Meeting CMMI Verification Steps

Question

For my software engineering project I will be creating software to automate tasks.

In my project management module I have been asked to describe and evaluate how I can met all the specific goals for Verification in CMMI Version 1.3.

By looking at Wikipedia I can see what is outlined for Verification as:

Purpose

The purpose of Verification (VER) is to ensure that selected work products meet their specified requirements.

Specific Practices by Goal

• SG 1 Prepare for Verification

  • SP 1.1 Select Work Products for Verification
  • SP 1.2 Establish the Verification Environment
  • SP 1.3 Establish Verification Procedures and Criteria

• SG 2 Perform Peer Reviews

  • SP 2.1 Prepare for Peer Reviews
  • SP 2.2 Conduct Peer Reviews
  • SP 2.3 Analyze Peer Review Data

• SG 3 Verify Selected Work Products

  • SP 3.1 Perform Verification
  • SP 3.2 Analyze Verification Results

My thought process:

To meet SG 1, I think I need to select a method to carry out verification method. In the case of software I think Unit testing and Code Review is sufficient. This should meet SP 1.1.

To meet SP 1.2 I will need to state what I will be using to carry out these methods. E.g. a unit test library for unit testing and a checklist for the code review.

To meet SP 1.3 I will need to outline specifics of how these methods in SP 1.2 will actually be used (the procedure).

Before I go any further does it look like I am on the right track here? Or am I getting the wrong idea?

Answer 1

I would recommend consulting the complete CMMI for Development v1.3 Technical Report instead of Wikipedia. This document is freely available and provides a lot more details.

Something to keep in mind is that performing the practices of the Specific Practices generally lead to the satisfaction of the Specific Goals. Doing the Specific Practices is not required, but it is expected. As long as you meet each of the Process Area's Specific Goals as defined (during a CMMI appraisal, that would mean showing objective evidence), you are good.

To meet Specific Goal 1 Prepare for Verification, you need to determine what kind of verification you will do (eg what methods of verification are appropriate), what things you will do verification on, and what things you will need to do verification (tools, software, equipment).

To meet Specific Goal 2 Perform Peer Reviews, you will need to define what things will be peer reviewed and then show evidence that people other than the creators reviewed them. Note that peer reviews aren't just for production code, but include all things made during the project - documents, tests, process documents. Pair programming is also considered a method of peer review.

To meet Specific Goal 3, you conduct the verification activities that you prepared for as part of Specific Goal 1 and have objective evidence of the completion of those activities. A key phrase indicates that "verification activities should be performed throughout the product lifecycle" - this means you should consider requirements, architecture, design, code, and integration when planning and conducting verification.

Generally, I think you're on the right track with your thinking. My suggestion would be to consider the entire product lifecycle when considering verification, not just unit tests. How do you verify your requirements? Or verify your architecture and high level designs?