987 resultados para Maturity Model
Resumo:
BCM (business continuity Management) is a holistic management process aiming at ensuring business continuity and building organizational resilience. Maturity models offer organizations a tool for evaluating their current maturity in a certain process. In the recent years BCM has been subject to international ISO standardization, while the interest of organizations to bechmark their state of BCM agains standards and the use of maturity models for these asessments has increased. However, although new standards have been introduced, very little attention has been paid to reviewing the existing BCM maturity models in research - especially in the light of the new ISO 22301 standard for BCM. In this thesis the existing BCM maturily models are carefully evaluated to determine whetherthey could be improved. In order to accomplish this, the compliance of the existing models to the ISO 22301 standard is measured and a framework for assessing a maturitymodel´s quality is defined. After carefully evaluating the existing frameworks for maturity model development and evaluation, an approach suggested by Becker et al. (2009) was chosen as the basis for the research. An additionto the procedural model a set of seven research guidelines proposed by the same authors was applied, drawing on the design-science research guidelines as suggested by Hevner et al. (2004). Furthermore, the existing models´ form and function was evaluated to address their usability. Based on the evaluation of the existing BCM maturity models, the existing models were found to have shortcomings in each dimension of the evaluation. Utilizing the best of the existing models, a draft version for an enhanced model was developed. This draft model was then iteratively developed by conducting six semi-structured interviews with BCM professionals in finland with the aim of validating and improving it. As a Result, a final version of the enhanced BCM maturity model was developed, conforming to the seven key clauses in the ISO 22301 standard and the maturity model development guidelines suggested by Becker et al. (2009).
Resumo:
Apesar de o CMMI (Capability Maturity Model Integration) prover uma cobertura mais detalhada do ciclo de vida dos produtos que o uso isolado de outros processos de melhoria, ainda assim não pode ser visto como uma metodologia pronta para ser utilizada pelas organizações. Cada organização deve mapear as áreas de processo do nível CMMI desejado (caso a opção seja a representação por estágios, como veremos adiante) à sua metodologia, aos seus métodos e técnicas de desenvolvimento de produtos e sistemas, levando também em consideração os objetivos de negócio da organização. Tanto o CMMI como as demais normas e modelos de qualidade, dizem “o que” e não “como” fazer. Determinar este “como” é um trabalho adicional bastante grande que as organizações devem realizar quando da adoção destas normas. Para isto, normalmente as organizações buscam no mercado empresas de consultoria que possuem experiência na área. Essas consultorias são bastante indicadas porque aumentam significativamente a qualidade e a velocidade dos resultados. Este trabalho pretende facilitar as organizações interessadas na implementação de um modelo de qualidade, fornecendo descrições sobre alguns dos modelos de qualidade mais utilizados atualmente, bem como modelos de processos, guias e formulários que podem ser utilizados diretamente ou como uma base para a implementação do modelo desejado. Embora se aplique à implementação de qualquer modelo de qualidade, mais especificamente, este trabalho destina-se a auxiliar organizações que visem implementar o modelo CMMI nível 2 (doravante usaremos também a abreviação CMMI-N2). Para tanto, descreve de forma mais detalhada este modelo e fornece um caminho para a implementação do mesmo, incluindo a descrição de um processo mínimo de desenvolvimento de software, com base no RUP (Rational Unified Process) e o uso de um modelo de ciclo de vida de melhoria de processos, o IDEAL. Neste trabalho, propõe-se que seja utilizado o modelo IDEAL para a implementação do modelo de qualidade devido ao fato de este modelo ter sido concebido originalmente como um modelo de ciclo de vida para melhoria de processos de software com base no SW-CMM (Capability Maturity Model for Software). Associado a esse modelo, é sugerido que se utilize algumas técnicas e processos de gerência de projetos para cada área de processo do CMMI-N2, visando implantar cada área de processo através de um projeto. Para a implementação são propostos guias, modelos (formulários) de implementação e uma tabela que mapeia todas as áreas de processo do CMMI-N2, seus objetivos, práticas, produtos de trabalho e as ferramentas associadas.
Resumo:
In an overcapacity world, where the customers can choose from many similar products to satisfy their needs, enterprises are looking for new approaches and tools that can help them not only to maintain, but also to increase their competitive edge. Innovation, flexibility, quality, and service excellence are required to, at the very least, survive the on-going transition that industry is experiencing from mass production to mass customization. In order to help these enterprises, this research develops a Supply Chain Capability Maturity Model named S(CM)2. The Supply Chain Capability Maturity Model is intended to model, analyze, and improve the supply chain management operations of an enterprise. The Supply Chain Capability Maturity Model provides a clear roadmap for enterprise improvement, covering multiple views and abstraction levels of the supply chain, and provides tools to aid the firm in making improvements. The principal research tool applied is the Delphi method, which systematically gathered the knowledge and experience of eighty eight experts in Mexico. The model is validated using a case study and interviews with experts in supply chain management. The resulting contribution is a holistic model of the supply chain integrating multiple perspectives, and providing a systematic procedure for the improvement of a company’s supply chain operations.
Resumo:
In an overcapacity world, where the customers can choose from many similar products to satisfy their needs, enterprises are looking for new approaches and tools that can help them not only to maintain, but also to increase their competitive edge. Innovation, flexibility, quality, and service excellence are required to, at the very least, survive the on-going transition that industry is experiencing from mass production to mass customization. In order to help these enterprises, this research develops a Supply Chain Capability Maturity Model named S(CM)2. The Supply Chain Capability Maturity Model is intended to model, analyze, and improve the supply chain management operations of an enterprise. The Supply Chain Capability Maturity Model provides a clear roadmap for enterprise improvement, covering multiple views and abstraction levels of the supply chain, and provides tools to aid the firm in making improvements. The principal research tool applied is the Delphi method, which systematically gathered the knowledge and experience of eighty eight experts in Mexico. The model is validated using a case study and interviews with experts in supply chain management. The resulting contribution is a holistic model of the supply chain integrating multiple perspectives, and providing a systematic procedure for the improvement of a company’s supply chain operations.
Resumo:
Questa tesi, dal titolo “Cybersecurity Capability Maturity Model (C2M2 v 2.0)” si pone l’obbiettivo di studiare, analizzare, applicare e mostrare punti di forza e criticità di un modello atto a valutare la propria postura di cybersicurezza, al fine di migliorarne i punti critici, trovarne le priorità in cui investire e strutturare un security program integrato in tutti i processi aziendali.
Resumo:
Maturity models are adopted to minimise our complexity perception over a truly complex phenomenon. In this sense, maturity models are tools that enable the assessment of the most relevant variables that impact on the outputs of a specific system. Ideally a maturity model should provide information concerning the qualitative and quantitative relationships between variables and how they affect the latent variable, that is, the maturity level. Management systems (MSs) are implemented worldwide and by an increasing number of companies. Integrated management systems (IMSs) consider the implementation of one or several MSs usually coexisting with the quality management subsystem (QMS). It is intended in this chapter to report a model based on two components that enables the assessment of the IMS maturity, considering the key process agents (KPAs) identified through a systematic literature review and the results collected from two surveys.
Resumo:
EXECUTIVE SUMMARY : Evaluating Information Security Posture within an organization is becoming a very complex task. Currently, the evaluation and assessment of Information Security are commonly performed using frameworks, methodologies and standards which often consider the various aspects of security independently. Unfortunately this is ineffective because it does not take into consideration the necessity of having a global and systemic multidimensional approach to Information Security evaluation. At the same time the overall security level is globally considered to be only as strong as its weakest link. This thesis proposes a model aiming to holistically assess all dimensions of security in order to minimize the likelihood that a given threat will exploit the weakest link. A formalized structure taking into account all security elements is presented; this is based on a methodological evaluation framework in which Information Security is evaluated from a global perspective. This dissertation is divided into three parts. Part One: Information Security Evaluation issues consists of four chapters. Chapter 1 is an introduction to the purpose of this research purpose and the Model that will be proposed. In this chapter we raise some questions with respect to "traditional evaluation methods" as well as identifying the principal elements to be addressed in this direction. Then we introduce the baseline attributes of our model and set out the expected result of evaluations according to our model. Chapter 2 is focused on the definition of Information Security to be used as a reference point for our evaluation model. The inherent concepts of the contents of a holistic and baseline Information Security Program are defined. Based on this, the most common roots-of-trust in Information Security are identified. Chapter 3 focuses on an analysis of the difference and the relationship between the concepts of Information Risk and Security Management. Comparing these two concepts allows us to identify the most relevant elements to be included within our evaluation model, while clearing situating these two notions within a defined framework is of the utmost importance for the results that will be obtained from the evaluation process. Chapter 4 sets out our evaluation model and the way it addresses issues relating to the evaluation of Information Security. Within this Chapter the underlying concepts of assurance and trust are discussed. Based on these two concepts, the structure of the model is developed in order to provide an assurance related platform as well as three evaluation attributes: "assurance structure", "quality issues", and "requirements achievement". Issues relating to each of these evaluation attributes are analysed with reference to sources such as methodologies, standards and published research papers. Then the operation of the model is discussed. Assurance levels, quality levels and maturity levels are defined in order to perform the evaluation according to the model. Part Two: Implementation of the Information Security Assurance Assessment Model (ISAAM) according to the Information Security Domains consists of four chapters. This is the section where our evaluation model is put into a welldefined context with respect to the four pre-defined Information Security dimensions: the Organizational dimension, Functional dimension, Human dimension, and Legal dimension. Each Information Security dimension is discussed in a separate chapter. For each dimension, the following two-phase evaluation path is followed. The first phase concerns the identification of the elements which will constitute the basis of the evaluation: ? Identification of the key elements within the dimension; ? Identification of the Focus Areas for each dimension, consisting of the security issues identified for each dimension; ? Identification of the Specific Factors for each dimension, consisting of the security measures or control addressing the security issues identified for each dimension. The second phase concerns the evaluation of each Information Security dimension by: ? The implementation of the evaluation model, based on the elements identified for each dimension within the first phase, by identifying the security tasks, processes, procedures, and actions that should have been performed by the organization to reach the desired level of protection; ? The maturity model for each dimension as a basis for reliance on security. For each dimension we propose a generic maturity model that could be used by every organization in order to define its own security requirements. Part three of this dissertation contains the Final Remarks, Supporting Resources and Annexes. With reference to the objectives of our thesis, the Final Remarks briefly analyse whether these objectives were achieved and suggest directions for future related research. Supporting resources comprise the bibliographic resources that were used to elaborate and justify our approach. Annexes include all the relevant topics identified within the literature to illustrate certain aspects of our approach. Our Information Security evaluation model is based on and integrates different Information Security best practices, standards, methodologies and research expertise which can be combined in order to define an reliable categorization of Information Security. After the definition of terms and requirements, an evaluation process should be performed in order to obtain evidence that the Information Security within the organization in question is adequately managed. We have specifically integrated into our model the most useful elements of these sources of information in order to provide a generic model able to be implemented in all kinds of organizations. The value added by our evaluation model is that it is easy to implement and operate and answers concrete needs in terms of reliance upon an efficient and dynamic evaluation tool through a coherent evaluation system. On that basis, our model could be implemented internally within organizations, allowing them to govern better their Information Security. RÉSUMÉ : Contexte général de la thèse L'évaluation de la sécurité en général, et plus particulièrement, celle de la sécurité de l'information, est devenue pour les organisations non seulement une mission cruciale à réaliser, mais aussi de plus en plus complexe. A l'heure actuelle, cette évaluation se base principalement sur des méthodologies, des bonnes pratiques, des normes ou des standards qui appréhendent séparément les différents aspects qui composent la sécurité de l'information. Nous pensons que cette manière d'évaluer la sécurité est inefficiente, car elle ne tient pas compte de l'interaction des différentes dimensions et composantes de la sécurité entre elles, bien qu'il soit admis depuis longtemps que le niveau de sécurité globale d'une organisation est toujours celui du maillon le plus faible de la chaîne sécuritaire. Nous avons identifié le besoin d'une approche globale, intégrée, systémique et multidimensionnelle de l'évaluation de la sécurité de l'information. En effet, et c'est le point de départ de notre thèse, nous démontrons que seule une prise en compte globale de la sécurité permettra de répondre aux exigences de sécurité optimale ainsi qu'aux besoins de protection spécifiques d'une organisation. Ainsi, notre thèse propose un nouveau paradigme d'évaluation de la sécurité afin de satisfaire aux besoins d'efficacité et d'efficience d'une organisation donnée. Nous proposons alors un modèle qui vise à évaluer d'une manière holistique toutes les dimensions de la sécurité, afin de minimiser la probabilité qu'une menace potentielle puisse exploiter des vulnérabilités et engendrer des dommages directs ou indirects. Ce modèle se base sur une structure formalisée qui prend en compte tous les éléments d'un système ou programme de sécurité. Ainsi, nous proposons un cadre méthodologique d'évaluation qui considère la sécurité de l'information à partir d'une perspective globale. Structure de la thèse et thèmes abordés Notre document est structuré en trois parties. La première intitulée : « La problématique de l'évaluation de la sécurité de l'information » est composée de quatre chapitres. Le chapitre 1 introduit l'objet de la recherche ainsi que les concepts de base du modèle d'évaluation proposé. La maniéré traditionnelle de l'évaluation de la sécurité fait l'objet d'une analyse critique pour identifier les éléments principaux et invariants à prendre en compte dans notre approche holistique. Les éléments de base de notre modèle d'évaluation ainsi que son fonctionnement attendu sont ensuite présentés pour pouvoir tracer les résultats attendus de ce modèle. Le chapitre 2 se focalise sur la définition de la notion de Sécurité de l'Information. Il ne s'agit pas d'une redéfinition de la notion de la sécurité, mais d'une mise en perspectives des dimensions, critères, indicateurs à utiliser comme base de référence, afin de déterminer l'objet de l'évaluation qui sera utilisé tout au long de notre travail. Les concepts inhérents de ce qui constitue le caractère holistique de la sécurité ainsi que les éléments constitutifs d'un niveau de référence de sécurité sont définis en conséquence. Ceci permet d'identifier ceux que nous avons dénommés « les racines de confiance ». Le chapitre 3 présente et analyse la différence et les relations qui existent entre les processus de la Gestion des Risques et de la Gestion de la Sécurité, afin d'identifier les éléments constitutifs du cadre de protection à inclure dans notre modèle d'évaluation. Le chapitre 4 est consacré à la présentation de notre modèle d'évaluation Information Security Assurance Assessment Model (ISAAM) et la manière dont il répond aux exigences de l'évaluation telle que nous les avons préalablement présentées. Dans ce chapitre les concepts sous-jacents relatifs aux notions d'assurance et de confiance sont analysés. En se basant sur ces deux concepts, la structure du modèle d'évaluation est développée pour obtenir une plateforme qui offre un certain niveau de garantie en s'appuyant sur trois attributs d'évaluation, à savoir : « la structure de confiance », « la qualité du processus », et « la réalisation des exigences et des objectifs ». Les problématiques liées à chacun de ces attributs d'évaluation sont analysées en se basant sur l'état de l'art de la recherche et de la littérature, sur les différentes méthodes existantes ainsi que sur les normes et les standards les plus courants dans le domaine de la sécurité. Sur cette base, trois différents niveaux d'évaluation sont construits, à savoir : le niveau d'assurance, le niveau de qualité et le niveau de maturité qui constituent la base de l'évaluation de l'état global de la sécurité d'une organisation. La deuxième partie: « L'application du Modèle d'évaluation de l'assurance de la sécurité de l'information par domaine de sécurité » est elle aussi composée de quatre chapitres. Le modèle d'évaluation déjà construit et analysé est, dans cette partie, mis dans un contexte spécifique selon les quatre dimensions prédéfinies de sécurité qui sont: la dimension Organisationnelle, la dimension Fonctionnelle, la dimension Humaine, et la dimension Légale. Chacune de ces dimensions et son évaluation spécifique fait l'objet d'un chapitre distinct. Pour chacune des dimensions, une évaluation en deux phases est construite comme suit. La première phase concerne l'identification des éléments qui constituent la base de l'évaluation: ? Identification des éléments clés de l'évaluation ; ? Identification des « Focus Area » pour chaque dimension qui représentent les problématiques se trouvant dans la dimension ; ? Identification des « Specific Factors » pour chaque Focus Area qui représentent les mesures de sécurité et de contrôle qui contribuent à résoudre ou à diminuer les impacts des risques. La deuxième phase concerne l'évaluation de chaque dimension précédemment présentées. Elle est constituée d'une part, de l'implémentation du modèle général d'évaluation à la dimension concernée en : ? Se basant sur les éléments spécifiés lors de la première phase ; ? Identifiant les taches sécuritaires spécifiques, les processus, les procédures qui auraient dû être effectués pour atteindre le niveau de protection souhaité. D'autre part, l'évaluation de chaque dimension est complétée par la proposition d'un modèle de maturité spécifique à chaque dimension, qui est à considérer comme une base de référence pour le niveau global de sécurité. Pour chaque dimension nous proposons un modèle de maturité générique qui peut être utilisé par chaque organisation, afin de spécifier ses propres exigences en matière de sécurité. Cela constitue une innovation dans le domaine de l'évaluation, que nous justifions pour chaque dimension et dont nous mettons systématiquement en avant la plus value apportée. La troisième partie de notre document est relative à la validation globale de notre proposition et contient en guise de conclusion, une mise en perspective critique de notre travail et des remarques finales. Cette dernière partie est complétée par une bibliographie et des annexes. Notre modèle d'évaluation de la sécurité intègre et se base sur de nombreuses sources d'expertise, telles que les bonnes pratiques, les normes, les standards, les méthodes et l'expertise de la recherche scientifique du domaine. Notre proposition constructive répond à un véritable problème non encore résolu, auquel doivent faire face toutes les organisations, indépendamment de la taille et du profil. Cela permettrait à ces dernières de spécifier leurs exigences particulières en matière du niveau de sécurité à satisfaire, d'instancier un processus d'évaluation spécifique à leurs besoins afin qu'elles puissent s'assurer que leur sécurité de l'information soit gérée d'une manière appropriée, offrant ainsi un certain niveau de confiance dans le degré de protection fourni. Nous avons intégré dans notre modèle le meilleur du savoir faire, de l'expérience et de l'expertise disponible actuellement au niveau international, dans le but de fournir un modèle d'évaluation simple, générique et applicable à un grand nombre d'organisations publiques ou privées. La valeur ajoutée de notre modèle d'évaluation réside précisément dans le fait qu'il est suffisamment générique et facile à implémenter tout en apportant des réponses sur les besoins concrets des organisations. Ainsi notre proposition constitue un outil d'évaluation fiable, efficient et dynamique découlant d'une approche d'évaluation cohérente. De ce fait, notre système d'évaluation peut être implémenté à l'interne par l'entreprise elle-même, sans recourir à des ressources supplémentaires et lui donne également ainsi la possibilité de mieux gouverner sa sécurité de l'information.
Resumo:
Data is the most important asset of a company in the information age. Other assets, such as technology, facilities or products can be copied or reverse-engineered, employees can be brought over, but data remains unique to every company. As data management topics are slowly moving from unknown unknowns to known unknowns, tools to evaluate and manage data properly are developed and refined. Many projects are in progress today to develop various maturity models for evaluating information and data management practices. These maturity models come in many shapes and sizes: from short and concise ones meant for a quick assessment, to complex ones that call for an expert assessment by experienced consultants. In this paper several of them, made not only by external inter-organizational groups and authors, but also developed internally at a Major Energy Provider Company (MEPC) are juxtaposed and thoroughly analyzed. Apart from analyzing the available maturity models related to Data Management, this paper also selects the one with the most merit and describes and analyzes using it to perform a maturity assessment in MEPC. The utility of maturity models is two-fold: descriptive and prescriptive. Besides recording the current state of Data Management practices maturity by performing the assessments, this maturity model is also used to chart the way forward. Thus, after the current situation is presented, analysis and recommendations on how to improve it based on the definitions of higher levels of maturity are given. Generally, the main trend observed was the widening of the Data Management field to include more business and “soft” areas (as opposed to technical ones) and the change of focus towards business value of data, while assuming that the underlying IT systems for managing data are “ideal”, that is, left to the purely technical disciplines to design and maintain. This trend is not only present in Data Management but in other technological areas as well, where more and more attention is given to innovative use of technology, while acknowledging that the strategic importance of IT as such is diminishing.
Resumo:
To describe the change of purchasing moving from administrative to strategic function academics have put forward maturity models which help practitioners to compare their purchasing activities to industry top performers and best practices. However, none of the models aim to distinguish the purchasing maturity from the after-sales point of view, even though after-sales activities are acknowledged as a relevant source of revenue, profit and competitive advantage in most manufacturing firms. The maturity of purchasing and supply management practices have a large impact to the overall performance of the spare parts supply chain and ultimately to the value creation and relationship building for the end customer. The research was done as a case study for a European after-sales organization which is part of a globally operating industrial firm specialized in heavy machinery. The study mapped the current state of the purchasing practices in the case organization and also distinguished the relevant areas for future development. The study was based on the purchasing maturity model developed by Schiele (2007) and investigated also how applicable is the maturity model in the spare parts supply chain context. Data for the assessment was gathered using five expert interviews inside the case organization and other parties involved in the company’s spare parts supply chain. Inventory management dimension was added to the original maturity model in order to better capture the important areas in a spare parts supply chain. The added five questions were deduced from the spare parts management literature and verified as relevant areas by the case organization’s personnel. Results indicate that largest need for development in the case organization are: better collaboration between sourcing and operative procurement functions, use of installed base information in the spare parts management, training plan development for new buyers, assessment of aligned KPI’s between the supply chain parties and better defining the role of after-sales sourcing. The purchasing maturity model used in this research worked well in H&R Leading, Controlling and Inventory Management dimensions. The assessment was more difficult to conduct in the Supplier related processes, Process integration and Organizational structure –dimensions, mainly because the assessment in these sections would for some parts require more company-wide assessment. Results indicate also that the purchasing maturity model developed by Schiele (2007) captures the relevant areas in the spare parts supply as well.
Resumo:
The assessment of maturity of software is an important area in the general software sector. The field of OSS also applies various models to measure software maturity. However, measuring maturity of OSS being used for several applications in libraries is an area left with no research so far. This study has attempted to fill the research gap. Measuring maturity of software contributes knowledge on its sustainability over the long term. Maturity of software is one of the factors that positively influence adoption. The investigator measured the maturity of DSpace software using Woods and Guliani‟s Open Source Maturity Model-2005. The present study is significant as it addresses the aspects of maturity of OSS for libraries and fills the research gap on the area. In this sense the study opens new avenues to the field of library and information science by providing an additional tool for librarians in the selection and adoption of OSS. Measuring maturity brings in-depth knowledge on an OSS which will contribute towards the perceived usefulness and perceived ease of use as explained in the Technology Acceptance Model theory.
Resumo:
Nowadays there are many information technologies that can make a significant difference to support collaborative efforts in the workspace. The role of IT is to support group collaboration by empowering team members with the right capabilities. One way to assess capabilities is through a maturity model. This paper proposes a first version of the Collaboration-Technology Maturity model (CTMM), aiming to serve as a strategic instrument for IT managers to control and manage the adoption of Collaboration Technologies (CITs) among their organizations. Our contribution is both theoretical and practical as we propose a descriptive maturity model. Nevertheless, it is also an application method and assessment instruments. We also completed an empirical evaluation by conducting 89 assessments at Latin American companies of all sizes and industries. This extensive field exercise allowed us to not only evaluate the usefulness of the model and instruments but also investigate CIT adoption patterns in Latin America in an attempt to collect historical data to further evolve CTMM into a comparative model. Responses were used to provide conclusions on CIT adoption in Latin America with respect to three specific backgrounds: the country of origin (region), size (in number of employees) and industry type. The implications of our findings are discussed for practitioners and researchers.
Resumo:
In recent approaches to the management of product development process (PDP), maturity levels have attracted the attention of practitioners and researchers. The CMMI model contributes to evaluate the maturity levels and improvement of the product development process management. This paper, based on CMMI model, analyzes the practices adopted in two companies of the capital goods industry, which develop and manufacture equipment upon request. It was observed that on account of market conditioning factors and different practices adapted to PDP management, these companies are at different maturity levels. One company is at the initial level of maturity while the other at the most advanced one. It was also noted that the application of CMMI model can provide improvement to PDP management, as well as present guidelines to achieve higher maturity levels, adequate to companies' needs.
Resumo:
E-Business Information Systems (eBIS) are Information Systems (IS) that support organizations to realize their e-Business strategy resulting in various benefits. Therefore those systems strongly focus on fulfilment of the e-business requirements. In order to realise the expected benefits, organizations need to turn to their eBIS and measure the maturity of those systems. In doing so, they need to identify the status of those systems with regards to their suitability to support the e-Business strategy, while also identifying required IS improvements. In our research we aim to develop a maturity model, particularly dedicated to the area of e-Business Information Systems, which can be used easily and objectively to measure of the current maturity of any Information System that supports e-Business. This research-in-progress paper presents initial results of our research.
Resumo:
Purpose – The purpose of the paper was to conduct an empirical investigation to explore the impact of project management maturity models (PMMMs) on improving project performance. Design/methodology/approach – The investigation used a cross-case analysis involving over 90 individuals in seven organisations. Findings – The findings of the empirical investigation indicate that PMMMs demonstrate very high levels of variability in individual's assessment of project management maturity. Furthermore, at higher levels of maturity, the type of performance improvement adopted following their application is related to the type of PMMM used in the assessment. The paradox of the unreliability of PMMMs and their widespread acceptance is resolved by calling upon the “wisdom of crowds” phenomenon which has implications for the use of maturity model assessments in other arena. Research limitations/implications – The investigation does have the usual issues associated with case research, but the steps that have been taken in the cross-case construction and analysis have improved the overall robustness and extendibility of the findings. Practical implications – The tendency for PMMMs to shape improvements based on their own inherent structure needs further understanding. Originality/value – The use of empirical methods to investigate the link between project maturity models and extant changes in project management performance is highly novel and the findings that result from this have added resonance.
