Thursday, October 28, 2010

The New Verion of CMMI has been Released!

Dear Readers,

The new version of the CMMI, v1.3, has been released and is available for use!  Download it today at:

Version 1.3 has several changes that will impact you.  We will be posting a Delta document in the next few days as we perform the analysis.

Thursday, October 21, 2010

Why do we need CMMI Certification?

I just started at a 8(a); Small Disadvantaged Business who is also ISO 9001:2008 Certified.  We were just recertified in Sept ‘10.  One of the tasks at hand I have is to investigate CMMI Level 2 certification for our company.  

Our business bid on Federal contracts.  These contracts are usually multi-year events and sometimes we are the Prime contractor, and sometimes we are a subcontractor.  In most contracts wins, we keep existing talent and transfer them to our payroll.  We have about100 employees at this time.

My question is:  why would we need to spend the time and money to obtain such a certification?  I understand it’s not cheap.  Is it another feather in our Marketing cap, or will it really make a difference for us?  Help me understand. 

First of all, congratulations on your ISO recertification.  If you did it right, this is something to be proud of (of course, if you just wrote docs that everyone ignores, then you've wasted your time . . . ).

The reason Federal agencies (and many commercial businesses) ask you for CMMI is that the CMMI is a "behavioral model" that represents the best-practices of many successful organizations.  CMMI is much broader and deeper than ISO 9001, and concerns itself with how you act, not what documents you produce.  So it's not about "certification" (btw, it's not really a "certification"), it's about acting like a professional company.

I read a Twitter quote today that partially sums it up: "Configuration Management is a discipline, not a tool."  In similar fashion, estimating is about using a reliable method to produce and estimate, not filling out an estimating deliverable.  The CMMI seeks to help you define your behaviors, and then tests to see if your behaviors are "world-class" or not.  Like ISO, it's possible to "implement" CMMI and totally waste your time, but if used wisely it will produce a substantial (50% or more) increase in quality and productivity. 

Undoubtedly your sales staff sees CMMI as a marketing "feather" that will open the door to some RFPs they can't respond to today.  That's a reasonable position and it's all fine - assuming your response is to "do it right."  Yes, the CMMI journey can be quite expensive (I won't quote a price here, but you know how to reach me . . .. .wink wink), but the cost is TINY compared to the benefit (4:1), and a company in your space, of your size, should be embracing it.

The real question is: "how do I start?"  That's another post.

That's what I think anyway.  Thanks!

Wednesday, October 20, 2010

What PIIDs should we be using for CMMI-ACQ?

Dear Appraiser,

We are involved with helping a group prepare themselves for a CMMI for Acquisition Appraisal. I’m looking for a set of PIIDs that provide examples of acceptable artifacts/evidence for two of the process areas, which are Agreement Management & Acquisition Requirements Development. We are fairly familiar with the artifacts needed, but would like to see from an appraisers point of view, what are acceptable type artifacts/evidence  for each of the SPs in this these process areas. Where can I get PIIDs similar to CMMI for Dev, that provides detail examples of Direct & Indirect artifacts/evidence.

If I just had those dang documents we'd be Level 5!

And before I forget, the idea of "Direct and Indirect" is going away in v1.3, replaced by "Artifact."  Problem half solved!

Like the CMMI-DEV, there are no "accepted" PIIDs that are good for everyone and that all Lead Appraisers would agree with.  This is because every organization is unique, and has their way of doing business.  Some examples exist for DEV commercially because of its relative maturity in the market, but since ACQ is so recent, there isn't much available out there - even for a price.  Even if there were, I'd stay away from them if it were me.

You knew I couldn't end there :)

Isn't focusing on the PIIDs the opposite of what is good for your company?  I'm sure you're not just "trying to achieve a level (cough cough)" so if you are using work products that support behaviors that completely serve your needs, and you use the SPs and Sub Practices to perform a loose "gap analysis" on your behaviors and work products, then everything should "just work" (to borrow a phrase from Apple).  And your Lead Appraiser will be happy too.  BONUS!

The CMMI is a behavioral model, not a documentation requirement, and PIIDs are useful as a natural outcome of a certain behavior.  All the examples you should need are in the book - and if what you're using already is meeting your needs, it's probably just fine (and better than an outsiders suggestion).

How do we best implement GP2.1

Dear Appraiser,

In our company we have implemented GP2.1 ([ed. GP2.1 is about having a policy]) by creating an all-encompassing policy book.  It has 18 sections, one for each PA (Process Area) and a policy statement for each.  Then at the end all of our management signed the book.  We think this is an excellent piece of evidence for GP2.1 but our Lead Appraiser started laughing at us when he saw it.  This hurt my feelings because I created it.  What do you think?

What do I think?  WHAT DO I THINK?  Ha hahahahahahahahahahahaha!  Oh, just kidding!

GP2.1 is about setting expectations in your organization to perform a process.  Let's put aside for a second the notion that PA's are NOT processes, the best way to guage whether or not what you've done actually sets that expectation is to stop people in the hall and ask them how they know they're supposed to use a policy.  Most will tell you "because my supervisor said so."  Not too many will say "because I read the 18 page policy book, and since it was signed by 30 people I took it seriously!."

If you remember the 2004 US Presidential election we had a candidate named John Kerry who, while brilliant, was famous for long-winded, complex answers.  Yea, he answered the question better the George Bush did (GWB just nodded and said "Yep, darn tootin'" to every question), but he lost us and no one paid attention.  This is what your book will do.

Setting a policy is a multi-dimensional, multi-medium exercise and if you'd stop focusing on the APPRAISAL and start focusing on being GREAT, you'll realize this.

Sunday, October 17, 2010

Follow me on Twitter and Facebook

Hey Readers,

Did you know you could follow me on Facebook and Twitter?

On Facebook I'm at:

On Twitter follow: CMMIAppraiser

For Broadsword Blog go to:

Click on over to Broadsword to find out what's happening in the CMMI world:

See you on the Internets!

Wednesday, October 6, 2010

How should we interpret GP3.2?

My CMMI consultant interprets the GP 3.2 as that we must have evidences showing actual improvements that projects obtain from using the process assets (work products, measures, improvement requests...) collected by SEPG from other projects

Previously, I interpreted GP 3.2 as just collecting process assets, and that would satisfy this GP.

Please kindly advise which way can be best match the GP 3.2

The great the thing about consulting is that ANYONE can be one! What a great gig!

GP3.2 is one of my favorite practices because it codifies the gathering of new and improved ideas, data, and other information to actually make us better. What a concept!

It reads:

"Collect work products, measures, measurement results, and improvement information derived from planning and
performing the process to support the future use and improvement of the organization’s processes and process

It's great stuff!! But,  does it force you to demonstrate actual improvements because of this? Not so much.

What it means is that, at some future date, another project might benefit from the use of some of the data we submit. The SEI was smart enough to know that some information might be used, some might not be used, and it wasn't up to them to enforce that. In IPM we're guided to plan using the Organization's Process Assets - perhaps this is what he is referring to . . . .

A further reading of the sub-practices, which explain the intent of the authors, tells us that:


1. Store process and product measures in the organization’s measurement repository. The process and product measures are primarily those that are defined in the common set of measures for the organization’s set of standard processes.

2. Submit documentation for inclusion in the organization’s process
asset library.

3. Document lessons learned from the process for inclusion in the
organization’s process asset library.

4. Propose improvements to the organizational process assets.

These are all good things, but don't lead us to interpert the intent of the practice any differently than the actual practice statement (unlike some others in the model). And still, not a single mention of what you "consultant" describes.

So, I would have to disagree with your "consultant." He's wrong. The practice does not tell us we need to demonstrate that what was submitted was actually used. It would be nice, and it's a good thing, but he's leading you down the wrong path.

Tuesday, October 5, 2010

Live tweets at CMMI v1.3 upgrade workshop

Dear Readers,

I'm Tweeting live at the CMMI Workshop (#cmmiworkshop) in Las Vegas this week where we are learning about CMMI v1.3 upgrade, SCAMPI v1.3, and a whole slew of new SEI information. For live tweets follow me at CMMIAppraiser.


Monday, October 4, 2010

We provide Project Management Services. Which model should we use - CMMI-DEV or CMMI-SVC?

We are a relatively small company of approximately 100 employees providing program management support services for government agencies. Our services include program and project management, including planning, financial management, risk management, etc. Our contracts usually also include delivery of specific documents as part of that support. We are discussing whether we should use CMMI-SVC or CMMI-DEV. Is there a good resource to help us decide which constellation is the better fit for our company as we try to decide whether to implement CMMI?

You didn't say which Maturity Level you were hoping for (2,3,4,5), but the DEV and SVC models are almost identical for ML2 (SVC has one additional PA: Service Delivery). We have many clients who provide project/program management services and use the CMMI-DEV ML2 very effectively. ML2 is focused on project and program management, so the differences between the two are small.

Going with the DEV model gives you the benefit of a huge body of knowledge and experience, with proven methods and techniques. SVC is only a year old, so that just doesn't exist.

ML2 in the DEV model includes Project Planning, Project Monitoring (this includes risks), PPQA, Configuration Management, and so on. These are core to project management. So that is probably a good initial target for you.

If you run projects, then the DEV models is slightly more appropriate. If you provide staff on a staff augmentation basis, then SVC might have a slight edge for you.

My advice would be to go with the DEV model for ML2, and if you wanted some of the advanced PAs then get a Capability Level Three in RSKM and IPM.

Good luck!

Friday, October 1, 2010

Can we just use some documents we created for our customer's process to be ML2?

In a recently completed contract, our company provided support which included helping a Federal agency implement process improvements and achieve a CMMI level 2 maturity rating in CMMI for Acquisition. Personnel from our company developed, documented, and implemented the processes with input, approval, and oversight from the government staff.
Our management asked whether there was any way to use the documentation developed in that contract as evidence in a level 2 appraisal for our company’s CMMI-SVC efforts.
Is there any way that process documentation (methods and evidence) can be used in a CMMI-SVC Level 2 appraisal of our company’s processes?

Of course they did! :)

You have probably heard the SEI joke that the answer to everything is “it depends!”

A CMMI SCAMPI Appraisal is an evaluation of your business practices, behaviors, processes, and deliverables. To the extent that what you developed for your client has been embraced and adopted by YOUR company, and you can demonstrate that is “the what things are done around here” then there is no issue with you re-using process documentation created for another client.
But if your thought is that you will just present this documentation to a Lead Appraiser, without adopting it for your own use, then I doubt that would be useful for you. If it did make it possible for you to achieve CMMI-SVC ML2 under these conditions, then I would question your Lead Appraiser’s competency (or ethics)!

That all said, the SVC and ACQ constellations may share 16 Process Areas, but the target stakeholders of the practices are much different. The way they are adopted is much different. So, adoption of the processes you developed for your client with ASQ may not be a good fit for your