CMM AND ISO CERTIFICATION - PowerPoint PPT Presentation

About This Presentation
Title:

CMM AND ISO CERTIFICATION

Description:

CMM AND ISO CERTIFICATION GRANT GRIFFEY JOHN ALEXANDER DAVID SOLOVITZ KATIE MANAHAN Presentation Objectives Explanation of CMM CMM Case Study Infosys Explanation ... – PowerPoint PPT presentation

Number of Views:440
Avg rating:3.0/5.0
Slides: 66
Provided by: Own2705
Learn more at: https://www.umsl.edu
Category:

less

Transcript and Presenter's Notes

Title: CMM AND ISO CERTIFICATION


1
CMM AND ISO CERTIFICATION
  • GRANT GRIFFEY
  • JOHN ALEXANDER
  • DAVID SOLOVITZ
  • KATIE MANAHAN

2
Presentation Objectives
  • Explanation of CMM
  • CMM Case Study Infosys
  • Explanation of ISO 9000/14000
  • ISO Examples Baublitz Advertising and
    Industrial Security Services Inc.
  • Comparison
  • Questions?

3
Capability Maturity Model
  • What is it?
  • What is its purpose?
  • How does it help the company?
  • What are the major advantages?
  • What are the major disadvantages?
  • What is the future of CMM?

4
What is CMM?
  • Capabilities Maturity Model
  • Quantifies ability for a company to produce high
    quality software

5
History of CMM
  • In 1984, Congress founded a non-profit group that
    could impact the growing field of IT and obtain
    standardized, consistent processes
  • Created Software Engineering Institute or SEI,
    which was headquartered at Carnegie Melon
    University at Pittsburgh

6
History of CMM
  • In 1991, the first version of CMM was created by
    SEI
  • Was created to help improve the practice of
    software engineering and establish protocols and
    methodologies in software development
  • By 2003, over 2000 organizations have been
    appraised

7
What is CMM?
  • Describes a framework of 5 stages of software
    maturity

8
Predictability/Risk Relationship
9
Country Level 4 Level 5 Total
India 27 50 77
USA 39 20 59
China 0 2 2
Australia 2 0 2
Canada 0 1 1
Russia 0 1 1
France 1 0 1
Ireland 1 0 1
Israel 1 0 1
Singapore 1 0 1
10
Key Process Areas
  • Each level of CMM specifies not only general
    goals, but defines how the company/organization
    should operate at each level
  • Key process areas are major functional areas that
    need to be incorporated into the organization
    when working with CMM

11
LEVELS OF CMM
  • Level 1 Initial
  • 25 months to get to level 2
  • Level 2 Repeatable
  • 23 months to get to level 3
  • Level 3 Defined
  • 28 months to get to level 4
  • Level 4 Managed
  • 15 months to get to level 5
  • Level 5 - Optimizing

12
LEVEL 1 - INITIAL
  • Characteristics
  • Processes are chaotic and disorganized
  • Few formal rules
  • Most companies would achieve Level 1 if they were
    assessed
  • Comprises approx. 12 of certifications between
    1998-2001

13
Level 1 Key Process Areas
  • According to Persee in Implementing the
    Capability Maturity Model, most groups qualify
    for level 1 certification without knowing it.
  • Have no processes for software development
  • Have processes in place without formal assessment
  • Therefore, there are no key processes

14
CMM Case Study - Infosys
  • Infosys is a software house based in
  • Bangalore, India
  • Revenues have grown at an annual rate of over 70
    each of the last 5 years
  • Infosys has been assessed at level 4 of the CMM

15
Level 1 Initial (Infosys)
  • At level one a customer will get in contact with
    Infosys
  • Customer will request information from Infosys
    about itself. This is called request for
    information (RFI)
  • If only a single project is the goal, the
    customer will then send back a request for
    proposal (RFP)

16
Level 1 Initial (Infosys)
  • From RFP, Infosys will prepare and send a
    proposal.
  • Many models for proposal
  • ie. Fixed price RFP is analyzed and a cost is
    determined from estimating manpower effort and
    scheduling
  • Proposal is fixed because customer will give
    agreed price unless requirements change
  • Requirements usually change, and projects are
    split into two parts
  • Creating detailed requirements analysis
  • Developing the software

17
LEVEL 2 - REPEATABLE
  • Characteristics
  • Defined and documented processes
  • Success is repeated
  • Basic project management techniques track costs,
    schedules, etc
  • Largest percentage of companies assessed between
    1998-2001

18
Level 2 Key Process Areas
  • Establish basic set of management controls
  • Requirements management
  • Software project planning
  • Software project tracking and oversight
  • Software quality assurance
  • Software configuration management
  • Subcontractor management

19
Level 2 Repeatable (Infosys)
  • Two major activities
  • Requirements analysis and specification
  • Requirements change management
  • Main objective of requirements analysis is to
    produce the software requirement specification
    document (SRS)
  • Step by step process for requirements analysis
  • Prepare Gather/elicit requirements Analyze
    Prepare SRS Review Obtain sign off

20
Level 2 Repeatable (Infosys)
  • Requirements change management
  • Changes can come at any time during a project
  • Process for dealing with changes
  • Log the changes
  • Perform impact analysis on the work products
  • Estimate effort needed for the change request
  • Re-estimate delivery schedule
  • Perform cumulative cost impact analysis
  • Review the impact with senior management if
    thresholds are exceeded
  • Obtain customer sign-off
  • Rework work products
  • A danger of requirements change is that even
    though changes are usually small, the cumulative
    effect can be great

21
LEVEL 3 - DEFINED
  • Characteristics
  • Standardized software process meets organizations
    needs
  • Process follows defines process

22
Level 3 Key Process Areas
  • Emphasizes project and organizational issues
  • Organizational process focus
  • Organizational process definition
  • Process training program
  • Integrated software management
  • Software product engineering
  • Inter-group coordination
  • Peer reviews

23
Level 3 Defined (Infosys)
  • KPA Peer Review
  • Defects are inevitable, reviews are done to
    identify defects
  • The best form of review is a formal group review
    (in authors opinion)
  • 4 stages to a group review
  • Planning
  • Verify entry criteria
  • Select the group review team
  • Prepare the group review package

24
Level 3 Defined (Infosys)
  • Overview and Preparation
  • Call a meeting to describe review objectives
  • Provide an overview of the work product
  • Review group review work individually
  • Group Review Meeting
  • Conduct meeting
  • Record defects
  • Summarize issues and close meeting
  • Rework and Follow-up
  • Perform rework to fix defects detected
  • Perform investigation and provide results to
    author
  • Prepare a summary report and send it to the SEPG

25
LEVEL 4 - MANAGED
  • Characteristics
  • Processes are predictable
  • Management can adjust processes to specific
    projects without affecting overall quality
  • Detailed measurements of process and product
    quality are collected
  • 65 of Motorolas Global Software Group is at
    Level 4 or greater

26
Level 4 Key Process Areas
  • Establish quantitative understanding of software
    process and software products
  • Quantitative process management
  • Software quality management

27
Level 4 Managed (Infosys)
  • The goal of quality management is to plan quality
    control activities and to properly execute and
    control these activities so that defects are
    detected before software is delivered
  • The later a defect is detected, the more it cost
    to remove

28
Level 4 Managed (Infosys)
  • Quality Management
  • Quality management focuses on the defect
    injection and removal cycle

29
Level 4 Managed (Infosys)
  • Quantitative Quality Management
  • Human reviews are done during RA, Design, and
    coding phases.
  • After these phases comes the testing
  • UT, IT/ST and AT (quantitative)

30
Level 4 Managed (Infosys)
  • Defect Removal Efficiency
  • Tool used to measure effectiveness of quality
    control activities
  • DRE

31
LEVEL 5 - OPTIMIZING
  • Characteristics
  • Processes are continuously improving through
    feedback and shared ideas
  • 147 organizations from 10 different countries
    that have achieved Level 5 certification

32
Level 5 Key Process Areas
  • Addresses issues for continuous, measurable
    software process improvement
  • Technology change management
  • Process change management

33
How to reach each level of CMM
  • 6 stage process involving senior management and
    coaches from SEI or other licensed assessment
    vendor
  • 1. Selection stage
  • 2. Commitment stage
  • 3. Preparation stage
  • 4. Assessment phase
  • 5. Report stage
  • 6. Assessment follow-up stage

34
How to Reach each level of CMM
  • No reassessment is completed once a company
    achieves any level of CMM
  • Assumed that company will continue to maintain
    levels achieved

35
CMM success factors and pitfalls
  • Creating strategic motivation to pursue
    certification
  • Internal help build capabilities crucial to
    success of company
  • External reassurance of customers
  • Increases visibility to customers
  • Customer recognition of certification importance
    may not reflect changing in their own
    organization with regards to maturity
  • Sustaining management commitment
  • Necessary for substantial time and financial
    investment by management
  • Improper motivation for obtaining CMM
    certification
  • Expenditure versus investment

36
CMM Success Factors and Pitfalls
  • Ensuring organizational socialization to
    encourage developer buy-in for process discipline
  • Shift in attitude from independent to
    interdependent
  • Everyone may not be on board
  • Broad participation in defining and refining
    processes
  • Involve as many people as possible to foster
    acceptance of program
  • Managers do not explain rationale behind some
    process requirements

37
Benefits of CMM Certification
  • Productivity increases
  • According to one study, software productivity
    increased 35
  • Decrease in defects
  • Post-release defects lowered by 39
  • Cost savings
  • 9.2 million dollars were saved within a 3 year
    period on software re-works

38
International Standards Organization
  • The international standards organization
    specifies requirements for a quality management
    system
  • Basic form of the Standard requires
  • Understand product and service requirements
  • Establish processes to meet those requirements
  • Provide resources to run the processes
  • Operate, monitor, and measure the processes
  • Improve continuously, based on analysis of the
    results

39
Model of a process-based quality management system
40
Plan-Do-Check-Act Methodology
  • Plan
  • Establish objectives and processes
  • Do
  • Implement the processes
  • Check
  • Monitor and measure processes
  • Act
  • Take actions to continually improve process
    performance

41
ISO Certification
  • ISO consists of members from 156 countries on the
    basis of one member per country.
  • Full members
  • Member bodies one vote
  • Members from countries with non developed
    national standards activity
  • Correspondent members no vote
  • Members from countries with small economies
  • Subscriber members

42
ISO Certification
  • Central Secretariat in Geneva, Switzerland
  • Permanently appointed
  • Reports to the ISO Council
  • ISO Council develops proposals for standards to
    be presented to ISO members

43
ISO Certification
  • ISOs principal activity is the development of
    technical standards
  • These standards contribute to making the
    development, manufacturing and supply of products
    and services more efficient, safer and cleaner

44
ISO Certification
  • ISO officially began operations on February 23,
    1947
  • Delegates from 25 countries met in London and
    decided to create an organization with the
    mission of to facilitate the international
    coordination and unification of industrial
    standards.

45
Top Ten Countries for ISO Certifications in 2004
  • 1. China
  • 2. Italy
  • 2. United Kingdom
  • 3. United States
  • 4. Germany
  • 5. Japan
  • 6. Spain
  • 7. Australia
  • 8. France
  • 9. Korea

46
(No Transcript)
47
Benefits to Society
  • Businesses
  • Allows them to produce a product under worldwide
    standards
  • Customers
  • Provides a wider range of products
  • More competition between producers
  • Governments
  • Provide standards on health, safety and
    environmental legislation

48
Benefits to Society
  • Trade Officials
  • Helps create a more level playing field for all
    competitors
  • Developing Countries
  • Helps these countries invest their scarce
    resources more wisely in order to produce
    products that meet worldwide standards
  • Consumers
  • Provides assurance of quality, safety, and
    reliability

49
Benefits to Society
  • Everyone
  • Assures the things we use in everyday life are of
    the highest quality
  • Planet
  • Provides standards on air, water and soil quality

50
Particulars of ISO
  • Equal treatment
  • All full members have the right to take part in
    any activity ISO is involved in
  • Voluntary
  • All of ISOs standards are voluntary. ISO has no
    legal authority to impose its standards.

51
Particulars of ISO
  • Market-driven
  • Market requirements are what drive standards
    development
  • Consensus
  • Helps ensure application of standards due to the
    market demand for these standards and the
    agreement of interested parties on the standards

52
Particulars of ISO
  • Worldwide
  • Worldwide standards are difficult to implement
  • ISO has some 3,000 technical groups with some
    50,000 experts to develop standards
  • A process that has been set to an ISO standard is
    only useful if it achieves the desired output.
    ISO will only accomplish the exact same undesired
    output every time.

53
Facts about ISO
  • Number of Standards
  • Since 1947 the ISO has developed
  • 15,036

54
ISO 9000
  • Provides a framework for quality management
    throughout the processes of producing and
    delivering products and services for the
    cutomer.(1)
  • gt500,000 organizations in 149 countries have
    implemented ISO 9000

55
ISO 14000
  • Primarily concerned with environmental
    management.
  • Helps companies minimize harmful effects on the
    environment caused by its activities, and
    continually to improve its environmental
    performance.(1)

56
(No Transcript)
57
ISO Examples Baublitz Advertising
  • 21 year old business wholly owned by The Wolf
    Organization Inc.
  • Located in York, Pennsylvania
  • First advertising company to receive ISO 9001
    certification in September 1997

58
ISO Examples Baublitz Advertising
  • They were looking to gain competitive advantage
  • Baublitz President James Groff has stated
  • We saw (standardization of quality) going on in
    the industry with our clients
  • It adds accountability and concreteness to a
    business that has not been known for it

59
ISO Examples-Industrial Security Service Inc.
  • A midsized guard-services company based in Ohio
  • Began the process to become ISO certified in 1999
  • Received ISO 90012000 certification in February
    2004
  • With the ISO certification it allowed the company
    to go from a small, single-site company to a
    multi-site company with three corporate offices

60
ISO Examples-Industrial Security Service Inc.
  • Recognized benefits
  • An increase in operational efficiency
  • Measurable rise in customer satisfaction
  • Identified was to decrease indirect costs
  • Gained insight in security officer retention
    trends
  • Has the ability to better justify costs

61
ISO and CMM Comparison
62
Questions?
63
References
  • 1. http//www.iso.org, viewed October 2005
  • 2. Gaboda, Gail Ad agency uses ISO certification
    to gain competitive edge Marketing News Chicago
    December 8, 1997 Volume 31, Issue 25 page 2
  • 3. West, John E. Guidance Documents for Using
    ISO 9001 Effectively Quality Digest August 2005
  • 4. Berchelor, Sylvie and Coulmont, Michel ISO
    14000-a profitable investment? CMA Management
    Hamilton November 2004 Volume 78, Issue 7 page
    36
  • 5. Griggs, Gary M. Quality Management of the
    Software Industry May 19, 2004

64
References (continued)
  • 6. Ricci, Joseph ISO Proof of Quality Security
    Management Arlington March 2005 Volume 49, Issue
    3 page 31
  • 7. Perse, James R. Implementing the Capability
    Maturity Model 2001 page 5
  • 8. Adler, Paul, Binney, Derek, Irion-Talbot,
    Wendy, and McGarry, Frank "Enabling Process
    Discipline Lessons from the Journey to CMM Level
    5" MIS Quarterly Executive Volume 4, Number 1,
    March 2005 page 215-227
  • 9. Freedman, Rick "More on Standards-Based IT
    Consulting" Consulting to Management June 2005
    Volume 16, Issue 2 page 43

65
References (continued)
  • 10. Kesh, Someswar and Ramanujuan, Sam
    Comparison of Knowledge Management and CMM/CMMI
    Implementation The Journal of American Academy
    of Business, Cambridge March 2004 Volume 4 pages
    271-277
  • 11. Jalote, Pankaj CMM in Practice-Processes for
    Executing Software Projects at Infosys Reading,
    Mass. Wokingham, England Addison-Wesley, 2000
  • 12. Beaumont, Leland R. ISO 9001, The Standard
    Interpretation The International Standard for
    Quality Management Systems Third Edition
    Middletown, NJ. ISO Easy 2002 pages 9-16
Write a Comment
User Comments (0)
About PowerShow.com