Operationalising CMMI: integrating CMMI and CoBIT perspective

– The use of capability maturity model integration (CMMI) on its own can be problematic for the organisation because it does not provide a roadmap to implementation or identification of key process improvement areas, but instead only provides the goals for each level of implementation. Addition of another framework such as control objectives for information and related technology (CoBIT) can add the required operational data, but poses some unique challenges for implementation. However, the integration of Information Technology Infrastructure Library (ITIL), CoBIT, and ISO/IEC 22007 provides a roadmap to the integration of CMMI and CoBIT. The purpose of this paper is to discuss this co‐implementation and integration of the two frameworks, as well as the underlying framework of a new proposed integration model., – A literature review approach is used to address issues that have evolved from the empirical literature regarding the integration of CMMI and ITIL with other standards and determining whether this approach can be applied to the integration of CMMI and CoBIT as well. This literature review also provides insight into roadblocks to the implementation and structural improvements for CMMI., – The literature review demonstrated that the integration of CMMI and CoBIT could potentially be performed using the same techniques used in integrating ITIL and CoBIT, which provides a valuable guideline for further research into this area. However, further work will be required in order to determine the specifics of integration., – The paper adds to the existing literature by discussing the integration of CMMI and CoBIT and examining how these two frameworks can work together in order to create the basis for a new integration model.

[1]  D. Ross Jeffery,et al.  An exploratory study of why organizations do not adopt CMMI , 2007, J. Syst. Softw..

[2]  Mark Staples,et al.  Systematic review of organizational motivations for adopting CMM-based SPI , 2008, Inf. Softw. Technol..

[3]  Rory O'Connor,et al.  Investigating software process in practice: A grounded theory perspective , 2008, J. Syst. Softw..

[4]  Chong-Won Lee,et al.  A unified model for the implementation of both ISO 9001: 2000 and CMMI by ISO-certified organizations , 2006, J. Syst. Softw..

[5]  Krunoslav Kraljevic,et al.  IT and business process performance management: Case study of ITIL implementation in finance service industry , 2008, ITI 2008 - 30th International Conference on Information Technology Interfaces.

[6]  Paul L. Bannerman,et al.  Risk and risk management in software projects: A reassessment , 2008, J. Syst. Softw..

[7]  Harold F. Tipton,et al.  Information security management handbook, Sixth Edition , 2003 .

[8]  Matthias Goeken,et al.  IT Governance Frameworks as Methods , 2008, ICEIS.

[9]  Timothy Iijima IT industry standards: Which ones to use? , 2007 .

[10]  Sun-Jen Huang,et al.  Selection priority of process areas based on CMMI continuous representation , 2006, Inf. Manag..

[11]  Christiane Gresse von Wangenheim,et al.  Experiences on establishing software processes in small companies , 2006, Inf. Softw. Technol..

[12]  James P. Lewis,et al.  Fundamentals of Project Management , 1995 .

[13]  Jeannine Siviy,et al.  Using Six Sigma to Accelerate the Adoption of CMMI for Optimal Results , 2004 .

[14]  Matthew J. Fisher,et al.  Software Acquisition Capability Maturity Model (SA-CMM) Version 1.02 , 1999 .

[15]  Don-Lin Yang,et al.  Applying UML and software simulation for process definition, verification, and validation , 2008, Inf. Softw. Technol..

[16]  Shamsul Sahibuddin,et al.  Combining ITIL, COBIT and ISO/IEC 27002 in Order to Design a Comprehensive IT Framework in Organizations , 2008, 2008 Second Asia International Conference on Modelling & Simulation (AMS).

[17]  Christof Ebert,et al.  Effectively utilizing project, product and process knowledge , 2008, Inf. Softw. Technol..

[18]  Chang-Shing Lee,et al.  Ontology-based Intelligent Decision Support Agent for CMMI Project Monitoring and Control , 2006, NAFIPS 2006 - 2006 Annual Meeting of the North American Fuzzy Information Processing Society.

[19]  Gary Hardy,et al.  Using IT governance and COBIT to deliver value with IT and respond to legal, regulatory and compliance challenges , 2006, Inf. Secur. Tech. Rep..

[20]  Mordechai Ben-Menachem,et al.  Review of "CMMI: guidelines for process integration and product improvement by Mary Beth Chrissis, Mike Konrad and Sandy Shrum." Addison Wesley 2003 , 2004, SOEN.

[21]  Mohammad Sharifi,et al.  Lessons learned in ITIL implementation failure , 2008, 2008 International Symposium on Information Technology.

[22]  Matthias Goeken,et al.  Representing IT Governance Frameworks as Metamodels , 2008, CSREA EEE.

[23]  Juha Mykkänen,et al.  An evaluation and selection framework for interoperability standards , 2008, Inf. Softw. Technol..

[24]  Mary Beth Chrissis,et al.  CMMI: Guidelines for Process Integration and Product Improvement , 2003 .

[25]  Didar Zowghi,et al.  A Maturity Model for the Implementation of Software Process Improvement: an Empirical Study , 2022 .