In today’s competitive scenario, various international standards and models such as CMMI, ISO 9001 and ISO 27001 not only provide a clear competitive advantage in the marketplace, they also help companies streamline their processes to achieve better quality and productivity. However, implementing multiple models can create significant challenges and confusion in the practicing community if it is not well thought out and not approached with the right set of tools.

Business needs for multiple models and standards
Organizations need to comply with multiple models and standards such as ISO 9001, CMMI, PCMM, ISO 27001/BS7799, ISO 20000/ITIL, etc. due to competitive, customer, and legal requirements, to ensure high quality and improve productivity by reuse, and to establish various business policies and procedures. Most companies manage this through multiple discrete management systems like QMS, ISMS, HR Processes, etc. Most systems are word or HTML based.

Key expectations from ISO 9001
ISO 9001 as an International Standard for Quality Management System (QMS) which expects a documented Quality Management System, management to show commitment through quality, policy, and objectives, besides adequate resources, proper processes for product realization, and a system to ensure measurement, analysis and improvement. ISO 9001 expects an Internal Audit mechanism to be in place. ISO 9001 has 6 mandatory processes and 19 mandatory records. Most medium sized companies will have 30 to 40 processes and 30 to 40 various kinds of data maintained.

Key expectations from ISO 27001
ISO 27001 as an International Standard for Information Security Management System (ISMS) which expects a documented ISMS, management to show commitment through security policy and provide adequate resources, proper processes for managing information security, and a system to ensure measurement, apart from analysis and improvement for information security. Similar to ISO 9001, ISO 27001 expects an Internal Audit mechanism to be in place. ISO 27001 has 5 mandatory processes. Most medium sized companies will have 15 to 20 IT processes, 15 to 20 information security related policies and 10 to 15 various kinds of data maintained.

Key expectations from CMMI Level 5
CMMI is a model developed by Software Engineering Institute, Carnegie Mellon University, as a collection of Best Practices for software development and maintenance. Similar to ISO 9001, CMMI expects a documented Project and Process Management System, management to show commitment through various policies, periodic reviews, provide adequate resources, proper processes for product realization and a system to ensure measurement, in addition to analysis and improvement. Most companies that follow CMMI have 30 to 40 processes and 30 to 40 various kinds of data maintained. The emphasis is on Quantitative Project and Process Management through Statistical Process Control.

Challenges of multi-model implementation
When we combine all these models, we get more than 1,500 requirements, 80 processes, 50 policies, 60 data, 20 trainings, multiple audits, and assessments for projects. Also, multiple models create quite a bit of confusion of terminology such as “Document Control” in ISO 9001 becomes “Configuration Management” in CMMI, “Corrective and Preventive Actions” in ISO 9001 becomes ‘Causal Analysis and Resolution” in CMMI.

Software projects face challenges on ever increasing demands on schedule, quality, productivity, staffing, and attrition. At the same time, the process group which is responsible for implementing processes faces challenges such as fast pace of model introduction and changes, lack of appropriate data management system resulting in serious data integrity issues, and poor process compliance. They also face problems of SQA staff recruitment, mentoring, and attrition.

All these models expect more than 20 types of trainings to be conducted for developers, project managers, and other stakeholders compounding the challenges of implementation.

Some practical scenarios
A very large IT products and services company had 29 different trackers to collect project data for CMMI Purpose. Another large software services firm had a 26 tab Excel workbook to collect metrics data every month. Most project managers feel the return on effort they put in process implementation is negligible and are largely compliance driven. Most project managers spend 2 to 4 person-days a month in just preparing various kinds of reports.

Root causes for implementation challenges
Some of the root causes behind such a situation are treating each model as a separate initiative, difficulty in integrating multiple models/standards into one improvement program, lack of comprehensive integrated project data management system, excessive emphasis on documenting and assessing processes, one size fit all approach, and dogmatic view of process implementation.

Best practices in multiple model implementations
Organizations that have been successful in integrating multiple models have developed integrated project management system, which helps consolidation of all project related data. They have successfully integrated quality, security and HR management system.

Successful organizations have also developed cross-functional teams to ensure process implementations are ingrained into all functions and divisions of the organization rather than remaining the sole responsibilities of the progress group. They seek regular feedback from delivery management regarding process expectations and performance against them. Organizations also promote Best Practice councils in the areas of process management, project management, configuration management, etc. to disseminate process best practices across the organization.

Another aspect that organizations should keep in mind is simplifying processes as much as possible and make them role and context based. When implementing a new standard, take holistic view of all processes, maintain ongoing coordination between various standard implementation teams, tailor processes as per project complexity, and integrate all audits. Successful companies have moved into Blended Learning to take benefits of E-Learning. They have developed mechanisms to help project management community take benefit of process implementations such as developing better estimation models with data collected.

Summary
Implementing multiple models is definitely a difficult task. However, with suitable supporting systems in place and an integrated view of processes, organizations can overcome the challenges successfully.

The author is Founder and Principal Consultant, Adaptive Processes Consulting. He can be reached at lnmishra@adaptiveprocesses.com