Best Practices: Are Your Company's Processes Mature? - InformationWeek
10:55 AM
Mike Bohlmann
Mike Bohlmann
Ransomware: Latest Developments & How to Defend Against Them
Nov 01, 2017
Ransomware is one of the fastest growing types of malware, and new breeds that escalate quickly ar ...Read More>>

Best Practices: Are Your Company's Processes Mature?

The Capability Immaturity Model can help smaller businesses understand what is preventing their organization from establishing effective processes

The Capability Maturity Model (CMM) is a well-known process that's frequently used to determine the "maturity" level of an area or department within an organization. Within the IT world, the model is employed to help companies measure their ability to create, manage, and refine good processes for software development and other process-oriented work on a scale of 1 through 5.

For instance, companies that are creating processes on the fly with success only coming through the heroic efforts of its IT staff are in the initial, or first, phase of the model. Companies with processes that are well-established and are being followed are in the defined, or third, phase of the CMM. The core of CMM is the establishment of processes, following them, and refining them.

Critics of the CMM say that it does not encompass all the other areas that can impact the ability of an organization to establish and manage IT processes. One attempt to correct that is the Capability Immaturity Model (CIMM), conceived by Capt. Tom Schorsch. While it is a bit cynical and written in a tongue-in-cheek manner, everyone has probably experienced, at one time or another, individuals within their organization who matched one of these descriptions.

In the CIMM, there are four levels in which an organization can fail at establishing processes both passively and actively. These may help you in identifying and communicating just what keeps your organization from establishing and following good processes:

  • 0: Negligent
  • -1: Obstructive
  • -2: Contemptuous
  • -3: Undermining

In a negligent organization, the desire is stated to do better, but the follow through is lacking. Multiple attempts are made at introducing established processes, but each equally impressive announcement is met with an equally impressive lack of follow-through. Has your organization decided to implement something like ITIL, Six Sigma or COBIT, only to abandon it later because no one is following it? Then your organization is negligent in its ability to improve processes. When there are no actions to meet stated desire, the stated desire is usually not actually a desire. Correcting this sort of behavior requires serious leadership ability and discipline. If possible, leading by example is the best way to demonstrate necessity and how improvements can pay off. Sometimes incentives need to be put in place to make actually following a new policy or process worthwhile.

"We've always done it that way." How often does change get met with that sort of response? It can happen often, especially when you have change-averse employees or someone who has been doing a specific task for a long time. This is difficult to overcome because the people blocking implementation have usually convinced themselves that the way things are working is fine and that any change could risk breaking things needlessly. Since the phrase "if it ain't broke, don't fix it" comes to mind here, the best course of action is going to be to find areas of the current process (or lack of process) that could be improved incrementally. With some incremental steps, it can be demonstrated that just because the current way is what has been done for years, it does not mean it is the best way.

1 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll