A Recipe for Quantifying the ROI on Improving Process Maturity


Types of Process Frameworks

1.What should I do? -- Process Definition Frameworks (Associated Metric Type = Objective or End-Result, or Benefit)

  • ITIL
  • MOF
  • ISO, etc.

2. How well am I doing it? - Control/Audit/Maturity Frameworks (Associated Metric Type = Operational Level or Quality Indicator)

  • BS 15000
  • CMMI, etc.

3.How can I improve it? - Process Improvement Frameworks (Associated Metric Type = mix of above two metric types)

  • Six Sigma
  • TQM
  • Lean, etc.

A Recipe for Quantifying the ROI on Improving Process Maturity -- the bang for the buck on improving the repeatability and quality of processes:

1.Define the end-result metric (e.g. support cost per year in $) 2. Define the process performance metric (e.g. defect injection rate) 3. Quantify the end-result metric as a function of the process performance metric -- e.g. support cost per year = f(defect injection rate) 4. Define processes and break down process activities (e.g. testing process) 5. Define activity maturity levels -- what it means to be at maturity level 1, level 2, etc. 6. Quantify the change in performance metrics due to change from one maturity level to another. 7. Use (3) to calculate the benefit of moving from one maturity level to another. 8. Quantify the cost of moving from one maturity level to another (one-time and ongoing cost categories are: organizational change, business process change, software licences, productivity loss, administrative costs) 9. Divide (7) by (8) to calculate the ROI of process maturity improvement

Filed in:
Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
Making sense of cloud transitions for financial and telecoms firms Cloud  migration 2.0: shifting priorities for application modernization in 2019  Research Report
Load more reviews
Thank you for the review! Your review must be approved first
New code

You've already submitted a review for this item