Your SlideShare is downloading. ×
CMMi & IT Governance
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

CMMi & IT Governance

7,229
views

Published on

this presentation is about the relation ship between CMMI & IT Governance

this presentation is about the relation ship between CMMI & IT Governance

Published in: Education, Business, Technology

1 Comment
3 Likes
Statistics
Notes
No Downloads
Views
Total Views
7,229
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
673
Comments
1
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Presentation by, Chandrima Das (07030241006) Raveesh Goswami (07030241024) Sampreeth Agara (07030241029) Sourabh Soni (07030241032) Surbhit Bansal (07030241033) Vijay Chakule (07030241035)
  • 2. What is CMMI??
  • 3. IT Governance & Benefits:
  • 4. How CMMI bridges gap
  • 5. Decision Rights, Communication and Accountability:
    • IT Governance at its essence is about decision-making and communications.
    • The need stems from need of organizations to make good decisions and communicate them effectively.
    • Poor outcomes force org. to review the decisions made and place structures supporting better decisions.
    • The decisions can be: -
      • Whether to invest in a new initiative.
      • Approve an annual report
      • Provide access to sensitive data
      • Include software code in a release .
      • Project funding, project content management, architecture content.
      • Quality management that are made in the course of executing the processes.
  • 6. How CMMI helps:
    • Possible to establish enforceable governance decisions within the processes of an organization.
    • Helps in demonstrating to the business what is working and what is not,
    • How those processes may be changed to create greater benefit to the business.
    • Briefly, we say the  governance process  is applied to the  governed processes.
    • Example : - Operation metrics specifications  daily basis for exerting control on the business processes.
    • An example: - daily average response time. For the developing organizations, code churn -- the frequency of changes in program source code -- would be an operational measure but without proper methods that would lead to improper decision making about company’s growth.
  • 7. Benefits to the Organization:
    • Process Improvement- monitored against historical data, creation of a viable, improvable process infrastructure, focus on defining and following its processes.
    • Quality products/Services- Quality products are a result of quality processes.
    • Value for Stakeholders- Quality products, predictable schedules, and effective measures to support management in making accurate and defensible forecasts.
    • Employer of Choice- Emphasizes training, both in disciplines and in process, Engg. Comfortable.
    • Enhanced Customer Satisfaction- Meeting cost and schedule targets with high-quality products.
    • Increase in market share- Improves estimation reducing variability to enable better & accurate bids. Meeting of quality goals.
    • Cost Savings- Historical data collected to support project estimation
  • 8. Examples of CMMI impact-ROI
    • Accenture- 5:1 ROI for quality activities.
    • Raytheon: Avoided $3.72M in costs due to better cost performance.
    • Siemens: 2:1 ROI over 3 years with benefits amortized over less than 6 months.
    • Northrop Grumann:
    • 13:1 for defects avoided per hour spent in training and defect prevention. $3.9 B Estimated 2003 Sales after CMMI 5 certification.
    • Northrop Grumman Mission Systems focused on the long-term culture change: -
      • More data-driven decision making
      • Identifying and meeting the customers’ needs
      • Disciplined project management
      • Improved engineering first-time quality to reduce re-work
      • Efficient organizational infrastructure
      • Use of industry best-practices
      • Capturing of internal best-practices
  • 9. Costs and Benefits of CMMI:
  • 10.  
  • 11. CMMI and COBIT:
    • CMMI is the perfect complement to COBIT.
    • COBIT pinpoints the need for certain controls and CMMI puts them into place.
    • CMMI is very detailed and geared mostly to software development.
      • Focuses on continuous improvement.
      • Can be used for self-assessment.
  • 12. COBIT and CMMI: contd..
    • COBIT Processes addressed by CMMI are
    • Plan and Organize (3 out of 10 C Objectives)
    • Acquire and Implement (3 out of 7 C Objectives)
    • Deliver and Support (4 out of 13 C Objectives)
    • Monitor and Evaluate (1 out of 4 C Objectives)
    COBIT Relationship with CMMI Plan and Organize Provides better support for objectives with greater project focus such as requirements, risks, quality and project Management Acquire and Implement Provides excellent coverage for achieving and implementation objectives Delivery and Support Project Management processes can be translated to support management of service levels, third parties, capacity, problems and data Continuous operation and user support services are not well covered Monitor Provides for monitoring functions at the project level. Does not involve audit controls at the organization level
  • 13. 10 Threats to Sarbanes-Oxley Compliance ( * According to Deloitte) :
    • 1.Lack of an enterprise-wide, executive-driven internal control management program
    • 2. Lack of a formal enterprise risk management program
    • 3. Inadequate controls associated with the recording of non-routine, complex, and unusual transactions
    • 4. Ineffectively controlled post-merger integration
    • 5. Lack of effective controls over the IT environment
    • 6.Ineffective financial reporting and disclosure preparation process
    • 7. Lack of formal controls over the financial closing processes
    • 8. Lack of current, consistent, complete and documented accounting policies and procedures
    • 9. Inability to evaluate and test controls over outsourced processes
    • 10. Inadequate board and audit committee understanding of risk and Control
  • 14. How CMMi helps in the aligning of business goals and IT goals:
    • Where RM, PP, PMC, SAM, M&A, PPQA, OT, DAR, OID, CM, RD, TS, PI, Ver, Val, IPM, OPP, OID, CAR are the process areas of CMMi.
  • 15. CMMI and ITIL:
    • Implementing CMMI and ITIL improves the Software Development Process and Software Quality and reduces the Cost Of Quality (COQ).
    • Time to market reduced and precision in estimation of effort and cost enhanced.
    • CMMi is the de facto quality standard for SDLC.
    • ITIL for many is the tool of choice for the operations and infrastructure side of IT
    • CMMI doesn't address IT operations issues (security, change and configuration management, capacity planning, troubleshooting and service desk functions). This is why ITIL is used.
  • 16.
    • Digite’s case:
    • With their CMMI implementation, they also answered the questions regarding the scope of mapping between ITIL & CMMI practices.
    • Thus ,CMMI to ITIL is a obvious graduation.
    CMMI and ITIL : A case CMMI processes areas ITIL processes that CMMI maps
    • Project Planning
    • Project Monitoring and Control
    • Integrated Project Management
    • Measurement & Analysis
    • Configuration Management
    • Requirement Management/Development
    • Risk Management
    • Validation
    • Product Integration etc
    • Problem Management
    • Helpdesk
    • Incident Management
    • Change Management
    • Configuration Management
    • Service Level Management
    • Planning and Control
    • Contingency Planning
    • Security Management
  • 17. Synergy b/w ITIL CMMi & 6 sigma:
  • 18. CMMI Vs ISO 27000 CMMI ISO 27000
    • Organizations cannot be CMMI certified.
    • An organization is appraised and is awarded a 1-5 level rating.
    • (CMMI) is a process improvement approach.
    • Covers practices for planning, engineering, and managing software development and maintenance
    • CMMI best practices are published in documents called models.
    • Each model address a different area of interest.
    • These key practices improve the ability of organizations to meet goals for cost, schedule, functionality, and product quality.
    • Adapted to each individual organization according to its business objectives.
    • Organizations can be ISO 27000 certified.
    • It is for a family of information security management standards.
    • In series of 27001 – 27000+.
    • Provides uniformity and consistency throughout the ISMS family.
    • Provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an ISMS.
  • 19. Gap still prevails even after applying standards like CMMI
    • Process :
      • Process inconsistency is the key driver of waste in development.
      • CMMI do not address other sources of waste such as availability of right resources at right time and complexity of architecture.
    • Metrics :
      • Focuses on measuring key performance indicators in development same as business measure productivity.
      • Helpful in environments with mature and well documented frameworks.
      • Do not measure the waste that may occur in early stages of development.
    • Technology :
      • Technology used in development primarily focuses on automation such as code generation, documentation and version control.
      • Does not address the fundamental behavioral and cultural aspects that are necessary to improve the productivity.
  • 20.
    • THANK YOU