 |
 |
 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
CONFERENCE REVIEW TO DOWNLOAD THE PRESENTATIONS FROM THE CONFERENCE CLICK HERE If there was one fundamental rule that emerged from the recent CMMI Made Practical conference, held at London’s Institute of Directors in Pall Mall, it was that the sound management of processes – be they those of business, manufacture or applications development – makes damned good business sense. At the most basic of levels, if sound management of development processes means that code defects are trapped early, before they emerge in testing – or worse still, emerge following installation at a customer site – or are even eradicated before that, through changes to procedures from staff understanding what is going on, then significant cost savings can be made.
This was one of the common threads running right though the two days of the conference, underpinning the theme that this is an approach to process management that has now found its time with the majority of businesses. The concepts that underpin it may have been spawned by the needs of the military, and they have been well-applied there for many years, but a packed conference audience demonstrated that it is now time for them to be applied across the board. The second dominant thread to emerge during the conference was the close relationship between CMMI and the increasingly important areas of corporate governance and compliance to the raft of new regulations, such as Sarbanes-Oxley and Basel II, that companies now need to meet – and prove they can meet. Here, management of the processes involved is the key criterion. These points were set out at the very beginning with the keynote address from Ian Gott, of consultants, Nimbus. Taking Lockheed Martin, a UK software contractor involved in the latest US presidential helicopter contract, he showed the importance of CMMI to business. The company had CMMI Maturity Level 3 (ML3) mandated as part of this deal and by reaching accreditation it has also reached the point where every programme is now based upon a standard process, which in turn is based on an existing model. All process information is delivered dynamically over the intranet, personalised by role and with mechanisms for suggesting improvements. And as a ‘by-product’ of this approach, they also got provable compliance to relevant standards and regulations. And here is the business message from all this: by driving out waste they have already made £5.7m savings in the last year, with a further £4.5m savings predicted for next year. Through understanding its processes the company can also work through important review processes, so it can determine which contract bids to pull out of in advance of actually bidding. The company used to win 30% of bids; but now it wins 100% of the bids it actually makes. The
practical track Before starting, he pointed to one of the most important aspects of implementation, which surfaced many times during the two days. This was that the first step was to put the CMMI programme on the management agenda and build a strong group to steer the programme. Their first target was to develop the policies – in practice only eight pages long – as a way of getting the group to work together. A key decision was that no policy could be anything that someone in M&S was not doing already, so that no policy was a big step outside the norm. Next, came the building of a process improvement team and also a training programme. This defined the metaprocess for a building process; including inputs from M&S best practices, industry best practices, CMMI and CMM, and SUMMIT. These steps took the first year. The second year saw the move to CMMI and completion of the requirements definition and configuration management work, using Select's tools. The first CMMI assessment covered 20 projects, using an external lead assessor. Spencer observed that the team did well, but were left with things to address, plus the ability to measure what they were still not doing well, “which is the point of the exercise,” he says. So now, they have built in process checks, using process assurance consultants on the major processes and Project Office Managers. They have also added lots more training and mentoring. His suggested tips and techniques included running process improvement as a CMMI project, getting management buy-in from day one, identifying your own best practices and exploiting them, and taking a collaborative approach with staff: “talk to them, consider their absorption rate, and communicate, communicate, communicate – in fun ways as well as serious ones.” It emerged that
many only followed the processes because it was assumed CMMI demanded
it – which was not the right answer at all. There were also
reviews with senior management, which discovered that the culture
was actually just about attaining ML 3 – so that once they
had it, they took the foot off the pedal. So, Compita did a project
to identify the important, long-term process goals, which should
be reviewed at least annually. This included education on what was
needed, plus a cost-benefit analysis. In parallel, they conducted
a series of continuous Health checks with feedback given to the
project staff. The client soon thought they were ready for a formal
assessment, although there was, in practice, a need to let the processes
become institutionalised first. •
Initiation – getting the management buy-in is the important
part here. The benefits that come from the process, however, include a permanent and long-term affinity with process improvement, project staff that understand and support the processes, and better metrics on how the processes are running. Consultant Marilyn Bush gave some important insight into the traps that should be avoided in setting off down the path to CMMI accreditation, by setting out some of the common mistakes that companies make. Many companies see CMMI Assessments as ‘tests’ and are afraid that they won’t pass, so they practice the ‘answers’. This usually this fails badly and is a waste of money. “So don’t coach people for the interviews,” she said, “as there are no perfect procedures. And anyway, the procedures should be short – not more than a page long.” Many companies fail to give senior management a key role in process improvement, although they are the only people that have the authority to push it. The thing takes time and money – you will get it back but you have to spend first. Senior management are part of it all, and their participation also gets over the ‘do as I say not as I do’ problem – if they are truly part of the same disciplined procedures. They also need to learn what questions they actually need to be asking, such as ‘how many defects are we finding? Before test, during test, in operations?’ ‘how can the process be changed to avoid these?’, and ‘how can the issues involved be identified?’ “To anyone thinking, ‘how can I have my MD involved in this’,” she said, “I would reply ‘how can you not?’.” So, there has to be an executive board for process improvement. As this is a team effort, companies should encourage Project Managers to take real responsibility for process improvement, though many don’t. They, after all, must have the ultimate responsibility for the processes and that is more important than any individual project. In fact, the best project managers are the ones to encourage most, she suggested, rather than one that is ‘going spare’. The corollary of this is that it's a mistake to simply appoint an individual as process improvement manager (or some similar title; cf. Borland's Chief Process Officer, but he is part of a team effort) or just to appoint external consultants. “The singleton manager can’t get the organisation to any CMMI level because they don’t have any authority,” she said, “and they inevitably need to try to cut across the lines of authority that do exist. It would only work with authority – if the boss took it on personally. Appointing consultants or a small group and assuming it will all be better also doesn’t work, it has to be across the organisation, and driven from the top.” The
management track This latter was an extremely important presentation, by Kieran Doyle and Alison Adams of Lamri, because ITIL is an extremely successful framework for operational management – in fact, it is probably what most IT people think of first when it comes to process improvement. Adams gave a useful summary of ITIL and then Doyle showed that much of what you needed for ITIL was common to CMMI (see CMMI and ITIL) Continuing the practical theme of this ostensibly management-based track, David Piper of Select Business Solutions and Annie Combelles of Q-Labs described the practical achievement of improvement targets using their organisation's toolsets – Andrew Griffiths reviewed Select's Process Director in the last issue of ADA. Piper pointed out the inadvisability of over-engineering process, especially processes that, like reviews, are reused everywhere – over-engineering can result in unfeasibly large numbers of steps to manage. Kieran Doyle then talked about the governance needed to make a CMMI implementation work. It is again clear that a lot of self-discipline is needed and that committed and informed senior management involvement is vital, a point echoed in the Keynote Speaker panel session that followed. This panel session, which ended the first day, also highlighted the fact that there is no essential conflict between CMMI and Agile: Marilyn Bush quoted an ML5 company that is cheerfully using Agile processes. CMMI, as long as you don't over-engineer the processes, and know what you are doing generally, shouldn't impose unnecessary bureaucracy or place process over people; although it does encourage you to criticise and mend the process, rather than looking for people to blame, when things go wrong (which is no bad thing). On the second day, the management track opened with a fascinating insight into the world of the auditor from Dera McLoughlin of Mazars. All attendees at this session probably left feeling that Sarbanes-Oxley was more of an issue in the UK than you'd expect; and that CMMI process improvement could be a pretty effective response to Audit criticism. The modern IT auditor seems to be an impressive operator and, although she can “audit round the box” if you do have a chaotic process, being able to demonstrate capability and maturity in advance will probably keep the bills down. The lunchbite session on the second day gave attendees the chance to meet a Lead Appraiser and, in fact, you got to meet several. This provided a valuable opportunity to gain some insight into the real life experience of CMMI appraisal. Some interesting points emerged in the discussion: for instance, if you are not allocating 5-7% of your IT budget to your CMMI effort, you are really putting your success at risk (you may succeed with only 1-3%, but it will take a lot longer – and this probably indicates that the original case wasn't made strongly enough anyway). Kieran ran through some typical appraisal issues: objectivity is vital, you mustn't put pressure on internal appraisal team members to “pass” their company, for instance; and it is a very good idea to get all the data identified and available in advance, as “discovery mode” is very hard work (and it is quite legitimate for internal members of the appraisal team to help people find things). He also pointed out that external appraisers mustn't be judgemental – there are many “right” ways of doing things – and that being on an appraisal team was an immensely valuable learning experience for all concerned, internal and external. The afternoon started with sessions from Andrew Griffiths and Andy Dunham of Lamri dealing with outsourcing, offshoring, on-shoring etc, referring to Dunham's practical experience in Barclays and inviting Alan Shepperton of Visteon from the floor, to contribute his practical experience. A lot of this session was devoted to defining terms – you can offshore internally, without outsourcing. It became clear that there was a continuum and that it was essential to balance savings and risk. There are hidden costs to both outsourcing and offshoring, let alone to doing both together; and management overheads, if the risk is to be managed. Clearly, CMMI (even at ML2) provides a very strong basis for managing a distributed environment encompassing outsourcing and offshoring. Ending the Management Track, Paul Morgan of GTECH provided a real insight into an operation based on maturity and capability – and illustrated that there is room for productive disagreement between practitioners. He even touched on the really hard issues – sometimes, if someone really refuses to adopt they new ways, you have to let them go, although Roger Lewis pointed out in the final panel session that UK employment laws didn't make this as easy as some might like. The wrap-up panel session attracted lively discussion, although if two points really emerged, they were the vital importance of informed senior management buy-in (once again) and the importance of training as a facilitator for process improvement.
The conference is aimed at IT directors, senior managers, process improvement specialists and project managers. It consists of two main tracks and an exhibition that runs over 2 days. Listen and learn from leading speakers from the world of defence, government, finance, IT and make a difference to your company. 
Conference
preview PDF (320k)Why you should attend… The business drivers to effectively deliver software systems have never been stronger and the challenges have never been greater. Most organisations now rely on software to gain strategic competitive advantage and reduce their operating cost base. The problems of achieving these goals are compounded by rapidly changing technology and a complex legacy estate, add to the mix Off-Shoring, an aging skills base and regulatory compliance and we have a serious management challenge. "CMMI Made Practical" will show you how to use and implement CMMI to achieve real results for your organisation. Conference sessions at-a-glance. What
is CMMI?
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||
