, you can be sure your documentation is current. For further information, email subscriptions@bsigroup.com. Revisions Our British Standards and other publications are updated by amendment or revision. We continually improve the quality of our products and services to benef t your business. If you f nd an inaccuracy or ambiguity within a British Standard or other BSI publication please inform the Knowledge Centre. Useful Contacts Customer Services Tel: +44 345 086 9001 Email (orders): orders@bsigroup. com Email (enquiries): cservices@bsigroup. com Subscriptions Tel: +44 345 086 9001 Email: subscriptions@bsigroup. com Knowledge Centre Tel: +44 20 8996 7004 Email: knowledgecentre@bsigroup. com Copyright & Licensing Tel: +44 20 8996 7070 Email: copyright@bsigroup. com BSI Group Headquarters 389 Chiswick High Road London W4 4AL UK This page deliberately left blank