33 Capability Maturity Model

R. Baskaran

 

CAPABILITY MATURITY MODEL

 

Capability Maturity Model is a method of assessment used to develop and refine the software development process used by organisations.

 

LEARNING OBJECTIVES 

 

• To give the importance of regulation and standards.

• To detail on the continuous Process Improvement

• To indicate the various timeline measures

 

DEFINITIONS 

 

Regulation: “A legal restriction promulgated by government administrative agencies through rulemaking supported by a threat of sanction or a fine.”

Standard: “A level of quality or excellence that is accepted as the norm or by which actual attainments are judged.”

 

Reasons to Regulate and Impose Standards 

 

The reasons to regulate and impose standards are as follows:

 

•  To Ensure quality & maintain competitiveness

•  To avoid disparate practices within same industry.

•  Increasing Cost of IT.

•  Increasing size of IT workforce.

 

International Standard Organization (ISO) 

 

It is the world’s leading developer of International Standards and has 156 member countries. Its portfolio holds more than 15,036 standards that are used in every sector of business, industry and technology. The ISO partners include:

  • International Electro-technical Commission (IEC)
  • International Telecommunication Union (ITU)
  • World Bank

 

ISO Path Forward: 

  • The environment – It develops standards for meeting new requirements such as greenhouse gas verification, climate mitigation, and other aspects of sustainable development.
  • The service sectors – It provides standards for personal financial services, market opinion, social research and tourism.
  • Security – It comprises of maritime port security, freight transport, countering illegal trafficking.
  • Good Managerial and Organizational Practice – It develops social responsibility.

 

ISO Benefits: 

  • Worldwide recognition (156 members, developed, developing countries)
  • Level the playing field. 
  • Disseminate new technologies and businesses.

 

CMM (CAPABILITY MATURITY MODEL)

 

The Capability Maturity Model was created by the Software Engineering Institute, a research center founded by Congress in 1984. It is a structure designed to direct IT organizations through software process improvement with the philosophy of “continuous process improvement”. Capability Maturity Model is a method of assessment used to develop and refine the software development process used by organisations. It is a five level capability model based on management styles using quantitative methods and generic process areas which defines ‘what’ not ‘how’.

 

Evolution of CMM 

 

The original release of software engineering CMM was in 1993, after this more variants were developed. It is tailored to fit a particular organisation such as,

  • System engineering CMM (SE-CMM)
  • Trusted CMM (T-CMM)
  • Security system engineering CMM (SE-CMM)
  • People CMM (P-CMM)
  • Integrated product development CMM (IPD-CMM)

 

Goals of CMM 

 

The goal of CMM is to provide an organization with the framework for improving its processes and its ability to manage the development, acquisition, and maintenance of products or services. This is provided through appraisals and assessments of the organization’s processes, based on CMM criteria. It provides “clients” with a maturity scale rating for potential vendors. The more mature an organization (Higher CMM Rating), the more likely its processes and development are to succeed.

 

Motivation to CMM/CMMI 

 

In the 1980’s military projects ran over budget and United States Air Force funded SEI study. The model CMM was being used for software development, but problems were found when multiple instances of CMM were being used. CMMI was created to address this issue. CMMI is Capability Maturity Model Integrated.

 

Features of CMM 

 

The features of CMM include:

 

•  The organization’s activities are explicitly linked to the business objectives.

•  The visibility into the organization’s activities is increased to help you ensure that your product or service meets the customer’s expectations.

•   Learn from new areas of best practice.

•   Maturity model structure comprises of

    • Maturity Levels.
    • Key Process Areas.
    • Goals.
    • Common Features

 

CMM vs. Six Sigma 

 

CMM

  • CMM is designed with software in mind
  • Design goals – These do not focus on the customer.
  • Organization Improvement – Improve methods and processes.
  • Key Process Areas: Initial, Repeatable, Defined, Managed, Optimizing.
  • Planning and Management oriented.

 

Six Sigma 

  • Design goals – customer demands & enterprise strategy.
  • Quality Characteristics – Reduce number of errors to n-LOC.
  • Design alternatives – High level design.
  • Plan for verification.
  • Pilot runs.

 

It works together well at the higher CMM levels like CMM Level 5, mostly in line together although CMM is an organizational change model. At CMM Level 1-4, Six Sigma can although be used at these levels, its goals are competing with CMM.

 

CMM vs. ISO 

 

CMM

  • Continuous process improvement
  • Scope – Software.
  • Customer satisfaction is not part of CMM
  • Concept – Best practices derived from industry leaders, and a rating system

 

ISO 

  • Acceptable quality system
  • Scope – Hardware, software, processed materials and services.
  • Customer satisfaction is important in ISO requirements.
  • Concept – Certification tool

 

They both can be used together and they overlap (not 100%, but significant enough). If you are at level 3 CMM it is usually easy to get ISO 9001 certified (level 2 can also, without too much grief). Both are for improvement of software. ISO is to conform to ISO standards; CMM is to follow industry standards.  You can use an industry standard that conforms to ISO.

 

CMM STAGED REPRESENTATION – 5 MATURITY LEVELS 

 

Standards of ISO:

  • ISO 9000-1: is a general guideline which gives background information about the family of standards.
  • ISO 9001,  ISO  9002  and  ISO  9003  are  standards  in  the  family  containing requirements on a supplier.
  • ISO 9002 and ISO 9003 are subsets of ISO
  • ISO 9004 is comprehensive guideline to the use of the ISO 9000 standards.
  • ISO 9000-3 is a guideline on how to use ISO 9001 for software development
  • ISO 9004-2 is a guideline for the applications of ISO 9001 to the supply of services (including computer centers and other suppliers of data services).

 

Web Links

  • istqbexamcertification.com/what-is-cmm-capability-maturity-model-what-are-cmm-levels/
  • www.selectbs.com/process-maturity/what-is-the-capability-maturity-model
  • https://www.sei.cmu.edu/reports/93tr024.pdf

 

Supporting & Reference Materials

  • Roger S. Pressman, “Software Engineering: A Practitioner’s Approach”, Fifth Edition, McGraw Hill, 2001.
  • Pankaj Jalote, “An Integrated Approach to Software Engineering”, Second Edition, Narosa Publications, 2005.
  • Ian Sommerville, “Software Engineering”, Tenth Edition, Pearson education, 2017.