Final Findings CMMI-SVC

Sr.
No
1.

2.

3.

4.

5.

6.

Observation
In a few work groups, exact sections of
Test case or Test case IDs are not
mapped against task ID in the
requirement
traceability
matrix
document.
Some of sections in requirement
traceability matrix document are found
to be incomplete in some of the work
groups.
Service
strategy is revised and
documented in service plan but change
details such as document revision
history are not documented in some of
the work groups.
Risk and Mitigation section is not
documented
to
address
service
strategy in service plan in a few work
groups.
In some of the work groups, Some of
the training needs identified are not
based on the assessment of gap
between required skills and available
skills.
Some of
the sections such as
stakeholder
involvement,
approval
details,
and revision history are
not documented in work plan in a few
work groups.

Weakne
ss / Note

Response

Action Taken by &

Close by Date

Application -

(n)Procure -

(n)Procure
e-Governance -

e-Governance -

IT-Infra
Application

(n)Procure

Confidential

Remark

Document
revision
history
in
service plan
is updated.
Reference of
risk register
is given in
service plan

Page 1 of 19

Final Findings CMMI-SVC

7.

Some of the responsibilities are not

documented for the
work group
manager under the section of roles and
responsibilities in departmental plan in
a few work groups

8.

Some of the details such as resource

name, actual dates are not documented
in Task management sheet against a
few tasks such as project management
task in most of the work groups.

9.

10.

Work group specific training needs are

identified
in
Skill
and
Training
Database. Planned and actual dates of
training are tracked through task
management sheet. Target date for
completion of each training delivery
can be documented against work group
specific training needs in Skill and
Training database or Task management
sheet for better monitoring.
Project schedule covering high level
tasks is documented in work plan and
Task scheduling covering high level
task, project management, metrics
analysis tasks is documented in task
management sheet. Project schedule
and task scheduling can be combined
to avoid duplication of data.

e-Governance

PKI
(n)Procure
e-Governance
CCTV
IT-Infra
Application -

Skill
and
training
database excel sheet
PEG template is modified for
better monitoring.

Task
Management
sheet is updated as per PEG the requirements.

Confidential

Required
responsibilit
ies are
documented
.
Resource
name have
been
mentioned
in the Task
Managemen
t Sheet

Page 2 of 19

Final Findings CMMI-SVC

11.

12.

13.

In a few project progress reviews, a few

open activity items are not carried
forward to subsequent project progress
reviews and tracked to closure in a few
work groups.
Some of the issues identified in issue
register are not getting discussed in
most of the project progress reviews in
a few work groups.
Deviation against a few milestones is
not documented in Project milestone
review or in Project Progress Review to
identify actions in some of the work
groups.

e-Governance

(n)Procure

PKI Application -

14.

External stakeholders are not involved

in most of the project milestone review
as defined in work plan in a few work
groups.

CCTV -

15.

Cause of issue is documented as

corrective action against most of the
issues which is incorrect in a few work
groups

(n)Procure

Confidential

Project
progress
reviews and
closures are
mentioned
in project
progress
review

Mentioned
the details
of external
stakeholder
in the
Project
Milestone
Review

Page 3 of 19

Final Findings CMMI-SVC

16.

17.

18.

19.

Column to document closure status

against each issue is not defined in
Issue Log
Some of the tasks such as PPR, PMR are
not planned and monitored in Task
Management sheet in a few work
groups
Project reference code is defined in
Project Milestone review to capture
Milestone details. Project reference
code can be replaced with Milestone ID
or Milestone Description for better
understanding.
Target for some of the metrics is not
documented in metrics plan section of
departmental plan in most of the work
groups.

Issue log template is

updated
with
the
PEG column of Action/Status
closure.

(n)Procure

Project
Milestone
Review
Template
is PEG updated.

PEG -

Confidential

Page 4 of 19

Final Findings CMMI-SVC

20.

21.

22.

23.

24.

25.

Operational definition of some of the

derived measure such as process area
audit finding metric,
process
change request
metrics
is not clearly
documented
in process Measure and objectives
document at organization level.
Data collection
frequency
for
various metrics is not documented in
Work Plan in most of the work groups.
Service targets are not traceable to
performance or quality of service
deliverables in a few work groups.
Project management approach section
of
work
plan
is
not
correctly
documented in some of the work
groups.
Document name against some of the
observations is not mentioned in some
of the process audit reports in some of
the work groups.
Some of the work audit reports for a
few work products are not maintained
in a few work groups.

(n)Procure e-Governance CCTV IT-Infra Application PEG -

Data
Collection
frequency is
updated in
the work
plan.

It will be take care of

from the next time

Time check activity

reports are recorded as PEG per requirements

Confidential

PEG

Page 5 of 19

Final Findings CMMI-SVC

26.

27.

28.

29.

Work product
audit and process
audit frequency is documented
in PEG Departmental plan. Work group
specific work product audit and process
audit frequency can be documented in
departmental plan for easy reference.
Corrective actions are identified against
noncompliance and tracked to closure
in Audit Closure report. Explicit criteria
to identify preventive actions against
noncompliance can be
documented
and followed to ensure such instance
do not occur in future.
Some of the documents such as service
system transition related documents,
service continuity related documents,
QWM report, PPR, PMR are not
documented as CIs in configuration
management plan in some of the work
groups
Most of the documents are not
identified
as
individual
CIs
in
configuration management plan in a
few work groups.

Need to be discussed

PEG

Need to be discussed

PEG

Confidential

PKI
IT Infra CCTV -

Updated the
details in
the
configuratio
n
manageme
nt plan

Page 6 of 19

Final Findings CMMI-SVC

30.

Baseline criteria are documented in

configuration management plan for
each CI focusing on mandatory sections
to be completed before baseline of CI.
Baseline criteria focusing on exit
criteria to ensure the completeness of
all sections of each CI can be
established and used to create and
release baseline of CI for better
understanding.

Need to be discussed

31.

In most of the work groups, supplier

management related task is not
planned
and
monitored
in
task
management sheet.

32.

Historical data is used to arrive at the

estimated
percentage
growth
in
capacity. Explicit analytic technique
name and its
usage can be
documented in capacity plan

33.

Corrective action documented against

some of the incidents in Incident
register
is
not
descriptive
to
demonstrate that action is addressing
the incident closure in some of the work
groups.

PEG -

PKI
(n)Procure
e-Governance
CCTV
IT-Infra
Application -

Updated the
details of
the supplier
manageme
nt in task
sheet.

Capacity plan template

is updated with the
PEG
fields
Statistical
All departments need
techniques
and
to follow it
Objective
to
use
statistical techniques

Confidential

PKI
CCTV -

Page 7 of 19

Final Findings CMMI-SVC

34.

Description of some of the cause codes

used in Incident analysis is not
documented correctly in some of the
work groups.

35.

Quantitative data analysis can be

maintained to
demonstrate the
effectiveness of actions taken to reduce
the reoccurrence of selected incidents
for better monitoring

36.

37.

38.

Change request details considered as

input for a few service system
transition
plans
and
client
communication about the changes
needed is found to be inconsistent in
some of the work groups.
In a few service system transition
plans,
training
requirements
are
documented but details such as
training plan, training attendance
record, training effectiveness are not
documented in a few work groups.
Risks related to service system
transition are identified in service
system transition plan. Such risks can
be added in Risk register for easy
reference and monitoring.

Application -

PKI
(n)Procure
e-Governance
CCTV
IT-Infra
Application -

PKI
(n)Procure
e-Governance
CCTV
IT-Infra
Application -

Confidential

Page 8 of 19

Final Findings CMMI-SVC

39.

40.

41.

A few details such as essential

resources and its prioritization are not
specifically documented in service
continuity plan in a few workgroups.
Results of service continuity plan
verification & validation are not
documented in some of the work
groups.
Standard services are established and
maintained individually in service
catalog. Some of the related standard
services can be bundle and projected
as a service package in service catalog
to meet the needs of customer and end
users

42.

Document release
documented
for
guidelines.

details
Team

are not
building

43.

Organizational level policies for various

processes are documented in Process
Asset Library covering quality policy,
information
security
policy
and
information
technology
service
management policy. Explicit mapping
between existing policies and various
processes
categories
can
be
established and communicated across
the
organization
for
better
understanding

W
PKI
(n)Procure
e-Governance
CCTV
IT-Infra
Application -

Team
building
guidelines document is
PEG updated with required
fields.

Need to be discussed

Confidential

PEG -

Page 9 of 19

Final Findings CMMI-SVC

44.

45.

46.

47.

48.
49.

Standard process as is, with no

tailoring is followed but
section of
tailoring from departmental plan was
removed instead of mentioning not
applicable for the same section
Standard process as is, with no
tailoring is followed in some of the work
groups but section of tailoring from
departmental
plan
was
removed
instead of mentioning not applicable
for the same section.
Lessons learnt are documented and
shared to central repository on yearly
basis or at the end of work completion.
Explicit frequency to share lessons
learnt
can
be
documented
in
departmental plan for better clarity.
In some of the work groups, risk
response strategy is documented as
accepted against a few risks but the
mitigation & contingency plan are
developed which is incorrect.
Risk trigger against a few risks is not
documented in Risk register in a few
work groups.
Some of the risks identified in work
plan, project progress review are not
found in Risk register for tracking till
closure in most of the work groups.

W (OT)

OT PKI
(n)Procure
e-Governance
CCTV
IT-Infra
Application PKI
(n)Procure
e-Governance
CCTV
IT-Infra
Application -

e-Governance
IT-Infra

(n)Procure
CCTV
Application -

Confidential

PKI
(n)Procure
e-Governance
CCTV

Updated the
department
al plan.

Details are
corrected as
per
requirement
Updated the
risk register
as identified
risk.
Updated the
risk register
as per
requirement
Page 10 of 19

Final Findings CMMI-SVC

IT-Infra
Application 50.

51.

SWOT analysis is not documented to

support established QPPOs in a few
work groups.
Some of the processes and sub process
name against some of the QPPOs is not
documented in BO-QPPO measurement
framework.

52.

In most of the work groups, inferences

drawn based on Cp and Cpk values are
found to be incorrectly documented in a
few PPBs.

53.

Corrective actions are not documented

to improve the performance of QPPO
and sub process measures in a few
PPBs.

54.

55.

PPB
release
frequency
is
not
documented explicitly in PPB guidelines
or departmental plan.
Actual dates are not documented
against
a
few
tasks
such
as
organizational process performance

PEG
Application -

BO-QPPO measurement
is updated with the
PEG Process
and
sub
process name.
PKI
(n)Procure
e-Governance
CCTV
IT-Infra
Application -

Inferences
of CP and
CPK
updated as
per the mail

(n)Procure -

Actual
updated
sheet

Confidential

dates
in the

are
Task

PKI
(n)Procure
e-Governance
CCTV
IT-Infra
Application
PEG PEG -

Information
is updated
in
department
plan

Page 11 of 19

Final Findings CMMI-SVC

monitoring related
management sheet.

56.

57.

58.

59.
60.

tasks

in

Task

PPB Trend analysis of QPPO and sub

process
measure
performance
is
documented in PPB covering mean.
Standard deviation values also need to
be added in Trend analysis in PPB to
understand the trend of variation.
Rationale for selecting
critical
sub
process for statistical management
which is not most contributing sub
process as per sensitivity analysis is not
documented in PPM sheet of a few
QPPOs in a few work groups.
Some of the details such as Statistical
or analytical technique name, sub
process measure are not defined
explicitly in QWM sheet in most of the
work groups.
Control Limits for sub processes are
revised incorrectly in a few work
groups.
Corrective actions are not identified
based on the some of the sub process
stability and capability issues in some
of the work groups.

Trend analysis table is PEG

updated in the PP Need to be follow by
template
all departments.

e-Governance

PKI
(n)Procure
e-Governance
CCTV
IT-Infra
Application

PKI

PKI
(n)Procure
e-Governance
CCTV
IT-Infra

Confidential

Rationale is
updated for
critical sub
process.

Information
is updated
in QWM
Sheet.

Required
details are
updated.

Page 12 of 19

Final Findings CMMI-SVC

Application -

61.

62.

63.

64.

65.

Probability of success against a few

QPPOs is not documented as per
defined frequency in PPM report in a
few work groups.
Probability of success against a few
QPPOs is low and risk of not achieving
QPPOs is not documented in risk
register in most of the work groups.
A few corrective actions taken based on
what if analysis in PPM are found to be
incorrect and not focusing on the
controllable factors of the PPM in a few
work groups.
Work group specific QPPO SMART
statement
are
established
and
maintained which covers target mean
and Specification limits. Target for
standard deviation can be explicitly
documented in QPPO SMART statement
for easy understanding of variation.
Baselines of critical sub processes are
maintained using PPB and process
composition is done for each QPPO
separately.
Baselines
of
service

IT-Infra

PKI
(n)Procure
e-Governance
CCTV
IT-Infra
Application -

Risk register
is updated
with risk
identified as
low
probability
of success

Confidential

Page 13 of 19

Final Findings CMMI-SVC

66.

67.

68.

management lifecycle sub processes

considering alternate methods can
maintained using PPB so that in future,
decisions of which alternative sub
processes to choose can be taken by
optimizing or performing trade-offs
considering QPPOs focusing on process
parameter and service parameter.
QPPOs
actual
performance
is
documented in PPM sheet and MOM.
QPPOs predicted performance and sub
process performance is documented in
PPM sheet. Explicit table can be added
in MOM to emphasize on leading
indicator for better understanding and
to get early feedback on work group
performance.
Work group QPPOs and critical sub
processes are managed statistically in
the
work
groups.
Statistical
Management can be focused on only
sub
processes
to
monitor
the
achievement of work groups QPPOs for
better analysis.
A few of the implemented actions
based on work group level
CAR
analysis are demonstrating statistically
significant improvement in standard
deviation of the selected CAR goal but
not
demonstrating
statistically
significant improvement in mean in a

Confidential

Page 14 of 19

Final Findings CMMI-SVC

few work groups.

69.

70.

71.

72.

Number of data points used to evaluate

the effectiveness of a few corrective
actions is found to be inconsistent in
hypothesis test results and staged
control chart representation in a few
work groups.
A few of the implemented actions
based on work group level
CAR
analysis are demonstrating statistically
significant improvement in mean of the
selected
CAR
goal
but
not
demonstrating statistically significant
improvement in standard deviation in
some of the work groups.
In some of work groups, a few of the
deployed
improvements
are
demonstrating statistically significant
improvement in mean of the selected
goal but not demonstrating statistically
significant improvement in standard
deviation.
Business PPM can be established to
understand the overall impact of
aligned QPPOs on the business
objectives and such PPM can be used
by
leadership
team
for
better
understanding and analysis.

Confidential

Page 15 of 19

Final Findings CMMI-SVC

73.

74.

75.

76.

77.

78.

Evaluation of the effects resulting from

deployed OPM initiative on mean and
variation of QPPO & Business objective
performance using statistical test is
documented in most of the OPM
reports. But the goal statement
mentioned in OPM report is focusing on
only mean performance and this can be
further enhanced by adding the goal for
standard deviation performance for
more clarity.
Awareness about requirement approval
method followed is found to be low
among a few work group staff in a few
work groups.
Awareness
about
Bidirectional
Traceability of requirements is found to
be low among some of the work group
staff in some of the work groups.
Awareness about service strategy
details documented in service plan is
found to be low among a few work
group staff in a few work groups.
Awareness
about
Budgeted
cost
calculation based on budgeted effort is
found to be low among a few work
group staff in a few work groups.
Awareness about work product audit is
found to be low among most of the
work group staff in most of the work

Conducted
Training

Awareness

Confidential

Page 16 of 19

Final Findings CMMI-SVC

groups.

79.

80.

81.

82.

83.

84.

Awareness about severity and priority

assigned against a few incidents,
effectiveness
of
action,
method
followed to communicate incident
closure is found to be low among some
of the work group staff in some of the
work groups.
Awareness about essential functions
identified for service continuity is found
to be low among a few work group staff
in a few work groups.
Awareness about internal trainer list is
found to be low among a few staff.
Awareness of risk source and risk
category identified against risk is found
to be low among a few work group staff
in a few work groups.
Awareness about risk parameter such
as risk impact, probability of occurrence
and risk index is found to be low among
some of the work group staff in some of
the work groups.
Awareness about weightage given for
each evaluation criteria, evaluation
method is found to be low in most of
the work group staff in most of the work

W (OT)

Confidential

Page 17 of 19

Final Findings CMMI-SVC

groups.

85.

86.

87.

88.

89.

90.

Awareness
about
alternative
sub
processes selection at the planning
stage
using
process
composition
database is found to be low among
most of the work group staff in most of
the work groups.
Awareness
about
stability
rules,
capability inference is found to be low
among most of the work group staff in
most of the work groups.
Awareness about source of re-planning
values mentioned in PPM report is
found to be low among some of work
group staff in some of the work groups.
Awareness about usage of solution
prioritize technique to prioritize the
action proposal is found to be low
among some of the work group staff in
some of the work groups.
Awareness about hypothesis test used
for effectiveness evaluation of action
taken is found to be low among some of
the work group staff in some of the
work groups
Awareness about usage of analytic
technique
to
arrive
at
capacity
measures, availability measures and its

Confidential

Page 18 of 19

Final Findings CMMI-SVC

threshold is found to be low among
some of the work group staff in some of
the work groups.
91.

Awareness about baseline criteria,

version numbering system is found to
be low among some of the work group
staff in some of the work groups.

Confidential

Page 19 of 19