|Tips & Tricks.|
For historical and comparative reasons we keep this information, but some time ago we published the updated account of CMMi organizations in Mexico and the world, during mid-September of 2015. As a summary, during the Fall of 2015, there were 5,014 appraisals distributed among 83 countries, of which the top 10 includes China, the United states, India, Mexico, Spain, South Korea, Brazil, Colombia, Japan and France. Without further preamble, we present the original document…
The software industry has expanded dramatically, due to among other things, lower hardware costs and the need for information systems and Internet presence just to stay competitive. There is however, a problem that has plagued the industry since its inception: the subject of quality. There are few approaches, standards or best practices, which have resulted on hundreds of software engineers, project managers and academics struggling to find a solution against ongoing projects that fail to meet expectations, get delayed or consume more budget than it was initially granted. However, one of the most recent quality models with greater acceptance is the so-called Capability Maturity Model Integration – CMMI.
The origins of CMMI
In the early 1980’s several projects commissioned by the U.S. Department of Defense (DoD) failed impressively: the suppliers responsible for carrying out these projects extended their allocated budget and time beyond what was initially envisioned, if they came to completion at all. Note at that time, all projects requested by the United States Government – including its armed forces – selected the bidding winner just based on price.
So, the DoD was forced to found the Software Engineering Institute (SEI), operated by the Carnegie Mellon University and its primary mission consisted on identifying a maturity framework or model with which the ability of a company to build software could be judged. By 1987 the institute had developed the Capability Maturity Model (CMM). In 1991, version 1.0 of the CMM for software development (SW-CMM) was released by the SEI, thus more than 30,000 people from approximately 2,400 organizations were able to certify their companies on CMM, being able to participate in U.S. Government biddings, now mostly basing its bidding decisions on the participants’ maturity level. On 1997 works were begun to update the CMM and incorporate international standards. On 2000 the first version of this new model was released, now referred to as CMMI:
In short, CMMI is a process improvement methodology, NOT a software development methodology, project management methodology or software life cycle management methodology. Basically, CMMI is a checklist where the division, project or company to be certified has to deliver the expected artifacts for each level of maturity. Currently, there are five levels of maturity covered by the model, allowing to identify companies that are “too green” from those that can be trusted, with relative authority, to deliver projects of high complexity and risk. The following table shows the five levels and process areas that are evaluated within each level:
According to the certification level some documents or evidence will be required, to prove the assessed processes are underway. For example, the CMMI Level 2 assessment requires reviewing the process area known as Project Planning (PP). It requires to show proof of the relevant activities, related to the following Specific Objectives (SO) and Specific Practices (PE):
Stressing again that CMMI is neither a management nor development methodology; it assumes that the company or area to be certified already possesses the necessary standards to check the maturity level, so the certification will not request an artifact from a specific methodology. However, only for reference: if we were properly implementing RUP in conjunction with the PMBOK in our projects, we should have a nearly-effortless successful evaluation for CMMI-2 and would have a small share of the points covered by CMMI-3.
Why is CMMI so important?
In short: big bucks. Originally, CMM and CMMI were thought as process methodologies that would allow many software development companies to be suppliers of the U.S. government – and we all know it can be very generous, especially on defense contracts. However, CMMI is steadily becoming a standard that can be used to promote the ability to develop safety-critical software, or it can give a competitive advantage if we so wish to participate in projects of high complexity and risk, which for obvious reasons, have a high price and very good profits. For example, Boeing, General Dynamics, IBM, Lockheed Martin, Motorola, Raytheon and Toshiba are some of the companies that have achieved a Level 5 of CMMI, which opens the door to projects in the range of tens or hundreds of millions of dollars.
Who are certified in CMMI in the world?
As of July 22, 2010, there were 3,060 active certifications provided by the SEI (see the complete list here). Many of these are shared by several countries, as some portion of the project, area or certified company takes part on a decentralized manner. For example, the EADS corporation (European Aeronautic Defense and Space Company) is a European conglomerate which certified its Defense and Communications Systems division (DCS) on the second level of CMMI on June 10, 2009. This certification is shared by Germany, France, the UK and Finland, because certain areas of research and development are split among these four countries. So, there are 3,135 certifications granted to 72 countries worldwide. The top 10 countries with these certifications are, not surprisingly, taken by some of the world’s largest economies:
There are some comments worth mentioning:
• It’s impressive to see how China is taking over the world: with little more than a third of the globally issued certificates (1,048), the future is theirs.
• The United States and Canada group together 702 certifications, many of them shared; this consolidates this region of North America as a single power that even then, is small compared with the vast number of certifications that China possesses.
• Europe has 371 certifications, from which just over one third (131) are from Spain, the most advanced country in this regard.
• Latin America is becoming significant as a whole: with Brazil (98) and Mexico (70) leading the region, they have 280 issued certifications. Latin American countries that have some certification include Argentina (47), Chile (26), Colombia (18), Peru (10), Uruguay (4), Costa Rica (4), Guatemala (1), Panama (1), Paraguay (1), El Salvador (1) and Venezuela (1).
• The sad reality for sub-Saharan Africa is that they still remain far behind the rest of the world; currently they have just 5 certifications, contributed by South Africa (2), Ghana (1), Mauritius (1) and Malawi (1).
• Finally, the mystery case: Russia has only 4 certifications. However, it shows these awards were required to capture dollars: MERA Networks, the Moscow Boeing Design Center, Auriga Inc. and Reksoft Co.Ltd. are the Russian companies that have this kind of certification.
The Mexican case
At present we have 70 institutions certified before CMMI in Mexico, from which three are shared along with Argentina and the United States:
What I find remarkable is that in Mexico there are five Level-5 CMMI certifications, leaving the country ahead of most other nations in regard to this level of maturity, with the exception of India (63), the United States (40) and China (20). This means that although there are still few companies with CMMI, we have a high level there. This is also substantiated by the fact that unlike those countries, most Mexican companies are certified by the organization as a whole, not just a specific division or project.
On the other hand, it is quite noticeable how centralized is the software industry in Mexico, for almost all certifications are agglomerated around the Distrito Federal (22) and the states of Nuevo Leon (12), Sinaloa (11) and Jalisco (8). Guanajuato and Queretaro contribute with 4 certifications each; Chihuahua, Coahuila and Puebla contribute with 2 certifications by state. Finally, in Sonora, Aguascalientes, Baja California and Yucatan there is one company certified by each state. The surprise here is Sinaloa, as it has surpassed Jalisco (and its Mexican Silicon Valley) by number of certifications. More so when Sinaloa is traditionally viewed as a farming, cattle raising or tourism-driven state. Way to go for the Sinaloans!
CMMI serves not only as a platform to promote ourselves before a global market; the fact that the most important companies and technology institutions in the world such as NASA, Siemens, T-Systems, Samsung and Accenture have a certification of this type means it DOES help as a model of process improvement to develop products and services with high quality standards. In fact, companies that are not on this list tend, for better or worse, to disappear or be bought by the competition. The harsh reality of competition in the business environment: