What is CMMI Certification?

What is CMMI Certification? Please give details.


What a great question!

Sometimes we get so buried in process areas, practices, and software process improvement that we forget that there are new people coming into the fold everyday. Thanks!

To begin with, the SEI discourages the word "certification" and instead likes us to refer to a company as having "achieved CMMI Level 2" (or 3/4/5). Organization's achieve CMMI, people do not. Many people use to the word "certification" so you often see it in the metatags of sites (like this one, Broadsword's, and the SEI's). You "achieve" a level of CMMI by building, deploying, and managing a process within your engineering and project management organizations that refelects the best-practices identified in the process areas of the CMMI model, and then, once institutionalization is apparent, having an SEI authorized SCAMPI Lead Appraiser lead you through a SCAMPI Appraisal.

Depending on the appraisal type you select, it will result in either a gap analysis or a set of formal findings that identify your company as having achieved (or not achieved) Level X. You can visit our website at hppt://www.broadswordsolutions.com/resources.php to learn more or go the the SEI's site at http://www.sei.cmu.edu/CMMI. Wikipedia also has a good description of the CMMI as well.

What electronics engineering, software engineering/software development trade magazines do you read?

Dear Readers:

AskTheCMMIAppraiser has been asked to write articles for a number of trade magazines, but before we do we want to hear from you on YOUR favorite engineering, software engineering, electronics, software development, or technology trade magazines. We want to hear straight from you, the professionals, so please leave a comment with your favorite. Thanks!

Do we need a policy for each Generic Practice?

Should policies (Gp2.1) address every Generic Practice (Gp2.1-GP2.10) in a given Process Area?

Hold on a second while I consult my 3725 page policy manual . . . hmmm here it is, policy number 1634111a.7....

I don't mean to make fun of your question, but the circular nature of it sure gave me a headache!

The purpose of GP2.1 "Establish an organizational policy" is to set the expectation that the processes that are adopted by the organization are to be used. If you have a mature, self-disciplined organization then maybe something very limited is all that is necessary. We test this on appraisals by asking people how they know they're supposed to use a certain process. There answer SHOULD be that management has set that expectation in some way. Sometimes for a less mature organization more detail is needed, but if they need a policy for each practice then you have bigger problems!

GP2.1 i specific to a process area - not the practices in the process area. Sure, we test the institutionalization of a process at the practice level, but it is almost never performed at the practice level. A Process may have practices from many different PA's represented in it, so it's a little tough to set the expectation that a specific practice be performed in a vacuum.

And, since most of the GPs are mirrors of the PAs anyway (GP2.2-2.4 is like PP, GP2.6 is iike CM, GP2.8 is like PMC, etc) then does it really make sense to have policies for each GP?

There is no requirement for this level of granularity in the CMMI - and if it doesn't make sense for your business then there is no reason to do it.

That's what I think. Good luck!

www.broadswordsolutions.com

I don't understand CMMI Certification. Can you clear it up?

I am preparing a presentation on CMMI but I am a bit confused about CMMI certification. I know for example that a person can have a Prince2 certification, but I do not know if there is an equivalent for people on CMMI, about certifications. Indeed, I have read on the internet that a CMMI certification is gained by a company (and not by a person like Prince 2). Is a "CMMI Appraiser" someone who has that "certification"? Is it then obtained by level? What is his role?

 

It is a company (or part of a company) that achieves a CMMI Maturity Level, not an individual. So, for example, XYZ Company is CMMI Maturity Level Three. A "Certified Lead Appraiser" is an individual who is authorized to conduct a CMMI (SCAMPI) Appraisal and award a Maturity Level to a company. This person has been through extensive training, has decades of experience, has passed both written and verbal exams at the SEI, works for an SEI Partner, and pays annual license fees. Hope this helps.

Our LA says reviewing test results satisfies VER SP2.2. What do you think?

Just wanted to know your clarification on the following

Process Area: Verification (VER)	Specific Practice: SP2.3 Analyse Peer Review Data	Reviews and Internal Testing (Component, Unit, Assembly, Performance) - The input provided by the Lead Appraiser(LA) was that analysis done in any of the above testing phases by the project can be considered for VER SP2.3
Process Area: Validation (VAL)	Specific Practice: SP2.2 Analyse the results of the validation activities	The following are being used for addressing VAL SP2.2: As per the inputs from the LA, evidence of reviews done by customer for design or any inputs provided for testing.

Nice chart!

VER SG 2 is specific to PEER REVIEWS, so testing evidence is not typically what we look at.  If your LA is saying test results, and review of those results, is valid Direct Evidence for VER SG2 then you are getting incorrect information that may not stand up to scrutiny.

VER SG1 and SG3 can indeed be evidenced IN PART by test results and reviews, but not completely.

Peer reviews are structured reviews, walkthroughs, Fagen Inspections or any other formal review of a specific work product or set of work products.  They need to be identified through practices in SG1.  They also must be planned for.

VER SP2.2 “Analyze Peer Review Data” includes not only analysis of the results of the peer review, but an analysis of the preparation, participation, and data associated with the conduct of the peer review itself.

Some of VAL can be evidenced by customer review outputs, but SP2.2 is specific to performing analysis, so just meeting minutes or a sign off falls short of the intention of the model’s authors.  It includes analyzing results against expected results, categorizing or measuring (i.e.; analyzing) the results, and recording information.  Customer inputs for testing does not satisfy this practice.  Again, the information you are getting would not stand up to scrutiny.

www.broadswordsolutions.com

How to not pick a Lead Appraiser!

Dear Readers, 

I often get questions about how to go about choosing a Lead Appraiser.  LAs should be selected after a careful discussion of their experience, knowledge, culture, philosphy, and willingness to spend the energy to learn about your business before he/she waves his magic wand and proclaims you MLx (of course, it's more complex than that!).

By way of example, here is the worst possible thing you can do.  I had an inquiry the other day that went like this:

 Riiinnnnng! (telephone)

Me: “hello?”

Caller:  “hi, we’re shopping for an LA to give us a maturity level.”

Me: “Wow.  hmmm.  Great.  Well, uhh, ok...  tell me, what are some the reasons you are interested in achieving a CMMI maturity level?”

Caller: “We don’t need to talk about all that. We have a company from India that says they can take us from ML1 to ML3 in three months for $15,000.  Can you beat that?”

Me and my telephone: “click”

I’m serious.

www.broadswordsolutions.com

I was selected to be an Appraisal Team Member but I don't show up on the SEI's site. What gives?

My company is now working on the CMMI-3 appraisal. I attended the "Intro to CMMI" training and also successfully registered as an ATM on the SEI website. Two weeks later, I'm still not showing up in the SEI's system.

I was told by the CMMI consultant to check "My Appraisals", but unfortunately, till now nothing can be found (http://sas.sei.cmu.edu/AppSys/).  I think the Lead Appraiser has NOT selected me from the pool.

What concerns me is any adverse impact on my company's CMMI-3 appraisal if still nothing can be found in "My Appraisals" by the start (even the end) of SCAMPI A appraisal ?

Could you please kindly tell me the criteria for an ATM to participate on a CMMI-3 appraisal?

In order for you to participate and be added to an appraisal a few things have to happen.

     - You need to successfully complete the Intro to CMMI course

     - You have to demonstrate the pre-requisite experience as outlined in the SCAMPI MDD for engineers, project managers, or managers

    - You need to fill out, sign, and submit the SEI’s FERPA form (if you are in the USA)  

    - You need to register on the SEI’s ATM Pool registration page (sas.sei.cmu.edu).  If you were able to do this then the first two items were satisfied.

    - Your Lead Appraiser must create the Appraisal Record in SAS

    - Your Lead Appraiser must add you to the appraisal as an ATM

    - You need to complete the SCAMPI Team Training given by your LA

 This all should be done prior to starting the appraisal, but it MUST be done by the end of the it. 

From your message it sounds as if your LA has either not created the appraisal record, or if they have, has not added you the appraisal team.

www.broadswordsolutions.com

Should we be freezing our artifacts six months before our SCAMPI Appraisal?

The Contractor at my Government office who is responsible for building a new, complex IT system will be conducting a SCAMPI-B this fall in anticipation of an eventual SCAMPI-A the following year. 

The Contractor wants to "freeze" various process documents 6 months prior to the SCAMPI-B so that all process output artifacts are in sync with the process description artifacts used in the appraisal. 

Freezing "living" documents for 6 months seems a bit extreme to me, given that some of the documents are deficient in how thoroughly or accurately they describe existing process. Does this seem like a reasonable request? (Note: I'm fine with not changing the actual processes/procedures for 6 months. It's the idea that we won't try to improve the deficient description of those existing processes that concerns me. Particularly since the Contractor continues to bring on new staff, who need to rely on these documents).

I'm visualizing what "freezing the artifacts" might look like - sounds like an old batman episode!

Freezing artifacts is often one of the things we see from organization’s that are trying hard to “pass” an appraisal, but perhaps don’t have the processes embedded in their culture (which is kind of the point, isn’t it?). 

It seems as if your contractor is overly risk-averse.  A SCAMPI-B is in itself a risk mitigation event, and to work so hard to reduce risk for this event seems counter-productive.  It’s supposed to uncover problems.

In your case it seems like the risk mitigation strategy they are deploying is in conflict with the very essence of continuous process improvement!  It’s one thing to freeze process – it’s another thing to freeze the outputs.

I usually recommend freezing everything starting with the SCAMPI A Readiness Review (about 60 days prior to the onsite of a SCAMPI A).  Anything earlier than that isn’t productive, in my opionion.

www.broadswordsolutions.com

Two more hours until YOUR questions are presented at SEPG 2009!

Yep, in two short hours yours truly will present your questions (and my answers) as part of my "Notes from the Blogosphere" presentation.

Last yeat attendees rated this #1 at SEPG 2008.  Lots of fun and prizes will be given out.

See you there we hope!

Jeff

We're not really sure about IIPD. How does it fit in?

We're trying to reach CMMI ML3.  We don't understand how IPPD fits in.  Is it required?  Is it useful?

IPPD, or Integrated Process and Product Development,  is what is called an “Addition” in the CMMI model.  Unlike the rest of the Goals in ML3, which are required, the Goals in IPPD (two in IPM and two in OPD) are optional when you are trying to achieve ML3.

The Goals of IPPD provide guidance to better manage integrated teams, or teams that cross organizational boundries.  You may not feel you need the practices contained within it, and if that's the case, they are not required.

That said, I think IPPD is great and very useful and should be used to guide you in the way projects, teams, and organizations interact.

But, from a pure ML3 perspective, these Goals are optional.

www.broadswordsolutions.com

Jeff Dalton (that's ME!) wins presitgious SEI Member Award at SEPG 2009

In a cermony attended by three-hundred of his peers, Jeff Dalton was awarded the prestigious SEI Member Award for "Outstanding Representative."

This award is given to the SEI Member who has show consistent innovation, new idea generation, and has demonstrated that they "think outside of the box" when it comes to delivering CMMI services.

What do Appraisers look for?

Our company is  aspiring to achieve CMMI level 2.  We have been doing GAP Analysis for level 2. But we always stuck with one question What do CMMI Appraisers look for?

The practices listed in CMMI are  vague. For example in Configuration Management Process Area the first practice says "identify configuration items" .  What if we identify certain CM items which are important according to organization, will appraiser say you didn't add this item in your CM list  and fail us.

What if in some practices we don't see business value and we don't implement, would appraiser say strict "NO" and we fail.

The CMMI model consists of Process Areas, Goals, and Practices (as well as many other things).  As a Lead Appraiser it is my duty to verify that every Goal (specific Goal or Generic Goal) within the targeted maturity level, has been "satisfied."  There is no opportunity for you to declare a goal "out of scope," with the possible exception of those within Supplier Agreement Management."  We also EXPECT to see that all of the practices are being performed, or we expect you to demonstrate an alternative practice.  The practices are used to satisfy the goals.

The example work products under each practice give you some idea of the types of evidence we are looking for - but it is only an example list - there are many other possibilities.

We are looking for two pieces of evidence - one "Direct" and one "indirect" which could also be an "affirmation" or a verbal statement.  Both pieces have to be there to you to succeed for each practice.

www.broadswordsolutions.com