Thursday, July 19, 2007

Could you imagine a CMMI-compatible ERP?

Can you imagine a CMMI-compatible ERPs? It would be, indeed, a kind of “Big Brother” system.

I think you answered the question already. I could imagine it, but I sure wouldn't recommend it!

If I understand your question, your asking if a system that globally controls practitioner's work so that they were "CMMI-Compatible" would be a good idea.

There are several products on the market the purport to deliver CMMI compliance if only the developers would just fill out the forms and use the system. These products try to tightly control the environment so that developers CAN'T go any other route. Believe it or not, Microsoft claims to have such a system (don't get me started . . .). Compuware has one also.

I guess I would have to say that anyone who advocates this type of approach may understand workflow and military efficiency, but probably doesn't appreciate the creative process used to develop software. As I've said many times, software development is not linear and cannot follow a linear process succesfully. The "big brother" approach defeats the purpose of improving process performance and probably won't result in accelerated development, reduced defects, and better retention of employees- the three biggest reasons I believe the CMMI is valuable.

The CMMI is not about filling out forms - it's about increasing productivity through the elimination of non-value added work, improving project visibility, and using fact-based data to make sound business decisions. This is something that I appreciate more and more the older and more experienced I get.

What is the difference between RD and REQM?

What is the difference between REQM and Requirements Development? What are some of the the leading tools for capturing requirements?

Requirements Management, or "REQM," is all about maintaining the set of requirements that you have, and the process of accepting new ones. In the CMMI world, that includes understanding them, committing to them, managing changes to them, maintaining the appropriate degree of traceability, and understanding how they relate to the actual work being performed by the team.

Requirement Development, or "RD," is about the transformation of customer needs into requirements that can then evolve into a design and/or code. This includes eliciting the customer needs (JAD sessions, interviews, et al), transforming those needs into requirements, evolving them into product requirements, allocating the requirements across releases, teams, developers, or modules, validating them, and ensuring that they fit within the customer constraints and assumptions.

I am not aware of one single tool that does all of this, but parts can be supported by Borland's CaliberRM, IBM's ReqPro, or Doors. My preference is CaliberRM, but they all pretty much do the same thing. They are also all parts of a larger "development framework" that these companies market.

Tuesday, July 17, 2007

Does a company that is certified in SigSigma need to get certified in CMMI?

Why do top IT companies with six sigma certification need CMMI certification???? how will it help them? In case they refuse this certification will it affect its market reputation?

No company "needs' either one - but they are both helpful for benchmarking and measuring performance.

Six Sigma and the CMMI are completely different (although often confused) animals. Companies seeking Sig Sigma focus on defects and corrective action, with the hope of being able to correct the cause of the defect and eliminate it in future releases. The focus is largely on metrics.

CMMI is a process model intended to guide organizations through a cycle that improves productivity and performance, eliminates waste, reduces defects, and gives management much better visibility into project performance. The CMMI's focus is both process and metrics.

There is no real conflict between the two except when you realize that in order to predict defects and take true corrective action you must be performing and CMMI Levels 4/5. Many companies attempt Six Sigma programs long before they are mature enough, often leading to failure and wasted effort. Without the standard processes implied by the CMMI, it would be pretty tough to identify the process cause of a defect.

That said, neither has a “certification” per say. A company “achieves” CMMI Level 2/3/4/5 and “achieves” 3/4/5/6 Sigma.

In general, I think the CMMI Appraisal is a much stronger vehicle for evaluating the capabilities of a company, as it is a “best practices” model that used external appraisers to conduct the assessment.

CMMI is verifiable (by the SEI), whereas Six Sigma really isn’t. Any company could claim to have achieved SixSigma, with CMMI you are "awarded" a "rating" by a Lead Appraiser, and you can verify it on the SEI's web site.

As far as market position, I think it depends on the industry. In defense and manufacturing both SixSigma and CMMI are common, but no one is requiring companies to adopt SixSigma that I know of. The same is not true for CMMI. Many OEM's and defense agencies (as well as electonics, health care, and insurance) are requiring that their suppliers achieve CMMI Level Two as a minimum.

If you're in one of those categories, or you want to sell to one of them, the CMMI might be your best route.

Wednesday, July 11, 2007

Should SAM be in our appraisal scope?

Do organizations that develop software applications over SAP or Oracle Applications and that deliver no products or products components to their customers require the SAM Process Area to be in appraisal scope?

As you may know, SAM is the only PA allowed to be “out of scope” for a CMMI Appraisal. However, it's not automatic. The exclusion of SAM is something that will need to be understood, negotiated, and agreed to between the appraisal sponsor and the Lead Appraiser.

In general, I am comfortable excluding SAM if the appraised organization does not purchase key products or services from a supplier that ends up being integrated into your product. In other words, if you hire a company to write a device driver for your handheld inventory device that you use or market, then SAM would be applicable. On the other hand, if you purchase an off-the-shelf “c” library that offers a spell check routine, and you got it from CDW for 29.95, I would not apply SAM. SAM could also apply to internal suppliers, like an operations department, if a service-level agreement exists and they do indeed need to integrated into your product.

Another test I would apply is, is it possible to apply the SAM practices to a particular vendor? For instance, SAP probably wouldn’t comply with your request to “monitor selected supplier processes.”

Should we receive a "Partially Implemented" if we don't use historical data for estimates?

The majority of my appraisal team wanted to rate PP SP 1.4 “Partially Implemented” because they felt we were missing one critical element: how we took actuals from the prior year and translated those into plans for the current year (e.g., with a multiplier, due to complexity differences and/or team experience differences). I felt that the absence of that piece of written data was not sufficient to prevent us from attaining the larger Goal. What do you think?”

In general, I’m reluctant to require any prescriptive method as the only way to satisfy a practice. In other words, a project can very easily estimate properly without specifically taking actual estimates from the prior year and using them with a multiplier as you have described. I agree with your assessment, the absence of a specific piece of written data should not stop you from achieving a goal as long as you are achieving it in some other way.

The suggested work products in the book are just that, suggestions. There's no need to take them literally.