By Marsha Blackburn | STC Senior Member and Erin Friday | STC Senior Member
Few events put the work of technical communicators under a microscope like process certifications and undergoing surveillance audits. They provide an opportunity to assess documentation, identify areas for improvement, and contribute to the highest standard of quality.
Specialized audits and certifications not only validate a company’s processes and business practices, but also demonstrate that the leadership, project management, project leaders, developers, and other team members are committed and adhere to the most stringent quality control standards. Such audits and certifications provide an unequivocal seal of approval by the industry and provide validation and assurance that doing business with your company will lead to a successful, productive relationship.
The certification and accreditation that best fit software development are ISO 9001:2015 and Capability Maturity Model Integration (CMMI) Level 3.1 The International Organization for Standardization (ISO) specifies requirements for a quality management system with a broad focus;2 CMMI focuses more on process improvement and decreased risk in software, product, and service delivery. The overlap and differences between the certifications include acquisition of either ISO or CMMI — or, as it was in our case, concurrently — lean heavily on documentation, providing a great opportunity for technical writers and editors to showcase their project work, actively identify and fill gaps in existing documentation, and participate as subject matter experts (SMEs) in the ISO audit and the CMMI appraisal (Figure 1).
The potential payoff for acquiring the certifications is huge: CMMI and ISO help to qualify our division to bid on multi-billion-dollar government-wide acquisition contracts and will help grow our share of information technology-related work for the future. Quality certifications can make up a large percentage of points for some Requests for Proposals (RFPs) and more government contracts are requiring these certifications. These certifications would help our proposals for government projects stand out in a crowded field of contenders by demonstrating a commitment to quality standards.
Few events put the work of technical communicators under a microscope like the process of acquiring quality certifications and undergoing surveillance audits. Quality management plans, deliverables, manuals, standard operating procedures, user guides, project plans — all must withstand multiple days of careful inspection by the ISO auditor or CMMI appraiser.
While documentation is an important underpinning of process architecture, now is not the time to start writing. It is, however, an opportune moment to examine your process model for gaps. The technical communicator adds value to the process in assessing documentation, identifying opportunities for improvement, and contributing to the highest standard of quality.
Our Experience with Acquiring Certifications
In the summer of 2020, an eight-member core team from our division began a deep dive into process architecture as part of the quest to acquire CMMI and ISO certifications in less than eight months. The team was comprised of operations managers, project managers, developers, and technical communicators, all of whom have significant knowledge about our internal processes and process improvement. We also had two external consultant SMEs who guided us on how best to analyze and improve our processes.
Some of our core team members faced distinct disadvantages, including a lack of familiarity with the audit and appraisal processes. We were also still adjusting to working remotely during the pandemic due to closure of our offices and consequently dealing with slow Internet connections, awkward workspaces, and unexpected interruptions and distractions (such as barking dogs, ringing doorbells, and even music lessons taking place in the background). An additional burden for the test-phobic team members was the three-hour CMMI Certified Associate exam, required for all Appraisal Team Member (ATM) participants.
External audits by a third-party firm and internal audits demonstrate the commitment to quality and continually identifying opportunities for improvement. Most companies, including the non-profit research institute where we work in North Carolina, have systems in place to assure quality, but not all companies have it documented to the extent that ISO requires. Internal audits take place quarterly at our company and serve as a test run for the real thing. The internal auditor assesses the risk and effectiveness of processes, identifies opportunities for improvement, and verifies compliance to a standard.
Figure 2 highlights the milestones for how we obtained both CMMI and ISO certifications in less than eight months.
Strategies and Best Practices
Documentation is the key to achieving process certifications. While this article discusses CMMI and ISO specifically, the following documentation will help your company get organized, follow standard processes, and prepare for any other process certifications in the future:
- Quality Management System
- Process maps (such as swimlane diagrams or flowcharts) of your company’s current processes
- Standard Operating Procedures of your company’s current processes
- Master spreadsheet of all certification requirements and how your company meets each requirement
Quality Management System (QMS)
A QMS is typically a flowchart that illustrates your company’s business processes at a high level. It should be aligned with your company’s purpose and strategic direction, which most likely focuses on customer satisfaction. The process maps and standard operating procedures describe the details of each QMS step.
Figure 3 is a sample QMS.
Process maps, such as swimlane diagrams or flowcharts, are a simple option for documenting business processes. Swimlane diagrams show the inputs and outputs, the responsible people, and their actions within the process. If more details about the process are needed, then we recommend you create an standard operating procedure for the process (either instead of the process map or in addition to). In the QMS example above, we created only process maps for the gathering requirements, quality assurance, documentation, and soliciting customer feedback steps. The other steps (project management, product development, and risk management) required more details, so a process map and standard operating procedure were created for each.
Figure 4 is a sample documentation process map from the QMS.
Standard Operating Procedures (SOPs)
SOPs can be used in addition to or instead of the process maps. They include similar information to the process maps (responsible people and their actions within the process), but can have additional information, such as a narrative/reasoning about the process, related resources, approval page, etc.
Figure 5 is a sample SOP template.
The master spreadsheet lists each certification requirement and the document/process that fulfills that requirement. If you are obtaining multiple certifications at once, then add all the requirements into one spreadsheet since many of them overlap. We recommend one module per worksheet.
Figure 6 is a sample master spreadsheet template.
Prepare for the Appraisal/Audit
After creating the documentation described above, we recommend you prepare for the CMMI appraisal and/or the ISO audit by doing the following:
Work with Leadership:
- Obtain leadership endorsement: leadership establishes the purpose of the organization, the business culture, and the strategic direction of the organization.
- Understand how you do business; consider the process certification requirements and understand how they apply to what you are already doing.
- Prepare project leadership for the upcoming appraisal/audit in practice sessions. Some sample questions include:
- How do your business needs drive QMS activities?
- How does management ascertain customer satisfaction?
- How do you determine and provide the resources needed for the establishment, implementation, maintenance, and continual improvement of the QMS?
- o When creating and updating documented information, how do you ensure appropriate identification, format, review, and approval for suitability and adequacy?
- o How does the organization determine the essential requirements for the specific types of products and services to be designed and developed?
- Make the QMS part of the onboarding experience and required training for all employees.
Ensure Documentation is Ready:
- Use the master spreadsheet to pull up documentation easily.
- Have the final versions of the process maps and SOPs in an easily accessible location.
- Be prepared to have your QMS examined in detail by the auditor.
As Arthur Ashe said, “Success is a journey, not a destination.” We achieved our goal of obtaining the CMMI and ISO certifications, but we were truly successful in analyzing and improving our processes, and the entire division is now aware of the benefits of documentation and the skills of technical communicators. The certification process highlighted the effectiveness of our existing processes, taught us how to identify gaps and continually improve, and showcased the visibility and importance of documentation. Ultimately, these certifications will help us win new project work, minimize risk, and improve performance and productivity.
- Information Systems Audit and Control Association (ISACA). n.d. “Capability Maturity Model Integration (CMMI).” https://cmmiinstitute.com/
- International Organization for Standardization (ISO). n.d. https://www.iso.org
Marsha Blackburn (email@example.com) is a Research IT Documentation Specialist at RTI International in Durham, NC, and a member of the Carolina Chapter of STC.
Erin Friday (firstname.lastname@example.org) is a Research IT Documentation Specialist at RTI International in Durham, NC, and a member of the Carolina Chapter of STC.