Monday, September 13, 2010

How Do We Select a High Maturity Consultant?

My friend is a Quality Manager in a company who has reached CMMI Maturity Level 3. They now want to achieve Maturity Level 5. They started taking quotes from different companies. In the selection process they found that there are 3 or 4 major players in our country who have up to 3 High Maturity Lead Appraisers. Most of these companies have submitted proposals for consulting and appraisal in a single quote. Now my friend fears that:
  1. Most of them already have at least 40 High Maturity clients and at least 30 Maturity Level 3 clients. Will they have the capacity do lead the appraisal on time for my friend's company ( considering 12 SCAMPI appraisals per year per LA) ?
  2. Most of them deliver the consulting and training activities , which is 70 % of the contract value and sometimes they break the contracts and not deliver the SCAMPI, which is still highly profitable, since only 30 % value is lost, and no need to deal with High Maturity appraisal needs.

In order to address this issue, does the SEI publish a list of contracts for SEI Partner? Does the SEI have a specific committee or group to look in to the capacity management and availability management of their SEI partners, so that companies will not have such concerns?

All that the SEI does is maintain a list of SEI Partners and certified High Maturity Lead Appraisers. If there is indeed a problem as you have stated, then you or your friend should contact the SEI about the SEI Partner in question as this certainly sounds like unethical behavior.

Another issue is that an SEI-certified High Maturity Lead Appraiser cannot appraise the organization if he or she has provided the consulting to the organization, unless the SEI approves the potential Conflict of Interest.

The steps taken by SEI in this area are impressive. Also I understand that the control on appraisals/per year is established by SEI. Out of curiosity i would like to ask follow up questions.

I belive the critical part of this entire process is that consulting and apprisal services cannot be performed by the same Lead appriser. If there is a need of separate contract for SCAMPI A appraisal activities, and it cannot be included in a consulting contract, then it can have more credibility. Also like ISO where the certification agencies are audited annually (correct me if am wrong), will SEI do an onsite audit on SEI partners? Or do they have a databse of all the contracts established by SEI partners around the world (considering 800 to 1000 appraisals per year)? Because the user community trusts the SEI more than the SEI Partners ( for most of the users it may be the first time to contract with an SEI Partner and they might not be sure of the guidelines provided by the SEI or about the SEI Ethics commitee). All this can be prevented if the SEI takes a copy of all contracts established for SCAMPI A across the countries. What are your views on it? .

Note:The intent of the question is to increase the user communities' trust on SEI to increase, but not to reduce the credibility of SEI partners/Lead Appraisers.

The SEI does not have the time or resources to perform annual on-site audits of the SEI Partners. And as an SEI Partner, I would not welcome an on-site audit by the SEI. It would be additional expense for me.

What the SEI does provide that may help with your concerns is that they perform a QA audit of the results of every appraisal submitted by a Lead Appraiser. If the appraisal results do not meet the evaluation criteria, then a more in-depth audit occurs. What can then happen is that if the problems are serious enough, the Lead Appraiser can lose his or her CMMI credentials. This has happened to a number of Lead Appraisers since this policy was put in place.

In addition, each Lead Appraiser must be certified by the SEI, which provides another layer of credibility.

The SEI Partners provide the service and the certified-Lead Appraisers deliver the service. As a buyer of CMMI services, it is your responsibility to learn about the SEI policies regarding Ethics and Conflict of Interest, as well as the credibility of the different SEI Partners and Lead Appraisers. Otherwise, you get what you pay for. In other words, buyer beware!

And depending upon what country you are in, the SEI Partners are trusted as much or more than the SEI by the user community.

Sunday, September 12, 2010

Achieving a Maturity Level Without a Consultant or Training

I was wondering if it is possible to go it alone with CMMI Maturity Level 2. I have been told by many that attempting CMMI Maturity Level 2 without a consultant or highly trained staff would be somewhat challenging. What are your thoughts?

Also, having limited resources for process improvement being a strong possibility, do you have any recommendations for online sources that can help offset the costs?

Though it is entirely possible to implement the CMMI without hiring a CMMI consultant, that is a high risk approach. Though I don’t see how you could avoid taking the Introduction to CMMI training class. That, in my opinion, would be a huge mistake. There are some areas in the CMMI that are open to interpretation when trying to go it alone and you can end up doing things in the spirit of achieving Maturity Level 2 that have no business value to you. In addition, since your organization has to provide 4 to 8 appraisal team members, each appraisal team member must take the SEI’s Introduction to CMMI class.

These are all worthwhile expenditures of your process improvement budget. And when you compare these expenses to your internal costs for process improvement, these are usually negligible in comparison.

But if you are trying to do things as cheaply as possible, that begs the question, why are you even considering implementing the CMMI and trying to achieve Maturity Level 2? Basically you get what you pay for. Going the cheap route doesn’t demonstrate management commitment to process improvement and can result in wasted effort, wasted money, and an aborted process improvement initiative.

Bi-directional Traceability

Our organization is in the process of preparing for a CMMI Maturity Level 2 SCAMPI A appraisal. We are concerned about our approach for bi-directional traceability REQM SP 1.4. We maintain traceability is follows:
1. High Level Requirements <--> Use Cases (Includes GUIs and Database Interactions) <--> Test Cases
2. Use Cases <--> Source Code

Note: One can trace from Test Cases to Source Code through the Use Cases and Vice Versa, but the traceability is not direct. The reason behind this is, test cases are generated from use cases and are tested against the application (black box testing). Source code does not have associated test cases.

Is this kind of traceability considered bi-directional and is satisfactory for Maturity Level 2?

What you describe is one of many ways to implement bi-directional traceability and meet the intent of the CMMI. If your method supports your business goals and objectives and there are no quality issues, your approach should be acceptable for a Maturity Level 2 appraisal.

It is interesting that you think tracing from Test Cases to Source Code via Use Cases may not be acceptable. Traceability is a multi-dimensional mapping that can have one-to-many and many-to-one relationships. As long as you trace from the top all the way to the bottom and vice versa, you should be fine no matter how many links there are in the chain, and the chain can have branches as well.

Please note that bi-directional traceability does not mean tracing one whole document to another whole document. What it means is that a given item in one document (a specific requirement for example) can trace to multiple items in another document, multiple items in one document can trace to one item in another document, one item can trace to one item, etc.

Saturday, September 11, 2010

Some Appraisal Questions

  1. Why does the SEI ask for focus projects instead of all the projects done by the company?
  2. Usually companies can select consultants and the Lead Appraiser (LA). Why is the SEI giving the right to chose the LA by the company or consultant?
  3. Why do the appraisal results expire after 3 years?
  4. Why doesn't the SEI have compliance appraisals every 6 months or 1 year similar to ISO?
  1. The SCAMPI method is a sampling method to determine the degree of institutionalization of the processes on the projects. Therefore the use of focus projects. For organizations where there are only 1 or 2 projects, then all of the projects are usually included in the appraisal scope. But for organizations with many projects, it would be prohibitive to evaluate all of the projects. That is why it is the responsibility of the Lead Appraiser to select the focus projects, along with input from the organization. The principle here is that if the processes are truly institutionalized throughout the organization, then it doesn’t matter which projects are selected for the appraisal. Any set of selected projects should be representative of how all projects in the organization behave.

  2. If I understand your statement, you are incorrect. The organization does select the CMMI consultant and Lead Appraiser. However, only SEI-certified Lead Appraisers are allowed to lead and report SCAMPI appraisal results. If a Lead Appraiser is NOT SEI-certified and he or she leads a SCAMPI appraisal, then the appraisal results are NOT valid.

  3. The appraisal results expire after three years because in the past many organizations tended to backslide in their process maturity after having their appraisal. The three year period is long enough to address the findings from the SCAMPI A appraisal and prepare for a re-appraisal at the same or higher Maturity Level. If there is no expiration date, then there could be less motivation to continue with Process Improvement.

  4. In addition, there is no such thing as a compliance appraisal at this time. There has been some discussion along these lines, but nothing has been settled. There is a fundamental difference between ISO audits and CMMI appraisals. ISO is a standard and the result of the audit is certification. CMMI is a set of guidelines for process improvement and the result is Maturity Level or Capability Level that is valid for three years.

Is Going Directly for a CMMI ML 5 Appraisal Allowed?

Is a CMMI v1.2 ML 5 appraisal allowed in the following situation?

One of my company's divisions was successfully appraised to CMMI v1.1 ML 5 but the appraisal results expired in 2009. Now my company wants all three divisions, which are located in different cities, appraised to ML 5. Though skipping levels is not recommended, however, is it allowed to go for the appraisal?

There is nothing from the SEI that prevents a company from being appraised to whatever Capability Level or Maturity Level that it chooses. That being said, what does drive the CL or ML is the organization being able to collect, analyze, and correctly use data for statistical and quantitative analysis, as well as being able to institutionalize the behaviors and practices. You should hire an SEI-Certified High Maturity Lead Appraiser and have him or her perform a Class C or Class B appraisal to determine the risks with your current approach and implementation of ML 5. The outcome of this exercise will determine if it is feasible to achieve ML 5 at all three sites.