The Capability Maturity Model Integration (CMMI) defines a process area as, "a cluster of related practices in an area that, when implemented collectively, satisfies a set of goals considered important for making improvement in that area." Both CMMI for Development v1.3 and CMMI for Acquisition v1.3 identify 22 process areas, whereas CMMI for Services v1.3 identifies 24 process areas. Many of the process areas are the same in these three models.
In CMMI models, the process areas are organized in alphabetical order according to their acronym. However, process areas can be grouped according to maturity levels or process area categories.
There are Five maturity levels. However, maturity level ratings are awarded for levels 2 through 5. The process areas below and their maturity levels are listed for the CMMI for Development model:
Maturity Level 2 - Managed
Maturity Level 3 - Defined
Maturity Level 4 - Quantitatively Managed
Maturity Level 5 - Optimizing
The process areas below and their maturity levels are listed for the CMMI for Services model:
Maturity Level 2 - Managed
Maturity Level 3 - Defined (this includes the process areas that make up the previous levels; Maturity Level 3 is made up of the process areas in Level 2 and Level 3)
Maturity Level 4 - Quantitatively Managed
Maturity Level 5 - Optimizing
The process areas below and their maturity levels are listed for the CMMI for Acquisition model:
Maturity Level 2 - Managed
Maturity Level 3 - Defined
Maturity Level 4 - Quantitatively Managed
Maturity Level 5 - Optimizing
There are two categories of goals and practices: generic and specific. Specific goals and practices are specific to a process area. Generic goals and practices are a part of every process area. A process area is satisfied when organizational processes cover all of the generic and specific goals and practices for that process area.
Generic goals and practices are a part of every process area.
Each process area is defined by a set of goals and practices. These goals and practices appear only in that process area.
CMMI for Development, Version 1.2 contains 22 process areas indicating the aspects of product and service development that are to be covered by organizational processes. For a summary of process areas for each model, see these quick reference documents available on the SEI website:
Purpose
The purpose of Agreement Management (AM) is to ensure that the supplier and the acquirer perform according to the terms of the supplier agreement.
Specific Practices by Goal
Purpose
The purpose of Capacity and Availability Management (CAM) is to ensure effective service system performance and ensure that resources are provided and used effectively to support service requirements.
Specific Practices by Goal
Purpose
The purpose of Causal Analysis and Resolution (CAR) is to identify causes of selected outcomes and take action to improve process performance.
Specific Practices by Goal
Purpose
The purpose of Configuration Management (CM) is to establish and maintain the integrity of work products using configuration identification, configuration control, configuration status accounting, and configuration audits.
Specific Practices by Goal
Purpose
The purpose of Decision Analysis and Resolution (DAR) is to analyze possible decisions using a formal evaluation process that evaluates identified alternatives against established criteria.
Specific Practices by Goal
Purpose
The purpose of Integrated Project Management (IPM) is to establish and manage the project and the involvement of relevant stakeholders according to an integrated and defined process that is tailored from the organization's set of standard processes.
Specific Practices by Goal
Purpose
The purpose of Measurement and Analysis (MA) is to develop and sustain a measurement capability used to support management information needs.
Specific Practices by Goal
Purpose
The purpose of Organizational Process Definition (OPD) is to establish and maintain a usable set of organizational process assets, work environment standards, and rules and guidelines for teams.
Specific Practices by Goal
Purpose
The purpose of Organizational Process Focus (OPF) is to plan, implement, and deploy organizational process improvements based on a thorough understanding of current strengths and weaknesses of the organization's processes and process assets.
Specific Practices by Goal
Purpose
The purpose of Organizational Performance Management (OPM) is to proactively manage the organization's performance to meet its business objectives.
Specific Practices by Goal
Purpose
The purpose of Organizational Process Performance (OPP) is to establish and maintain a quantitative understanding of the performance of selected processes in the organization's set of standard processes in support of achieving quality and process performance objectives, and to provide process performance data, baselines, and models to quantitatively manage the organization's projects.
Specific Practices by Goal
Purpose
The purpose of Organizational Training (OT) is to develop skills and knowledge of people so they can perform their roles effectively and efficiently.
Specific Practices by Goal
Purpose
The purpose of Product Integration (PI) is to assemble the product from the product components, ensure that the product, as integrated, behaves properly (i.e., possesses the required functionality and quality attributes), and deliver the product.
Specific Practices by Goal
Purpose
The purpose of Project Monitoring and Control (PMC) is to provide an understanding of the project's progress so that appropriate corrective actions can be taken when the project's performance deviates significantly from the plan.
Specific Practices by Goal
Purpose
The purpose of Project Planning (PP) is to establish and maintain plans that define project activities.
Specific Practices by Goal
Purpose
The purpose of Process and Product Quality Assurance (PPQA) is to provide staff and management with objective insight into processes and associated work products.
Specific Practices by Goal
Purpose
The purpose of the Quantitative Project Management (QPM) process area is to quantitatively manage the project to achieve the project's established quality and process performance objectives.
Specific Practices by Goal
Purpose
The purpose of Requirements Development (RD) is to elicit, analyze, and establish customer, product, and product component requirements.
Specific Practices by Goal
Purpose
The purpose of Requirements Management (REQM) is to manage requirements of the project's products and product components and to ensure alignment between those requirements and the project's plans and work products.
Specific Practices by Goal
Purpose
The purpose of Risk Management (RSKM) is to identify potential problems before they occur so that risk handling activities can be planned and invoked as needed across the life of the product or project to mitigate adverse impacts on achieving objectives.
Specific Practices by Goal
Purpose
The purpose of Supplier Agreement Management (SAM) is to manage the acquisition of products from suppliers.
Specific Practices by Goal
Purpose
The purpose of Technical Solution (TS) is to select design and implement solutions to requirements. Solutions, designs, and implementations encompass products, product components, and product related lifecycle processes either singly or in combination as appropriate.
Specific Practices by Goal
Purpose
The purpose of Validation (VAL) is to demonstrate that a product or product component fulfills its intended use when placed in its intended environment.
Specific Practices by Goal
Purpose
The purpose of Verification (VER) is to ensure that selected work products meet their specified requirements.
Specific Practices by Goal
Only changes made to the set of Process Areas are considered here. For more information about the changes made to Version 1.2, see the Version 1.2 Release Notes or for the definitive list of changes, take the CMMI Version 1.2 Upgrade Training.
Some significant improvements in CMMI-DEV, V1.3 include the following:
For a more complete and detailed list of improvements, see http://www.sei.cmu.edu/cmmi/tools/cmmiv1-3/comparison.cfm. An overview of the changes is described in http://www.benlinders.com/2011/cmmi-v1-3-summing-up/.
Table: Process Areas, Categories, and Maturity Levels [3]
Process Area | Abbreviation | Category | Maturity Level |
---|---|---|---|
Causal Analysis and Resolution | CAR | Support | 5 |
Configuration Management | CM | Support | 2 |
Decision Analysis and Resolution | DAR | Support | 3 |
Integrated Project Management | IPM | Project Management | 3 |
Measurement and Analysis | MA | Support | 2 |
Organizational Process Definition | OPD | Process Management | 3 |
Organizational Process Focus | OPF | Process Management | 3 |
Organizational Performance Management | OPM | Process Management | 5 |
Organizational Process Performance | OPP | Process Management | 4 |
Organizational Training | OT | Process Management | 3 |
Product Integration | PI | Engineering | 3 |
Project Monitoring and Control | PMC | Project Management | 2 |
Project Planning | PP | Project Management | 2 |
Process and Product Quality Assurance | PPQA | Support | 2 |
Quantitative Project Management | QPM | Project Management | 4 |
Requirements Development | RD | Engineering | 3 |
Requirements Management | REQM | Project Management | 2 |
Risk Management | RSKM | Project Management | 3 |
Supplier Agreement Management | SAM | Project Management | 2 |
Technical Solution | TS | Engineering | 3 |
Validation | VAL | Engineering | 3 |
Verification | VER | Engineering | 3 |
The Capability Maturity Model (CMM) is a development model created in 1986 after a study of data collected from organizations that contracted with the U.S. Department of Defense, who funded the research. The term "maturity" relates to the degree of formality and optimization of processes, from ad hoc practices, to formally defined steps, to managed result metrics, to active optimization of the processes.
Project management is the process of leading the work of a team to achieve all project goals within the given constraints. This information is usually described in project documentation, created at the beginning of the development process. The primary constraints are scope, time, and budget. The secondary challenge is to optimize the allocation of necessary inputs and apply them to meet pre-defined objectives.
A quality management system (QMS) is a collection of business processes focused on consistently meeting customer requirements and enhancing their satisfaction. It is aligned with an organization's purpose and strategic direction. It is expressed as the organizational goals and aspirations, policies, processes, documented information, and resources needed to implement and maintain it. Early quality management systems emphasized predictable outcomes of an industrial product production line, using simple statistics and random sampling. By the 20th century, labor inputs were typically the most costly inputs in most industrialized societies, so focus shifted to team cooperation and dynamics, especially the early signaling of problems via a continual improvement cycle. In the 21st century, QMS has tended to converge with sustainability and transparency initiatives, as both investor and customer satisfaction and perceived quality are increasingly tied to these factors. Of QMS regimes, the ISO 9000 family of standards is probably the most widely implemented worldwide – the ISO 19011 audit regime applies to both and deals with quality and sustainability and their integration.
Software Engineering Institute (SEI) is a federally funded research and development center in Pittsburgh, Pennsylvania, United States. Founded in 1984, the institute is now sponsored by the United States Department of Defense and the Office of the Under Secretary of Defense for Research and Engineering, and administrated by Carnegie Mellon University. The activities of the institute cover cybersecurity, software assurance, software engineering and acquisition, and component capabilities critical to the United States Department of Defense.
Configuration management (CM) is a systems engineering process for establishing and maintaining consistency of a product's performance, functional, and physical attributes with its requirements, design, and operational information throughout its life. The CM process is widely used by military engineering organizations to manage changes throughout the system lifecycle of complex systems, such as weapon systems, military vehicles, and information systems. Outside the military, the CM process is also used with IT service management as defined by ITIL, and with other domain models in the civil engineering and other industrial engineering segments such as roads, bridges, canals, dams, and buildings.
Quality assurance (QA) is the term used in both manufacturing and service industries to describe the systematic efforts taken to assure that the product(s) delivered to customer(s) meet with the contractual and other agreed upon performance, design, reliability, and maintainability expectations of that customer. The core purpose of Quality Assurance is to prevent mistakes and defects in the development and production of both manufactured products, such as automobiles and shoes, and delivered services, such as automotive repair and athletic shoe design. Assuring quality and therefore avoiding problems and delays when delivering products or services to customers is what ISO 9000 defines as that "part of quality management focused on providing confidence that quality requirements will be fulfilled". This defect prevention aspect of quality assurance differs from the defect detection aspect of quality control and has been referred to as a shift left since it focuses on quality efforts earlier in product development and production and on avoiding defects in the first place rather than correcting them after the fact.
ISO/IEC 15504Information technology – Process assessment, also termed Software Process Improvement and Capability dEtermination (SPICE), is a set of technical standards documents for the computer software development process and related business management functions. It is one of the joint International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) standards, which was developed by the ISO and IEC joint subcommittee, ISO/IEC JTC 1/SC 7.
The Personal Software Process (PSP) is a structured software development process that is designed to help software engineers better understand and improve their performance by bringing discipline to the way they develop software and tracking their predicted and actual development of the code. It clearly shows developers how to manage the quality of their products, how to make a sound plan, and how to make commitments. It also offers them the data to justify their plans. They can evaluate their work and suggest improvement direction by analyzing and reviewing development time, defects, and size data. The PSP was created by Watts Humphrey to apply the underlying principles of the Software Engineering Institute's (SEI) Capability Maturity Model (CMM) to the software development practices of a single developer. It claims to give software engineers the process skills necessary to work on a team software process (TSP) team.
Capability Maturity Model Integration (CMMI) is a process level improvement training and appraisal program. Administered by the CMMI Institute, a subsidiary of ISACA, it was developed at Carnegie Mellon University (CMU). It is required by many U.S. Government contracts, especially in software development. CMU claims CMMI can be used to guide process improvement across a project, division, or an entire organization. CMMI defines the following maturity levels for processes: Initial, Managed, Defined, Quantitatively Managed, and Optimizing. Version 2.0 was published in 2018. CMMI is registered in the U.S. Patent and Trademark Office by CMU.
Quality management ensures that an organization, product or service consistently functions well. It has four main components: quality planning, quality assurance, quality control and quality improvement. Quality management is focused not only on product and service quality, but also on the means to achieve it. Quality management, therefore, uses quality assurance and control of processes as well as products to achieve more consistent quality. Quality control is also part of quality management. What a customer wants and is willing to pay for it, determines quality. It is a written or unwritten commitment to a known or unknown consumer in the market. Quality can be defined as how well the product performs its intended function.
In configuration management, a baseline is an agreed description of the attributes of a product, at a point in time, which serves as a basis for defining change. A change is a movement from this baseline state to a next state. The identification of significant changes from the baseline state is the central purpose of baseline identification.
Requirements management is the process of documenting, analyzing, tracing, prioritizing and agreeing on requirements and then controlling change and communicating to relevant stakeholders. It is a continuous process throughout a project. A requirement is a capability to which a project outcome should conform.
Capability Immaturity Model (CIMM) in software engineering is a parody acronym, a semi-serious effort to provide a contrast to the Capability Maturity Model (CMM). The Capability Maturity Model is a five point scale of capability in an organization, ranging from random processes at level 1 to fully defined, managed and optimized processes at level 5. The ability of an organization to carry out its mission on time and within budget is claimed to improve as the CMM level increases.
People Capability Maturity Model is a maturity framework that focuses on continuously improving the management and development of the human assets of an organization. It describes an evolutionary improvement path from ad hoc, inconsistently performed practices, to a mature, disciplined, and continuously improving development of the knowledge, skills, and motivation of the workforce that enhances strategic business performance.
Supply-chain operations reference (SCOR) model is a process reference model developed and endorsed by the Supply-Chain Council as the cross-industry, standard diagnostic tool for supply chain management. The SCOR model describes the business activities associated with satisfying a customer's demand, which include plan, source, make, deliver, return and enable. Use of the model includes analyzing the current state of a company's processes and goals, quantifying operational performance, and comparing company performance to benchmark data. SCOR has developed a set of metrics for supply chain performance, and Supply Chain Council members have formed industry groups to collect best practices information that companies can use to elevate their supply chain models.
An independent test organization is an organization, person, or company that tests products, materials, software, etc. according to agreed requirements. The test organization can be affiliated with the government or universities or can be an independent testing laboratory. They are independent because they are not affiliated with the producer nor the user of the item being tested: no commercial bias is present. These "contract testing" facilities are sometimes called "third party" testing or evaluation facilities.
A glossary of terms relating to project management and consulting.
In software engineering, a software development process is a process of planning and managing software development. It typically involves dividing software development work into smaller, parallel, or sequential steps or sub-processes to improve design and/or product management. It is also known as a software development life cycle (SDLC). The methodology may include the pre-definition of specific deliverables and artifacts that are created and completed by a project team to develop or maintain an application.
Automotive SPICE is a maturity model adapted for the automotive industry. It assesses the maturity of development processes for electronic and software-based systems. It is based on an initiative of the Special Interest Group Automotive and the Quality Management Center (QMC) in the German Association of the Automotive Industry (VDA).
IEC 62443 is an international series of standards that address cybersecurity for operational technology in automation and control systems. The standard is divided into different sections and describes both technical and process-related aspects of automation and control systems cybersecurity.
{{cite journal}}
: Cite journal requires |journal=
(help){{cite journal}}
: Cite journal requires |journal=
(help)