Enterprise IT Maturity Assessments

Revision as of 21:26, 22 December 2017 by Invicta (Talk | contribs)

Jump to: navigation, search
Welcome to the initial version of the EITBOK wiki. Like all wikis, it is a work in progress and may contain errors. We welcome feedback, edits, and real-world examples. Click here for instructions about how to send us feedback.
Ieee logo 1.png
Acm logo 3.png


1 What Is a Maturity Assessment

Capability maturity for EIT refers to EIT's ability to reliably perform. Maturity is measured by an organization's readiness and capability expressed through its people, processes, data, and technologies and the consistent measurement practices that are in place. The organization's maturity directly relates to the ability to execute the EIT strategy; therefore, there is a need to assess maturity as an input to a realistic plan and as a guide to maturing EIT to desired levels. In other words, unless the EIT organization "knows itself," it can't make plans to do more or to improve. Adoption of "lessons learned" is a key improvement strategy. Mature EIT organizations collect lessons learned during each project as it is executing and build the results into organizational improvements on a regular basis. When reviewed and areas prioritized by management, a maturity assessment is an input to the EIT strategy formulation, because its results may highlight its performance constraints.

Maturity assessment involves scoring the organization against defined criteria and a ranking scheme. This assessment is generally organized in ascending steps with strategies on how to move up the maturity scale. Scales are often defined in a 1–5 range that indicates increasing levels of maturity. Some schemes allow for scoring that includes decimal points (such as 2.5). A common scheme defines the five levels in the following way:

  1. Performed—Activities are performed in an ad hoc manner.
  2. Managed—Activities are performed with managed processes.
  3. Defined—Activities are defined so the organization can perform them in a uniform manner.
  4. Measured—Oversight is given to the performed activities to ensure performance and uniformity.
  5. Optimized—Continuous improvement processes are in place on the defined and measured processes.

A typical description of organizational maturity was developed by Stanford's SLAC National Accelerator Laboratory, as shown in the table below.

Skill Level 1
Level 2
Level 3
Level 4
Level 5
  • Success depends on individual heroics
  • "Fire fighting" is a way of life
  • Relationships between disciplines are uncoordinated, perhaps even adversarial
  • Success depends on individuals and management system supports
  • Commitments are understood and managed
  • People are trained
  • Project groups work together, perhaps as an integrated product team
  • Training is planned and provided according to roles
  • A strong sense of teamwork exists within each project
  • A strong sense of teamwork exists across the organization
  • Everyone is involved in process improvement
  • Few stable processes exist or are used
  • Documented and stable estimating, planning, and commitment processes are at the project level
  • Integrated management and engineering processes are used across the organization
  • Processes are quantitatively understood and stabilized
  • Processes are continuously and systematically improved
  • The introduction of new technology is risky
  • Technology supports established, stable activities
  • New technologies are evaluated on a qualitative basis
  • New technologies are evaluated on a quantitative basis
  • New technologies are proactively pursued and deployed
  • Data collection and analysis are ad hoc
  • Planning and management data is used by individual projects
  • Data is collected and used in all defined processes
  • Data is systematically shared across projects
  • Data definition and collection are standardized across the organization
  • Data is used to understand the process qualitatively and stabilize it
  • Data is used to evaluate and select process improvements

Periodic reassessments are performed to gauge progress against the baseline assessment and prior periods. Adjustments to the efforts to maintain and improve maturity can then be made against possible strategic priority changes, governance initiatives, and roadmap resets.

Maturity assessments on internationally recognized frameworks generally involve external auditors with certification and recertification requirements. Engagement in the maturity assessment and improvement process requires a minimum level of organization self-awareness to the issues and commitment to the improvements necessary. A cultural readiness, resistance, and capability assessment may be built into a maturity assessment. The set of standards centered round ISO/IEC 33001 attempt to provide an overall general structure for process assessment related to software development.

1.1 Capability Maturity Model Integration (CMMI)

Capability Maturity Model Integration (CMMI) [1] is a standard reference model for process improvement with cross-sector applicability with special focuses:

  1. Product and service development—CMMI for Development (CMMI-DEV)
  2. Service establishment, management—CMMI for Services (CMMI-SVC)
  3. Product and service acquisitionCMMI for Acquisition (CMMI-ACQ)
  4. Data management—CMMI for Data (CMMI-DMM)

1.2 People Capability Maturity Model

In addition, the CMMI Institute provides the People CMM (https://www.sei.cmu.edu/reports/09tr003.pdf), which describes five levels of maturity for workforce management. It progresses from inconsistent management, to people management, to competency management, to capability management, and ends with continually improving management practices. It is designed for continuously improving individual competencies, developing effective teams, motivating improved performance, and shaping the people capabilities the organization needs to accomplish its future plans.

1.3 IT-Capability Maturity Model (IT-CMF)

Getting better at EIT strategy and governance requires both organizational change in how EIT is managed and the development of individuals. The IT-Capability Maturity Model (IT-CMF) takes an organizational management approach to improving EIT capability rather than one focused on processes and thus is very complimentary to CMMI. IT-CMF (https://ivi.ie/) helps organizations measure, develop, and monitor their EIT capability maturity progression for maximum benefit in their particular context. It consists of 35 EIT management capabilities and these are organized into four macro capabilities: managing EIT like a business; managing the EIT budget; managing the EIT capability; amd managing EIT for business value. Its 35 critical capabilities (CCs) are described as "A defined EIT management domain that helps mobilize and deploy EIT-based resources to effect a desired end, often in combination with other resources and capabilities". [2] Each has five different levels of maturity starting from "initial" and going up to "optimizing." The IT-CMF includes questionnaires to assess current maturity and a suite of practice recommendations to improve maturity.

2 References

[1] Capability Maturity Model Integration (CMMI) Version 1.2 Overview, http://www.sei.cmu.edu/library/assets/cmmi-overview071.pdf, Software Engineering Institute, Carnegie Mellon University, 2007.

[2] IT Capability Maturity Framework (IT-CMF): The Body of Knowledge Guide. 2015. Eds. Martin Curley, Jim Kenneally, Marian Carcary. Van Haren Publishing.