Capability Immaturity Model (CIMM) in software engineering is a parody acronym, a semi-serious effort to provide a contrast to the Capability Maturity Model (CMM). The Capability Maturity Model is a five point scale of capability in an organization, ranging from random processes at level 1 to fully defined, managed and optimized processes at level 5. The ability of an organization to carry out its mission on time and within budget is claimed to improve as the CMM level increases.
The "Capability Im-Maturity Model" asserts that organizations can and do occupy levels below CMM level 1. An original article by Capt. Tom Schorsch USAF as part of a graduate project at the Air Force Institute of Technology[1] provides the definitions for CIMM. He cites Prof. Anthony Finkelstein's ACM paper[2] as an inspiration. The article describes situations that arise in dysfunctional organizations. These situations are not uncommon and occur in organizations of all kinds undertaking software development, i.e. they are more properly in practice characterizations of the management of specific projects since they can occur even in organizations with positive CMM levels.
Contents |
Finkelstein defined levels 0 (foolish), -1 (stupid) and -2 (lunatic). Schorsch changed the names and added level -3.
The organization pays lip service, often with excessive fanfare, to implementing software engineering processes, but lacks the will to carry through the necessary effort. Whereas CMM level 1 assumes eventual success in producing software, CIMM level 0 organizations generally fail to produce any product, or do so by abandoning regular procedures in favor of crash programs.
Processes, however inappropriate and ineffective, are implemented with rigor and tend to obstruct work. Adherence to process is the measure of success in a Level -1 organization. Any actual creation of viable product is incidental. The quality of any product is not assessed, presumably on the assumption that if the proper process was followed, high quality is guaranteed. This is the most common level achieved by most organizations that pursue CMMI ratings.
Paradoxically, Level -1 organizations believe fervently in following defined procedures, but lacking the will to measure the effectiveness of the procedures they rarely succeed at their basic task of creating software. Unfortunately, this behavior is inherent in the CMMI evaluation process. Since many government agencies will only award contracts over a certain dollar value to organizations that can pass a CMMI-3 or higher SCAMPI appraisal, management is more often than not willing to accept some inefficiencies in order to win these lucrative contracts. Government contracting models, in which organizations are paid not for the value of their products but by the number of hours spent building them, reward organizations for performing non-value-added activities related to CMMI compliance. Thus, government contractors with CMMI ratings will ultimately be more profitable than non-CMMI rated companies regardless of the quality of the software they produce. Whether CMMI processes provide any value in producing higher quality software is immaterial.
While processes exist, they are routinely ignored by engineering staff and those charged with overseeing the processes are regarded with hostility. Measurements are fudged to make the organization look good.
Not content with faking their own performance, undermining organizations routinely work to downplay and sabotage the efforts of rival organizations, especially those successfully implementing processes common to CMM level 2 and higher. This is worst where company policy causes departments to compete for scarce resources, which are allocated to the loudest advocates.