1st Edition

Reducing Risk with Software Process Improvement

By Louis Poulin Copyright 2005
    280 Pages 51 B/W Illustrations
    by Auerbach Publications

    Reducing Risk with Software Process Improvement recommends the critical practices that aid in the successful delivery of software products and services. The author describes the observations that he made over a period of ten years in IT projects and organizations. He focuses on the areas of software development and maintenance, highlighting the most frequently encountered problems that occur due to poor processes. The author derives recommendations from 40 comprehensive assessments of IT organizations.

    This book details the potential or real problems each organization experienced, and offers anecdotes on how these problems resulted from deficient practices, what their impacts were, and how improving specific practices benefitted the organizations.

    This volume provides valuable advice for project and application managers looking to minimize the number of crises they have to deal with, and for IT practitioners seeking the practical solutions that lead to career advancement. It benefits customers who need to know what to look for before purchasing IT products or services, and helps investors analyze the efficiency of IT companies before making investment decisions.

    THE INFORMATION AGE
    The old software ghosts that haunt us

    MANAGING REQUIREMENTS
    Ensure system requirements have been reviewed by software
    professionals before forging ahead
    Establish and enforce a directive stating what must be done
    when dealing with system requirements
    Train those who have the responsibility of managing
    requirements
    Document project requirements and make them available to
    project team members
    Take basic measurements of requirements management
    activities and by-products
    Involve quality assurance personnel when managing
    requirements
    Conduct reviews of requirements management activities and
    by-products

    PLANNING
    Involve software professionals when the project is in its early
    conceptual stage
    Insist that a plan be prepared and specify what it should
    contain
    Ensure the WBS is used properly
    Start by estimating size
    Ensure that auxiliary resources have been factored into the
    plans
    Identify, evaluate and document risks
    Ensure management reviews commitments made to
    suppliers and customers
    Establish and enforce a directive stating what must be
    performed in the course of planning a project
    Train those who must plan the project
    Ensure that individuals and groups are informed of project
    commitments that affect them
    Involve quality assurance personnel during project planning
    Ensure that management reviews project planning activities
    and by-products

    TRACKING PROGRESS
    Ensure management reviews changes to commitments made
    to suppliers and customers
    Ensure that individuals and groups are informed of changes
    to project commitments that affect them
    Ensure that internal project reviews are held to track progress
    Track risks
    Institutionalize formal reviews
    Take measurements
    Establish clear roles and responsibilities
    Establish quality assurance to help monitor project tracking
    and supervision
    State what is expected at the organizational level in terms of
    project monitoring

    ASSURING QUALITY
    Establish a quality policy
    Assign the responsibility of assuring quality
    Train personnel assigned to assuring quality
    Prepare and implement a quality assurance plan
    Document non-compliant items
    Communicate quality assurance activities and results
    Have quality representatives interface with customers
    Institute senior management reviews of quality assurance
    activities

    RELEASING PRODUCTS, DEPLOYING SERVICES AND
    CONTROLLING CHANGES
    Establish a repository for baselines
    Identify what items will be placed under formal change control
    Assign release and change control to someone
    Have a plan for controlling deliverables and essential work
    products
    Document change requests and problem reports
    Control changes affecting baselines
    Document what the release and change control repository
    contains
    Conduct baseline audits
    Specify what is minimally acceptable in terms of release and
    change control

    CONTRACTING OUT
    Establish and enforce a directive describing at a high level the
    steps to take for contracting work out
    Insist on having the supplier submit a plan
    Agree with the supplier on how progress will be tracked and
    how contractual changes will be made
    Hold progress and coordination reviews with suppliers
    Conduct periodic formal reviews with suppliers
    Involve quality assurance personnel and personnel
    responsible for release and change control
    Ensure that acceptance tests of suppliers' deliverables are
    performed, complete, and documented
    Train those responsible for the selection and management of
    suppliers

    DEVELOPING PRODUCTS
    Define the format that work products must follow
    Ensure that appropriate methods and tools are available
    State what is expected in terms of adherence to development
    processes
    Take the time to train members of the technical staff on how
    to perform their tasks
    Ensure that comprehensive software requirements have been
    developed before moving on
    Develop operational and user documentation early on
    Plan testing activities and test thoroughly
    Collect and analyze defects
    Measure, measure and measure, but with circumspection
    Involve quality assurance personnel throughout
    Periodically review development activities and results

    COORDINATING
    Document stakeholders' involvement and their commitments
    Define how issues will be handled
    Ensure that the tools used by the various stakeholders are
    compatible
    Train managers in teamwork
    Ensure that software professionals are represented when
    defining system requirements with the customer
    Implement regular reviews with representatives of the various
    groups involved in the initiative
    Identify and manage critical dependencies between
    stakeholders
    Communicate again and again
    Manage expectations form the start

    REVIEWING AND INSPECTING
    Mandate reviews and inspections
    Train peer review participants
    Assign peer review leaders, especially when there are many
    reviewers
    Ensure peer reviews are in the plan
    Follow the plan
    Collect data
    Make sure that quality assurance is part of the process

    PROVIDING SERVICES TO CUSTOMERS
    Seek, compile and review feedback from customers
    Analyze, document and communicate customers' needs
    Ensure that information provided by customers remains
    private

    FOCUSING ON PROCESSES
    Make it clear for everyone that improving is a priority
    Periodically assess your IT development and maintenance
    process
    Prepare a plan of action
    Implement the plan to define and improve organizational
    processes
    Establish a library of process-related documentation
    Establish a historical measurements repository
    Provide training and support as processes are deployed

    TRAINING PERSONNEL
    Convey the importance of training and how it will be provided
    Assign the responsibility for coordinating training and make a
    plan
    Deliver and track planned training
    Maintain and regularly review personnel training records
    Periodically assess the training relevance and quality

    MANAGING IT INITIATIVES
    Mandate that every IT initiative use a management approach
    based on the organizational standard
    Provide tailoring support and training
    Distribute the tailored process to everyone in the team
    Harmonize performance and needs
    Measure the effectiveness of the organizational management
    approach

    BUILDING A CULTURE
    Document and communicate the type of behavior valued by
    the organization
    Hold frequent meetings between management and
    personnel
    Share goals and results achieved by the organization with
    personnel
    Define and deploy logical and flexible operating procedures

    THE REALITY OF INFORMATION TECHNOLOGY
    INITIATIVES
    Results Overview
    Government vs. Private Industry-Services vs. Product
    Development-Small vs. Large
    Detailed Results
    Software Quality Index
    Potential Instances of Problems
    Potential Failure Modes

    ON PROBABILISTIC RISK IDENTIFICATION, MAPPING
    AND EVALUATION
    The complexity of preventing losses and making the most of
    opportunities
    PRIME
    Application to information technology
    The CMM
    The Taxonomy-Based Risk Identification
    Conclusion

    ANNEX A: A CRASH COURSE IN STATISTICAL
    PROCESS CONTROL
    Quantitatively managing processes
    Quantitatively managing quality

    ANNEX B: RISK ASSESSMENT AND ESTIMATION OF LOSSES

    Biography

    Louis Poulin

    "This book can help you change the system in your organization. I invite you to learn and understand how you can do better on your projects. I know you all can. I've seen it many times once the organization and managers decide that there is a better way. Poulin's book can enable you to do your best and find that better way."
    Ron Radice, from the Foreword