Capability Maturity Model - CMM

A maturity model can be described as a structured collection of elements that describe certain aspects of
maturity in an organization. A maturity model may provide, for example:

• a place to start
• the benefit of a community’s prior experiences
• a common language and a shared vision
• a framework for prioritizing actions
• away to define what improvement means for your organization.

A maturity model can be used as a benchmark for comparison and as an aid to understanding - for example,
for comparative assessment of different organizations where there is something in common that can be
used as a basis for comparison. In the case of the CMM, for example, the basis for comparison would be the
organizations' software development processes.
The CMM involves the following aspects:

• Maturity Levels: A number of level continuum culminating in the discipline needed to engage in
continuous process improvement and optimization.
• Key Process Areas: A Key Process Area (KPA) identifies a cluster of related activities that, when
performed collectively, achieve a set of goals considered important.
• Goals: The goals of a key process area summarize the states that must exist for that key process
area to have been implemented in an effective and lasting way. The extent to which the goals have
been accomplished is an indicator of how much capability the organization has established at that
maturity level. The goals signify the scope, boundaries, and intent of each key process area.
• Common Features: Common features include practices that implement and institutionalize a key
process area. There are five types of common features: Commitment to Perform, Ability to
Perform, Activities Performed, Measurement and Analysis, and Verifying Implementation.
• Key Practices: The key practices describe the elements of infrastructure and practice that
contribute most effectively to the implementation and institutionalization of the KPAs.

Describing the Capability Maturity Model

The Capability Maturity Model® (CMM®) for software is a widely accepted set of guidelines for developing
high-performance software organizations. Watts Humphrey and his colleagues at IBM developed the
original concept for the CMM in the early 1980s.

Humphrey determined that the quality of an application was related directly to the quality of the process
used to develop it. To improve application development processes, Humphrey wanted to implement the W.
Edwards Deming continuous-improvement cycle (i.e., plan — do — check — act).

However, application developers had been installing improved development methods and technologies for
a decade without gaining much improvement.

Humphrey observed that improved software development practices did not survive unless an application
development (AD) organization's behavior changed to support them. His unique insight was that AD
organizations had to remove impediments to continuous improvement in a specific order if they were to
succeed.

Consequently, Humphrey designed the process maturity framework, an evolutionary path to help AD
organizations increase the capability of their AD processes in five stages.
CMM is evolving:

Process Improvement Is Continuous Improvement. We can never reach perfection.

The CMM does not provide all the answers; it too is evolving and improving. Process management means
constructive and continual improvement. The focus is on always doing better.

The reach should always exceed the grasp.

1. "If my organization was assessed at Level X using the original model and preliminary maturity
questionnaire, will it be assessed at Level X using the updated CMM and updated
maturity questionnaire?"
 • If an organization based its improvement program on the spirit of the maturity model, there
will probably be little impact on its assessed level.

• If an organization's improvement program is designed on the items in the preliminary maturity

questionnaire, then the organization may see some impact. Maturity level scores have always
been based on the findings of an assessment rather than the answers to the maturity
questionnaire.

Process Improvement Using the CMM

Software process improvement occurs within the context of:

• the organization's strategic plans

• its business objectives
• its organizational structure
• the technologies in use
• its social culture
• its management system

CMM and Quality Management

The CMM does not address all the issues that need to be faced for software process and quality
improvement. Issues that are addressed only indirectly, or by implication, include:

• specific tools, methods, and technologies

• concurrent engineering and teamwork
• system engineering, marketing, etc.
• human resources
• change management

View the CMM, assessments, and evaluations in the larger context.

Capability Maturity Model for Software (CMM)

The Capability Maturity Model for Software (also known as the CMM and SW-CMM) has been retired, and
CMMI (Capability Maturity Model Integration) replaces it. The SEI no longer maintains the SW-CMM model,
its associated appraisal methods, or training materials, nor does the SEI offer SW-CMM training.

The CMM was originally intended as a tool for objectively assessing the ability of government contractors'
processes to perform a contracted software project. Though it comes from the area of software
development, it can be (and has been and still is being) applied as a generally applicable model to assist in
understanding the process capability maturity of organizations in diverse areas. For example, software
engineering, system engineering, project management, software maintenance, risk management, system
acquisition, information technology (IT), personnel management. It has been used extensively for avionics
software and government projects around the world.
The CMM has been superseded by a variant - the CMMI (Capability Maturity Model Integration). The old
CMM was renamed to Software Engineering CMM (SE-CMM) and organizations accreditations based on SE-
CMM expired on 31 December 2007.

Variants of maturity models derived from the CMM have emerged over the years, including, for example,
Systems Security Engineering CMM SSE-CMM the People Capability Maturity Model and the Software
Maintenance Maturity Model S3M.

Worldwide Adoption

The SEI is excited about the response that organizations around the world are having to the CMMI Product
Suite. CMMI is being adopted worldwide, including North America, Europe, Asia, Australia, South America,
and Africa. This kind of response has substantiated the SEI's commitment to the CMMI models and the
Standard CMMI Appraisal Method for Process Improvement (SCAMPISM).

SCAMPI incorporates the best ideas of several process-improvement appraisal methods. The SCAMPI Class
A method is being used successfully by many organizations. The emerging SCAMPI Class B and Class C
methods will extend the suite of SCAMPI methods.

Benefits of Process Improvement

The following are some of the benefits and business reasons for implementing process improvement:

• The quality of a system is highly influenced by the quality of the process used to acquire, develop,
and maintain it.
• Process improvement increases product and service quality as organizations apply it to achieve
their business objectives.
• Process improvement objectives are aligned with business objectives.

CMMI Benefits

The CMMI Product Suite is at the forefront of process improvement because it provides the latest best
practices for product and service development and maintenance. The CMMI models improve the best
practices of previous models in many important ways. CMMI best practices enable organizations to do the
following:

• more explicitly link management and engineering activities to their business objectives
• expand the scope of and visibility into the product lifecycle and engineering activities to ensure that
the product or service meets customer expectations
• incorporate lessons learned from additional areas of best practice (e.g., measurement, risk
management, and supplier management)
• implement more robust high-maturity practices
• address additional organizational functions critical to their products and services
• more fully comply with relevant ISO standards