Archive | Product Management RSS feed for this section

Categorization of CMMI Processes Area

6 Sep

Once again back with process improvement topic, when we though of process oriented organization, few of us think that it can be achieved easily but believe me it don’t happens over the night. There are teams who sweats day & night to establish a formal process and in every organizations there are people who don’t like changes but change in inevitable in nature and we must be ready for the same. CMMI is a framework for process improvement and today we are going to categories CMMI processes area.

CMMI Process area are divided into two categories respectively:

  1. Maturity Level wise
  2.  Category Level wise

Further if we categories maturity level, it can be divided into 5 maturity level. Any company or organization which is having no process is by default at level 1.

  1. Maturity Level 1 – Initial (Having no processes and nothing being followed)
  2. Maturity Level 2 – Managed
    1. Configuration Management
    2. Measurement & Analysis
    3. Project Monitoring & control
    4. Project Planning
    5. Process & Product Quality Assurance
    6. Supplier Agreement Management (SAM)
  3. Maturity Level 3 – Defined
    1. Decision Analysis & Resolution
    2. Integrated Project Plan
    3. Organizational Process Defination
    4. Organizational Training
    5. Organizational Process focus
    6. Producut Integration
    7. Requirement Development
    8. Risk Management
    9. Technical Solution
    10. Verification
    11. Validation
  4. Maturity Level 4- Quantitatively Managed
    1. Organization Process Performance
    2. Quantitative Project Management
  5. Maturity Level 5 – Optimizing 
    1. Casual Analysis & Resolution (CAR)
    2. Organizational Performance Management

If you want to divide category wise process area then it can be divided into four category ;

  1. Project Management
    1. Integrated Project Plan (IPP)
    2. Project Monitoring & Control (PMC)
    3. Project Plan (PP)
    4. Quantitative Project Management (QPM)
    5. Requirement Management (REQM)
    6. Risk Management (RM/RSKM)
    7. Supplier Agreement Management (SAM)
  2. Engineering
    1. Product Integration (PI)
    2. Requirement Development (RD)
    3. Technical Solution (TS)
    4. Validation (VAL)
    5. Verification (VER)
  3. Process Management
    1. Organizational Performance Management (OPM)
    2. Organizational Process Definition (OPD)
    3. Organizational Process Focus (OPF)
    4. Organizational Training (OT)
  4. Support
    1. Casual Analysis & Resolution (CAR)
    2. Configuration Management (CM)
    3. Decision Analysis & Resolution (DAR)
    4. Measurement & Analysis (MA)
    5. Product & Process Quality Assurance (PPQA)

If you have counted there are 22 process areas and each represent some activity in Maturity Level. If you want to learn more about these areas, I would encourage you to read my book on CMMI for Development.

 

If you are looking to hire an consultant for CMMI implementation, you can reach me on mukund002(at)gmail.com.

Advertisements

Planning & Implementing ISO 27001

3 Aug

In Today’s modern era security is still a big challenge for any sized organizations until you don’t have some form of control in place. These controls are necessary as information is one of the most valuable assets that a business owns. If you are IT services Provider and handling customers information then you must have to use security techniques such as Information Security Management System (ISMS).

What is ISMS?

In Layman term, ISMS is a framework of policies and procedures that include all legal, physical and technical controls involved in overall organization’s information risk management processes. Let us now move to the main focus area of this post which is planning & implementing ISO 27001.

Planning the Implementation 

Before implementation of ISO 27001, one needs to consider the cost of implementation, duration of the project, understanding of the model. In today’s time, every organization who wants to cut the cost without compromising the information security are looking at ISO 27001 certification as a promising means to provide knowledge about their IT security. The major cost involved in ISMS can be categorized as :

  • Internal Cost, such as resource cost including HR function, IT function, and support functions.
  • External Cost, such as consultants cost and this would be again to minimize the efforts required and reduce the cost.
  • Certification Cost, this is one of the costs which cannot be reduced as there are few companies providing certification and one has to pay the certification cost certifying bodies.
  • Implementation Cost, this can be analyzed by gap analysis and risk assessment procedure.

Another question may arise in your mind, how much time is required to complete this certification? On an average, the time four to nine months is required depending on how mature an organization is in term of Information security, and size & nature of the organizations.

As any standard practice, ISO 27001 requires a company to establish, implement and maintain a continuous improvement approach to manage its ISMS and it follows Plan-do-check-act (PDCA) Cycle.

PDCA

  1. Phase 1—Identify Business Objectives.
  2. Phase 2—Obtain Management Support.
  3. Phase 3—Select the Proper Scope of Implementation.
  4. Phase 4—Define a Method of Risk Assessment.
  5. Phase 5—Prepare an Inventory of Information Assets to Protect, and Rank Assets According to Risk and Classification Based on Risk Assessment.
  6. Phase 6—Manage the Risks, and Create a Risk Treatment Plan.
  7. Phase 7—Set Up Policies and Procedures to Control Risks.
  8. Phase 8—Allocate Resources, and Train the Staff.
  9. Phase 9—Monitor the Implementation of the ISMS.
  10. Phase 10—Prepare for the Certification Audit.
  11. Phase 11—Conduct Periodic Reassessment Audits

Conclusion: The success of ISO 27001 is its alignment with the business objectives and effectiveness in realizing those objectives. IT and other departments/functions play an important role in the implementation phase. An organization also needs to have the detailed understanding of PDCA implementation phases.

In the next article in the same series, I’ll try to explain each phases mentioned in PDCA Cycle and highlights on the importance of ISO 27001.

Thanks for reading this article, share your views.

Six Reasons to Make a Career Change

10 Dec

Career Change is very important to learn new thing and to find a significant growth. Everyone has a different thinking  on this but there is a common six reason to make a career change.
Knowing all the reasons exactly means you can address each one of them directly.
People change jobs for many …

What a Release Manager should focus on his first 90 Days

2 Dec

In my past posts, I have focused on Release Management and written lots of posts like Importance of pear process, Change Management Process, Release Management QA or Engineering and lot more. The focus of this post is about Release Manager job and What a Release Manager should focus on his first …

The Scope of E-Learning in India

28 Nov

Over the years, technology have played a key role in shaping our world. Technology is all around in every domain.  E-learning is one of the domain which have lots of potentials yet to come. This post will focus on the Socpe of E-Learning in India. It has eased the process of getting education to …

6 Things Online Retailers Can Learn From Amazon

9 Oct

This post was originally written by Jeff Oxford , an Internet marketing consultant and founder of 180 Marketing who specializes in SEO for e-commerce.
With global ecommerce sales reaching over $1 trillion in 2012, it’s easy to see why so many companies are taking their business online. One o…