Presentation is loading. Please wait.

Presentation is loading. Please wait.

CMMI vs. ISO David S. Craft CIRM, PMP Title Slide

Published byMarcia Strickland Modified over 8 years ago

Similar presentations

Presentation on theme: "CMMI vs. ISO David S. Craft CIRM, PMP Title Slide"— Presentation transcript:

1 CMMI vs. ISO David S. Craft CIRM, PMP Title Slide
Title is 28 pt. Arial. Subtitle and speaker’s name are 18 pt. Arial. Photo may be customized for your purpose. Photos depict interesting points of view. Photo colors are desaturated for a subtle effect. David S. Craft CIRM, PMP

2 Agenda Process ISO CMMI

3 The Process Management Premise
. The quality of a system is influenced by; The quality of the process used to acquire, develop, and maintain it The analysis and forethought that goes into an architecture that supports business goals and requirements The training provided to teams involved in the project Using proven methods for process and product quality, software success can be predictable and achievable, and failure is avoidable. Once coding starts, teams trained in mature software engineering processes can remove defects early, when defect removal is 10 to 100 times less costly than it is during test. This dramatically reduces test costs and only marginally increases costs upstream

4 The Real Cost of Software Defects

5 Process To Develop Software and Systems You Need A Process
A “Process” can be defined as a “set of interrelated or interacting activities, which transforms inputs into outputs”. These activities require allocation of resources such as people and materials (ISO). Examples: Processing paperwork to grant a loan Processing milk into cheese Converting computer data from one form to another, etc. Building a car Making breakfast

6 Symptoms of Process Failure
Commitments consistently missed Late deliveries Last minutes crunches Spiraling costs No management visibility into progress You’re always being surprised Quality Problems Too much rework Functions do not work correctly Customer complaints after delivery Poor Moral People frustrated Is anyone in charge?

7 Why We Need Structured Processes
Estimating (History) Scope Cost Time Tools Deliver the Product to Estimate (Visibility) Quality Handling/Controlling Changes Planned Unplanned Scope Creep

8 Why We Need Standard Processes
Organizations and governments worldwide spent about $3.5 trillion IT projects in Recent data suggested only about 35 percent of those projects are likely to be completed on time and on budget with all their originally specified features and functions. 2011 – UK government scraps the &18+ billion program for IT in National Health Service. Started in 2002 it failed to produce a workable system. New York City’s City Time payroll system, originally budgeted at $63 million had skyrocketed to over $670 million. 2011 – The government of Marin, county, California sued Deloitte Consulting and SAP claiming they had “engaged in a pattern of racketeering activity” aiming at the bilking the country out of more that $20 million in connection with a failed ERP project. The government of Queensland, Australia, announced in August (2011) that IBM would no longer be allowed to sign new consulting contracts with the state after its "bungle" of a payroll system project that reportedly could cost taxpayers up to AUS$1.2 billion (US$1.1 billion

9 How to Achieve Quality Processes
ISO Standards CMMI Models

10 Meet The International Organization for Standardization (ISO)
ISO – a nongovernmental organization – is a network of the national standards bodies of some 160 countries, one per country, from all regions of the world, including developed, developing and transitional economies. ISO identifies what International Standards are required by business, government and society, develops them in partnership with the sectors that will put them to use, adopts them by transparent procedures based on national input and delivers them to be implemented worldwide.

11 What are standards? Standards are documented agreements containing technical specifications or other precise criteria to be used consistently as rules, guidelines, or definitions of characteristics, to ensure that materials, products, processes and services are fit for their purpose. Standards Examples: Credit Cards Power Outlets Ethernet Cables Types of Medals (steel, coper, aluminum)

12 ISO 9000 - Quality management
The ISO 9000 family addresses various aspects of quality management and contains some of ISO’s best known standards. The standards provide guidance and tools for companies and organizations who want to ensure their products and services consistently meet customer’s requirements, and quality is consistently improved. There are many standards in the ISO 9000 family, including: ISO 9001: sets out the requirements of a quality management system ISO 9000: covers the basic concepts and language ISO 9004: focuses on how to make a quality management system more efficient and effective ISO 19011: sets out guidance on internal and external audits of quality management systems ISO 9001:2008 is the only standard in the family that can be certified to (although this is not a requirement). It can be used by any organization, large or small, regardless of its field of activity. In fact it has been implemented by over one million companies and organizations in over 170 countries.

13 ISO 9000:2008 Key Principles Customer Focus Leadership
Involvement of People Process Approach System Approach to Management Continual Improvement Factual Approach to Decision Making Mutually Beneficial Supplier Relationships

14 Quality System Documentation
Manual Level 1 Defines Approach and Responsibility Procedures Level 2 Defines Who, What, When Work/Job Instructions Level 3 Answers How Records/Documentation Level 4 Results: shows that the system is operating

15 ISO 9001:2000 Structure Quality Management System
4.1 General requirements 4.2 Document requirements Management Responsibility 5.1 Management commitment 5.2 Customer focus 5.3 Quality policy 5.4 Planning 5.5 Responsibility, authority, communication 5.6 Management review Product realization 7.1 Planning of product realization 7.2 Customer-related processes 7.3 Design and development 7.4 Purchasing 7.5 Production and service provision 7.6 Control of monitoring and measuring devices Measurement, Analysis & Improvement 8.1 General 8.2 Monitoring and measurement 8.3 Control of nonconforming product 8.4 Analysis of data 8.5 Improvement Resource Management 6.1 Provision of resources 6.2 Human resources 6.3 Infrastructure 6.4 Work environment

16 Standard Examples 5.2 Customer Focus
“Top management shall ensure that customer requirements are determined and are met with the aim of enhancing customer satisfaction.”

17 Advantages of ISO Implementation
Increased marketability. Reduced operational expenses Better management control Increased customer satisfaction Improved internal communication Improved customer service Reduction of product-liability risks Attractiveness to investors

18 Disadvantages of ISO Implementation
Owners and managers do not have an adequate understanding of the ISO 9000 certification process or of the quality standards themselves Funding for establishing the quality system is inadequate Heavy emphasis on documentation Length of the process

19 ISO’s Impact In The Global Economy
ISO 9001:2000 is now firmly established as the globally accepted standard for providing assurance about the quality of goods and services in supplier-customer relations. The positive roles played in globalization by ISO’s standards for quality and environmental management systems include the following: a unifying base for global businesses and supply chains – such as the automotive and oil and gas sectors a technical support for regulation – as, for example, in the medical devices sector a tool for major new economic players to increase their participation in global supply chains, in export trade and in business process outsourcing; a tool for regional integration –  as shown by their adoption by new or potential members of the European Union In the rise of services in the global economy – nearly 33 % of ISO 9001:2000 certificates in 2005 went to organizations in the service sectors.

20 CMMI Capability Maturity Model Integrated

21 Software Engineering Institute (SEI)
SEI is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University in Pittsburgh, Pa. which: Helps advance software engineering principles and practices Serves as a national resource in software engineering, computer security, and process improvement. Works closely with defense and government organizations, industry, and academia to continually improve software-intensive systems. Its core purpose is to help organizations improve their software engineering capabilities and develop or acquire the right software, defect free, within budget and on time, every time.

22 Meet CMMI CMMI® (Capability Maturity Model® Integration) models are collections of best practices that help organizations to improve their processes. These models provides a comprehensive integrated set of guidelines for developing products and services. The SEI’s body of work in technical and management practices is focused on developing software right the first time, which results not only in higher quality, but also predicable and improved schedule and cost There are three CMMI models CMMI-DEV – Systems and Software Engineering CMMI -ACQ – Acquiring Products, Services or Outsourcing CMMI -SVC – For service organizations CMMI helps you to meet your organizations business objectives and improve performance.

23 What is a Maturity Model
A structured collection of elements describing characteristics of effective processes A maturity model provides: A place to start The benefits of companies prior experience A common language and shared vision A framework for prioritizing actions A way to define what improvement means for your organization The model can be used to assess where your organization is against other organizations

24 CMMI Organization CMMI is organized as a process framework clustering related practices into process areas that, when performed collectively, satisfy a set of goals. It requires you define specific practices to meet specific goals but does not define how they are to be implemented. The CMMI provides two representations – staged and continuous, each containing 25 Process Areas (PA).

25 Process Areas Requirements Management
Organizational Process Definition Project Planning Organizational Training Project Monitoring & Control Integrated Project Management Supplier Agreement Management Risk Management Measurement & Analysis Integrated Teaming Process & Product Quality Assurance Integrated Supplier Management Configuration Management Decision Analysis & Resolution Requirements Development Organizational Environment for Integration Technical Solution Organizational Process Performance Product Integration Quantitative Project Management Verification Organizational Innovation & Deployment Validation Causal Analysis & Resolution Organizational Process Focus

26 CMMI Standard Example SP 1.2 Specify Measures
Specify measures to address measurement objectives. Measurement objectives are refined into precise, quantifiable measures. Measurement of project and organizational work can typically be traced to one or more measurement information categories. These categories include the following: schedule and progress effort and cost size and stability quality. Measures can be either base or derived. Data for base measures are obtained by direct measurement. Data for derived measures come from other data, typically by combining two or more base measures. Examples of commonly used base measures include the following: Estimates and actual measures of work product size (e.g., number of pages) Estimates and actual measures of effort and cost (e.g., number of person hours) Quality measures (e.g., number of defects by severity) Information security measures (e.g., number of system vulnerabilities identified) Customer satisfaction survey scores

27 CMMI Standard Example con’t
Examples of commonly used derived measures include the following: Earned value Schedule performance index Defect density Peer review coverage Test or verification coverage Reliability measures (e.g., mean time to failure) Quality measures (e.g., number of defects by severity/total number of defects) Information security measures (e.g., percentage of system vulnerabilities mitigated) Customer satisfaction trends Derived measures typically are expressed as ratios, composite indices, or other aggregate summary measures. They are often more quantitatively CMMI for Development, Version 1.3 Measurement and Analysis (MA) 180 reliable and meaningfully interpretable than the base measures used to generate them. There are direct relationships among information needs, measurement objectives, measurement categories, base measures, and derived measures. This direct relationship is depicted using some common examples in Table MA.1.

28 Continuous View Staged View
Capability and Maturity Models Continuous View Capability Levels Staged View Maturity Levels A well defined evolutionary plateau describing the organization’s capability relative to a particular process area A well defined evolutionary plateau of process improvement There are six capability levels There are five maturity levels Each level is a layer in the foundation for continuous process improvement. Thus, capability levels are cumulative (i.e., a higher capability level includes the attributes of the lower levels). Each level is a layer in the foundation for continuous process improvement using a proven sequence of improvements, beginning with basic management practices and progressing through a predefined and proven path of successive levels Enables comparison across and among organizations on a process by process area basis Provides a single rating that summarizes appraisal results and permits comparisons across and among organizations

29 Comparing the Two CMMI Representations
Both continuous and staged representations provide ways of implementing process improvement to achieve business goals. Both representations provide the same essential content but organized in different ways. Continuous Representation Staged Representation Maximum flexibility for order of process improvement Predefined and proven path with case study and ROI data Focuses on improvement within process areas Focuses on organizational improvement Improvement of process areas can occur at different rates Overall results summarized in a maturity level Source selection investigation can target risky areas at any level Maturity levels are common discriminators

30 Continuous View of CMMI - Dev
Process Management Organizational Process Focus Organizational Process Definition Organizational Training Organizational Process Performance Organizational Innovation & Deployments Project Management Project Planning Project Monitoring & Control Supplier Agreement Management Integrated Project Management Risk Management Integrated Teaming Integrated Supplier Management Quantitative Project Management Engineering Requirements Management Requirements Technical Solution Product Integration Verification Validation Support Configuration Management Process & Product Quality Assurance Measurement & Analysis Decision Analysis & Resolution Causal Analysis & Resolution

31 Staged View of CMMI - Dev
Organizational Innovation & Deployment Causal Analysis & Resolution Maturity Level 5 Organizational Process Performance Quantitative Project Management Maturity Level 4 Requirements Development Technical Solution Product Integration Verification Validation Organizational Process Focus Organizational Process Definition Organizational Training Integrated Project Management Risk Management Integrated Teaming Integrated Supplier Management Decision Analysis & Resolution Organizational Environment for Integration Maturity Level 3 Requirement Management Project Planning Project Monitoring & Control Supplier Agreement Management Measurement & Analysis Process & Product Quality Assurance Configuration Management Maturity Level 2

32 Qualitatively Managed
CMMI Maturity Levels Level Continuous View Capability Levels Staged View Maturity Levels 5 Focus on continuous process improvement Optimizing 4 Process measured and controled Qualitatively Managed Quantitatively 3 Process characterized for the organization and is proactive Defined 2 Process characterized for projects and is often reactive Managed 1 Performed Initial Incomplete

33 Evaluation & Ratings This is not a certification model, but ratings may be announced and published. The SEI publishes ratings provided the company gives it permission. Formal appraisals are typically 5 – 10 days and led by SEI-authorized internal or external lead appraisers, using trained teams and a formal methods. The method is named SCAMPI (Standard CMMI Appraisal Method for Process Improvement).

34 Comments from Raytheon (Level 5)
All Maturity Levels Offer Benefits; Maturity Levels 2 and 3 help prevent disasters and gain control Maturity Levels 4 and 5 manage ability to perform against quality and process performance objectives that align with business objectives and take action accordingly A high maturity organization where all individuals recognize their role and responsibility for business success is an organization that is more likely to achieve success.

35 Benefits of CMMI Decreased Costs Improved On-Time Delivery
General Dynamics Advanced Information Systems reduced maintenance staff costs by 64% while doubling the size of the organization TATA consultancy Service saved $4.6 million across all development centers Improved On-Time Delivery Tufts Associated Health Plans achieved 100% on time delivery of major IT projects in a full year GM improved the percent of milestones met from 50% to 85% Improved Quality Siemens Information Systems LTD. Reduced defect density an average of 71% in three technical areas IBM Australia Application Management Services closed 95% of problems within the customer-specified time frame

36 ISO – CMMI Differences ISO9001:2008 CMMI-DEV An audit standard
A process model A certification tool certifying businesses whose processes conform to the laid down standards A set of related “best practices” derived from industry leaders and relates to product engineering and software development Flexible and applicable to all manufacturing industries Only extends to businesses developing software intensive systems Specific to conformance and remains oblivious as to whether conformance is of strategic value or not Requires ingraining processes into business needs so processes become part of the corporate culture and do not break down under the pressure of deadlines Provides generic guidelines for risk management Approaches risk management as an organized and technical discipline Customer satisfaction is an important part of the requirements Focuses on linkage of processes to business goals, customer satisfaction is not a major factor in the ranking

37 ISO – CMMI Differences ISO9001:2008 CMMI-DEV
Customer satisfaction is an important part of ISO requirements Focuses on linkage of processes to business goals, customer satisfaction is not a major factor in ranking Flexible, wider in scope and not directly linked to business objectives More focused, complex and aligned with business objectives Registration Document No documentation Certification audit for a 50 employee organization will be executed by auditors during one day Certification audit for a 50 employee organization will be executed by 4 auditors during 4-5 days Netta Dotan, Quality Assurance & project management, Ronkal Office Technologies

38 Steps to Implement ISO (and CMMI)
Decide to improve your internal processes Determine method for improvement Plan for ISO (CMMI) and gain commitment of people, particularly upper management. Assign the responsibility of the implementation process to someone (internal or external). Train all personal in ISO requirements Perform assessment of current processes and find the gaps Fill the gap by revising, adding or improving the current processes and documentation to meet ISO requirements. Perform internal audit(s) External audit

39 ISO – CMMI Similarities
Both require the organization be explicit about what their processes and quality systems are Say what you do; do what you say The organization records and tracks data for objective analysis Require strong management support to succeed Provide a structured and measured approach to quality improvement Require an outside audit for “certification” Both are refined/improved over time

40 So What Why Should You Care

Download ppt "CMMI vs. ISO David S. Craft CIRM, PMP Title Slide"

Similar presentations

ISO 9001 : 2000.

ISO 9001 : 2000.
©2006 OLC 1 Process Management: The Foundation for Achieving Organizational Excellence Process Management Implementation Worldwide.

©2006 OLC 1 Process Management: The Foundation for Achieving Organizational Excellence Process Management Implementation Worldwide.
Copyright 2005 CMMI and ITIL Alison Adams & Kieran Doyle.

Copyright 2005 CMMI and ITIL Alison Adams & Kieran Doyle.
Copyright 2003 CMMI: Executive Briefing Presented by Kieran Doyle 07971 222160.

Copyright 2003 CMMI: Executive Briefing Presented by Kieran Doyle
CMMI Overview Dr. Korson Software Engineering. 2 Immature organizations can be successful on occasion, but ultimately run into difficulties because –Success.

CMMI Overview Dr. Korson Software Engineering. 2 Immature organizations can be successful on occasion, but ultimately run into difficulties because –Success.
CPIS 357 Software Quality & Testing I.Rehab Bahaaddin Ashary Faculty of Computing and Information Technology Information Systems Department Fall 2010.

CPIS 357 Software Quality & Testing I.Rehab Bahaaddin Ashary Faculty of Computing and Information Technology Information Systems Department Fall 2010.
1/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley CMM vs. ISO David S. Craft CIRM, PMP Engineering & Manufactuing Services.

1/ 10 April 2007 / EDS INTERNAL 11 April 2007 CMM vs. ISO, Sarbanes Oxley CMM vs. ISO David S. Craft CIRM, PMP Engineering & Manufactuing Services.
1 Quality Management Standards. 2 THE ISO 9000 FAMILY ISO 9000: 2005 Identifies the fundamentals and vocabulary for Quality Management Systems (QMS) ISO.

1 Quality Management Standards. 2 THE ISO 9000 FAMILY ISO 9000: 2005 Identifies the fundamentals and vocabulary for Quality Management Systems (QMS) ISO.
Capability Maturity Model (CMM) in SW design

Capability Maturity Model (CMM) in SW design
1/ November 2007 / EDS INTERNAL 11 April 2007 CMM, ISO, Sarbanes Oxley CMM vs. ISO David S. Craft CIRM, PMP Engineering & Manufacturing Services.

1/ November 2007 / EDS INTERNAL 11 April 2007 CMM, ISO, Sarbanes Oxley CMM vs. ISO David S. Craft CIRM, PMP Engineering & Manufacturing Services.
Software Quality Processes – Part II CSSE 376, Software Quality Assurance Rose-Hulman Institute of Technology March 19, 2007.

Software Quality Processes – Part II CSSE 376, Software Quality Assurance Rose-Hulman Institute of Technology March 19, 2007.
Pittsburgh, PA 15213-3890 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Sponsored by the U.S. Department of Defense.

Pittsburgh, PA Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense.
200209–CSSA0001 – 16/27/2015 10:25 PM CSSA Cepeda Systems & Software Analysis, Inc. GENERIC.

200209–CSSA0001 – 16/27/ :25 PM CSSA Cepeda Systems & Software Analysis, Inc. GENERIC.
Chapter 3 Global Supply Chain Quality and

Chapter 3 Global Supply Chain Quality and
CMMI Overview Quality Frameworks.

CMMI Overview Quality Frameworks.
ISO 9000:2000 Quality system standards adopted in 1987 by International Organization for Standardization; revised in 1994 and 2000 Technical specifications.

ISO 9000:2000 Quality system standards adopted in 1987 by International Organization for Standardization; revised in 1994 and 2000 Technical specifications.
Organizational Project Management Maturity: Roadmap to Success

Organizational Project Management Maturity: Roadmap to Success
Standardization. Introduction A standard is a document. It is a set of rules that control how people should develop and manage materials, products, services,

Standardization. Introduction A standard is a document. It is a set of rules that control how people should develop and manage materials, products, services,
11 April 2007 CMMI vs. ISO David S. Craft CIRM, PMP.

11 April 2007 CMMI vs. ISO David S. Craft CIRM, PMP.
Lecture 11 CMM CSCI – 3350 Software Engineering II Fall 2014 Bill Pine.

Lecture 11 CMM CSCI – 3350 Software Engineering II Fall 2014 Bill Pine.

Similar presentations

Ads by Google