Level 3 - The Defined Level

At level 3, an organisational wide process is defined and the best practices have been generalised of use at an organisational level.

A new group is involved within this level of the CMM called the Software Engineering Process Group (SEPG) they are responsible for the organisation's standard software process and related process assets.

The standard process for developing and maintaining software across the organization is documented, including both software engineering and management processes, and these processes are integrated into a coherent whole. This standard process is referred to throughout the CMM as the organization's standard software process. Processes established at Level 3 are used (and changed, as appropriate) to help the software managers and technical staff perform more effectively. The organization exploits effective software engineering practices when standardizing its software processes. An organization-wide training program is implemented to ensure that the staff and managers have the knowledge and skills required to fulfill their assigned roles.

Projects tailor the organization's standard software process to develop their own defined software process, which accounts for the unique characteristics of the project. This tailored process is referred to in the CMM as the project's defined software process. A defined software process contains a coherent, integrated set of well-defined software engineering and management processes. A well-defined process can be characterized as including readiness criteria, inputs, standards and procedures for performing the work, verification mechanisms (such as peer reviews), outputs, and completion criteria. Because the software process is well defined, management has good insight into technical progress on all projects.

The software process capability of Level 3 organizations can be summarized as standard and consistent because both software engineering and management activities are stable and repeatable. Within established product lines, cost, schedule, and functionality are under control, and software quality is tracked. This process capability is based on a common, organization-wide understanding of the activities, roles, and responsibilities in a defined software process.

Level Three processes

Process Focus

The purpose of Organization Process Focus is to establish the organizational responsibility for software process activities that improve the organization's overall software process capability. The primary result of the Organization Process Focus activities is a set of software process assets, which are described in Organization Process Definition. These assets are used by the software projects, as is described in Integrated Software Management.

Process Definition

The purpose of Organization Process Definition is to develop and maintain a usable set of software process assets that improve process performance across the projects and provide a basis for cumulative, long-term benefits to the organization. These assets provide a stable foundation that can be institutionalized via mechanisms such as training, which is described in Training Program.

Training Program

At level 3 the software process is now under control, with stable, repeatable results. Training is now controlled at an organisational level

The purpose of Training Program is to develop the skills and knowledge of individuals so they can perform their roles effectively and efficiently. Training is an organizational responsibility, but the software projects should identify their needed skills and provide the necessary training when the project's needs are unique.

Integrated Software Management

Integrated software management builds on the existing principles of project planning and tracking at level 2.  It emphasis shifts to the anticipation of problems and proactive management.  At level 3 more detailed planning and tracking is required for example Size estimates are reviewed by a group external to the project.  A contingency factor is applied to size estimates for each risk identified.

Product Engineering

The purpose of Software Product Engineering is to consistently perform a well-defined engineering process that integrates all the software engineering activities to produce correct, consistent software products effectively and efficiently. Software Product Engineering describes the technical activities of the project, e.g., requirements analysis, design, code, and test.

Intergroup Coordination

A well understood protocol is used to handle the interface between various groups.  All affected groups participate with the customer and end users to establish the system requirements.  A documented plan is used to communicate commitments between groups and to co-ordinate and track the activities performed.  The contents of the plan is agreed by all affected groups.  Critical dependencies between groups are identified negotiated and tracked.  Each group reviews work products to ensure that their needs are met.  All groups work together to monitor and co-ordinate technical activities and to resolve technical issues.  Regular technical meetings are held between all groups.

Peer Reviews

The purpose of Peer Reviews is to remove defects from the software work products early and efficiently. An important corollary effect is to develop a better understanding of the software work products and of the defects that can be prevented. It is the only software engineering practice that has its own process area.  The CMM places a high emphasis on peer reviews as a tool for identifying errors early in the life cycle.