Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The firm behind Healthcare.gov had top-notch credentials -- and it didn't help

Patrick Thibodeau | Jan. 2, 2014
The biggest software failure of 2013 and why CMMI certification was no predictor of success.

CMMI arose some 25 years ago via the backing of the Department of Defense and the Software Engineering Institute at Carnegie Mellon University. It operated as a federally funded research and development center until a year ago, when CMMI's product responsibility was shifted to a private, profit-making LLC, the CMMI Institute LLC. The Institute is now owned by Carnegie Mellon.

Getting CMMI certification is not simple or cheap. It has five levels of process maturity, each taking about two years to complete. Going through these processes can cost a company thousands of dollars and may even require dedicated personnel. Certifications require appraisals by independent experts, and periodic re-appraisals.

Given that the CMMI Institute is now a self-supporting firm, any requirement that companies be certified by it — and spend the money needed to do so — raises a natural question.

CMMI's new status
"Why is the government mandating that you support a for-profit company?" said Henry Friedman, the CEO of IR Technologies, a company that develops logistics defense related software and uses CMMI.

"There is the incentive for them to grow, and the way you grow is you either sell your product or services to more customers, or increase the number of products and services that you sell to the same customer," said Friedman.

Friedman is concerned that government managers will escalate CMMI requirements as a result of increased commercialization. This can be an issue. For instance, he was recently involved in a bid that required CMMI certification, with the military agency wanting certifications in three areas: development, services and acquisitions. At the time, he was aware of only two organizations in the world that had all three certifications, effectively shutting out a number of would-be bidders for the project.

The requirement for three was dropped once vendors complained, he said.

The scenario described by Friedman shows how CMMI certification requirements could limit bidders for government contracts, exacerbating a problem former federal CIO Vivek Kundra complained about in 2011, just before he left his post. He said government IT contracting was almost a cartel, comprising a handful of contractors that benefit from government spending "because they understand the procurement process better than anyone else."

The case for CMMI
CMMI supporters, however, say it would not have survived if it did not add value.

Kirk Botula, CEO of the CMMI Institute, said CMMI has gone far beyond its role in government procurement, is now used in the private sector and has a strong following overseas — especially in China and India.

"You can learn through trial and error, which is how most folks do it," said Botula, of software development, "or you can benefit from best practice, from proven approaches and use it as a roadmap to align your business goals to your operational capability. (CMMI) is a consistent way of doing that."

 

Previous Page  1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.