Manage Compliance in a Multimodel Environment
Compliance is the state of being in accordance with established process descriptions, guidelines, templates etc. Even shorter: Compliance is about processes being followed.
The mechanism to verify compliance in an organization is called an audit, which can be either external or internal. Normally, verification of compliance is handled in at least two steps: 1) Auditing compliance of the process system (the process descriptions) against a standard and 2) auditing if people are following the process and the work products produced are in accordance illustrated in the following picture.
In many organizations is a reasonable description of what is needed (and of course a great number of organizations do not even worry about standards), but in other organizations the reality is even more complex.
“Successful improvement in a multimodel environment is essential to building the resilient organization. And resilient organizations have the agility to achieve and maintain competitive advantage,” Mike Phillips of the Software Engineering Institute (SEI)1 told participants at a recent workshop.
Basically, this means that many companies in many domains have realized that using and implementing (the best parts of) multiple standards and models will benefit the business. An often seen example is that a company wants to benefit from working with both CMMI, and ISO standards. This is illustrated on the following picture.
Ensuring compliance against one standard requires a lot of work keeping track of which parts of the process descriptions implement which parts of the standard - and working with multiple standards and models transforms this work to a cumbersome task to handle. Without a tool to support this activity, it will require a lot of trivial, manual work to keep track of which parts of the models and standards are implemented where in the organizational process(es). And when the process changes, the mappings needs updating also, which can be a factor resulting in resisting updating process descriptions to reflect the actual praxis of the organization.
Callis Author helps managing compliance by mapping and generating compliance statements between process description and standards and models, when working in a multimodel environment, e.g. using both CMMI for Development and ISO 9001:2008. An example of this is shown in the following picture.
As needed, other models and standards also be added into Callis Author.
Depending on the situation sometimes it is necessary to adjust the standard processs to fit a specific project's need. This process is called tailoring which is illustrated in the following picture.
Tailoring adds complexity to handling process descriptions and compliance, but can be necessary.
Another angle to compliance is understanding the CMMI SCAMPI appraisal method, which is illustrated on the following picture.
In Callis Author a mapping between artifacts in the process description and CMMI is supported. This can be used to generate PIID (Process Implementation Indicator Document) templates, which is instantiated during CMMI apprisals.
Please notice, that Callis Author does not enforce a specific structure on your process descriptions, but efficiently and effective support activities needed to verify compliance.
Likevise, models and standards do not say anything about how your process description should be organized. Your process descriptions should be easy to locate, easy to understand and should support the work of the employees in your organization in the best possible way. In Callis Author standards and models are one thing - and process descriptions are another. The process architecture and mechanisms provided by Callis Author helps you to reflect and support your business needs, and the link to models and standards can efficiently be managed and maintained.
© Copyright 2007-10, Callis
