Standards play an important role in many industries. Their purpose is to give users confidence and guidance in product and vendor selection while easing interoperability across systems. There are several well-known standards agencies related to manufacturing. A notable example is the American Society for Quality that defines and maintains ISO 9001 as the international standard for Quality Management Systems (QMS). The International Society of Automation (ISA) is another that develops and publishes standards guiding the field of industrial automation. In the world of software development, the CMMI Institute is a leader. In fact, a Capability Maturity Model Integration (CMMI) designation is required by many of the U.S. government’s software development contracts.
What is CMMI?
The CMMI Institute is operated by ISACA, a global organization serving professionals in all areas of information technology. CMMI was originally created for the U.S. Department of Defense to assess the quality of their software contractors. Due to the program’s success, the CMMI benchmarking process has been broadened to apply to a wide range of U.S. industries, not just software development. Its framework is used in many companies to grade and improve production while decreasing risk. It remains a leading rating agency for software developers.
A Culture of Continuous Improvement
CMMI Version 2.0 has a specific ISACA-defined appraisal method that provides ratings on an organization’s performance. For this article, I will refer to CMMI as rating the processes that are used in product development, not the product itself. Software products are constantly evolving. The only way to ensure stability over time is by using best practices throughout the lifecycle development process.
According to CMMI, their methodology includes the following steps:
- Benchmarking: The first step is to build and benchmark the enterprise’s key capabilities
- Internal performance and process improvement: In this stage, CMMI grades on a scale of 0 – 3 to determine a company’s process improvement capabilities. CMMI describes their levels as:
- Capability Level 0: Incomplete – the approach may or may not meet the intent of any practice leading to inconsistent performance
- Capability Level 1: Initial – addresses performance issues, but does not meet the full intent of improvement areas
- Capability Level 2: Managed – identifies and monitors performance toward project performance objectives
- Capability Level 3: Defined – focuses on achieving both project and organizational performance objectives
- Process monitoring: CMMI determines whether projects progress according to plan to clarify how much control an enterprise has over its processes
- Supplier selection: This step is for enterprises that acquire goods from other companies to determine the level of supply chain risk and how well a company can manage a change in its supply chain
- Risk reduction: Risk management is a continuous process that must be constantly monitored. CMMI defines how a company assesses and mitigates the risks that it encounters during the life cycle of the product.
The Maturity Level Designation
The CMMI appraisal method is a holistic evaluation for any organization. At its core, a CMMI rating signifies a company’s commitment to continuous improvement. This is particularly important to consider if you are selecting a software vendor as that vendor must provide stable, well-managed updates and improvements over an extended period. This commitment is critical to your organization’s success.
With that in mind, the CMMI Institute awards five levels of certification:
- Maturity Level 0— Incomplete: Goals are not established, processes are unreliable, and work may not be completed
- Maturity Level 1— Initial: Processes are unpredictable and reactive, work gets completed but it is often delayed or over budget, resulting in high-risk and inefficiency
- Maturity Level 2— Managed: There are still issues to address, but the work has been completed, and projects are measured and controlled
- Maturity Level 3— Defined: This is the stage where organizations can be proactive, and any shortcomings are clearly understood with a process and goal for improvement; at this level there is a set of enterprise-wide standards to provide guidance in projects
- Maturity Level 4— Quantitatively Managed: At this level, organizations are working with quantitative data at a large scale to achieve insight into process deficiencies to then stay ahead of future possible risk
- Maturity Level 5— Optimizing: This is the gold medal reflecting organizations that are stable and flexible; these organizations have reached a stage of continuous process improvement that has been ingrained into everything they do
Why it Matters
Given no one has a crystal ball, choosing a software vendor to work with in addressing your requirements involves a great deal of trust. Vendors that have committed to the rigor of a CMMI audit and evaluation are demonstrating their commitment to continuous improvement. The CMMI standard is no guarantee, but it does offer an objective and in-depth evaluation of a vendor’s ability to deliver. The standard is high, too; only six percent of companies ever manage to achieve Level 5.
iBASEt has been awarded a Level 3 certification for CMMI Development, a significant milestone that recognizes the company’s serious commitment to continuous improvement as an integrated component of the product development process. In that spirit, our next goal is Level 4.
Of course, there is no “perfect” organization that is immune to risk and has flawless processes. But once a company reaches a point where the daily obstacles and problems are removed, they can focus on core missions and continuous improvement instead. That’s what the CMMI rating can help you judge about your software vendor.
Learn more about CMMI and their influence across industries by visiting the CMMI Institute website.