Which of these certifications is the best for a sofware company?
Printable View
Which of these certifications is the best for a sofware company?
Hi ,
IMHO , ISO or CMM is mostly relevant for service organization or product development companies ( contract ) who work for defence agencies or Overseas development centeres.
To have a process in place , all organizations ( at least in india ) start with ISO. ISO has got the advantage that there will be survilence audit and it is given for a stipulated period only. Once an organization has practiced ISO for at least 2 years , they can judge the maturity of the process by CMM level 3 audit . ( i have seen some companies going straightaway for five. It is equivalent to going to a college just a certificate. )
CMM , once accessed , is a permanent thing. But ISO practices are to be followed so as to ensure process integrity and maturity.
We need both , if we are serious about Process quality.
Praseed Pai
www.praseedpai.com
ISO9000 + Six Sigma
well ISO standards were good in the beginning, now CMM is used (best to have). CMM has even a new successor called CMMI
Voted for ISO 9001.
I don't know very much about CMM, but somebody told me that CMM Level 5 means you have nomore bugs reported by the client.
Is this posssible :confused:
Sounds like SF.
Hi ,
CMM is to assess the maturity of the process followed in an organization. The whole process is divided into KPAs ( Key process areas ). KPAs are distributed
into following five phases
Initial
Repeatable
Defined
Managed
Optimizing
It will help to ensure that things are predictable.
>
>but somebody told me that CMM Level 5 means you have nomore bugs reported >by the client.
>Is this posssible
>Sounds like SF.
>
CMM ( at least as specified by SEI ) does not claim it.
Six sigma initiative is to minimize the error . ( 3 bugs for 10,00,000 LOC etc )
Praseed Pai
www.praseedpai.com
Thanks everybody voted and added comments to this poll!
To Praseed Pai:
It seems to be a typing error in your last post.
May I understand 3 bugs for 10,000,000 LOC?
Is it possible? Of course, excepting the case when those10.000.000 are blank lines. :DQuote:
Originally Posted by SOCM_FP_CPP
Hi ,
>
>PadexArt
> Is it possible? Of course, excepting the case when those10.000.000 are blank > lines.
I feel , Padex has worked only as a solo programmer ( a lone wolf....i do not mean to offend him ). Industrial strength software development ( using a team ) needs to have well defenied and robust process to deliver the software on time without deviating from the objective of the software project. Six sigma intiative has helped companies to improve their productivity and minimize the number of error which can arise.
It is just like asking How many cops are necessary for controlling a mob of 1,00,000 ? a mercenary will think that u need 1,00,000 cops. But a policeman worth his salt understands that not more than 5,000 well armed policemen are necessary .
When u think software development as programming , it is hard to believe that only three errors can arise in case of 1 million LOC. When u treat programming is only one aspect of software development , one can make sense of ISO,CMM or Six sigma.
Praseed Pai
It always amazes me the defeatist attitude when it comes to software defects. You do realize software runs in medical devices among other things. Would you be fine with ohh > 3.4 defects per million opportunities in that 12 lead they have you hooked up to? How about a ventilator?
It's all about your processes. Is ISO and Six Sigma name recognition...well you bet so fork out the dough but they are also proven processes.
I get dinged alot because I advocate zero defects. Sometimes I really don't understand the nonchalance of my fellow developers.
This is true SOCM_FP_CPP. :) And I'n not at all offended. I've mostly worked alone or in small teams ( up to 7-8 people). The largest project I took part in was about 1.000.000 LOC.
Nevertheless it seems that is rather difficult, if not impossible, to have such a small number of errors in a large scale project ( even in medium sized ones - like the one I've menioned).
And it is quite more difficult if more people are involved into the process. I don't mean only programmers. From my experience, the most difficult task is to have a correct understanding on the client's needs. As a consequence the specifications can and usually are flawed or they are incomplete, in the best possible scenario.
So if we are to consider a project as a whole, from the moment the 1st contact was made with the client until the moment when the product is installed, with manuals, examples and everything I find quite hard to achieve the "n errors" goal.
Yet, there might be something I'm missing here. Perhaps something as simple as the definition of the "error" in the process you are mentioning.
:) I don't advocate for buggy code. I only state it is rather difficult to get a product with 0 deffects from the first attempt. This under the normal circumstances of having time/cost pressure from the client.Quote:
Originally Posted by Mick
Which is why you have a 'process' :)Quote:
Originally Posted by PadexArt
You also have to follow that process. I spent a couple of years with a large corp. that had a very good process. But they didn't f'ing follow it, customers/marketing/sales pushs a bit and management folded. End result was crappy code, crappy documentation, crappy everything, cost time/money and my sanity :)
True Mike. :) But does implementing a process necessarily mean one will achieve the advertised results? I can understand that if the process is correctly implemented the outcome is a better product with fewer errors. But can you guarantee that the number of errors is bellow 1 or 10 or even 1000? And how do you verify it? This is difficult to say for a 100 loc application.Quote:
Originally Posted by Mick
Look at UML for an example. When it was introduced many thought that that was the end of the specification nightmare. A nice & simple visual language and many processes ( like RUP) to bridge the gap between the "manufacturers" and the clients of software products, and not only.
Can you tell me today that that problem is solved by simply using UML and any of the processes available?
EDIT: "You also have to follow that process."
I agree 100% on this one. :wave:
Process is important. What process should be used by a particular company or group of developers is a complicated question. It depends on the size of the development team, the number of years they have worked together, the amount of discipline they have, the amount of domain knowledge they have, how closely they can work with the customer, who the customer is, the complexity of the project, and the lifetime of the resulting product. You want to spend sufficient amount of process-related effort to meet the project goals, but not an ounce more.
As an example, a game company can't afford to follow a heavy-weight process, while a real-time medical software company can't afford NOT to.
The right group may achieve a better project in less time using XP (eXtreme Programming) rather than RUP or Six Sigma.
My take on the CMM:
There's good stuff in the CMM, but there's very little reason for certification. It's expensive and there's little benefit unless you are a defense contractor. Take what you need from the CMM, and ignore the rest. Trying to follow the CMM fully will be horribly wasteful and you'll end up pushing around paper more than pushing around bits.
Again, process is important. Do your research. Find a good one and then adapt it to your group and company.
Personally I prefer more agile processes, but the managers here come from an older school. We end up with a mix of XP and RUP and even a little waterfall(ugh). We constantly reevaluate our process and try to improve it. Right now we are focusing on how to better handle requirements and how they should feed into design.
Jeff