CMMi for acquisitions versus eSCM, ISPL and other standards, part 1

-
There are several best practises, standards and other types of models & methodologies around aiming to structure complex acquisition and outsourcing engagements. Others are useful when thinking of designing the contract management/ sourcing governance framework. A couple of the models which are out there in the field:
  • CMMi for acquisitions (Carnegie Mellon University)
  • ISO/IEC 12207 (International Standards Organisation)
  • Information Services Procurement Library (European Community)
  • e-Sourcing Capability Model (Carnegie Mellon University)
  • ISlite (Gartner)

CMMi for acquisitions, ISO/IEC 12207 and ISPL were created to provide a structured approach to get:

  • the right service/product,
  • for the best price,
  • at the desired quality levels,
  • from the best vendor,
  • at or within the risk appetite of the company

In other words, these standards/methodologies provide companies insight in procuring/acquiring/sourcing products and/or services from an external vendor. The two other models are related to contract management/ sourcing governance, so basically the activities which have to be performed after the contract has been signed.

CMMi for acquisition consists of 22 process area’s: 16 core processes and 6 process area’s which are specific for acquisition. It originates from CMMI for Development v1.2 (2006) and Software Acquisition CMM v1.03 (2002) and has thus its roots in the software development area. The 22 process area’s of CMMI® for Acquisition, version 1.2 are described in 441 pages of text and to me this means it should be deployed in its full scope only for the largest and most complex/dynamic of software acquisition projects.

The standard goes (understandably) very in-dept into all kinds of (software) specific stuff and most processes will thus have only limited use for other types of acquisitions. The most generic process described is ‘solicitation and supplier agreement development’ and it provides an overview of typical steps undertaken to come from the wish to acquire to a signed contract. Other also more generic processes go into the project and risk management side of acquisitions and might thus also be applicable to other types of acquisitions/outsourcing. CMMi 4 Acq is furthermore focussed primarily on discrete software projects and it is thus not directly aimed at facilitating the outsourcing of the software development department of lets say company X.

ISO12207 is an ISO standard for software lifecycle processes and has quiet some similarities with CMMi for acquisitions as it also describes the processes and activities applied during the acquisition phase. It aims to be 'the' standard related to managing the lifecycle of software (developing and maintaining software). There are 23 processes, 95 activities, 325 tasks and 224 outcomes. Like with CMMi is the aim of this standard to create a common ground so that the client, suppliers, developers and other stakeholders can use a common language. In many other ISO standards is acquisition also a subject which is being dealt with (e.g. ISO 3977 for the design and procurement of gas turbine systems).

Both standards provide definitely elements which can be useful when acquiring other types of IT services (e.g. outsourcing network support) and even for BPO/KTO. But in that case one needs a large cup of coffee and do some cherry picking. I actually wonder whether there is still a positive business case if an organisation wants to a) perform all prescribed CMMi processes/activities at b) the highest maturity level. Like with the traditional CMM(i) used to manage internal software development projects I believe the optimum maturity level is around 3. Above level 3 the additional cost of the paper work adds less value than it costs.

Where it comes to the ISO, I agree with those which embrace it as a means to improve quality and not something to get certified against as soon as possible. I see too many companies which just ‘implement’ it in order to pass the certification and only look into their hand books three weeks before the auditors come again for a re-certification. Like with CMMi 4 Acq. pick the elements which help you to improve quality further, ignoring the rest.

More on other acquisition and sourcing models in another post.

Comments

Post a Comment

Popular posts from this blog

Beyond Two-Speed IT – Part 3

-
Summary This blog is about shifting gears and the ability to offer cars in other colors than T-Ford-black. It is the third and last part of a blog focusing on the importance of translating market and business context into the value proposition offered by IT. You can find the first part   here   and the second part   here .   FedEx and UPS dominate their markets,   again   using slightly different value propositions. Compared to UPS, FedEx offers its customer more flexibility at a slightly higher price point. More price sensitive customers opt for UPS and the more standardized value proposition that comes with it. More pronounced is the difference between Walmart and Amazon. The first has its roots in physical retail outlets while the second started as a native digital business model. Differentiation can also be observed at an operational level. Marketeers want to try new things on a daily basis, while the controllers and bookkeepers of the finance and administration (F&
Read more

Beyond Two-Speed IT – Part 2

-
Summary Markets move at different speeds and in different directions, constantly reshaping the technology-related capabilities required by the business. In the second part, the difference between Customer Intimacy strategy and Operational Excellence strategy is used demonstrate that ‘differentiation’ is more than choosing Agile over Waterfall development. The first part of this blog dedicated to market and business context is  here .   Dell was founded in 1984 and was added to the Fortune 500 in 1992. Its key to success was building direct relationships with the customer via the internet. At the time, most competitors targeting consumers via analogue sales channels, such as brick and mortar shops. Selling directly to the customer also enabled Dell to build-to-order instead of the traditional build-to-stock model. It kept waste to a minimum and allowed the customer to choose from a wide selection of configuration options. Dell’s pursued a customer intimacy strategy, cont
Read more

Beyond Two-Speed IT – Part 1

-
Summary Markets move at different speeds and in different directions, constantly reshaping the technology-related capabilities required by the business. This blog is the first in a series covering the third principle of the Digital Manifesto.   When in New York, searching for a restaurant on your mobile yields those nearest to your current location. If your search history indicates you like Chinese food, the results will highlight those. To create this kind of personalized experience, Google Now, Cortana and Siri combine several data sources, such as location and past usage patterns, to deliver a personalized experience. The capability to show the restaurants in New York instead of Moscow reduces the ‘search stress’ faced by customers and the saved time is a source of customer benefits. The business has a similar expectation. When requesting a new IT solution, the context, such as stable versus emerging market, or having little or intense competition, is at least as rel
Read more