05 October 2008

DAR y RSKM en CMMi ACQ V1.2 (10)

DECISION ANALYSIS AND RESOLUTION (DAR)

El propósito de Decisión Analysis and Resolution, perteneciente al Nivel de Madurez 3, es analizar las posibles decisiones usando un proceso de evaluación formal que evalúa las alternativas identificadas y el criterio establecido.

Esta área de proceso involucra establecer pautas para determinar qué resultados estarán sujetos a un proceso de evaluación formal. Este proceso de evaluación formal es una propuesta estructurada que permite evaluar las soluciones alternativas y un criterio establecido para determinar una solución al problema planteado.

Un proceso de evaluación formal implica las siguientes acciones: (1) Establecer un criterio para evaluar las alternativas, (2) Identificar las soluciones alternativas, (3) Seleccionar métodos para evaluar las alternativas, (4) Evaluar las soluciones alternativas usando el criterio establecido y los métodos; y (5) Seleccionar las soluciones recomendadas.

DAR se relaciona con las siguientes áreas de proceso: PP, IPM y RSKM.

Los objetivos específicos (SG), prácticas especificas (SP) y subprácticas de esta AP son:

SG 1 - Evaluate Alternatives

SP 1.1 - Establish Guidelines for Decision Analysis

1.1.1- Establish guidelines for when to use a formal evaluation process 1.1.2- Incorporate the use of the guidelines into the defined process as appropriate.

SP 1.2 - Establish Evaluation Criteria

1.2.1- Define the criteria for evaluating alternative solutions. 1.2.2- Define the range and scale for ranking the evaluation criteria. 1.2.3- Rank the criteria. 1.2.4- Assess the criteria and their relative importance. 1.2.5- Evolve the evaluation criteria to improve their validity. 1.2.6- Document the rationale for the selection and rejection of evaluation criteria.

SP 1.3 - Identify Alternative Solutions

1.3.1- Perform a literature search. 1.3.2- Identify alternatives for consideration in addition to those that may be provided with the issue. 1.3.3- Document the proposed alternatives.

SP 1.4 - Select Evaluation Methods

1.4.1- Select the methods based on the purpose for analyzing a decision and on the availability of the information used to support the method. 1.4.2- Select evaluation methods based on their ability to focus on the issues at hand without being overly influenced by side issues. 1.4.3- Determine the measures needed to support the evaluation method.

SP 1.5 - Evaluate Alternatives

1.5.1- Evaluate the proposed alternative solutions using the established evaluation criteria and selected methods. 1.5.2- Evaluate the assumptions related to the evaluation criteria and the evidence that supports the assumptions. 1.5.3- Evaluate whether uncertainty in the values for alternative solutions affects the evaluation and address these uncertainties, as appropriate. 1.5.4- Perform simulations, modeling, prototypes, and pilots as necessary to exercise the evaluation criteria, methods, and alternative solutions. 1.5.5- Consider new alternative solutions, criteria, or methods if the proposed alternatives do not test well; repeat the evaluations until alternatives do test well. 1.5.6- Document the results of the evaluation.

SP 1.6 - Select Solutions

1.6.1- Assess the risks associated with implementing the recommended solution. 1.6.2- Document the results and rationale for the recommended solution.

Productos de trabajo típicos

Guidelines for when to apply a formal evaluation process (SP 1.1) Documented evaluation criteria (SP 1.2) Rankings of criteria importance (SP 1.2) Identified alternatives (SP 1.3) Selected evaluation methods (SP 1.4) Evaluation results (SP 1.5) Recommended solutions to address significant issues (SP 1.6)

Productos de trabajo del Proveedor

Supplier identified alternatives (SP 1.3)

RISK MANAGEMENT

El propósito de Risk Management (RSKM), perteneciente al Nivel de Madurez 3, es identificar problemas potenciales antes que ocurran, identificar las actividades de manejo del riesgo que pueden ser planeadas e invocadas para mitigar los impactos de los objetivos logrados.

El manejo de riesgos es un proceso continuo importante para la administración y trata los problemas que pueden impedir el logro de los objetivos. Una propuesta de manejo de riesgo es aplicada para anticipar y mitigar los riesgos que tienen un impacto crítico en el proyecto.

El manejo de riesgo puede ser dividido en 3 partes: (1) Definición de una estrategia de manejo del riesgo, (2) Identificación y análisis del riesgo; y (3) Manejo de los riesgos identificados.

RSKM se relaciona con las siguientes áreas de proceso: PP, PMC, DAR y SSAD.

Los objetivos específicos (SG), prácticas especificas (SP) y subprácticas de esta AP son:

SG 1 - Prepare for RSKM

SP 1.1 - Determine Risk Sources and Categories

1.1.1- Determine risk sources 1.1.2- Determine risk categories

SP 1.2 - Define Risk Parameters

1.2.1- Define consistent criteria for evaluating and quantifying risk likelihood and severity levels. 1.2.2- Define thresholds for each risk category. 1.2.3- Define bounds on the extent to which thresholds are applied against or within a category

SP 1.3 - Establish a RSKM Strategy

Productos de trabajo típicos

Risk source lists (external and internal) (SP 1.1) Risk categories list (SP 1.1) Risk evaluation, categorization, and prioritization criteria (SP 1.2) Risk management requirements (e.g., control and approval levels, and reassessment intervals) (SP 1.2) Project risk management strategy (SP 1.3)

SG 2 - Identify and Analyze Risks

SP 2.1 - Identify Risks

2.1.1- Identify the risks associated with cost, schedule, and performance 2.1.2- Review environmental elements that may impact the project 2.1.3- Review all elements of the work breakdown structure as part of identifying risks to help ensure that all aspects of the work effort have been considered 2.1.4- Review all elements of the project plan as part of identifying risks to help ensure that all aspects of the project have been considered 2.1.5- Document the context, conditions, and potential consequences of each risk 2.1.6- Identify the relevant stakeholders associated with each risk

SP 2.2 - Evaluate, Categorize, and Prioritize Risks

2.2.1- Evaluate identified risks using defined risk parameters 2.2.2- Categorize and group risks according to defined risk categories 2.2.3- Prioritize risks for mitigation

Productos de trabajo típicos

List of identified risks, including the context, conditions, and consequences of risk occurrence (SP 2.1) List of risks and their assigned priority (SP 2.2)

Productos de trabajo del Proveedor

List of identified risks, including the context, conditions, and consequences of risk occurrence (SP 2.1) List of risks and their assigned priority (SP 2.2)

SG 3 - Mitigate Risks

SP 3.1 - Develop Risk Mitigation Plans

3.1.1- Determine the levels and thresholds that define when a risk becomes unacceptable and triggers the execution of a risk mitigation plan or a contingency plan 3.1.2- Identify the person or group responsible for addressing each risk 3.1.3- Determine the cost-to-benefit ratio of implementing the risk mitigation plan for each risk 3.1.4- Develop an overall risk mitigation plan for the project to orchestrate the implementation of individual risk mitigation and contingency plans 3.1.5- Develop contingency plans for selected critical risks in the event their impacts are realized

SP 3.2 - Implement Risk Mitigation Plans

3.2.1- Monitor risk status 3.2.2- Provide a method for tracking open risk-handling action items to closure 3.2.3- Invoke selected risk-handling options when monitored risks exceed defined thresholds 3.2.4- Establish a schedule or period of performance for each risk-handling activity that includes a start date and anticipated completion date 3.2.5- Provide a continued commitment of resources for each plan to allow successful execution of risk-handling activities 3.2.6- Collect performance measures on risk-handling activities

Productos de trabajo típicos

Documented handling options for each identified risk (SP 3.1) Risk mitigation plans (SP 3.1) Contingency plans (SP 3.1) Disaster recovery or continuity plans (SP 3.1) List of those responsible for tracking and addressing each risk (SP 3.1)

Updated list of risk status (SP 3.2)

Updated assessments of risk likelihood, consequence, and thresholds (SP 3.2) Updated list of risk-handling options (SP 3.2) Updated list of actions taken to handle risks (SP 3.2) Risk mitigation plans (SP 3.2)

Productos de trabajo del Proveedor

Documented handling options for each identified risk (SP 3.1) Risk mitigation plans (SP 3.1) Contingency plans (SP 3.1) Disaster recovery or continuity plans (SP 3.1) List of those responsible for tracking and addressing each risk (SP 3.1)

Updated list of risk status (SP 3.2)

Updated assessments of risk likelihood, consequence, and thresholds (SP 3.2) Updated list of risk-handling options (SP 3.2) Updated list of actions taken to handle risks (SP 3.2) Risk mitigation plans (SP 3.2)