Nível de maturidade e comparação dos PDPs de produtos automotivos

O desenvolvimento de novos produtos, que atendam às necessidades do mercado consumidor, é atividade estratégica para sustentabilidade das organizações. O objetivo deste artigo é comparar e avaliar o nível de maturidade desses processos em duas montadoras de veículos instaladas na região Sul Fluminense do País. São discutidas algumas características dos processos, expõe-se o modelo de avaliação, baseado nos critérios do CMMI (Capability Maturity Model Integration), e são apresentados os resultados de pesquisa que investigou o nível de maturidade junto a 47 representantes das empresas estudadas. Como resultado, foi possível identificar lacunas na estruturação dos PDP's, com diversas práticas e ferramentas usadas de forma isolada e não integradas, havendo campo suficiente - no entendimento dos próprios executivos - para serem aprimorados e refinados, o que permitiria torná-los mais completos, abrangentes e potentes para alavancar os resultados de mercado e financeiros das próprias organizações.

Outsourcing and acquisition models comparison related to IT supplier selection decision analysis

This paper presents a comparison of acquisition models related to decision analysis of IT supplier selection. The main standards are: Capability Maturity Model Integration for Acquisition (CMMI-ACQ), ISO / IEC 12207 Information Technology / Software Life Cycle Processes, IEEE 1062 Recommended Practice for Software Acquisition, the IT Infrastructure Library (ITIL) and the Project Management Body of Knowledge (PMBOK) guide. The objective of this paper is to compare the previous models to find the advantages and disadvantages of them for the future development of a decision model for IT supplier selection.

Metamodelo para la definición, implantación y mejora de los procesos de gestión de proyectos

En los últimos años hemos sido testigos de la creciente demanda de software para resolver problemas cada vez más complejos y de mayor valor agregado. Bajo estas circunstancias, nos podemos hacer la siguiente pregunta: ¿Está preparada la industria de software para entregar el software que se necesita en los próximos años, de acuerdo con las demandas del cliente? Hoy en día, muchos expertos creen que el éxito de esta industria dependerá de su capacidad para gestionar los proyectos, las personas y los recursos. En este sentido, la gestión de proyectos es un factor clave para el éxito de los proyectos software en todo el mundo. Además, considerando que las Pequeñas y Medianas Empresas de software (PYMEs) representan el 99,87% de las empresas españolas, es vital para este tipo de empresas la implementación de los procesos involucrados con la gestión de proyectos. Es cierto que existen muchos modelos que mejoran la eficacia de la gestión de proyectos, pero la mayoría de ellos se centra únicamente en dos procesos: la planificación del proyecto y la monitorización y control del proyecto, ninguno de los cuales a menudo es asequible para las PYMEs. Estos modelos se basan en el consenso de un grupo de trabajo designado para establecer cómo debe ser gestionado el proceso software. Los modelos son bastante útiles ya que proporcionan lineamientos generales sobre dónde empezar a mejorar la gestión de los proyectos, y en qué orden, a personas que no saben cómo hacerlo. Sin embargo, como se ha dicho anteriormente, la mayoría de estos modelos solamente funcionan en escenarios dentro de las grandes empresas. Por lo tanto, es necesario adaptar los modelos y herramientas para el contexto de PYMEs. Esta tesis doctoral presenta una solución complementaria basada en la aplicación de un metamodelo. Este metamodelo es creado para mejorar la calidad de los procesos de la gestión de proyectos a través de la incorporación de prácticas eficaces identificadas a través del análisis y estudio de los modelos y normas existentes relacionadas con la gestión de proyectos. viii ProMEP – Metamodelo para la gestión de proyectos Por lo tanto, el metamodelo PROMEP (Gestión de Proyectos basada en Prácticas Efectivas) permitirá establecer un proceso estándar de gestión de proyectos que puede adaptarse a los proyectos de cada empresa a través de dos pasos: En primer lugar, para obtener una fotografía instantánea (o base) de los procesos de gestión de proyectos de las PYMEs se creó un cuestionario de dos fases para identificar tanto las prácticas realizadas y como las no realizadas. El cuestionario propuesto se basa en el Modelo de Madurez y Capacidad Integrado para el Desarrollo v1.2 (CMMI-DEV v1.2). Como resultado adicional, se espera que la aplicación de este cuestionario ayude a las PYMEs a identificar aquellas prácticas que se llevan a cabo, pero no son documentadas, aquellas que necesitan más atención, y aquellas que no se realizan debido a la mala gestión o al desconocimiento. En segundo lugar, para apoyar fácilmente y eficazmente las tareas de gestión de proyectos software del metamodelo PROMEP, se diseñó una biblioteca de activos de proceso (PAL) para apoyar la definición de los procesos de gestión de proyectos y realizar una gestión cuantitativa de cada proyecto de las PYMEs. Ambos pasos se han implementado como una herramienta computacional que apoya nuestro enfoque de metamodelo. En concreto, la presente investigación propone la construcción del metamodelo PROMEP para aquellas PYMEs que desarrollan productos software de tal forma que les permita planificar, monitorizar y controlar sus proyectos software, identificar los riesgos y tomar las medidas correctivas necesarias, establecer y mantener un conjunto de activos de proceso, definir un mecanismo cuantitativo para predecir el rendimiento de los procesos, y obtener información de mejora. Por lo tanto, nuestro estudio sugiere un metamodelo alternativo para lograr mayores niveles de rendimiento en los entornos de PYMEs. Así, el objetivo principal de esta tesis es ayudar a reducir los excesos de trabajo y el tiempo de entrega, y aumentar así la calidad del software producido en este tipo de organizaciones. Abstract In recent years we have been witnessing the increasing demand for software to solve more and more complex tasks and greater added value. Under these circumstances, we can ourselves the following question: Is the software industry prepared to deliver the software that is needed in the coming years, according to client demands? Nowadays, many experts believe that the industry’ success will depend on its capacity to manage the projects, people and resources. In this sense, project management is a key factor for software project success around the world. Moreover, taking into account that small and medium-sized software enterprises (SMSe) are the 99.87% of the Spanish enterprises, it is vital for this type of enterprises to implement the processes involved in project management. It is true that there are many models that improve the project management effectiveness, but most of them are focused only on two processes: project planning and project monitoring and control, neither of which is affordable for SMSe. Such models are based on the consensus of a designated working group on how software process should be managed. They are very useful in that they provide general guidelines on where to start improving the project management, and in which order, to people who do not know how to do it. However, as we said, the majority of these models have only worked in scenarios within large companies. So, it is necessary to adapt these models and tools to the context of SMSe. A complementary solution based on the implementation of a metamodel is presented in this thesis. This metamodel is created to improve the quality of project management processes through the incorporation of effective practices identified through the analysis and study of relevant models and standards related to project management. Thus, the PROMEP (PROject Management based on Effective Practices) metamodel will allow establishing a project management standard process to be tailored to each enterprise’s project through two steps: Firstly, to obtain a baseline snapshot of project management processes in SMSe a two-phase questionnaire was created to identify both performed and nonperformed practices. The x ProMEP – Metamodelo para la gestión de proyectos proposed questionnaire is based on Capability Maturity Model Integration for Development v1.2. As additional result, it is expected that the application of the questionnaire to the processes will help SMSe to identify those practices which are performed but not documented, which practices need more attention, and which are not implemented due to bad management or unawareness. Secondly, to easily an effectively support the software project management tasks in the PROMEP metamodel, a Process Asset Library (PAL) is designed to support the definition of project management processes and to achieve quantitative project management in SMSe. Both steps have been implemented as a computational tool that supports our metamodel approach. Concretely, the present research proposes the accomplishment of the PROMEP metamodel for those SMSe which develop software products and enable them to plan, supervise and control their software projects, identify risks and take corrective actions, establish and maintain a set of process assets, define quantitative models that predict the process performance, and provide improvement information. So, our study suggests an alternative metamodel to achieve higher performance levels in the SMSe environments. The main objective of this thesis is help to reduce software overruns and delivery time, and increase software quality in these types of organizations.

Marco de Gobernanza de TI para empresas PyMEs – SMEsITGF

La tecnología de la información y su utilización en las empresas ha sido y es un elemento de debate ya que las organizaciones cuentan con grandes éxitos y grandes fracasos. Gran parte de estos últimos asociados a una falta de visión estratégica integral en relación a la utilización de TI en la organización lo que ha dado lugar al área del conocimiento llamada Gobernanza de TI y a la publicación de numerosos marcos y estándares. Un campo sensible y económicamente muy importante tanto para Uruguay como a nivel mundial son las empresas medianas y pequeñas (PyMEs), las que no logran aplicar de manera efectiva los marcos y estándares, es por esta razón que el objetivo final de esta tesis es el de construir un marco que permita a las PyMEs incorporar un marco efectivo para gobernar y gestionar TI adecuadamente obteniendo el valor esperado de las inversiones realizadas. Para alcanzar este objetivo general se ha realizado un estudio de campo que permita conocer la situación de la gobernanza y la gestión de TI en PyMEs del Uruguay; a partir de este estudio se pudo analizar cuáles son los factores más significativos que no permiten la correcta aplicación de buenas prácticas de gobernanza de TI en éstas empresas. Los resultados encontrados llevaron a la construcción de un marco de gobernanza de TI con foco en PyMEs, a la definición de un modelo de madurez asociado al marco y a una guía de implantación. En el marco de gobernanza propuesto, compatible con el estándar ISO/IEC 38500:2008, se han fortalecido los procesos que, por las características propias de las PyMEs presentan debilidades estructurales y se han reducido o eliminado aquellos que por las mismas razones no son aplicables a este tipo de organización. Finalmente se validaron los resultados en un entorno empresarial definiendo un estudio de caso. Los resultados obtenidos con una mejora porcentual consolidada del 46% en el conjunto de indicadores definidos llevan a considerar que la aplicación del marco fue exitosa. Por ser un estudio de caso único, los resultados no deben ser generalizados y una oportunidad de trabajo futuro es replicar el mismo estudio en otras empresas. ABSTRACT Information technology (IT) and its use in the enterprise context is a discussion element because organizations have numerous successes and failures using it. Most of the IT failed projects have a lack of integral strategic vision in relation with IT use in the organization. This fact has resulted in the IT Governance (ITG) area of knowledge. A large number of standards and frameworks have been published in relation with it. Small and medium enterprises (SMEs) are an important and sensible field in all economies around the world, particularly in Uruguay, an underdeveloped country of South America. Commonly, SMEs cannot apply successfully ITG frameworks because of the intrinsic complexity or because a lack of knowledge and culture respect this field, so the objective of this thesis is build a framework that allows SMEs to incorporate an effective framework to govern and manage IT properly, helping enterprises get the expected value of its IT investments. In a first place, has been conducted a field study to know the quality of actual practices relatively to the ITG and IG management in Uruguayan SMEs. With the obtained results in the study we can make a diagnostic of the most significant factors that prevent the proper application of good IT governance practices in these companies. The obtained results were the inputs to the definition of a IT governance framework with focus in SMEs, a maturity model associated with it and a implementation guide. The proposed framework is ISO/IEC 38500 standard compatible always with an SME vision so, sensible and weak processes have been strengthened and other ones have been eliminated because have no application in these type of organization. Finally the results were validated in a business environment by defining a case study. The results obtained with a consolidated percentage improvement of 46% in the defined set of indicators suggest that the implementation of the framework was successful. As a single case study, the results should not be generalized and an opportunity for future work is to replicate the same study in other companies.

Impacto de los medios sociales en la estrategia de las organizaciones

Dado el impacto que las redes sociales tienen en la vida diaria de los países desarrollados o en vías de desarrollo, éstas han pasado a tener un papel clave en dicho desarrollo social. Dicha consideración no sólo debe centrarse en cómo las personas forman las redes, sino las herramientas que emplean y la forma en la que estas deben ser tratadas por las organizaciones para conseguir una posición preferencial con los usuarios que forman las redes (considerando el creciente número de éstos todos los días). El presente trabajo trata de exponer la diferencia entre medios sociales y redes sociales, estableciendo una diferencia clara entre entre ambos, define lo que son los medios sociales (Social Media en Inglés), qué se debe considerar para que el uso de los mismos tenga una carácter exitoso en sus operaciones y cómo las organizaciones perciben la diferencia competitiva que éstos aportan en sus actividades. Una vez definida, destacamos la importancia de la consideración de estos nuevos medios en las estrategias de la compañías. Para ello, debemos ver el ecosistema de los medios sociales de forma general, y focalizarnos en la relación marca-compañía con el usuario/cliente. La inclusión de los medios sociales en las estrategias de las compañías, primero de forma independiente y, posteriormente, de forma integrada, hace que los modelos de negocio de las compañías se vayan adaptando a los tiempos. Se describe el cambio de paradigma de los modelos de negocio afectados por la introducción de los medios sociales, los elementos y tipos de modelos de negocio que se pueden tener, así como la adaptación de los modelos establecidos a los nuevos modelos. Posteriormente se ve cómo las compañías incluyen los medios sociales en su estrategia, a través de una planificación de medios sociales,partiendo de qué es una estrategia y cómo debe evaluarse. Una vez se ha definido el contexto (qué son los medios sociales, redes sociales, modelo de negocio, estrategia; así como sus características), se definen los bloques funcionales de los medios sociales, con su paralelismo en términos de la estrategia de las compañías, así como se indican determinados factores de éxito para su adopción. Hasta ahora, estamos mirando la organización de forma individual pero, dentro del mercado en el que desarrollan sus actividades, éstas deben ser evaluadas sobre el grado de desarrollo de los medios sociales en sus operaciones; y poder establecer así comparativas, con otras organizaciones, en relación a su grado de implantación. Con dicho objetivo, desarrollaremos un modelo de madurez de medios sociales (Social Media Maturity Model, SMMM o SM3), de forma teórica. ¿Cómo considerar dicho modelo de forma realista?. Basándonos en el método del estudio de casos, se realizará una análisis e investigación de diferentes organizaciones que nos indicará el grado de aproximación del modelo de madurez referenciado, con respecto a la realidad. ABSTRACT Considering the impact that social networks have in the daily life in developed or developing countries, they have come to play a key role in this social development. This consideration should not only focus on how people set up networks, but the tools they use and how these ones should be addressed by organizations to achieve a preferential position with users, forming networks (considering the increasing number of them every day). This work tries to explain the difference between social media and social networking, establishing a clear difference between them, defines what is Social Media, which should be considered for its use has a successful character in their operations and how organizations perceive the competitive edge they bring in their activities. Once they are defined, we remark the importance of considering these new media in companies strategies. For this, we see the social media ecosystem in general, and to focus on brandcompany relationship with the user/client. The inclusion of social media strategies in the companies, independently and in a integrated way, makes the business models of companies evolve along the time. It is described the paradigm shift in business models affected by the introduction of social media, elements and types of business models that can be had, and the adaptation of established models to new models. After that, it’s shown how companies include social media strategy through social media planning and building on what is a strategy and how it should be evaluated. Once the context is defined (what is social media, social networking, business model, strategy, and its features), the functional blocks of social media are defined, with its parallelism in terms of the strategy of companies and specific success factors are indicated. So far, we are looking at the organization individually but within the market in which they operate, they must be evaluated on the degree of development of social media in their operations; and to establish and compare with other organizations in relation to their degree of implementation. With this goal, we will develop a maturity model for social media (Social Media Maturity Model, SMMM or SM3), theoretically. How to consider the model realistically?. Based on the case study method, the analysis and research of different organizations that it will indicate the accuracy of the maturity model referenced with respect to the actually performed.

Manutenção de sistemas produtivos: um estudo sobre a gestão da disponibilidade de equipamentos.

Este trabalho traduz um estudo de casos, que procura pesquisar e sistematizar o conhecimento sobre a gestão do estado dos equipamentos para atender às suas funções produtivas, isto é, uma gestão orientada para resultados. A função manutenção tem sido considerada como aquela que agrega conhecimentos e atividades para assegurar a disponibilidade operacional dos sistemas produtivos, dentro de padrões de desempenho antecipadamente especificados, ao menor custo possível e atendendo a requisitos pertinentes de segurança. Nesse contexto, pretende-se caracterizar de que modo abordagens ou políticas, adotadas por empresas selecionadas, que requerem o exercício da função manutenção, se vinculam a indicadores de disponibilidade. Ao longo do trabalho, a disponibilidade é tratada como um \"indicador de resultado\" das atividades de manutenção. Transparece da literatura que a análise da tendência desse indicador deve orientar as tomadas de decisão referentes às ações sobre o equipamento. Desse modo, compete verificar se, e como, é feito o vínculo entre esse indicador e decisões relativas à manutenção, sem perder de vista a produtividade da empresa. Assim, descreve-se o contexto em que se inserem a manutenção e a disponibilidade e são identificados elementos que, interferindo na disponibilidade, permitem desdobrá-la e associá-la a uma estrutura analítica que auxilie o levantamento e encaminhamento de análises sobre os dados obtidos no campo, para melhor percepção do tratamento dado à disponibilidade. Para possibilitar o encaminhamento do estudo de casos e a definição das proposições de pesquisa, a função manutenção é associada a um processo, em que se usa o indicador de disponibilidade como feedback, para a otimização do próprio processo de operação da função manutenção, bem como da especificação dos recursos de entrada desse processo. Três proposições são estruturadas e verificadas em quatro empresas que tipificam dois grupos distintos de operações, focalizando o tratamento dado à disponibilidade, e, no seu âmbito, o tratamento de compromissos de gestão e do estudo do ciclo de vida do equipamento. Para possibilitar uma avaliação objetiva das variáveis das proposições da pesquisa, que são de natureza essencialmente qualitativa, encontrou-se, no Capability Maturity Model (CMM), um modelo conceitual que, por suas características evolutivas, forneceu inspiração para estruturar o necessário instrumento de avaliação. A conclusão da pesquisa revela que as proposições de estudo não se confirmaram de forma plena, apontando sensível diferença de seu atendimento quando se faz a comparação entre os dois grupos de empresas, deixando, assim, um espaço em aberto para novas pesquisas.

Achieving continuous improvement through self-assessment

In 2007 the UK Office of Government Commerce was mandated to carry out Procurement Capability Reviews (PCR) across the 16 top spending UK Government Departments. Since then, this programme has evolved into a self assessment based approach which is markedly different from the original approach. Will the move from a centre-led strategic review of procurement capability to a department-led model based on self assessment continue to strengthen and improve procurement capability across Central Civil Government? OGC is currently working with UK Government Departments to carry out their PCRs using a self-assessment tool which incorporates qualitative and quantitative measures. Results are generated based on a capability maturity model. The results are assured independently. OGC expectations are that tangible and measurable capability improvements will be realised when departments embed the self-assessment model and implement the findings as part of a continuous improvement regime. This paper is a case study, using some relevant literature to reflect on past and possible future development of the PCR self assessment scheme.

Quality Assurance in Extreme Programming

Our previous research about possible quality improvements in Extreme Programming (XP) led us to a conclusion that XP supports many good engineering practices but there is still place for refinements. Our proposal was to add dedicated Quality Assurance (QA) measures, which should be sufficiently effective and at the same time simpler enough in the context of XP. This paper intends to analyze the possibilities for an effective way for applying approved quality assurance practices to XP. The last should not affect negatively to the process and in the meantime must lead to better quality assurance. We aim to make changes to XP that even if would slow down a bit the development process, will make it more suitable for widest range of projects including large and very large projects as well as life critical and highly reliable systems.

Continuous Delivery : Utmaningar ett förvaltningsuppdrag kan stå inför vid en övergång till Continuous Delivery

Continuous delivery (CD) is a software engineering approach where the focus lays on creating a short delivery cycle by automating parts of the deployment pipeline which includes build, deploy-, test and release process. CD is based on that during development should be possible to always automatically generate a release based on the source code in its current state. One of CD's many advantages is that through continuous releases it allows you to get a quick feedback loop leading to faster and more efficient implementation of new functions, at the same time fixing errors. Although CD has many advantages, there are also several challenges a maintenance management project must manage in the transition to CD. These challenges may differ depending on the maturity level for a maintenance management project and what strengths and weaknesses the project has. Our research question was: "What challenges can a maintenance management project face in transition to Continuous delivery?" The purpose of this study is to describe Continuous delivery and the challenges a maintenance management project may face during a transition to Continuous delivery. A descriptive case study has been carried out with the data collection methods of interviews and documents. A situation analysis was created based on the collected data in a shape of a process model that represent the maintenance management projects release process. The processmodel was used as the basis of SWOT analysis and analysis by Rehn et al's Maturity Model. From these analyzes we found challenges of a maintenance management project may face in the transition to CD. The challenges are about customers and the management's attitude towards a transition to CD. But the biggest challenge is about automation of the deployment pipeline steps.

A cyber exercise post assessment framework: In Malaysia perspectives

Critical infrastructures are based on complex systems that provide vital services to the nation. The complexities of the interconnected networks, each managed by individual organisations, if not properly secured, could offer vulnerabilities that threaten other organisations’ systems that depend on their services. This thesis argues that the awareness of interdependencies among critical sectors needs to be increased. Managing and securing critical infrastructure is not isolated responsibility of a government or an individual organisation. There is a need for a strong collaboration among critical service providers of public and private organisations in protecting critical information infrastructure. Cyber exercises have been incorporated in national cyber security strategies as part of critical information infrastructure protection. However, organising a cyber exercise involved multi sectors is challenging due to the diversity of participants’ background, working environments and incidents response policies. How well the lessons learned from the cyber exercise and how it can be transferred to the participating organisations is still a looming question. In order to understand the implications of cyber exercises on what participants have learnt and how it benefits participants’ organisation, a Cyber Exercise Post Assessment (CEPA) framework was proposed in this research. The CEPA framework consists of two parts. The first part aims to investigate the lessons learnt by participants from a cyber exercise using the four levels of the Kirkpatrick Training Model to identify their perceptions on reaction, learning, behaviour and results of the exercise. The second part investigates the Organisation Cyber Resilience (OCR) of participating sectors. The framework was used to study the impact of the cyber exercise called X Maya in Malaysia. Data collected through interviews with X Maya 5 participants were coded and categorised based on four levels according to the Kirkpatrick Training Model, while online surveys distributed to ten Critical National Information Infrastructure (CNII) sectors participated in the exercise. The survey used the C-Suite Executive Checklist developed by World Economic Forum in 2012. To ensure the suitability of the tool used to investigate the OCR, a reliability test conducted on the survey items showed high internal consistency results. Finally, individual OCR scores were used to develop the OCR Maturity Model to provide the organisation cyber resilience perspectives of the ten CNII sectors.

Um modelo para aferir o nível de maturidade na adoção de SOA

Tese (doutorado)—Universidade de Brasília, Faculdade de Tecnologia, Departamento de Engenharia Elétrica, 2015.

Propuesta de un marco de referencia simplificado para la implementación de un Gobierno de TI en Pymes de Servicios en Colombia

El siguiente trabajo de grado propone un modelo simplificado de gobierno y gestión de las tecnologías de información en las pequeñas y medianas empresas de servicios en Colombia, a partir de la selección e integración de procesos enunciados por algunos de los marcos de trabajo y buenas prácticas de TI que gozan de un reconocimiento generalizado -- En concreto, se han tomado elementos de COBIT 5, ISO/IEC 20000, ITIL V3, CMMI 1.3, PMBOK 5 e ISO/IEC 27000 -- Para el diseño del modelo propuesto se han identificado cada uno de los procesos dispuestos por los diferentes marcos de referencia -- Acto seguido se ha procedido a identificar todos los procesos comunes entre los diferentes modelos de gestión, seleccionando aquellos que se consideran imprescindibles en la generación de valor y evitando aquellos que complejizaran la gestión para el foco de nuestro alcance -- Los procesos identificados y seleccionados fueron agrupados bajo áreas de proceso, las cuales, a su vez, describen subprocesos que tienen un propósito declarado y unas estrategias de gestión y actividades propuestas, que seguidas, satisfacen el objetivo establecido para cada uno de los subprocesos, y en conjunto, suponen un modelo de gobierno de TI adecuado para las pequeñas y medianas empresas prestadoras de servicios en Colombia