Friday, September 11, 2009

Do we need a policy for each Generic Practice?

Should policies (Gp2.1) address every Generic Practice (Gp2.1-GP2.10) in a given Process Area?

Hold on a second while I consult my 3725 page policy manual . . . hmmm here it is, policy number 1634111a.7....

I don't mean to make fun of your question, but its circular nature sure gave me a headache!

The purpose of GP2.1 "Establish an organizational policy" is to set the expectation that the processes that are adopted by the organization are to be used. If you have a mature, self-disciplined organization then maybe something very limited is all that is necessary. We test this on appraisals by asking people how they know they're supposed to use a certain process. There answer SHOULD be that management has set that expectation in some way. Sometimes for a less mature organization more detail is needed, but if they need a policy for each practice then you have bigger problems!

GP2.1 i specific to a process area - not the practices in the process area. Sure, we test the institutionalization of a process at the practice level, but it is almost never performed at the practice level. A Process may have practices from many different PA's represented in it, so it's a little tough to set the expectation that a specific practice be performed in a vacuum.

And, since most of the GPs are mirrors of the PAs anyway (GP2.2-2.4 is like PP, GP2.6 is iike CM, GP2.8 is like PMC, etc) then does it really make sense to have policies for each GP?

There is no requirement for this level of granularity in the CMMI - and if it doesn't make sense for your business then there is no reason to do it.

That's what I think. Good luck!

No comments: