Cmm Overview

Key Points

▲ The Capability Maturity Model is a good perspective from which to assess the process framework presented in this book. Appropriately implemented and adopted with conviction, the process framework should achieve a level 3 or 4 maturity.

▲ The real indicators of a mature process are predictable results and project performance that demonstrates improvement on subsequent activities.

A Having a mature process in place is far more important than merely passing an audit.

▲ A mature process would pass a surprise audit. If an organization says what it does and does what it says, there is no need to prepare for an audit.

The CMM defines five levels of software process maturity based on an organization's support for certain "key" process areas (KPAs). A level 1 (initial) process describes an organization with an immature or undefined process. Level 2 (repeatable), level 3 (defined), level 4 (managed), and level 5 (optimizing) maturities describe organizations with higher levels of software process maturity. The associated KPAs for these levels are summarized as follows:

• Level 2 KPAs: requirements management, software project planning, software project tracking and oversight, software subcontract management, software quality assurance, software configuration management

364 process improvement and mapping to the cmm

• Level 3 KPAs: organizational process focus, organizational process definition, training program, integrated software management, software product engineering, intergroup coordination, peer reviews

• Level 4 KPAs: process measurement and analysis, quality management, defect prevention

• Level 5 KPAs: technology innovation, process change management

The goal for most organizations is to achieve a level 3 process. A software capability evaluation (SCE) is commonly used to assess an organization's maturity. An SCE determines whether the organization "says what it does and does what it says" by evaluating the organization's software process (usually in the form of policy statements) and project practices. The organization policy—capturing the "say what you do"—and project implementations—demonstrating the "do what you say"—are evaluated under the KPA framework. The evaluation process is not perfect, but it is a good relative indicator of software process maturity.

A typical SCE uses the SEI Maturity Questionnaire [SEI, 1998] as part of a thorough audit. The evaluation includes detailed analyses, interviews, and other forms of assessment. The questionnaire is generally used as an entry point to provide context for initiating the evaluation.

There have been many different assessments of the distribution of software organizations across the five levels. Table E-l approximates this distribution for the software industry around 1995.

One of the key drawbacks of the SEI CMM is that the KPAs focus primarily on the document artifacts of the conventional process, such as design, requirements, and traceability documents, as well as subcontracts, contracts, plans, and reports. Very few of the KPAs actually address the evolving engineering artifacts (requirements models, design models, source code, or executable code), the level of process automation in the environment, or the software architecture process. In other words, many of

Table E-l. Industry distribution across maturity levels
Project Management Made Easy

Project Management Made Easy

What you need to know about… Project Management Made Easy! Project management consists of more than just a large building project and can encompass small projects as well. No matter what the size of your project, you need to have some sort of project management. How you manage your project has everything to do with its outcome.

Get My Free Ebook

Post a comment