History of CMM

The Capability Maturity Model was initially funded by military research. The United States Air Force funded a study at the Carnegie-Mellon Software Engineering Institute to create a model (abstract) for the military to use as an objective evaluation of software subcontractors. The result was the Capability Maturity Model, published as Managing the Software Process in 1989. The CMM is no longer supported by the SEI and has been superseded by the more comprehensive Capability Maturity Model Integration (CMMI), of which version 1.2 has now been released.

Context
In the 1970s, technological improvements made computers more widespread, flexible, and inexpensive. Organizations began to adopt more and more computerized information systems and the field of software development grew significantly. This led to an increased demand for developers—and managers—which was satisfied with less experienced professionals.

Unfortunately, the influx of growth caused growing pains; project failure became more commonplace not only because the field of computer science was still in its infancy, but also because projects became more ambitious in scale and complexity. In response, individuals such as Edward Yourdon, Larry Constantine, Gerald Weinberg, Tom DeMarco, and David Parnas published articles and books with research results in an attempt to professionalize the software development process.

Watts Humphrey’s Capability Maturity Model (CMM) was described in the book Managing the Software Process (1989). The CMM as conceived by Watts Humphrey was based on the work a decade earlier of Phil Crosby who published the Quality Management Maturity Grid in his book Quality is Free in 1979.[6][7] Active development of the model by the SEI (US Dept. of Defense Software Engineering Institute) began in 1986.

The CMM was originally intended as a tool to evaluate the ability of government contractors to perform a contracted software project. Though it comes from the area of software development, it can be, has been, and continues to be widely applied as a general model of the maturity of processes (e.g., IT Service Management processes) in IS/IT (and other) organizations.

The model identifies five levels of process maturity for an organisation:

- Initial (chaotic, ad hoc, heroic) the starting point for use of a new process.
- Repeatable (project management, process discipline) the process is used repeatedly.
- Defined (institutionalized) the process is defined/confirmed as a standard business process.
- Managed (quantified) process management and measurement takes place.
- Optimising (process improvement) process management includes deliberate process optimization/improvement.
- Within each of these maturity levels are KPAs (Key Process Areas) which characterise that level, and for each

KPA there are five definitions identified:

- Goals
- Commitment
- Ability
- Measurement
- Verification

The KPAs are not necessarily unique to CMM, representing – as they do – the stages that organizations must go through on the way to becoming mature.

The assessment is supposed to be led by an authorised lead assessor. One way in which companies are supposed to use the model is first to assess their maturity level and then form a specific plan to get to the next level. Skipping levels is not allowed.

NB: The CMM was originally intended as a tool to evaluate the ability of government contractors to perform a contracted software project. It may be suited for that purpose. When it became a general model for software process improvement, there were many critics.

“Shrinkwrap” companies are also called “COTS” or commercial-off-the-shelf firms or software package firms. They include Claris, Apple, Symantec, Microsoft, and Lotus, amongst others. Many such companies rarely if ever managed their requirements documents as formally as the CMM described in order to achieve level 2, and so all of these companies would probably fall into level 1 of the model.

Origins
The United States Air Force funded a study at the SEI to create a model for the military to use as an objective evaluation of software subcontractors. In 1989, the Capability Maturity Model was published as Managing the Software Process.

Timeline

1987: SEI-87-TR-24 (SW-CMM questionnaire), released.
1989: Managing the Software Process, published.
1990: SW-CMM v0.2, released (first external issue see Paulk handout).
1991: SW-CMM v1.0, released.
1993: SW-CMM v1.1, released.
1997: SW-CMM revisions halted in support for CMMI.
2000: CMMI v1.02, released.
2002: CMMI v1.1, released.
2006: CMMI v1.2, released.

Current state
Although these models have proved useful to many organizations, the use of multiple models has been problematic. Further, applying multiple models that are not integrated within and across an organization is costly in terms of training, appraisals, and improvement activities. The CMM Integration project was formed to sort out the problem of using multiple CMMs. The CMMI Product Team’s mission was to combine three source models:

- The Capability Maturity Model for Software (SW-CMM) v2.0 draft C
- The Systems Engineering Capability Model (SECM)
- The Integrated Product Development Capability Maturity Model (IPD-CMM) v0.98
- Supplier sourcing

CMMI is the designated successor of the three source models. The SEI has released a policy to sunset the Software CMM and previous versions of the CMMI. The same can be said for the SECM and the IPD-CMM; these models were superseded by CMMI.

Future direction
With the release of the CMMI Version 1.2 Product Suite, the existing CMMI has been renamed the CMMI for Development (CMMI-DEV), V1.2.[1] A version of the CMMI for Services is being developed by a Northrop Grumman-led team under the auspices of the SEI, with participation from Boeing, Lockheed Martin, Raytheon, SAIC, SRA, and Systems and Software Consortium (SSCI).[2] A CMMI for Acquisition (CMMI-ACQ) is also under development at the SEI.

Suggestions for improving CMMI are welcomed by the SEI. For information on how to provide feedback, see the CMMI Web site.

In some cases, CMM can be combined with other methodologies. It is commonly used in conjunction with the ISO 9001 standard. JPMorgan Chase & Co. tried combining CMM with the computer programming methodologies of Extreme Programming (XP), and Six Sigma. They found that the three systems reinforced each other well, leading to better development, and did not mutually contradict, see Extreme Programming (XP) Six Sigma CMMI.