by Mike Tillman

Certain designations set individuals apart. A Ph.D., a C-level title and a Nobel prize are a few examples. So it is with business organizations, too.

For government contractors, being certified as meeting all the requirements of relevant International Organization for Standardization (ISO) standards is one distinction. Another is being appraised as operating at a specific level of the Capability Maturity Model Integration (CMMI) model. In both cases, it is not the organization itself or even the governing body that determines a company’s rating. Outside experts and, in the case of the CMMI, a combined team of external experts and internal trained professionals evaluate a company’s processes and systems and render an independent judgment. These appraisal processes are rigorous and exacting.

Electrosoft is not only certified under ISO 9001:2015, ISO 20000-1:2018 and ISO 27001:2013 but also appraised at Maturity Level 3 for both CMMI for Development (CMMI-DEV) and CMMI for Services (CMMI-SVC). Notably, Electrosoft, which was founded in 2001, has operated at CMMI Level 2 since 2013 and Level 3 since 2016.

Holding these credentials is quite a distinction, but what exactly does it mean relative to the CMMI certification in particular? The official language speaks of it indicating that an organization is performing at a “defined” level as opposed to “initial” (Level 1) or “managed” (Level 2). In layperson terms that translates to Electrosoft possessing maturity, repeatable processes and standard ways of doing business that employees consistently follow. Still not clear? Let’s delve a little deeper.

CMMI models comprise integrated sets of best practices. Their intent is to help a business improve process performance, especially those processes integral to its mission. ISACA, which acquired the CMMI Institute in 2016, distinguishes between the two certifications Electrosoft holds as follows: “CMMI-DEV is used to improve engineering and development processes in an organization that develops products. CMMI-SVC is used to improve management and service delivery processes in an organization that develops, manages and delivers services.” These models align well with our four areas of specialization: Cybersecurity Compliance & Operations; Identity, Credential & Access Management; Program Operations & Mission Support; and Enterprise IT Solutions.

Thus, Electrosoft’s stature as holding CMMI-DEV Level 3 and CMMI-SVC Level 3 means we possess well-defined frameworks for performing work. They lead to process improvements and promote productive, efficient behaviors that decrease risks in software and product development as well as service delivery.

Electrosoft’s stature as holding CMMI-DEV Level 3 and CMMI-SVC Level 3 means we possess well-defined frameworks for performing work.

The internal benefits are obvious, especially in terms of business continuity and profitability. Relying on well-established processes with a proven track record also establishes a positive feedback loop, if you will, where such practices provide the genesis for new and better practices that, in turn, can lead to greater productivity, efficiency and quality.

There are important external benefits as well – benefits that enhance our business posture and ability to grow our customer base. Being appraised as operating at Level 3 under both CMMI models is a business differentiator. It immediately communicates to federal contracting officers that Electrosoft is a mature organization. If they award Electrosoft a contract, we can complete the scope of work on time and within budget because our internal processes enable us to perform work in a repeatable, predictable fashion. It tells them that we are not making empty claims about our stability and capabilities. Rather, an outside, independent firm has ensured we followed a rigorous process to deem our processes to be well characterized; institutionalized; and predicated on a proven set of standards, procedures, tools and methods. What’s more, relying on these processes communicates to contracting officials that we possess an ongoing ability for even better performance because our focus on quality – and the controls we’ve instituted relative to quality – underlies every contract effort.

Being appraised as operating at Level 3 under both CMMI models is a business differentiator. It immediately communicates to federal contracting officers that Electrosoft is a mature organization.

Notably, the CMMI model also provides insight into how well we, as an organization, can manage risk. The business world is fraught with unpredictability. Unseen events can create stress, and the CMMI certifications speaks to an organization’s capacity to perform under stress. For organizations operating at a defined level, like Electrosoft, the unexpected might create stress but we have the capacity to manage and respond well. Organizations without similar CMMI ratings would not fare nearly as well.

Maturity matters. While often a subjective judgment, the CMMI appraisal process makes it an objective determination that speaks volumes about Electrosoft, our employees and our commitment to quality. There is little doubt that being a defined organization is a major contributor to our ongoing revenue growth. It explains our historical CPARS (Contractor Performance Assessment Reporting System) rating being a 4.45 on a 5-point scale. Further, the numerous kudos accorded our employees across 2022 alone is no accident either. As I said, maturity matters.