Global ETD Search

31	Avaliação da utilização de melhoria de processo de software baseada em metodologias ágeis em empresas CMMI Santana Júnior, Célio Andrade de 18 June 2012 (has links) Submitted by Daniella Sodre (daniella.sodre@ufpe.br) on 2015-03-09T13:01:43Z No. of bitstreams: 2 license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5) TESE Celio Santana.pdf: 3246716 bytes, checksum: fed6ad56ad971be5c5b806d148b9a8c9 (MD5) / Made available in DSpace on 2015-03-09T13:01:43Z (GMT). No. of bitstreams: 2 license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5) TESE Celio Santana.pdf: 3246716 bytes, checksum: fed6ad56ad971be5c5b806d148b9a8c9 (MD5) Previous issue date: 2012-06-18 / Em 2009 a Associação para Promoção da Excelência do Software Brasileiro (SOFTEX1) publicou uma pesquisa indicando que 96% das empresas de software brasileiras eram pequenas e possuíam até 20 pessoas. Ainda que estas empresas empregassem 55,3% de toda mão de obra da área, elas respondiam por apenas 19% do faturamento do setor e por menos de 1% das exportações de software. A conclusão do diagnóstico aponta que essas empresas precisavam passar por reestruturações em seus processos para aumentar sua competitividade. Algumas dessas empresas buscaram essa melhoria partindo para programas de certificação de qualidade tais como o CMMI e MPS.BR. Este trabalho propõe avaliar a utilização de metodologias ágeis como direcionador de programas de melhoria de processo, com o objetivo de atingir níveis de maturidade em avaliações CMMI nível dois e MPS.BR nível F. Uma contribuição deste trabalho é gerar evidências empíricas sobre a adoção de métodos ágeis como política de melhoria de processo em empresas de vida real no Brasil. Assim, esta pesquisa foi realizada para responder as seguintes questões de pesquisa: QP1 –É possível executar programas de melhoria de processo de software baseados em métodos ágeis com o objetivo de certificação CMMI nível dois e MPS.BR nível F? QP2 – Quais os benefícios observados por estas organizações ao se adotar a melhoria de processo baseada em métodos ágeis? E em longo prazo? QP3 – Como a melhoria de processo ágil está relacionada à melhoria de processo prescritivaadotada pelo CMMI e MPS.BR. Esta tese resume quatro anos de pesquisa em oito pequenas e médias empresas Brasileiras. Os métodos utilizados para a pesquisa foram: (i) estudo de caso baseado em avaliações de 3º pessoa registradas em planilhas para responder a QP1; (ii) surveys e (iii) teoria fundamentada em dados foi utilizada para responder as questões QP2 e QP3. Scrum Desenvolvimento Ágil de Software Melhoria de Processo de Software
32	XP-CMM : uma guia para utilização de Extreme Programming em um ambiente nível do CMM Endriss Carneiro Campelo, Renata January 2003 (has links) Made available in DSpace on 2014-06-12T15:58:59Z (GMT). No. of bitstreams: 2 arquivo4794_1.pdf: 2683672 bytes, checksum: ea816cfe4cb13fb4f70bae7d4e2876eb (MD5) license.txt: 1748 bytes, checksum: 8a4605be74aa9ea9d79846c1fba20a33 (MD5) Previous issue date: 2003 / Recentemente a comunidade de software vem se deparando com um grupo de novas metodologias de desenvolvimento de software, classificadas como metodologias ágeis . Algumas das metodologias que fazem parte deste grupo são Extreme Programming (XP) e SCRUM, sendo XP a mais conhecida e utilizada. Estas metodologias possuem em comum um conjunto de valores para o desenvolvimento de software, priorizando: indivíduos e iterações sobre processos e ferramentas; software funcionando sobre documentação compreensiva; colaboração do cliente sobre negociação de contrato; resposta à mudança sobre seguir um plano. Em paralelo à disseminação das metodologias ágeis, os investimentos em qualidade de software vêm aumentando a cada ano. Pesquisas realizadas sobre o setor de software, indicam um crescimento na adoção de modelos de qualidade como ISO 9000 e Capability Maturity Model for Software (CMM). Modelos de qualidade e metodologias ágeis possuem fundamentos opostos, como é possível notar nos valores definidos por essas metodologias. Autores de metodologias ágeis freqüentemente criticam modelos como o CMM. Em contra partida, alguns trabalhos indicam que é possível utilizar as duas abordagens em um mesmo ambiente. Este trabalho apresenta o Guia XP-CMM2, que tem como objetivo apoiar as organizações no uso da metodologia ágil XP em um ambiente nível 2 do CMM. Com o uso do Guia XP-CMM2, as organizações deverão se beneficiar da agilidade proposta por XP e da maturidade adquirida com o nível 2 do modelo de qualidade de software mais respeitado do mundo, o CMM. Para a elaboração do Guia XP-CMM2, foi realizado inicialmente um diagnóstico da satisfação de XP ao nível 2 do CMM e, depois, para cada problema identificado, uma solução foi proposta. Finalmente o Guia XP-CMM2 foi aplicado em dois ambientes distintos visando avaliação dos resultados obtidos Guia XP-CMM2 Metodologias Ágeis XP Extreme Programming Capability Maturity Model (CMM)
33	A utilização de métricas na Gerência de Projetos de Software: uma abordagem focada no CMM Nível 2 Moreira Carneiro Campêlo, Gabriela January 2002 (has links) Made available in DSpace on 2014-06-12T15:59:19Z (GMT). No. of bitstreams: 2 arquivo5090_1.pdf: 295189 bytes, checksum: 39c52722be8604ec8e51c1e69ea30f77 (MD5) license.txt: 1748 bytes, checksum: 8a4605be74aa9ea9d79846c1fba20a33 (MD5) Previous issue date: 2002 / Uma das maiores dificuldades encontradas no gerenciamento de projetos de software, é saber a dimensão do que está sendo gerenciado. Inúmeras dúvidas são pertinentes aos gerentes de projeto quando se fala em dimensionamento, prazo e custo dos projetos. Diante dos problemas encontrados no desenvolvimento de software, tais como software que não atende aos requisitos de funcionalidade e qualidade esperados pelo cliente, projetos que extrapolam prazo e custo previsto, entre outros, pesquisas têm mostrado que o elevado número de projetos fracassados são decorrentes de uma gerência de projetos ineficiente. A gestão de projetos e produtos de software somente atinge determinado nível de eficácia e exatidão se houver medidas que possibilitem gerenciar através de fatos. Dessa forma, identificamos as métricas como uma das principais ferramentas de apoio ao gerente de projetos, pois fornecem um conjunto de informações tangíveis para planejar o projeto, realizar estimativas, gerenciar e controlar os projetos com maior precisão. Por outro lado, um sistema efetivo de medição é recomendado por vários modelos de qualidade de software, como aspecto fundamental para subsidiar as atividades de planejamento e gerenciamento de projetos. Entre esses modelos, o Capability Maturity Model for Software (CMM) destaca-se como um dos modelos de qualidade de software mais adotados no mundo e recomenda fortemente o uso de métricas. Particularmente o nível 2 de maturidade do CMM, recomenda que sejam estabelecidos processos básicos de gerência de projetos de software para controlar e acompanhar custos, cronogramas e funcionalidades, todos recomendando o uso de métricas. O trabalho apresentado nesta dissertação foca na qualidade do desenvolvimento de software, através de uma gerência de projetos eficiente, guiada pelas normas do CMM nível 2 e fazendo uso de métricas como ferramenta fundamental para uma efetiva gerência de projetos. Sem a utilização de métricas, o planejamento e acompanhamento de projetos tornam-se atividades empíricas, realizadas com base apenas no sentimento e experiência dos gerentes de projetos. Com este trabalho buscamos contribuir para o aperfeiçoamento do gerenciamento de projetos nas organizações que realizam desenvolvimento de software, introduzindo nas mesmas uma cultura de utilização de métricas para realização de acompanhamento dos projetos, gerenciamento da qualidade do produto gerado e construção de uma base histórica para estimativas de projetos futuros, segundo as diretrizes do CMM 2 Gerenciamento de projetos de software Desenvolvimento de software
34	Identifying Factors Contributing Towards Information Security Maturity in an Organization Edwards, Madhuri M. 01 January 2018 (has links) Information security capability maturity (ISCM) is a journey towards accurate alignment of business and security objectives, security systems, processes, and tasks integrated with business-enabled IT systems, security enabled organizational culture and decision making, and measurements and continuous improvements of controls and governance comprising security policies, processes, operating procedures, tasks, monitoring, and reporting. Information security capability maturity may be achieved in five levels: performing but ad-hoc, managed, defined, quantitatively governed, and optimized. These five levels need to be achieved in the capability areas of information integrity, information systems assurance, business enablement, security processes, security program management, competency of security team, security consciousness in employees, and security leadership. These areas of capabilities lead to achievement of technology trustworthiness of security controls, integrated security, and security guardianship throughout the enterprise, which are primary capability domains for achieving maturity of information security capability in an organization. There are many factors influencing the areas of capabilities and the capability domains for achieving information security capability maturity. However, there is little existing study done on identifying the factors that contribute to achievement of the highest level of information security capability maturity (optimized) in an organization. This research was designed to contribute to this area of research gap by identifying the factors contributing to the areas of capabilities for achieving the highest level of information security capability maturity. The factors were grouped under the eight capability areas and the three capability domains in the form of an initial structural construct. This research was designed to collect data on all the factors using an online structured questionnaire and analyzing the reliability and validity of the initial structural construct following the methods of principal components analysis (PCA), Cronbach Alpha reliability analysis, confirmatory factor analysis (CFA), and structural equation modeling. A number of multivariate statistical tests were conducted on the data collected regarding the factors to achieve an optimal model reflecting statistical significance, reliability, and validity. The research was conducted in four phases: expert panel and pilot study (first phase), principal component analysis (PCA) and reliability analysis (RA) of the factor scales (second phase), confirmatory factor analysis (CFA) using LISREL (third phase), and structural equation modeling (SEM) using LISREL (fourth phase). The final model subsequent to completing the four phases reflected acceptance or rejection of the eleven hypotheses defined in the initial structural construct of this study. The final optimized model was obtained with the most significant factors loading on the capability areas of information integrity, information security assurance, business enablement, security process maturity, security program management, competency of security team, security conscious employees, and security leadership, including the most significant factors loading the three capability domains of security technology trustworthiness, security integration, and security guardianship. All the eleven hypotheses were accepted as part of the optimal structural construct of the final model. The model provides a complex integrated framework of information security maturity requiring multi-functional advancements and maturity in processes, people, and technology, and organized security program management and communications fully integrated with the business programs and communications. Information security maturity is concluded as a complex function of multiple maturity programs in an organization leading to organized governance structures, multiple maturity programs, leadership, security consciousness, and risk-aware culture of employees. Capability Maturity Information Security Information Systems Audit Risk Management Security Maturity Security Process Maturity Computer Sciences
35	Zvyšování zralosti testovacích procesů v IT společnosti / Raising test process maturity in IT company Kučera, Martin January 2007 (has links) This thesis deals with the issue of process optimalization in the field of test discipline which is a fundamental part of software development. An approach providing improvement of test processes is applied in the environment of a test department in a selected company. Concept of raising process capability and maturity presented in CMMI model is used for this purpose. The first goal of the thesis is a provision of theoretical background devoted to software testing, process approach and capability and maturity models, that will accommodate enough with the clarity of the document text, as well as to provide insight into the whole subject. Theoretical interpretation will be compiled using on-line resources available for free, author's bachelor thesis and facts obtained through the studies and from educational materials. Attention will be focused on the definition of important facts and mutual relationship between the areas of interest. Description of initial state, changes carried out and current state of organizational structure, processes and documentation in the test department of the company was selected as a following goal. Process models consisting of diagrams, description tables and textual characteristics of identified processes will be created. Structure of documentation and of its parts will be accentuated through the description of documentation state and changes, furthermore a chronological sequence of taking the documents into practice and explanation of its importance in testing will be present. In order to offer a comprehensive view, a description of organizational structure and department member's competence will be available. As the last goal, arrangement proposal to obtain a higher process maturity and further improvement of documentation and organizational structure was chosen. Process areas and recommendation related to the processes of test discipline will be selected from the CMMI model. The selected content will be interpreted as to form a partial steps for direct use in test department. Appropriate sequence of the steps will also be set to serve well the purposes of the department. Beyond the scope of arrangement proposal, separate recommendations in areas of organizational structure, processes and documentation will be present. The thesis summarizes key facts about and arrangements made in organizational structure, processes and documentation of the test department in the selected company in the period of last two years. The contribution lies further in the creation of so far absent process models of the test department which capture the form of test processes in two points in time, and especially in the complete arrangement proposal aiming to raise process maturity and optimize organizational structure and documentation.
36	Internal audit capability : a public sector case study Janse van Rensburg, J.O. (Jacobus Oosthuizen) January 2014 (has links) The South African public sector faces significant challenges that impact on its ability to deliver services to the public. There are several parties that can assist the public sector in addressing these challenges. One of these is the internal audit functions of government organisations. For internal auditing to support effectively the managements of the government organisations they serve, the internal audit function should be sufficiently capable. The questions remain as to whether South African public sector internal audit functions are sufficiently capable and how internal audit capability can be measured. The Institute of Internal Auditors Research Foundation published the Internal Audit Capability Model (IA-CM) in 2009. The main purpose of the model is to provide a capability self-assessment tool for public sector internal audit functions. This model could be used as a yardstick in measuring public sector internal audit capability within South Africa, should the elements and key process areas (KPAs) of the model be applicable to the South African context. This study therefore aims to determine whether the IA-CM can be applied within a South African context. The South African public sector, the role of internal auditing within the South African public sector as well as the IA-CM as a tool of measuring public sector internal audit capability were investigated. A literature review was conducted on these topics, as a foundation for the study. Specific data was obtained on each of the KPAs of the IA-CM through a case study design by selecting an appropriate South African national department and ranking the case against the KPAs of the IA-CM. The ranking was conducted based on a review of relevant documents and interviews with applicable internal audit and management staff and audit committee members of the selected case. The study concludes that 82.9% of the KPAs of the IA-CM appear to be applicable within a South African context and that, in essence, the model can be applied within a South African context. However, eight hindrances that may negatively affect the feasibility of implementing the remaining 17.1% of the KPAs or certain components of these KPA’s, have been also been identified. / Dissertation (MCom)--University of Pretoria, 2014. / lk2014 / Auditing / MCom / Unrestricted Internal auditing Capability maturity model Internal Audit Capability Model Capability Public sector UCTD
37	Audit a hodnocení IS bank / Audit and Assessment of IS in banks Fleischmann, Martin January 2005 (has links) Abstract (english) Objectives The main objective of this work is to design methods and proceadures enhancing effectiveness and efficiency of IT audit in banks with the accent given to their use by the supervisory authorities. Another objective of the work (and an essential starting point at the same time) is a summary and assesment of methods and proceadures developed and implemented into the CNB practice with regard to banking supervision in the area of information systems. Objectives Achievement From the methodological point of view the esential starting point of the work was represented by above mentioned objectives that were used for elaboration of a set of questions. Questions enabled to set up the hypotheses. (Another more particular hypotheses were defined in order to design the particular solutions in chapter 5.) Futhermore, the critical factors (problems) were defined in the process of the questions analyses. Subsequently, the solutions were specified. The solutions confirmed the hypotheses which reflected the achievement of the objectives. Description, categorisation, analyses, screening, modelling, comparative analyses and sample testing were used to achieve the objectives. In particular, the solutions that were elaborated, making use of methods described above, enhance effectiveness and efficiency of IT audit in banks. Moreover, the CNB's proceadures and methods were introduced and assesed within the work. Scientific Contribution The work brings an evidence of correlation between the quality of IT audit in banks and their economical performance. With this regard the work contributes with original conclusions, benchmarks and proceadures that may be used by banks, supervisory authorities and IT auditors. These conclusions are achieved by description, categorisation, analyses, modelling and screening research highlighting the role of the rentability, the productivity, the risks, the inovations and the economical value of information. Furthermore, the IT audit and IT supervision in banks are specified. They are also compared and contrast to the other audit cathegories. The work presents important peaces of evidence regarding the role of IT audit in this context. This is made by description, cathegorisation and analyses. Another contribution represents proceadures and methods developed and implemented (to the large extend by author) in the field od IT banking supervision in the Czech Republic. This delivers valuable outputs for foreign supervision authorities, banks and auditors. The work lead to original solutions of critical factors. These solutions are to use by IT audit and IT supervision (and also in audit work generally). The solutions make use of ceartain atributes of Capability Maturity Model (CMM) and were elaborated in the proces of decsription, cathegorisation, screening research, comparative analyses, hypotheses seting and testing. The solutions enhances acuracy and objectiveness of assesment done by IT auditors. The solutions lead to better comparativeness of audit outputs on both national and international level, give better preconditions for risk assesment and capital adequacy evaluation within BASEL II and enhance the information value of audit ouptuts. The structure (content) of the work reflects the above mentioned articles that give a brief description of the main four parts (chapters) of the work.
38	Conception d'un modèle de maturité des capacités organisationnelles spécifiques à la gestion des connaissances : application à deux centres hospitaliers Booto Ekionea, Jean-Pierre January 2008 (has links) (PDF) La présente thèse a pour objectif la conception d'un modèle de maturité des capacités organisationnelles spécifiques à la gestion des connaissances (MMCOSGC). Elle constitue une recherche fondamentale parce qu'elle cherche à comprendre les fondements du concept des capacités organisationnelles spécifiques à la gestion des connaissances (COSGC). Il s'agit en même temps d'une recherche appliquée, parce qu'elle utilise le MMCOSGC dans le but d'évaluer sa capacité à poser un diagnostic acceptable des COSGC dans une organisation quelconque. En effet, depuis une vingtaine d'années, les gestionnaires considèrent que certaines ressources et certaines capacités spécifiques des entreprises s'avèrent cruciales pour expliquer la performance d'une entreprise (Amit et Schoemaker, 1993). Un des défis à relever, pour les organisations, est d'identifier, de développer, de protéger et de déployer ces ressources dans une direction qui assure à l'entreprise l'avantage concurrentiel et la performance organisationnelle. En se basant sur la théorie des ressources pour identifier la connaissance comme ressource stratégique (Barney, 1991), la présente thèse combine les perspectives de la théorie du cycle de vie et de la téléologie pour expliquer le processus du développement des COSGC. Ainsi, la progression à travers différents niveaux de maturité se base sur la théorie du cycle de vie qui adopte la croissance organique comme unité heuristique afin d'expliquer les changements des comportements organisationnels et leur progression comme un processus. Or, depuis une vingtaine d'années, la littérature en gestion des connaissances (Abou-Zeid, 2002; Asoh et al, 2003) s'est surtout penchée sur l'alignement des stratégies de gestion des connaissances aux stratégies d'affaires afin de démontrer que cet alignement permettait d'atteindre la performance d'affaires. Cependant, Peppart et Ward (2004) constatent que l'alignement seul ne suffit pas pour atteindre la performance d'affaires, mais que c'est plutôt le développement des capacités organisationnelles spécifiques à une ressource qui contribue effectivement à atteindre la performance d'affaires. C'est pour cette raison que la présente thèse se penche sur le développement des capacités organisationnelles spécifiques à la gestion des connaissances, en tenant compte de trois dimensions: infrastructures, processus et compétences des personnes. Pour y arriver, le plan de la thèse respecte chaque étape de la méthodologie SSM (Soft System Methodology), le consensus sur les concepts clés des COSGC par la méthode Delphi et valide le MMCOSGC à l'aide de deux études de cas. Ainsi, les principaux résultats de la présente étude sont: 1-l'obtention du premier consensus au tour des concepts définissant les COSGC à l'aide de la méthode Delphi; 2-la conception du MMCOSG tenant compte des trois dimensions des COSGC issus du consensus Delphi; 3-l'application du MMCOSGC à deux organisations de santé qui prouve sa capacité à poser un diagnostic acceptable des COSGC au sein d'une organisation. Enfin, les résultats de la présente étude pourraient bien intéresser aussi bien les chercheurs que les praticiens, les gestionnaires et les décideurs au sein des organisations. ______________________________________________________________________________ MOTS-CLÉS DE L’AUTEUR : Capacités organisationnelles, Gestion des connaissances, Modèle de maturité, Méthodologie SSM, Méthode Delphi, Étude de cas. Capacité organisationnelle Méthode des cas Gestion des connaissances CMM (Capability maturity model) Méthode Delphi Méthodologie douce des systèmes Recherche organisationnelle
39	A model to measure the maturuty of smartphone security at software consultancies Allam, Sean January 2009 (has links) Smartphones are proliferating into the workplace at an ever-increasing rate, similarly the threats that they pose is increasing. In an era of constant connectivity and availability, information is freed up of constraints of time and place. This research project delves into the risks introduced by smartphones, and through multiple cases studies, a maturity measurement model is formulated. The model is based on recommendations from two leading information security frameworks, the COBIT 4.1 framework and ISO27002 code of practice. Ultimately, a combination of smartphone specific risks are integrated with key control recommendations, in providing a set of key measurable security maturity components. The subjective opinions of case study respondents are considered a key component in achieving a solution. The solution addresses the concerns of not only policy makers, but also the employees subjected to the security policies. Nurturing security awareness into organisational culture through reinforcement and employee acceptance is highlighted in this research project. Software consultancies can use this model to mitigate risks, while harnessing the potential strategic advantages of mobile computing through smartphone devices. In addition, this research project identifies the critical components of a smartphone security solution. As a result, a model is provided for software consultancies due to the intense reliance on information within these types of organisations. The model can be effectively applied to any information intensive organisation. Computer networks -- Security measures Smartphones Wireless Internet Mobile communication systems Mobile computing
40	The use of stories and storytelling as knowledge sharing practices : a case study in the South African mining industry Tobin, Peter Kevin Joseph 30 July 2006 (has links) A great deal has been written in the management literature concerning the field of knowledge management. Some of that literature has focused on the use of stories and storytelling, including for the sharing of knowledge. However, the field of knowledge management is relatively immature in South Africa. In particular within that field, there is not a clear understanding of the use of stories and storytelling for knowledge sharing within the country. The purpose of the study was to improve that understanding through research into a case study within the South African mining industry, with a focus on world-class performance. To assist in the performance evaluation of the case study organisation, a framework for world-class performance was developed and used as an analytical tool in conjunction with a research instrument that was based on the findings of the non-empirical research into the fields of knowledge management and stories and storytelling. The empirical research then focused on the activities of a particular community of practice within the case study organisation and sought to understand the way in which stories and storytelling were used to support the sharing of knowledge in the organisation, as a contributor to world-class performance. Whilst conducting the empirical research, assessment and analysis, it was identified that the case study organisation made use of a number of practices and tools to support the use of stories and storytelling, in particular graphical representations (storyboards) of the stories to complement their oral delivery. The analysis of the case study data indicated that a significant opportunity existed to improve the extent of world-class performance for the use of stories and storytelling and a number of recommendations were made in that regard. / Thesis (DPhil)--University of Pretoria, 2007. / Information Science / unrestricted Storyboards World-class performance. Storytelling Stories Case study Knowledge sharing Knowledge management Knowledge Capability maturity model Community of practice UCTD

Search results