Principles of Software Engineering: an Analysis of Capability Maturity Model - Case Study Example

PRINCIPLES OF SOFTWARE ENGINEERING: AN ANALYSIS OF CAPABILITY MATURITY MODEL (CMM) Principles of Software Engineering: An Analysis of Capability Maturity Model (CMM) Author Author Affiliation Date Table of Contents Table of Contents 2 Capability Maturity Model (CMM): An Overview 3 CMM's Five Maturity Levels of Software Processes 5 Important Aspects of CMM 7 Checklist of CMM 9 SWOT Analysis 10 Strengths 10 Weaknesses 11 Opportunities 12 Threats 12 Conclusion 13 References 14 Executive Summary This report presents an overview of the capability maturity model (CMM), which is well-known software process improvement model. At the present, CMM is commonly used by the large size organizations to improve their business processes. However, it is believed that CMM is not effective for small size organizations for the reason that it requires huge investment. This report will cover an analysis of CMM and SWOT analysis to demonstrate the usefulness of the CMM. Capability Maturity Model (CMM): An Overview Software process models are a collection of rules and regulations that are used to create a software artifact. Basically, a software process model is used to develop software piece or product in accordance with plans at the same time as increasing the organization's efficiency to create excellent artifacts. In this scenario, Capability Maturity Model (CMM) developed by Software Engineering Institute (SEI), is a software process model, which provides organizations with an excellent framework for attaining a mature and organized software process. However, there is a serious concern that the CMM cannot be applied or used by the small size organizations for the reason that it requires a massive investment and numerous resources. In actual fact, many researches on the CMM have shown that its applications can be very expensive even over $100,000 (Saiedian & Carr, 1997). In addition, like various other software process models CMM is also with no exception to its critics. In fact, many organizations believe that the implementation of the capability maturity model gives confidence to too much bureaucracy, or even the CMM is imperfect or faulty. However, these concerns are partially associated with scope, policy factors, and various theoretical aspects, for instance whether the model compliance with properly with globally implemented standards and measures for instance 1S0-9000. On the other hand, some of the serious concerns also pay attention to the theoretical consequences of putting into practice the CMM as the base for software process improvement endeavors. In this scenario, it takes into consideration some of the serious concerns such as, will it benefit as well as ensure enhanced performance or will the organization get caught up in bureaucracy or undergo other concerns? Additionally, as compared to some other process improvement models, the CMM does not openly have need of the outcomes of each change to be identified and documented. However, in this process improvement model suitable and consistent experimental proof is greatly needed (Herbsleb & Goldenson, 1996). In their article (Jayaram, 2007) defines capability maturity model as a method that is used by an organization to build up and continuously improve its software development process. Basically, this software process model is divided into a five-level evolutionary pathway of more and more ordered and methodically more mature processes. Historically, the CMM was invented and is promoted by the Software Engineering Institute (SEI), which is a research and development (R&D) center supported by the U.S. Department of Defense (DoD). In addition, software engineering institute was established in 1984. The purpose behind the development of SEI was to deal with software engineering related aspects as well as, in a wide range, to improve software development processes and methodologies. In simple words, SEI was established to help organizations optimize the method of building, getting, implementing and maintaining a great deal software-reliant systems for the U.S. DoD. In view of the fact that the methods and techniques concerned with CMM are evenly appropriate to the software development firms all together, SEI encourages industry-wide acceptance and implementation of the CMM. In this scenario, the CMM is like ISO 9001, one of the ISO 9000 collections of standards presented by the International Organization for Standardization (ISO). In addition, the implementations of ISO 9000 standards are aimed at specifying a successful quality system for service and manufacturing sectors. In this scenario, ISO 9001 basically addresses a wide variety of aspects related to software development and implementation. However, one of the major dissimilarities between the two systems lies in their specific functions. For instance, ISO 9001 provides a minimum satisfactory quality level for software development methods; on the other hand the CMM is based on an infrastructure for constant process improvement as well as is more open than the ISO standard in specifying the ways to be utilized to that completion (Jayaram, 2007). CMM's Five Maturity Levels of Software Processes CMM is divided into five maturity levels that are outlined below: (Jayaram, 2007) In the initial stage, software development processes are not well-organized, even disorganized. In this scenario, the success of an organization is expected to count on employees’ hard work, as well as is not well thought-out to be repeatable, for the reason that processes would not be adequately identified and documented to let them to be repeated. The second level of CMM is known as the repeatable level, at which the fundamental project management processes are recognized, as well as accomplishments could be repetitive, for the reason that the necessary methods would have been made organized, well-defined, and documented. The third level of the CMM is known as the defined level. At this level a software development firm has built its own standard software process by paying a great deal more attention to documents, standardization, and incorporation. The fourth level of the CMM is known as the managed level. At this level, a software development firm starts monitoring and controlling its own methods by means of data gathering and study. The fifth level of the CMM is known as the optimizing level. At this level the organizational methods are continuously being enhanced by means of keeping an eye on views from existing methods and setting up inventive methods to better hand out the organization's specific requirements and needs. Figure 1CMM, Image Source: (IT Governance Ltd., 2012) Important Aspects of CMM Some of the important aspects of CMM are outlined below: (OneStopdTesting2, 2012) Maturity Levels: As discussed above the CMM is divided into different levels. Thus, it is a layered infrastructure offering a sequence to the regulation required to fit into place in constant enhancement. Using CMM, a software development firm builds the capability to evaluate the effect of an innovative process, tool or technology on their action. For this reason it is not a matter of putting into practice these, to a certain extent it is a concern of identifying how inventive endeavors control current processes. In addition, it actually facilitates teams, projects and companies by providing them the basis to maintain logical option (OneStopTesting3, 2012; Levine, 2009). Key Process Areas: CMM also involves Key Process Areas (KPAs). In this scenario, a KPA classifies a bunch of connected processes that, when carried out jointly, attain a collection of objectives considered significant (OneStopTesting3, 2012; Levine, 2009). Goals: CMM also involves the goals to be achieved through the processes. In this scenario, the goals of a KPA sum up the processes that must be present for that KPA to have been put into practice in an effectual and long-term manner. In addition, the degree to which an organization is successful in achieving the goals have been acknowledged as a pointer of the potential that an organization has gained at that particular maturity level. In this scenario, the goals consist of the limitations, scope and target of each KPA (OneStopTesting3, 2012; Levine, 2009). Common attributes: CMM also deals with some of the common features. In this scenario, common attributes consist of processes that put into practice and institutionalize a KPA. In addition, these common attributes comprise: obligation to carry out a process, capability to carry out a process, actions that need to be performed, measurement and examination, and confirmation and deployment (OneStopTesting3, 2012; Levine, 2009). Key Practices: The CMM also involves key practices which illustrate the fundamentals of framework and process that plays their roles in most efficiently to the accomplishment and institutionalization of the KPAs (OneStopTesting3, 2012; Levine, 2009). Checklist of CMM The capability maturity model is intended to direct those who want to determine organization/project’s reliability with the CMM. In addition, each maturity level consists of five checklist types: (OneStopdTesting2, 2012) Types Description Policy A policy outlines the policy material as well as each KPA goals suggested by the CMM. Standard A standard outlines the suggested material of particular work products presented in the CMM. Process A process provides the information regarding a process suggested by the CMM. In addition, the process checklists are further divided into various checklists such as: Teams/Employees roles Entry criteria/Exit Criteria Inputs Activities Outputs Reviews and audits Work products, organized, well-managed and controlled Measurements and metrics Documented processes and activities Required Training and material Required tools and techniques Procedure A procedure demonstrates the suggested material of documented procedures presented by the CMM. Level Overview It presented a general idea of a complete maturity level. In addition, this checklist is also further divided into other checklists as outlined below: KPA aims and objectives KPA goals Defined Policies Standards to be followed Description of the process Procedures Required training and material Required tools Reviews and audits Work products managed and controlled Measurements and metrics SWOT Analysis SWOT stands for Strengths, Weaknesses, Opportunities and Threats. Basically, the SWOT analysis is a way of classifying the present condition of a firm or process and facilitating the firm to work out a plan for the future, in light of the current strengths, weaknesses, opportunities and threats (McAfee, 2012). In order to determine the effectiveness of CMM a SWOT analysis will be done. This section presents the SWOT analysis of the CMM. In this scenario, it will involve the strengths, weaknesses, opportunities and threats of the CMM. Strengths Some of the advantages of CMM are summarized by the (OneStopTesting, 2012) In view of the fact that the CMM was built by DOD in an attempt to help them evaluate and determine the potential of software development forms to supply software within time and budget, and to adequate standards. Hence, it has possibly been victorious in this function, even supposedly forcing many software sales people to clamor for their organizations' software engineers/developers to put into practice CMM. Without a doubt, the CMM is designed for the assessment of an organization's or its process’s maturity with respect to software development. In addition, it is a significant technique for deciding for exporting and outsourcing software development tasks. In fact, a lot of financial development organizations in Brazil, Ireland, Egypt, Syria, and in different places have acknowledged the CMM for facilitating them to compete for US outsourcing agreements on an even footing. The CMM is an excellent infrastructure to measure as well as improve the maturity of an organization’s process. In addition, it helps organizations improve their process improvement programs. Weaknesses As compared to its strengths, the CMM has more weaknesses. For instance, the basic purpose of CMM is to explain what steps an organization should take in an attempt to build and maintain software dependably and well, however, it does not define that how to carry out these steps (Lowe & Cox, 1996). In this scenario, (Connell, 2002) outlines some of the weaknesses of CMM: It is a goal, not a method because it is achieved and not followed. It is being used just as stamp of approval to get publicity among customers. It does not say anything about software, however focuses on the processes. It does not help organizations deal with a crisis It can be useful only for repetitive tasks Organizations normally use CMM as a method or formula for their process improvement Opportunities The CMM provides an excellent support to organizations for their process improvement. Actually, CMM is a set for guidelines which are different at different stages. In order to achieve particular level an organization must follow the guidelines of that particular stage. If an organization achieves a certain level of CMM for instance 3 or 4, it gives them confidence and it attracts more customers towards the firm. In addition, using the CMM a software development firm can measure themselves against the trends. In this way, software development firms can more precisely recognize their existing level of capabilities. Moreover, the CMM recognizes an exact best process level for the capability that organizations can do their best to attain. Moreover, the CMM facilitates organizations to more evidently measure the space between their existing and preferred capability levels (ArtCony, 2010). Threats Some of the threats are taken from (OneStopTesting, 2012) Software Engineering Institute only presents the names and defined levels of compliance of organization that have requested this information to be listed but it does not provide more details of the processes to be performed in order to achieve these levels. In addition, CMM is complementary for bureaucratic companies for instance government agencies, regulated monopolies and large corporations. It is normally seen that organizations does not truly outline the scope of their CMM conformity to recommend that it relates to their whole firm in place of a particular business unit or project. Without a doubt the CMM encompasses measures or best processes and attributes that successful projects have confirmed but it does not actually outline how to form a successful software development organization. Conclusion This report has presented a detailed analysis of capability maturity model. The CMM is well-known software process improvement model. This report has presented the SOWT analysis to determine the usefulness of CMM. The CMM is an excellent choice where organizations want to improve their process of software development but it does not talk about software itself. It provides the name of levels and associated measures but it does not provide the guidelines that should be followed in order to improve the process of an organization. References ArtCony. (2010). Improve Maturity With Capabilities. Retrieved May 22, 2012, from http://strategic-planning.artcony.com/2011/06/improve-maturity-with-capabilities/ Connell, C. (2002). Introduction to Software Capability Maturity Model. Retrieved May 20, 2012, from chc-3.com/talk/sw-cmm.ppt Herbsleb, J. D., & Goldenson, D. R. (1996). A systematic survey of CMM experience and results. ICSE '96 Proceedings of the 18th international conference on Software engineering (pp. 323-330). IEEE Computer Society Washington, DC, USA. IT Governance Ltd. (2012). Software Capability Maturity Model (CMM). Retrieved May 20, 2012, from http://www.itgovernance.co.uk/capability-maturity-model.aspx Jayaram, M. N. (2007, April). Capability Maturity Model (CMM). Retrieved May 22, 2012, from TechTarget.com: http://searchsoftwarequality.techtarget.com/definition/Capability-Maturity-Model Levine, R. (2009, November 23). Capability Maturity Models - History of the CMM. Retrieved May 22, 2012, from BrightHub.com: http://www.brighthub.com/office/project-management/articles/56412.aspx Lowe, D. E., & Cox, G. M. (1996). Implementing the Capability Maturity Model for Software Development. Retrieved May 20, 2012, from Hewlett-Packard Journal: http://www.hpl.hp.com/hpjournal/96aug/aug96a1.pdf Makela, J. (2012). Model for Assessing GIS Maturity of an Organization. Retrieved May 20, 2012, from http://www.gsdi.org/gsdiconf/gsdi13/papers/123.pdf McAfee, R. P. (2012). SWOT Analysis. Retrieved May 20, 2012, from http://www.mcafee.cc/Classes/BEM116/PDF/SWOT.pdf OneStopdTesting2. (2012). Software process framework for SEI's CMM. Retrieved May 22, 2012, from http://www.onestoptesting.com/quality-management/process-framework.asp OneStopTesting. (2012). Controversial Aspects. Retrieved May 21, 2012, from http://www.onestoptesting.com/quality-management/controversial-aspects.asp OneStopTesting3. (2012). CMM. Retrieved May 22, 2012, from http://www.onestoptesting.com/quality-management/structure.asp Saiedian, H., & Carr, N. (1997). Characterizing a software process maturity model for small organizations. ACM SIGICE Bulletin, Volume 23 Issue 1, pp. 2-11. Saiedian, H., & Kuzara, R. (1995). SEI Capability Maturity Model's Impact on Contractors. Computer, Volume 28 Issue 1, pp. 16-26. Read More