386 ◾ Appendix C
At maturity level 2, software development successes are repeatable. e processes
may not repeat for all the projects in the organization. e organization may use
basic project management to track cost and schedule. Process discipline helps ensure
that existing practices are retained during times of stress. When these practices are
in place, projects are performed and managed according to their documented plans.
Project status and the delivery of services are visible to management at deﬁned
points (e.g., at major milestones and at the completion of major tasks).
Basic project management processes are established to track cost, schedule, and
functionality. e minimum process discipline is in place to repeat earlier successes
on projects with similar applications and scope. ere is still a signiﬁcant risk of
exceeding cost and time estimates.
e organization’s set of standard processes, which is the basis for level 3, is estab-
lished and improved over time. ese standard processes are used to establish con-
sistency across the organization. Projects establish their deﬁned processes by the
organization’s set of standard processes according to tailoring guidelines. e orga-
nization’s management establishes process objectives based on the organization’s set
of standard processes and ensures that these objectives are appropriately addressed.
A critical distinction between level 2 and level 3 is the scope of standards, pro-
cess descriptions, and procedures. At level 2, the standards, process descriptions,
and procedures may be quite diﬀerent in each speciﬁc instance of the process (e.g.,
on a particular project). At level 3, the standards, process descriptions, and proce-
dures for a project are tailored from the organization’s set of standard processes to
suit a particular project or organizational unit.
Using precise measurements, management can eﬀectively control the software
development eﬀort. In particular, management can identify ways to adjust and
adapt the process to particular projects without measurable losses of quality or devi-
ations from speciﬁcations. At this level, organizations set quantitative quality goals
for both software process and software maintenance. Sub-processes are selected
that signiﬁcantly contribute to overall process performance and are controlled
using statistical and other quantitative techniques.
A critical distinction between maturity level 3 and maturity level 4 is the pre-
dictability of process performance. At maturity level 4, the performance of processes
is controlled using statistical and other quantitative techniques and is quantitatively