Process capability assessments in small development firms

[Abstract}: Assessment-based Software Process Improvement (SPI) programs such as the Capability Maturity Model (CMM), Bootstrap, and SPICE (ISO/IEC 15504) are based on formal frameworks and promote the use of systematic processes and management practices for software development. These approaches identify best practices for the management of software development and when applied, enable organizations to understand, control and improve development processes. The purpose of a SPI assessment is to compare the current processes used in an organization with a list of recommended or ‘best’ practices. This research investigates the adoption of SPI initiatives by four small software development firms. These four firms participated in a process improvement program which was sponsored by Software Engineering Australia (SEA) (Queensland). The assessment method was based on SPICE (ISO/IEC 15504) and included an initial assessment, recommendations, and a follow-up meeting. For each firm, before and after snapshots are provided of the capability as assessed on eight processes. The discussion which follows summarizes the improvements realized and considers the critical success factors relating to SPI adoption for small firms

Enterprise information security policy assessment - an extended framework for metrics development utilising the goal-question-metric approach

Effective enterprise information security policy management requires review and assessment activities to ensure information security policies are aligned with business goals and objectives. As security policy management involves the elements of policy development process and the security policy as output, the context for security policy assessment requires goal-based metrics for these two elements. However, the current security management assessment methods only provide checklist types of assessment that are predefined by industry best practices and do not allow for developing specific goal-based metrics. Utilizing theories drawn from literature, this paper proposes the Enterprise Information Security Policy Assessment approach that expands on the Goal-Question-Metric (GQM) approach. The proposed assessment approach is then applied in a case scenario example to illustrate a practical application. It is shown that the proposed framework addresses the requirement for developing assessment metrics and allows for the concurrent undertaking of process-based and product-based assessment. Recommendations for further research activities include the conduct of empirical research to validate the propositions and the practical application of the proposed assessment approach in case studies to provide opportunities to introduce further enhancements to the approach

IT process architectures for enterprises development: A survey from a maturity model perspective

During the last years much has been published about IT governance. Close to the success of many governance efforts are the business frameworks, quality models, and technology standards that help enterprises improve processes, customer service, quality of products, and control. In this paper we i) survey existing frameworks, namely ITIL, ASL and BiSL, ii) find relations with the IT Governance framework CobiT to determine if the maturity model of CobiT can be used by ITIL, ASL and BiSL, and (iii) provide an integrated vista of IT processes viewed from a maturity model perspective. This perspective can help us understand the importance of maturity models for increasing the efficiency of IT processes for enterprises development and business-IT alignment

Identification of Risks in the Course of Managing the Deep Sea Archeological Projects Using Marine Robotics

An analysis is conducted of the basic risks that occur when managing the projects of deep-sea archeological research. It is proposed to consider possible risks of such projects in the form of a general set of risks that contains subsets of the identified and unidentified risks. Based on the generalization of existing experience of conducting underwater archaeological research and with regard to the peculiarities of their execution by using TV-controlled unmanned underwater vehicles, the main risks of such operations are identified. A classification of risk factors is proposed, which takes into account weather and hydrological conditions in the area of operations, peculiarities of the underwater situation, technological and technical provision of underwater archaeological research, possible obstacles from the navigation in the explored area and errors in geographical coordinates of fulfilled work, as well as the human factor. Additionally, environmental, organizational and financial risks, which the project team is aware of, are defined as directly related to planning the projects of deep-sea archeological research. A generalized risk register is developed of the projects\u27 deep-sea archaeological studies as theoretical foundation for designing the models of risk management and their quantitative evaluation when planning financial and temporal resources for such projects

Comparative study of design: application to Engineering Design

A recent exploratory study examines design processes across domains and compares them. This is achieved through a series of interdisciplinary, participative workshops. A systematic framework is used to collect data from expert witnesses who are practising designers across domains from engineering through architecture to product design and fashion, including film production, pharmaceutical drugs, food, packaging, graphics and multimedia and software. Similarities and differences across domains are described which indicate the types of comparative analysis we have been able to do from our data. The paper goes further and speculates on possible lessons for selected areas of engineering design which can be drawn from comparison with processes in other domains. As such this comparative design study offers the potential for improving engineering design processes. More generally it is a first step in creating a discipline of comparative design which aims to provide a new rich picture of design processes

Planning effort as an effective risk management tool

In project management, high levels of risk are considered to be a significant obstacle for project success. This paper investigates whether improving the project plan can lead to improved success for high-risk projects. A quality of planning index was designed to explore how the presence of high risk affects the quality of planning and project success. The index includes managerial aspects such as costs, human resources, procurement and quality, as well as organizational support aspects based on organization maturity models. In a field study based on data collected from 202 project managers regarding their most recent projects, it was found that the levels of risk at the beginning of projects has no effect on their final success. Drilling down to find an explanation for this surprising phenomenon, we found that in the presence of high risk, project managers significantly improve their project plans. Hence, in high-risk projects, better project plans improve all four dimensions of project success: schedule overrun, cost overrun, technical performance and customer satisfaction. However, in low-risk projects, better project plans did not contribute to reducing schedule or cost overruns. In other words, while endless risk management tools are developed, we found that improving the project plan is a more effective managerial tool in dealing with high-risk projects. Finally, the paper presents the most common planning tools currently being used in high-risk projects

Using software development progress data to understand threats to project outcomes

Peer reviewe