html5-img
1 / 65

CMM AND ISO CERTIFICATION

CMM AND ISO CERTIFICATION. GRANT GRIFFEY JOHN ALEXANDER DAVID SOLOVITZ KATIE MANAHAN. Presentation Objectives. Explanation of CMM CMM Case Study – Infosys Explanation of ISO – 9000/14000 ISO Examples – Baublitz Advertising and Industrial Security Services Inc. Comparison Questions?.

noreen
Télécharger la présentation

CMM AND ISO CERTIFICATION

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CMM AND ISO CERTIFICATION GRANT GRIFFEY JOHN ALEXANDER DAVID SOLOVITZ KATIE MANAHAN

  2. Presentation Objectives • Explanation of CMM • CMM Case Study – Infosys • Explanation of ISO – 9000/14000 • ISO Examples – Baublitz Advertising and Industrial Security Services Inc. • Comparison • Questions?

  3. Capability Maturity Model • What is it? • What is it’s purpose? • How does it help the company? • What are the major advantages? • What are the major disadvantages? • What is the future of CMM?

  4. What is CMM? • Capabilities Maturity Model • Quantifies ability for a company to produce high quality software (10)

  5. History of CMM • In 1984, Congress founded a non-profit group that could impact the growing field of IT and obtain standardized, consistent processes • Created Software Engineering Institute or SEI, which was headquartered at Carnegie Melon University at Pittsburgh (7)

  6. History of CMM • In 1991, the first version of CMM was created by SEI • Was created to help improve the practice of software engineering and establish protocols and methodologies in software development • By 2003, over 2000 organizations have been appraised (7)

  7. What is CMM? Describes a framework of 5 stages of software maturity (9)

  8. Predictability/Risk Relationship (7)

  9. (5)

  10. Key Process Areas • Each level of CMM specifies not only general goals, but defines how the company/organization should operate at each level • Key process areas are major functional areas that need to be incorporated into the organization when working with CMM (7)

  11. LEVELS OF CMM • Level 1 – Initial • 25 months to get to level 2 • Level 2 – Repeatable • 23 months to get to level 3 • Level 3 – Defined • 28 months to get to level 4 • Level 4 – Managed • 15 months to get to level 5 • Level 5 - Optimizing (8)

  12. LEVEL 1 - INITIAL • Characteristics • Processes are chaotic and disorganized • Few formal rules • Most companies would achieve Level 1 if they were assessed • Comprises approx. 12% of certifications between 1998-2001 (8)

  13. Level 1 Key Process Areas • According to Persee in Implementing the Capability Maturity Model, most groups qualify for level 1 certification without knowing it. • Have no processes for software development • Have processes in place without formal assessment • Therefore, there are no key processes (7)

  14. CMM Case Study - Infosys • Infosys is a software house based in • Bangalore, India • Revenues have grown at an annual rate of over 70% each of the last 5 years • Infosys has been assessed at level 4 of the CMM (11)

  15. Level 1 – Initial (Infosys) • At level one a customer will get in contact with Infosys • Customer will request information from Infosys about itself. This is called request for information (RFI) • If only a single project is the goal, the customer will then send back a request for proposal (RFP) (11)

  16. Level 1 – Initial (Infosys) • From RFP, Infosys will prepare and send a proposal. • Many models for proposal • ie. Fixed price – RFP is analyzed and a cost is determined from estimating manpower effort and scheduling • Proposal is fixed because customer will give agreed price unless requirements change • Requirements usually change, and projects are split into two parts • Creating detailed requirements analysis • Developing the software (11)

  17. LEVEL 2 - REPEATABLE • Characteristics • Defined and documented processes • Success is repeated • Basic project management techniques track costs, schedules, etc • Largest percentage of companies assessed between 1998-2001 (8)

  18. Level 2 Key Process Areas • Establish basic set of management controls • Requirements management • Software project planning • Software project tracking and oversight • Software quality assurance • Software configuration management • Subcontractor management (7)

  19. Level 2 – Repeatable (Infosys) • Two major activities • Requirements analysis and specification • Requirements change management Main objective of requirements analysis is to produce the software requirement specification document (SRS) Step by step process for requirements analysis Prepare – Gather/elicit requirements – Analyze – Prepare SRS – Review – Obtain sign off (11)

  20. Level 2 – Repeatable (Infosys) • Requirements change management • Changes can come at any time during a project Process for dealing with changes • Log the changes • Perform impact analysis on the work products • Estimate effort needed for the change request • Re-estimate delivery schedule • Perform cumulative cost impact analysis • Review the impact with senior management if thresholds are exceeded • Obtain customer sign-off • Rework work products A danger of requirements change is that even though changes are usually small, the cumulative effect can be great (11)

  21. LEVEL 3 - DEFINED • Characteristics • Standardized software process meets organizations needs • Process follows defines process (8)

  22. Level 3 Key Process Areas • Emphasizes project and organizational issues • Organizational process focus • Organizational process definition • Process training program • Integrated software management • Software product engineering • Inter-group coordination • Peer reviews (7)

  23. Level 3 – Defined (Infosys) • KPA – Peer Review • Defects are inevitable, reviews are done to identify defects • The best form of review is a formal group review (in authors opinion) • 4 stages to a group review • Planning Verify entry criteria Select the group review team Prepare the group review package (11)

  24. Level 3 – Defined (Infosys) • Overview and Preparation Call a meeting to describe review objectives Provide an overview of the work product Review group review work individually • Group Review Meeting Conduct meeting Record defects Summarize issues and close meeting • Rework and Follow-up Perform rework to fix defects detected Perform investigation and provide results to author Prepare a summary report and send it to the SEPG (11)

  25. LEVEL 4 - MANAGED • Characteristics • Processes are predictable • Management can adjust processes to specific projects without affecting overall quality • Detailed measurements of process and product quality are collected • 65% of Motorola’s Global Software Group is at Level 4 or greater (8)

  26. Level 4 Key Process Areas • Establish quantitative understanding of software process and software products • Quantitative process management • Software quality management (7)

  27. Level 4 – Managed (Infosys) • The goal of quality management is to plan quality control activities and to properly execute and control these activities so that defects are detected before software is delivered • The later a defect is detected, the more it cost to remove (11)

  28. Level 4 – Managed (Infosys) • Quality Management • Quality management focuses on the defect injection and removal cycle (11)

  29. Level 4 – Managed (Infosys) • Quantitative Quality Management • Human reviews are done during RA, Design, and coding phases. • After these phases comes the testing • UT, IT/ST and AT (quantitative) (11)

  30. Level 4 – Managed (Infosys) • Defect Removal Efficiency • Tool used to measure effectiveness of quality control activities • DRE = (11)

  31. LEVEL 5 - OPTIMIZING • Characteristics • Processes are continuously improving through feedback and shared ideas • 147 organizations from 10 different countries that have achieved Level 5 certification (8)

  32. Level 5 Key Process Areas • Addresses issues for continuous, measurable software process improvement • Technology change management • Process change management (7)

  33. How to reach each level of CMM • 6 stage process involving senior management and coaches from SEI or other licensed assessment vendor • 1. Selection stage • 2. Commitment stage • 3. Preparation stage • 4. Assessment phase • 5. Report stage • 6. Assessment follow-up stage (8)

  34. How to Reach each level of CMM • No reassessment is completed once a company achieves any level of CMM • Assumed that company will continue to maintain levels achieved (8)

  35. CMM success factors and pitfalls • Creating strategic motivation to pursue certification • Internal – help build capabilities crucial to success of company • External – reassurance of customers • Increases visibility to customers • Customer recognition of certification importance may not reflect changing in their own organization with regards to maturity • Sustaining management commitment • Necessary for substantial time and financial investment by management • Improper motivation for obtaining CMM certification • Expenditure versus investment (8)

  36. CMM Success Factors and Pitfalls • Ensuring organizational socialization to encourage developer buy-in for process discipline • Shift in attitude from independent to interdependent • Everyone may not be “on board” • Broad participation in defining and refining processes • Involve as many people as possible to foster acceptance of program • Managers do not explain rationale behind some process requirements (8)

  37. Benefits of CMM Certification • Productivity increases • According to one study, software productivity increased 35% • Decrease in defects • Post-release defects lowered by 39% • Cost savings • 9.2 million dollars were saved within a 3 year period on software re-works (9) and (10)

  38. International Standards Organization • The international standards organization specifies requirements for a quality management system • Basic form of the Standard requires: • Understand product and service requirements • Establish processes to meet those requirements • Provide resources to run the processes • Operate, monitor, and measure the processes • Improve continuously, based on analysis of the results (12)

  39. Model of a process-based quality management system (3)

  40. “Plan-Do-Check-Act” Methodology • Plan • Establish objectives and processes • Do • Implement the processes • Check • Monitor and measure processes • Act • Take actions to continually improve process performance (12)

  41. ISO Certification • ISO consists of members from 156 countries on the basis of one member per country. • Full members: • Member bodies = one vote • Members from countries with non developed national standards activity: • Correspondent members = no vote • Members from countries with small economies: • Subscriber members (1)

  42. ISO Certification • Central Secretariat in Geneva, Switzerland • Permanently appointed • Reports to the ISO Council • ISO Council develops proposals for standards to be presented to ISO members (1)

  43. ISO Certification • ISO’s principal activity is the development of technical standards • These standards contribute to making the development, manufacturing and supply of products and services more efficient, safer and cleaner (1)

  44. ISO Certification • ISO officially began operations on February 23, 1947 • Delegates from 25 countries met in London and decided to create an organization with the mission of “to facilitate the international coordination and unification of industrial standards.” (1)

  45. Top Ten Countries for ISO Certifications in 2004 • 1. China • 2. Italy • 2. United Kingdom • 3. United States • 4. Germany • 5. Japan • 6. Spain • 7. Australia • 8. France • 9. Korea (5)

  46. (3)

  47. Benefits to Society • Businesses • Allows them to produce a product under worldwide standards • Customers • Provides a wider range of products • More competition between producers • Governments • Provide standards on health, safety and environmental legislation (1)

  48. Benefits to Society • Trade Officials • Helps create a more level playing field for all competitors • Developing Countries • Helps these countries invest their scarce resources more wisely in order to produce products that meet worldwide standards • Consumers • Provides assurance of quality, safety, and reliability (1)

  49. Benefits to Society • Everyone • Assures the things we use in everyday life are of the highest quality • Planet • Provides standards on air, water and soil quality (1)

  50. Particulars of ISO • Equal treatment • All full members have the right to take part in any activity ISO is involved in • Voluntary • All of ISO’s standards are voluntary. ISO has no legal authority to impose it’s standards. (1)

More Related