CMMI Made Practical 2010

Written By:
Content Copyright © 2010 Bloor. All Rights Reserved.
This blog was originally posted under: The Norfolk Punt

Have you ever wondered whether a process improvement and CMMI consultancy can actually deliver results? Well, a good indicator might be if it can run a successful conference when many of the speakers have fallen foul of a volcanic ash cloud. Here Lamri, organisers of the recent CMMI Made Practical 2010 conference (of which Bloor is a sponsor) passed with flying colours. And Sigurd Heier, a Colonel in the Norwegian Army presenting on using CMMI “to lead competent persons, values, cultures and complex systems in a world of rapid change”, said, “there isn’t a letter C in Icelandic so when you wanted cash from Iceland, you got ash“, which suggests that CMMI practitioners aren’t entirely humourless. Which must be good.

Various speakers appeared in virtual form and although the “end user experience” of the Web 2.0 technology involved was, as usual, a bit variable, at its best (Paul Nielsen of the Software Engineering Institute at Carnegie Mellon University, for example, presenting on “In a World of Increasing Complexity, Process Improvement Puts You In Control”) nothing much was lost.

It was an interesting conference anyway; although largely, as usual, preaching to the converted—which is common to most technology conferences (if you don’t believe in the conference’s message in general, you are unlikely to take time off work to attend). Even so, controversial issues were raised: Mark Smith (Global Director of Quality & Client Satisfaction, Accenture) said that he didn’t see how you could run a large scale software delivery operation without being CMMI ML5 (“Maturity Level 5) whether you bothered with the official appraisal or not; but I’m not sure that I think that is entirely true, even though I think that CMMI (along with Systems Engineering discipline) is one dem’ fine approach.

I’m not sure that I see Microsoft, say, as being at particularly high maturity level overall (it seems to run lots of processes and pick whichever one works best—which implies that sub-optimal processes are in use much of the time) but it seems to be fairly successful nonetheless.

Likewise, the Q&A panel on day 1 seemed rather to discount ROI for CMMI projects: “you do it because it makes the business plan work not because it saves you money—although “doing it right first time” does save money”) seemed to be the general, although not universal, view (I don’t think Mark Smith agreed, for example). I’m not sure many CFOs will buy into that view either (outside of, perhaps, government, with political reputation risk to consider; and, also, the safety critical industries). And, most of the attendees seemed to be actively involved in CMMI initiatives, although only about half of these seemed to think that it was actually helping them survive the recession, which might be a matter for concern, since I’d have thought “doing it right first time” was quite a good message in a recession (who can afford waste these days?).

I am convinced that process improvement is good and that CMMI (used properly) is a good way to manage it, but I do meet seriously convinced sceptics in my life outside of CMMI circles. It would have been nice to have someone debating the sceptic POV at this conference. Even though many of the presentations were refreshingly honest about the issues met on the CMMI process improvement journey, there was no real failure case study from someone who had tried CMMI and failed (that is, who had given up after expending lots of money/resources). And no case study illustrating an alternative approach, delivering something equivalent to what CMMI achieves. Would this have been out of scope? Perhaps, but you can learn a lot from failure experiences and alternative approaches can tell you about what is generically accepted as useful, beyond CMMI, and this might actually help you to implement CMMI.

Nevertheless, this conference was certainly a lot more than just a “CMMI promotional” event and, as I’ve said, some genuinely interesting and innovative ideas were discussed. Kieran Doyle, a SEI Certified CMMI Lead Appraiser and Trainer from Lamri, for example, is looking at multimodel appraisals to avoid the risk of employees being “appraised to death“—spending so much time on process improvement and certification against a host of standards that they can get no productive work done for the business. SCAMPI (Standard CMMI Appraisal Method for Process Improvement) is a seriously effective appraisal method, better than most certifications (partly because it has a knowledge transfer component) and because CMMI has extensibility mechanisms, it is possible to appraise, say, ISO 27001 Security capabilities at the same time as doing a CMMI appraisal. This won’t get you the 27001 certification “badge”, but it will give you confidence that you could get the badge—and if you need the badge, make getting it easier.

Another innovation, from Accenture this time and proving that CMMI is not standing still, is the idea of a “Stay at Home” SCAMPI Appraisal, done over the phone and Internet, which cuts down on travel cost and unrealistic time constraints when assessors and assessees are on opposite side of the world. It includes a number of process tweaks to ensure that the quality of the appraisal isn’t compromised but it appraises to the same standards as an on-site appraisal.

If you see CMMI as something bureaucratic and set in stone, then you probably aren’t talking to the right CMMI practitioners. Attending “CMMI made Practical” might open your eyes.

Different viewpoints are welcome and can start discussion. In the panel session at the end of Day 2, I asked about CMMI antipatterns but only one panel member seemed to recognise the concept at first. An antipattern is a use case that seems superficially attractive but turns out to be extremely dysfunctional, usually in the longer term. An antipattern documents this “honey trap”, describes how to recognise that you’re in it and, most importantly, gives you a path pack to something more useful. The one suggested by the panel was the “death march”, as in: “we’re not getting anywhere, so let’s work much harder, doing more of the same—after all we’ve thrown so much money and resources at this it would be a shame to waste them”.

An antipattern is an instantiation of the old saw “the road to hell is paved with good intentions“. You know you’re on the Death March when you find yourself concentrating on CMMI processes and maturity level badges to the exclusion of the original vision and its business outcomes. And how to you escape from the Death March? Refocus on delivering a “quick win” against the business vision, using the CMMI processes but not worrying too much about “doing CMMI properly”. Once you’re back on track, more formal CMMIU processes will start to deliver. Even in the world of CMMI (as Kieran Doyle, for example pointed out) people don’t really want process and maturity, they want useful business outcomes. If you understand CMMI, it can help you to achieve these outcomes.

The conference presentations can be downloaded here.