This workbook contains all of the practices in CMMI V3.0 as released on April 5, 2023.

It includes the
practices in the core practice areas, as well as those in the following domains:
- Data
- Development (DEV)
- People (PPL)
- Safety (SAF)
- Security (SEC)
- Services (SVC)
- Suppliers (SPM)
- Virtual (VRT).

The tabs associated with practice areas unique to the DEV domain are blue-filled.
The tabs associated with practice areas unique to the SVC domain are orange-filled.
The tabs associated with practice areas unique to all other domains are purple-filled.

This workbook should be a useful resource for my fellow tool-builders. I fully expect to update this
workbook as new content is added to the model or when the existing content changes, but if you happen to
update it first, then be sure to pass it along!

Each practice area has its own worksheet and the worksheets are included in the workbook in the order
they appear in the model. Each worksheet includes the name and acronym of the practice area, the
practice area-level Intent and Value statements, and the corresponding practices for both CMMI V3.0 and
CMMI V2.2.

Differences between CMMI V3.0 and CMMI V2.2 are highlighted in 3 shades of
- Changes highlighted in Orange, Accent 6 are changes in the practice statements themselves.
- Changes highlighted in Orange, Accent 6 Lighter 40% are changes to other appraisalable components -
such as the practice-level value statement or changes to Other Required Information. These model
components are not documented herein as these components are proprietary and can only be accessed by
people with a Model Viewer license.
- Changes highlighted in Orange, Accent 6 Lighter 80% are changes to informative model components.
These changes do not directly affect the required model components and will therefore have minimum
effect on appraisals.

I have made every effort to provide an accurate rendering of the CMMI V3.0 and CMMI V2.2 practices.
However, there may be some mistakes herein, so you should be aware that you are using this "at your own
risk." If you DO find a mistake please let me know and I'll be sure to correct it in the next release.
 PA L1 L2 L3 L4 L5 Core DATA DEV PPL SAF SEC SVC SPM VRT
Total # Practices by Domain=> 165 13 20 7 8 19 26 12 6
CAR 1 2 5 2 1 11
CM 1 6 7
CONT 1 3 3 7
DM 2 2 2 6
DQ 2 3 2 7
DAR 2 5 1 8
ESAF 2 3 3 8
ESEC 2 4 3 9
EVW 2 2 2 6
EST 1 3 2 6
GOV 1 4 2 1 8
II 1 2 3 1 7
IRP 1 3 2 6
MPM 2 6 6 5 3 22
MST 2 4 3 1 10
MC 2 4 4 10
OT 1 2 6 9
PR 1 4 1 6
PLAN 2 8 4 1 15
PAD 1 3 6 10
PCM 3 2 6 1 12
PQA 1 4 1 6
PI 1 6 3 10
RDM 1 5 7 13
RSK 1 2 5 8
SDM 1 6 1 8
STSM 1 3 1 5
SAM 4 5 2 1 12
TS 1 3 6 10
VV 2 3 2 7
WE 1 3 3 7
 Causal Analysis and Resolution (CAR)
Identifies causes of selected outcomes and takes action to either prevent recurrence of undesirable outcomes or ensure recurrence of positive
Intent: outcomes.
Value: Addresses causes of issues, eliminating rework and directly improving quality and productivity.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement
1 CAR 1.1 Identify and address causes of selected outcomes. CAR 1.1 Identify and address causes of selected outcomes.
CAR 2.1 Select outcomes for analysis. CAR 2.1 Select outcomes for analysis.
2
CAR 2.2 Analyze and address causes of outcomes. CAR 2.2 Analyze and address causes of outcomes. Revised value statement Revising the value statement changes an appraisable component.
Determine causes of selected outcomes by following an Determine root causes of selected outcomes by following an
CAR 3.1 CAR 3.1 Removed “root.”
organizational process. organizational process.
CAR 3.2 Propose actions to address identified causes. CAR 3.2 Propose actions to address identified root causes. Removed “root.”
CAR 3.3 Implement selected action proposals. CAR 3.3 Implement selected action proposals.
3 Removed "root." Phrase of “root cause analysis” changed to
CAR 3.4 Record causal analysis and resolution data. CAR 3.4 Record root cause analysis and resolution data. “causal analysis.” Practice information updated for
consistency.
Submit improvement proposals for changes proven to be Submit improvement proposals for changes proven to be
CAR 3.5 CAR 3.5
effective. effective.
Perform root cause analysis of selected outcomes using Perform root cause analysis of selected outcomes using
CAR 4.1 CAR 4.1
statistical and other quantitative techniques. statistical and other quantitative techniques.
4 Evaluate the effect of implemented actions on process Evaluate the effect of implemented actions on process
CAR 4.2 performance using statistical and other quantitative CAR 4.2 performance using statistical and other quantitative
techniques. techniques.
Use statistical and other quantitative techniques to evaluate
Use statistical and other quantitative techniques to evaluate
other solutions and processes to determine if the resolution Practice statement: Changed “on a broader scale.” to “to
5 CAR 5.1
should be applied to optimize performance across the
CAR 5.1 other solutions and processes to determine if the resolution
optimize performance across the organization.”
should be applied on a broader scale.
organization.
 Configuration Management (CM)
Intent: Manages the integrity of work products using configuration identification, version control, change control, and audits.

Value: Reduces loss of work and increases the ability to deliver the correct version of the solution to the customer.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any CM practice statements
1 CM 1.1 Perform version control. CM 1.1 Perform version control.
Revised value statement; added Additional Required
Revising the value statement and updating the Additional Required
CM 2.1 Identify items to be placed under configuration management. CM 2.1 Identify items to be placed under configuration management. Information regarding Data and People views; added Security
Information changes appraisable components.
Context Specific information
Develop, keep updated, and use a configuration and change Develop, keep updated, and use a configuration and change
CM 2.2 CM 2.2
management system. management system.
Develop or release baselines for internal use or for delivery to Develop or release baselines for internal use or for delivery to Adding Additional Required Information changes an appraisable
CM 2.3 CM 2.3 Added Additional Required Information regarding Data view
the customer. the customer. component.
2 Manage changes to the items under configuration Manage changes to the items under configuration
CM 2.4 CM 2.4
management. management.
Develop, keep updated, and use records describing items Develop, keep updated, and use records describing items
CM 2.5 CM 2.5
under configuration management. under configuration management.
Perform configuration audits to maintain the integrity of Perform configuration audits to maintain the integrity of
CM 2.6 configuration baselines, changes, and content of the CM 2.6 configuration baselines, changes, and content of the
configuration management system. configuration management system.
 Continuity (CONT)
Intent: Anticipates and addresses disruptions to critical business operations so work can continue or resume as soon as possible.

Value: Enables continued operation when serious disruptions or catastrophic events occur.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any CONT practice statements
Develop contingency approaches for managing significant Develop contingency approaches for managing significant
1 CONT 1.1
disruptions to operations.
CONT 1.1
disruptions to operations.
CONT 2.1 Identify and prioritize functions essential for continuity. CONT 2.1 Identify and prioritize functions essential for continuity.
CONT 2.2 Identify and prioritize resources essential for continuity. CONT 2.2 Identify and prioritize resources essential for continuity.
2
Develop, keep updated, and follow continuity plans to resume Develop, keep updated, and follow continuity plans to resume
CONT 2.3 CONT 2.3
performing essential functions. performing essential functions.
CONT 3.1 Develop and keep updated materials for continuity training. CONT 3.1 Develop and keep updated materials for continuity training.
CONT 3.2 Provide and evaluate continuity training according to the plan. CONT 3.2 Provide and evaluate continuity training according to the plan.
3
Prepare, conduct, and analyze results from verification and Prepare, conduct, and analyze results from verification and
CONT 3.3 CONT 3.3
validation of the continuity plan. validation of the continuity plan.
 Data Management (DM)
Intent: Identifies, implements, and controls the approach and activities for managing data.

Value: Maximizes operational efficiency by prioritizing critical data activities to meet performance needs.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement
DM 1.1 Identify data management objectives.
1
DM 1.2 Use metadata to manage data.
Develop, keep updated, and follow a data management
DM 2.1
approach that is aligned to objectives.
2
DM 2.2
Establish a data management architecture to support the data DM is a newly added PA in CMMI V3.0
management approach.
Establish and deploy an organizational data management
DM 3.1
capability.
3 Perform reviews periodically on the effectiveness of the
DM 3.2 organization's data management capability and take action on
results.
 Data Quality (DQ)
Intent: Develops, follows, and keeps updated an approach for implementing data quality standards.

Value: Maximizes the value and accuracy of data for effective business operations and consistent decision-making.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement
DQ 1.1 Identify data quality parameters.
1
DQ 1.2 Perform data cleansing activities.
DQ 2.1 Define criteria for data cleansing.

2 DQ 2.2 Develop, keep updated, and follow a data quality approach. DQ is a newly added PA in CMMI V3.0
Perform data cleansing based on criteria and data quality
DQ 2.3
approach.
DQ 3.1 Conduct data quality assessments.
3 Perform reviews periodically on the effectiveness of the
DQ 3.2
organization's data quality activities and take action on results.
 Decision Analysis and Resolution (DAR)
Intent: Makes and records decisions using a recorded process that analyzes alternatives.

Value: Increases the objectivity of decision-making and the probability of selecting the optimal solution.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any DAR practice statements
DAR 1.1 Define and record the alternatives. DAR 1.1 Define and record the alternatives.
1
DAR 1.2 Make and record the decision. DAR 1.2 Make and record the decision.
Develop, keep updated, and use rules to determine when to Develop, keep updated, and use rules to determine when to
DAR 2.1 DAR 2.1
follow a recorded process for criteria-based decisions. follow a recorded process for criteria-based decisions.
DAR 2.2 Develop criteria for evaluating alternatives. DAR 2.2 Develop criteria for evaluating alternatives.
2 DAR 2.3 Identify alternative solutions. DAR 2.3 Identify alternative solutions.
DAR 2.4 Select evaluation methods. DAR 2.4 Select evaluation methods.
DAR 2.5 Evaluate and select solutions using criteria and methods. DAR 2.5 Evaluate and select solutions using criteria and methods.
Develop, keep updated, and use a description of role-based Develop, keep updated, and use a description of role-based
3 DAR 3.1
decision authority.
DAR 3.1
decision authority.
 Enabling Safety (ESAF)
Intent: Minimizes and mitigates safety risks within the tolerance parameters and constraints of operational effectiveness, time, and cost.

Value:
Reduces the residual safety hazard risk to an acceptable tolerance level.

Additional Consider and address safety in all aspects of the solution, including products, processes, services, or environments. This encompasses both
Required facilitating and managing safety activities.
PA Info:

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any ESAF practice statements
ESAF 1.1 Identify and record safety needs and hazards. ESAF 1.1 Identify and record safety needs and hazards.
1
ESAF 1.2 Address prioritized safety needs and hazards. ESAF 1.2 Address prioritized safety needs and hazards.
Identify critical safety needs and constraints, keep them Identify critical safety needs and constraints, keep them
ESAF 2.1 updated, and use to develop and keep safety objectives ESAF 2.1 updated, and use to develop and keep safety objectives
current. current.
2 ESAF 2.2
Develop, keep updated, and follow an approach to address
ESAF 2.2
Develop, keep updated, and follow an approach to address
workplace environment safety. workplace environment safety.
Develop, keep updated, and follow an approach to address Develop, keep updated, and follow an approach to address
ESAF 2.3 ESAF 2.3
functional safety for the solution. functional safety for the solution.
ESAF 3.1 Establish and deploy an organizational safety capability. ESAF 3.1 Establish and deploy an organizational safety capability.
Perform safety evaluations periodically and take action on Perform safety evaluations periodically and take action on
ESAF 3.2 ESAF 3.2
3 results. results.
Develop, keep updated, and follow organizational safety Develop, keep updated, and follow organizational safety
ESAF 3.3 ESAF 3.3
control strategies. control strategies.
 Enabling Security (ESEC)
Develops and keeps updated the security approach that includes anticipating, identifying, and taking actions to avoid or minimize the impacts of
Intent: security issues on an organization or solution.
Reduces the impact of security threats and vulnerabilities on business performance.
Value:
Identifying security needs and constraints is an ongoing, 24/7, 365 days a year activity. It can never stop and cannot be an after-thought or a
Additional tradeoff item like schedule, cost, and quality. Enabling security includes systematically identifying, assessing, and addressing security needs
Required across a project or organization. There are three primary groups of needs covered by the security approach:
- Physical security and environment needs
PA Info: - Mission, personnel, and process security needs

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any ESEC practice statements
ESEC 1.1 Identify and record security needs and issues. ESEC 1.1 Identify and record security needs and issues.
1
ESEC 1.2 Address prioritized security needs and issues. ESEC 1.2 Address prioritized security needs and issues.
Identify and record security needs, keep them updated, and Identify and record security needs, keep them updated, and
ESEC 2.1 ESEC 2.1
use to develop a security approach and objectives. use to develop a security approach and objectives.
Develop, keep updated, and follow an approach to address Develop, keep updated, and follow an approach to address
ESEC 2.2 ESEC 2.2
physical security needs. physical security needs.
2 Develop, keep updated, and follow an approach to address Develop, keep updated, and follow an approach to address
ESEC 2.3 ESEC 2.3
mission, personnel, and process-related security needs. mission, personnel, and process-related security needs.
Develop, keep updated, and follow an approach to address Develop, keep updated, and follow an approach to address
ESEC 2.4 ESEC 2.4
cybersecurity needs. cybersecurity needs.
Establish and deploy an organizational security operations Establish and deploy an organizational security operations
ESEC 3.1 ESEC 3.1
capability. capability.
Develop, follow, and implement an organizational security Develop, follow, and implement an organizational security
3 ESEC 3.2
strategy, approach, and architecture; and keep them updated.
ESEC 3.2
strategy, approach, and architecture; and keep them updated.
Periodically perform security reviews and evaluations Periodically perform security reviews and evaluations
ESEC 3.3 ESEC 3.3
throughout the organization and take action on results. throughout the organization and take action on results.
 Enabling Virtual Work (EVW)
Intent: Defines and manages an approach for effective virtual work and operations.

Value:
Maximizes delivery effectiveness and efficiency to customer while reducing the impact and expense from travel and in-person activities.

Additional Enabling virtual solution delivery includes identifying, assessing, managing, and addressing virtual needs and constraints in a consistent and
Required effective manner, including coordination of virtual work, teams, projects, and communication channels.
PA Info:

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement
EVW 1.1 Identify and record virtual work needs and constraints. EVSD 1.1 Identify and record virtual delivery needs and constraints. Practice Area renamed from Enabling Virtual Solution Delivery
1 (EVSD) to Enabling Virtual Work (EVW), based on community
EVW 1.2 Perform virtual work. EVSD 1.2 Deliver virtual solutions.
review comments to place additional emphasis on having
Develop, communicate, and follow an approach to address
Develop, keep updated, and use an approach to perform flexible work teams, projects, etc.
EVW 2.1 EVSD 2.1 virtual solution delivery needs and constraints; and keep it
virtual work.
2 updated.
Revised intent statement, value statement, Additional
Monitor the virtual work approach and take corrective action Evaluate the effectiveness and fidelity of the virtual solution
EVW 2.2 EVSD 2.2 Required PA and all Practice Area information to reflect shift in
when needed. delivery approach and take action to improve performance.
focus for Practice Area, from virtual solution delivery to
Develop, keep updated, and use an organizational strategy, Establish and deploy an organizational strategy and approach,
EVW 3.1 EVSD 3.1 performing virtual work
approach, and functional capability for performing virtual work. and functional capability for delivering virtual solutions.
3 Perform reviews periodically on the effectiveness of the Periodically perform virtual solution delivery reviews and All practices revised to reflect change from focus on virtual
EVW 3.2 EVSD 3.2 solution delivery to performing virtual work. Former EVSD 3.3
organization's virtual work approach and take action on results. evaluations throughout the organization.
practice combined into revised EVW 3.2.
Take action based on virtual solution delivery reviews and
EVSD 3.3 evaluations to verify that they are effectively addressing the
needs and constraints of customers and the organization.
 Estimating (EST)
Intent: Estimates the size, effort, duration, and cost of the work and resources needed to develop, acquire, or deliver the solution.

Provides a basis for making commitments, planning, and reducing uncertainty, which allows for early corrective actions and increases the
Value: likelihood of meeting objectives.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any EST practice statements
1 EST 1.1 Develop high-level estimates to perform the work. EST 1.1 Develop high-level estimates to perform the work.
Develop, keep updated, and use the scope of what is being Develop, keep updated, and use the scope of what is being Moved and updated scope content from Additional Explanatory Updating the Additional Required Information changes an
EST 2.1 EST 2.1
estimated. estimated. Information to Additional Required Information appraisable component.
Develop and keep updated estimates for the size of the Develop and keep updated estimates for the size of the
2 EST 2.2
solution.
EST 2.2
solution.
Based on size estimates, develop and record effort, duration, Based on size estimates, develop and record effort, duration,
EST 2.3 EST 2.3
and cost estimates and their rationale for the solution. and cost estimates and their rationale for the solution.
EST 3.1 Develop and keep updated a recorded estimation method. EST 3.1 Develop and keep updated a recorded estimation method.
3 Use the organizational measurement repository and process Use the organizational measurement repository and process
EST 3.2 EST 3.2
assets for estimating work. assets for estimating work.
 Governance (GOV)
Intent: Provides guidance to senior management on their role in the sponsorship and governance of performance, processes, and related activities.
Value: Minimizes the cost of process implementation, increases the likelihood of meeting objectives, and verifies that the implemented processes
support and contribute to the success of the business.
Additional
Required Senior management must actively participate in identifying business and performance needs and objectives. They must provide necessary
budget and resources to develop, implement, and follow process, and to continually improve performance of the project and organization.
PA Info:
CMMI V3.0
PG Practice # Practice Statement
Senior management identifies what is important for doing the
1 GOV 1.1 work and defines the approach needed to accomplish the
objectives of the organization.
Senior management defines, keeps updated, and
communicates organizational directives for process
GOV 2.1
implementation and performance improvement based on
organization needs and objectives.
Senior management provides funding, resources, and training
GOV 2.2 for developing, supporting, performing, improving, and
evaluating adherence to processes.
2 Senior management identifies their information needs and
uses the collected information to provide governance and
GOV 2.3
oversight of effective process implementation and
performance improvement.
Senior management assigns authority and holds people
accountable for adhering to organization directives and
GOV 2.4
achieving process implementation and improvement
objectives.
Senior management ensures that measures supporting
GOV 3.1 objectives throughout the organization are collected, analyzed,
3 and used.
Senior management ensures that competencies and
GOV 3.2
processes are aligned with the objectives of the organization.
Senior management verifies that selected decisions are driven
by statistical and quantitative analysis related to performance
4 GOV 4.1
and achievement of quality and process performance
objectives.
CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
Practice # Practice Statement
Senior management identifies what is important for doing the
GOV 1.1 work and defines the approach needed to accomplish the
objectives of the organization.
Senior management defines, keeps updated, and
communicates organizational directives for process
GOV 2.1
implementation and performance improvement based on
organization needs and objectives.
Revised practice statement, “Senior management provides
Senior management ensures resources and training are
funding, resources, and training for developing, supporting,
GOV 2.2 provided for developing, supporting, performing, improving,
performing, improving, and evaluating adherence to
and evaluating adherence to expected processes.
processes."
Senior management identifies their information needs and
uses the collected information to provide governance and Revised practice statement to change “improvement” to
GOV 2.3
oversight of effective process implementation and “performance improvement”
improvement.
Senior management assigns authority and holds people
accountable for adhering to organization directives and
GOV 2.4
achieving process implementation and improvement
objectives.
Senior management ensures that measures supporting
GOV 3.1 objectives throughout the organization are collected, analyzed,
and used.
Senior management ensures that competencies and Moved Additional Explanatory Information to Additional Updating Additional Required Information changes an appraisable
GOV 3.2
processes are aligned with the objectives of the organization. Required Information section. component.
Senior management ensures that selected decisions are
Revised practice statement to change “ensures” to “verifies.”
driven by statistical and quantitative analysis related to
GOV 4.1
performance and achievement of quality and process
Updated value statement. Added information in Additional
Required Information
performance objectives.
 Implementation Infrastructure (II)
Ensure that the processes and assets important to an organization's performance are habitually and persistently and habitually followed, used,
Intent: and improved.
Value: Sustains the ability to consistently achieve goals and objectives efficiently and effectively.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement
Perform processes that address the intent of the Level 1 Perform processes that address the intent of the Level 1
1 II 1.1
practices.
II 1.1
practices.
Provide sufficient resources, funding, and training for Provide sufficient resources, funding, and training for Updated Additional Required Information specific to resource Updating the Additional Required Information changes an
II 2.1 II 2.1
developing and performing processes. developing and performing processes. capacity and availability appraisable component.
2 Develop and keep processes updated, and verify they are Develop and keep processes updated, and verify they are Updated Additional Required Information specific to monitor Updating the Additional Required Information changes an
II 2.2 II 2.2
being followed. being followed. and verify how well processes are working appraisable component.
Use organizational processes and process assets to plan, Use organizational processes and process assets to plan,
II 3.1 II 3.1
manage, and perform the work. manage, and perform the work.
Evaluate the adherence to and effectiveness of the Evaluate the adherence to and effectiveness of the
3 II 3.2
organizational processes.
II 3.2
organizational processes.
Contribute process-related information or process assets to Contribute process-related information or process assets to
II 3.3 II 3.3
the organization. the organization.
Develop the organizational capability to understand and apply
4 II 4.1 statistical and other quantitative techniques to accomplish the New practice
work.
 Incident Resolution and Prevention (IRP)
Intent: Resolve and prevent disruptions promptly to sustain service delivery levels.

Value: Minimize the impact of disruptions to meet objectives and customer commitments more effectively.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any IRP practice statements
1 IRP 1.1 Record and resolve incidents. IRP 1.1 Record and resolve incidents.
Develop, keep updated, and follow an approach for incident Develop, keep updated, and follow an approach for incident
IRP 2.1 IRP 2.1
resolution and prevention. resolution and prevention.
2 IRP 2.2 Monitor and resolve each incident to closure. IRP 2.2 Monitor and resolve each incident to closure.
IRP 2.3 Communicate incident status. IRP 2.3 Communicate incident status.
Develop, keep updated, and use an incident management Develop, keep updated, and use an incident management
IRP 3.1 system for processing and tracking incidents and their IRP 3.1 system for processing and tracking incidents and their
3 resolution. resolution.
Analyze selected incident and resolution data for prevention of Analyze selected incident and resolution data for prevention of
IRP 3.2 IRP 3.2
future incidents. future incidents.
 Managing Performance and Measurement (MPM)
Intent: Manages performance using measurement and analysis to achieve business objectives.

Value: Maximizes business return on investment by focusing management and improvement efforts on cost, schedule, and quality performance.

Managing and optimizing performance helps to:

Additional - Ensure that benefits and business performance are the leading factors in driving performance and improvement.
Required - Change the paradigm from "process improvement leads to performance improvement" to "performance is the primary driver of process
PA Info: improvement"
- Use the results of measurement and analysis to manage and control performance at various work and business levels.

Performance and measurement management includes:

- Setting objectives for:
o The business
o Measurement and performance
o Quality and process performance
- Allocating and tracing objective to subordinate levels in the business and processes
- Defining measurements to improve the understanding of progress towards achieving the objectives
- Analyzing measurement and performance data to:
o Understand the relationship and interactions between performance and processes
o Define and take actions to address any observed issues with achieving objectives
o Make the performance results and related benefits clearly visible to all stakeholders
o Continually target and optimize performance

Measurement and performance objectives are quantitative objectives that do not require the additional rigor of statistical techniques.

Quality and Process Performance Objectives (QPPOs) apply to High Maturity activities using statistical and other quantitative techniques.
These objectives include the use of statistical and other quantitative techniques on the related data.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement
MPM 1.1 Collect measures and record performance. MPM 1.1 Collect measures and record performance.
1
MPM 1.2 Identify and address performance issues. MPM 1.2 Identify and address performance issues.
Derive and record measurement and performance objectives Derive and record measurement and performance objectives
MPM 2.1 from selected business needs and objectives and keep them MPM 2.1 from selected business needs and objectives and keep them
updated. updated.
Develop, keep updated, and use operational definitions for Develop, keep updated, and use operational definitions for
MPM 2.2 MPM 2.2
measures. measures.
Obtain specified measurement data according to the Obtain specified measurement data according to the
MPM 2.3 MPM 2.3
2 operational definitions. operational definitions.
Analyze performance and measurement data according to the Analyze performance and measurement data according to the
MPM 2.4 MPM 2.4
operational definitions. operational definitions.
Store measurement data, measurement specifications, and Store measurement data, measurement specifications, and
MPM 2.5 MPM 2.5
analysis results according to the operational definitions. analysis results according to the operational definitions.
Take actions to address identified issues with meeting Take actions to address identified issues with meeting
MPM 2.6 MPM 2.6
measurement and performance objectives. measurement and performance objectives.
Develop, keep updated, and use the organization's Develop, keep updated, and use the organization's
MPM 3.1 measurement and performance objectives traceable to MPM 3.1 measurement and performance objectives traceable to
business objectives. business objectives.
Follow organizational processes and standards to develop and Follow organizational processes and standards to develop and
MPM 3.2 use operational definitions for measures and keep them MPM 3.2 use operational definitions for measures and keep them
updated. updated.
MPM 3.3 Develop, keep updated, and follow a data quality process. MPM 3.3 Develop, keep updated, and follow a data quality process.
3
Develop, keep updated, and use the organization’s Develop, keep updated, and use the organization’s
MPM 3.4 MPM 3.4
measurement repository. measurement repository.
Analyze organizational performance using measurement and Analyze organizational performance using measurement and
Revised practice statement to incorporate “and address” with
MPM 3.5 performance data to determine and address performance MPM 3.5 performance data to determine performance improvement
regards to performance improvement need
improvement needs. needs.
Periodically communicate performance results to the Periodically communicate performance results to the
MPM 3.6 MPM 3.6
organization. organization.
Use statistical and other quantitative techniques to develop, Use statistical and other quantitative techniques to develop,
keep updated, and communicate quality and process keep updated, and communicate quality and process
MPM 4.1 MPM 4.1
performance objectives that are traceable to business performance objectives that are traceable to business
objectives. objectives.
 Select measures and analytic techniques to quantitatively
MPM 4.2 manage performance to achieve quality and process
performance objectives.
Use statistical and other quantitative techniques to develop
4 MPM 4.3 and analyze process performance baselines and keep them
updated.
Use statistical and other quantitative techniques to develop
MPM 4.4 and analyze process performance models and keep them
updated.
Use statistical and other quantitative techniques to determine
MPM 4.5 or predict achievement of quality and process performance
objectives.
Use statistical and other quantitative techniques to ensure that
MPM 5.1 business objectives are aligned with business strategy to
optimize performance.
Analyze performance data using statistical and other
quantitative techniques to determine the organization’s ability
MPM 5.2
5 to satisfy selected business objectives and identify potential
areas for optimizing performance.
Select and implement improvement proposals based on the
statistical and quantitative analysis of the expected effect of
MPM 5.3
proposed improvements on meeting and optimizing business,
quality, and process performance objectives.
Select measures and analytic techniques to quantitatively
MPM 4.2 manage performance to achieve quality and process
performance objectives.
Use statistical and other quantitative techniques to develop
MPM 4.3 and analyze process performance baselines and keep them
updated.
Use statistical and other quantitative techniques to develop
MPM 4.4 and analyze process performance models and keep them
updated.
Use statistical and other quantitative techniques to determine
MPM 4.5 or predict achievement of quality and process performance
objectives.
Use statistical and other quantitative techniques to ensure that
Revised practice statements to incorporate “optimize” or
MPM 5.1 business objectives are aligned with business strategy and
“optimizing” phrases.
performance.
Analyze performance data using statistical and other
quantitative techniques to determine the organization’s ability Revised practice statements to incorporate “optimize” or
MPM 5.2
to satisfy selected business objectives and identify potential “optimizing” phrases.
areas for performance improvement.
Select and implement improvement proposals based on the
statistical and quantitative analysis of the expected effect of Revised practice statements to incorporate “optimize” or
MPM 5.3
proposed improvements on meeting business, quality, and “optimizing” phrases.
process performance objectives.
 Managing Security Threats & Vulnerabilities (MST)
Identifies the security threats and vulnerabilities that could compromise the organization or solution, analyzes the potential impacts, and defines
Intent: and takes actions to address and mitigate them.
Value: Increases an organization's capability and resilience to identify, mitigate, and recover from threats and vulnerabilities.

Managing security threats and vulnerabilities is an ongoing, 24/7, 365 days a year activity. It can never stop and cannot be an after-thought or
Additional a tradeoff item like schedule, cost, and quality. However, not every threat or vulnerability has the same impact. An organization, or project
Required doing this needs a holistic and systematic approach, based on recorded criteria, to continually sort through, evaluate, and select which threats
PA Info: and vulnerabilities are the most critical to address, given the potential risk and impact to the business, mission, or solution.

CMMI V3.0
PG Practice # Practice Statement
MST 1.1 Identify and record security threats and vulnerabilities.
1
MST 1.2 Take actions to address security threats and vulnerabilities.
Develop, keep updated, and follow an approach for handling
MST 2.1
security threats and vulnerabilities.
Develop and keep updated criteria to evaluate security threats
MST 2.2
and vulnerabilities.
Use recorded criteria to prioritize, monitor, and address the
2 MST 2.3 most critical security threats and vulnerabilities that arise
during operations.
Evaluate and report the effectiveness of the approach and
MST 2.4 actions taken to address critical security threats and
vulnerabilities to the solution.
Develop, keep updated, and follow an organizational security
MST 3.1 strategy, approach, and architecture to evaluate, manage, and
verify threats and vulnerabilities.
Analyze security verification and validation results to ensure
3 MST 3.2 accuracy, comparability, consistency, ad validity across the
organization.
Evaluate effectiveness of the organizational security strategy,
MST 3.3 approach, and architecture for addressing security threats and
vulnerabilities.
Employ threat intelligence analysis to develop and improve the
solution security approach and architecture, and to select
4 MST 4.1
security solutions to address threats and vulnerabilities, using
statistical and other quantitative techniques.
CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
Practice # Practice Statement
MST 1.1 Identify and record security threats and vulnerabilities.
MST 1.2 Take actions to address security threats and vulnerabilities.
Develop, keep updated, and follow an approach for handling
MST 2.1
security threats and vulnerabilities.
Develop and keep updated criteria to evaluate security threats
MST 2.2
and vulnerabilities.
Use recorded criteria to prioritize, monitor, and address the
MST 2.3 most critical security threats and vulnerabilities that arise
during operations.
Evaluate the effectiveness of the approach and actions taken
MST 2.4 to address critical security threats and vulnerabilities to the Revised practice statement to include “and report”
solution.
Develop, keep updated, and follow an organizational security
MST 3.1 strategy, approach, and architecture to evaluate, manage, and Updated value statement Updating the value statement changes an appraisable component.
verify threats and vulnerabilities.
Analyze security verification and validation results to ensure
MST 3.2 accuracy, comparability, consistency, ad validity across the Updated value statement Updating the value statement changes an appraisable component.
organization.
Evaluate effectiveness of the organizational security strategy,
MST 3.3 approach, and architecture for addressing security threats and
vulnerabilities.
Employ threat intelligence analysis to develop and improve the
solution security approach and architecture, and to select
PLAN 4.1
security solutions to address threats and vulnerabilities, using
statistical and other quantitative techniques.
 Monitor and Control (MC)
Provides an understanding of the project progress so appropriate corrective actions can be taken when performance deviates significantly from
Intent: plans.
Value: Increases the probability of meeting objectives by taking early actions to adjust for significant performance deviations.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any MC practice statements
MC 1.1 Record task completions. MC 1.1 Record task completions.
1
MC 1.2 Identify and resolve issues. MC 1.2 Identify and resolve issues.
Additional Required Information: Moved “indicators of project
Track actual results against estimates for size, effort, Track actual results against estimates for size, effort, Adding Additional Required Information changes an appraisable
MC 2.1 MC 2.1 progress and performance” section from Additional
schedule, resources, knowledge and skills, and budget. schedule, resources, knowledge and skills, and budget. component.
Explanatory Information to Additional Required Information.
Track the involvement of identified stakeholders and Track the involvement of identified stakeholders and
2 MC 2.2
commitments.
MC 2.2
commitments.
MC 2.3 Monitor the transition to operations and support. MC 2.3 Monitor the transition to operations and support.
Take corrective actions when actual results differ significantly Take corrective actions when actual results differ significantly
MC 2.4 MC 2.4
from planned results and manage to closure. from planned results and manage to closure.
Manage the project using the project plan and the project Manage the project using the project plan and the project
MC 3.1 MC 3.1
process. process.
MC 3.2 Manage critical dependencies and activities. MC 3.2 Manage critical dependencies and activities.
3 MC 3.3 Monitor the work environment to identify issues. MC 3.3 Monitor the work environment to identify issues.

MC 3.4 Manage and resolve issues with affected stakeholders. MC 3.4 Manage and resolve issues with affected stakeholders.
 Organizational Training (OT)
Intent: Develop the skills and knowledge of personnel so they perform their roles efficiently and effectively.

Value: Enhances individuals’ skills and knowledge to improve organizational work performance.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any OT practice statements
1 OT 1.1 Train people. OT 1.1 Train people.
OT 2.1 Identify training needs. OT 2.1 Identify training needs.
2
OT 2.2 Train personnel and keep records. OT 2.2 Train personnel and keep records. Updated value statement Updating the value statement changes an appraisable component.
Develop and keep updated the organization’s strategic and Develop and keep updated the organization’s strategic and
OT 3.1 OT 3.1
short-term training needs. short-term training needs.
Coordinate training needs and delivery between the projects Coordinate training needs and delivery between the projects
OT 3.2 OT 3.2
and the organization. and the organization.
Develop, keep updated, and follow organizational strategic and Develop, keep updated, and follow organizational strategic and
OT 3.3 OT 3.3 Updated value statement Updating the value statement changes an appraisable component.
short-term training plans. short-term training plans.
Develop, keep updated, and use a training capability to Develop, keep updated, and use a training capability to
3 OT 3.4 OT 3.4
address organizational training needs. address organizational training needs.
Assess and report the effectiveness of the organization’s Assess the effectiveness of the organization’s training Updated practice statement to include “and report.” Updated
OT 3.5 OT 3.5 Updating the value statement changes an appraisable component.
training program. program. value statement.

Record, keep updated, and use the set of organizational Record, keep updated, and use the set of organizational
OT 3.6 OT 3.6
training records. training records.
 Peer Reviews (PR)
Identifies and addresses process performance and work product issues through reviews by the producer’s peers or Subject Matter Experts
Intent: (SMEs).
Value: Reduce cost and rework by uncovering issues or defects early.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any PR practice statements
1 PR 1.1 Perform reviews of work products and record issues. PR 1.1 Perform reviews of work products and record issues.
Develop and keep updated procedures and supporting Develop and keep updated procedures and supporting
PR 2.1 PR 2.1
materials used to prepare for and perform peer reviews. materials used to prepare for and perform peer reviews.
PR 2.2 Select work products to be peer reviewed. PR 2.2 Select work products to be peer reviewed.
2 Prepare and perform peer reviews on selected work products Prepare and perform peer reviews on selected work products
PR 2.3 PR 2.3
using established procedures. using established procedures.
PR 2.4 Resolve issues identified in peer reviews. PR 2.4 Resolve issues identified in peer reviews.
3 PR 3.1 Analyze results and data from peer reviews. PR 3.1 Analyze results and data from peer reviews.
 Planning (PLAN)
Intent: Develop plans to describe what is needed to accomplish the work within the standards and constraints of the organization.

Value: Optimizes cost, functionality, and quality to increase the likelihood of meeting objectives.

Additional Planning should include an approach, activities, and actions needed for the following:
Required - Identifying and addressing requirements including quality, functionality, customers, users, etc.
- Developing budgets and schedules based on estimates
PA Info: - Identifying resource demands and obtaining the necessary resource capacity and availability
- Managing risks and opportunities
- Developing and keeping the project plan updated to reflect how to perform the work

Plans also describe:

- The work to be performed
- Applicable organizational set of standard processes, assets, and tailoring guidelines
- Dependencies
- Who performs the work
- Relationships with other plans
- Stakeholders and their role

Capacity and availability management activities can be performed at different levels of the organization and applied to any type of work.
Capacity and availability management activities typically involve:
- Developing a capacity and availability management approach and keeping it updated
- Providing and allocating resources
- Monitoring, analyzing, understanding, forecasting, adjusting, and reporting on current demand for:
o Work activities
o Services
o Solutions and deliverables
o Resources
o Capacity and availability
o Service or service system performance
o Availability
- Determining corrective actions to ensure appropriate capacity and availability while balancing costs against resources needed and supply

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any PLAN practice statements
PLAN 1.1 Develop a list of tasks. PLAN 1.1 Develop a list of tasks.
1
PLAN 1.2 Assign people to tasks. PLAN 1.2 Assign people to tasks.
Develop and keep updated the approach for accomplishing the Develop and keep updated the approach for accomplishing the
PLAN 2.1 PLAN 2.1
work. work.
PLAN 2.2 Plan for the knowledge and skills needed to perform the work. PLAN 2.2 Plan for the knowledge and skills needed to perform the work.
Based on recorded estimates, develop, and keep the budget Based on recorded estimates, develop and keep the budget
PLAN 2.3 PLAN 2.3 Added a comma to practice statement after “develop.”
and schedule updated. and schedule updated.
PLAN 2.4 Plan the involvement of identified stakeholders. PLAN 2.4 Plan the involvement of identified stakeholders.
2 PLAN 2.5 Plan transition to operations and support. PLAN 2.5 Plan transition to operations and support.
Updated practice statement, changed to “Ensure plans are
Ensure plans are feasible by reconciling estimates against Ensure plans are feasible by reconciling available and
PLAN 2.6 PLAN 2.6 feasible by reconciling estimates against capacity and Updating the value statement changes an appraisable component.
capacity and availability of resources. estimated resources.
availability of resources.” Updated value statement.
Develop the project plan, ensure consistency among its Develop the project plan, ensure consistency among its
PLAN 2.7 PLAN 2.7
elements, and keep it updated. elements, and keep it updated.
Review plans and obtain commitments from affected Review plans and obtain commitments from affected
PLAN 2.8 PLAN 2.8
stakeholders. stakeholders.
Use the organization's set of standard processes and tailoring Use the organization's set of standard processes and tailoring
PLAN 3.1 guidelines to develop, keep updated, and follow the project PLAN 3.1 guidelines to develop, keep updated, and follow the project
process. process.
Develop a plan and keep it updated using the project process, Develop a plan and keep it updated using the project process,
3 PLAN 3.2 the organization's process assets, and the measurement PLAN 3.2 the organization's process assets, and the measurement
repository. repository.
PLAN 3.3 Identify and negotiate critical dependencies. PLAN 3.3 Identify and negotiate critical dependencies.
Plan for the project environment and keep it updated based on Plan for the project environment and keep it updated based on
PLAN 3.4 PLAN 3.4
the organization’s standards. the organization’s standards.
Use statistical and other quantitative techniques to develop Use statistical and other quantitative techniques to develop
and keep the project processes updated to enable and keep the project processes updated to enable
4 PLAN 4.1
achievement of the quality and process performance
PLAN 4.1
achievement of the quality and process performance
objectives. objectives.
 Process Asset Development (PAD)
Intent: Develops the process assets necessary to perform the work and keeps them updated.

Value: Provides a capability to understand and repeat successful performance.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement
1 PAD 1.1 Develop process assets to perform the work. PAD 1.1 Develop process assets to perform the work.
Determine what process assets will be needed to perform the Determine what process assets will be needed to perform the
PAD 2.1 PAD 2.1
work. work.
2 PAD 2.2 Develop, buy, or reuse process assets. PAD 2.2 Develop, buy, or reuse process assets.
PAD 2.3 Make processes and assets available. PAD 2.3 Make processes and assets available.
Develop, keep updated, and follow a strategy for building and Develop, keep updated, and follow a strategy for building and
PAD 3.1 PAD 3.1
updating process assets. updating process assets.
Develop, record, and keep updated a process architecture that Develop, record, and keep updated a process architecture that
PAD 3.2 describes the structure of the organization’s processes and PAD 3.2 describes the structure of the organization’s processes and
process assets. process assets.
Former PAD 3.5 practice combined into PAD 3.3 practice
statement as these were duplicative as previously
Develop, keep updated, and make the organization's written/interpreted. The new PAD 3.3 practice statement is:
Develop, keep updated, and make processes and assets
PAD 3.3 processes and assets available for use in a process asset PAD 3.3 “Develop, keep updated, and make the organization’s
available for use.
library. processes and assets available for use in a process asset
library.” Updated value statement and Additional Required
3
Information for PAD 3.3 to align to adjusted practice statement.
Develop, keep updated, and use tailoring criteria and Develop, keep updated, and use tailoring criteria and
PAD 3.4 PAD 3.4
guidelines for the set of standard processes and assets. guidelines for the set of standard processes and assets.
Develop, keep updated, and make the organization’s process
PAD 3.5 See PAD 3.3 above.
asset library available for use.
Develop, keep updated, and make work environment Develop, keep updated, and make work environment
PAD 3.5 PAD 3.6 The former PAD 3.6 practice is now PAD 3.5
standards available for use. standards available for use.

Develop, keep updated, and make organizational Develop, keep updated, and make organizational
PAD 3.6 PAD 3.7 The former PAD 3.7 practice is now PAD 3.6
measurement and analysis standards available for use. measurement and analysis standards available for use.
 Process Management (PCM)
Manages and implements the continuous improvement of processes and infrastructure to meet business objectives by identifying and
Intent: implementing the most beneficial process improvements and making performance results visible, accessible, and sustainable.

Value: Ensures that processes, infrastructure, and their improvement contribute to successfully meeting business objectives.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement
Develop a support structure to provide process guidance, Develop a support structure to provide process guidance,
PCM 1.1 identify and fix process problems, and continuously improve PCM 1.1 identify and fix process problems, and continuously improve
processes. processes.
1 Appraise the current process implementation and identify Appraise the current process implementation and identify
PCM 1.2 PCM 1.2
strengths and weaknesses. strengths and weaknesses.
PCM 1.3 Address improvement opportunities or process issues. PCM 1.3 Address improvement opportunities or process issues.
Moved Additional Explanatory Information specific to Adding Additional Required Information changes an appraisable
PCM 2.1 Identify improvements to the processes and process assets. PCM 2.1 Identify improvements to the processes and process assets.
opportunities and issues to Additional Required Information component.
2 Develop, keep updated, and follow plans for implementing Develop, keep updated, and follow plans for implementing
PCM 2.2 PCM 2.2
selected process improvements. selected process improvements.
Develop, keep updated, and use process improvement Develop, keep updated, and use process improvement
PCM 3.1 PCM 3.1
objectives traceable to the business objectives. objectives traceable to the business objectives.
Identify processes that are the largest contributors to meeting Identify processes that are the largest contributors to meeting
PCM 3.2 PCM 3.2
business objectives. business objectives.
Explore and evaluate potential new processes, techniques, Explore and evaluate potential new processes, techniques,
PCM 3.3 PCM 3.3
methods, and tools to identify improvement opportunities. methods, and tools to identify improvement opportunities.
3 Provide support for implementing, deploying, and sustaining Provide support for implementing, deploying, and sustaining
PCM 3.4 PCM 3.4
process improvements. process improvements.
PCM 3.5 Deploy organizational standard processes and process assets. PCM 3.5 Deploy organizational standard processes and process assets.
Evaluate and report the effectiveness of deployed Evaluate the effectiveness of deployed improvements in
PCM 3.6 PCM 3.6 Revised practice statement to include “and report”
improvements in achieving process improvement objectives. achieving process improvement objectives.
Use statistical and other quantitative techniques to validate Use statistical and other quantitative techniques to validate
selected performance improvements against proposed selected performance improvements against proposed
4 PCM 4.1
improvement expectations, business objectives, or quality and
PCM 4.1
improvement expectations, business objectives, or quality and
process performance objectives. process performance objectives.
 Process Quality Assurance (PQA)
Intent: Verify and enable improvement of the quality of the processes performed and resulting work products.

Value: Increases the consistent use and improvement of the processes to maximize business benefit and customer satisfaction.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any PQA practice statements
1 PQA 1.1 Identify and address process and work product issues. PQA 1.1 Identify and address process and work product issues.
Develop, keep updated, and follow a quality assurance Develop, keep updated, and follow a quality assurance
PQA 2.1 PQA 2.1
approach and plan based on historical quality data. approach and plan based on historical quality data.
Objectively evaluate selected performed processes and work Objectively evaluate selected performed processes and work
PQA 2.2 products against the recorded process and applicable PQA 2.2 products against the recorded process and applicable
2 standards. standards.
Communicate quality and non-compliance issues and ensure Communicate quality and non-compliance issues and ensure
PQA 2.3 PQA 2.3
their resolution. their resolution.
PQA 2.4 Record and use results of quality assurance activities. PQA 2.4 Record and use results of quality assurance activities.
Identify and record opportunities for improvement during Identify and record opportunities for improvement during
3 PQA 3.1
quality assurance activities.
PQA 3.1
quality assurance activities.
 Product Integration (PI)
Intent: Integrates and delivers the solution that addresses functionality, performance, and quality requirements.

Value: Increases customers’ satisfaction by giving them a solution that meets or exceeds their functionality and quality requirements.

If Safety is included in the selected view : ensure safety requirements are addressed within the relevant integration strategies, processes,
Additional
documentation, and activities.
Required
PA Info: If Security is included in the selected view : ensure security requirements are addressed within the relevant integration strategies, processes,
documentation, and activities.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any PI practice statements
1 PI 1.1 Assemble solutions and deliver to the customer. PI 1.1 Assemble solutions and deliver to the customer.
Revising Additional Required Information changes an appraisable
PI 2.1 Develop, keep updated, and follow an integration strategy. PI 2.1 Develop, keep updated, and follow an integration strategy. Additional Required Information revised for clarity.
component.
PI 2.2 Develop, keep updated, and use the integration environment. PI 2.2 Develop, keep updated, and use the integration environment.
Develop, keep updated, and follow procedures and criteria for Develop, keep updated, and follow procedures and criteria for
PI 2.3 PI 2.3
integrating solutions and components. integrating solutions and components.
Confirm, prior to integration, that each component has been Confirm, prior to integration, that each component has been
2
PI 2.4 properly identified and operates according to its requirements PI 2.4 properly identified and operates according to its requirements
and design. and design.
Evaluate integrated components to ensure conformance to the Evaluate integrated components to ensure conformance to the
PI 2.5 PI 2.5
solution’s requirements and design. solution’s requirements and design.
Integrate solutions and components according to the Integrate solutions and components according to the
PI 2.6 PI 2.6
integration strategy. integration strategy.
Review and keep updated interface or connection descriptions Review and keep updated interface or connection descriptions
PI 3.1 for coverage, completeness, and consistency throughout the PI 3.1 for coverage, completeness, and consistency throughout the
solution’s life. solution’s life.
3 PI 3.2
Confirm, prior to integration, that component interfaces or
PI 3.2
Confirm, prior to integration, that component interfaces or
connections comply with interface or connection descriptions. connections comply with interface or connection descriptions.
Evaluate integrated components for interface or connection Evaluate integrated components for interface or connection
PI 3.3 PI 3.3
compatibility. compatibility.
 Requirements Development and Management (RDM)
Intent: Elicits requirements, confirms common understanding by stakeholders, and aligns requirements, plans, and work products.

Value: Increases likelihood that the solution meets or exceeds customer expectations and needs.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement
1 RDM 1.1 Record requirements. RDM 1.1 Record requirements.
Former RDM 2.3 combined with practice statement RDM 2.1,
Elicit stakeholder needs, expectations, constraints, and updated practice statement includes “and confirm
Elicit stakeholder needs, expectations, constraints, and
RDM 2.1 interfaces or connections, and confirm understanding of RDM 2.1 understanding of the requirements.” Additional Required
interfaces or connections.
requirements. Information updated to include information specific to criteria.
Added Safety Context Specific information.
Transform stakeholder needs, expectations, constraints, and Transform stakeholder needs, expectations, constraints, and
RDM 2.2 interfaces or connections into prioritized customer RDM 2.2 interfaces or connections into prioritized customer
requirements. requirements.
2 Develop an understanding with the requirements providers on
RDM 2.3 See RDM 2.1
the meaning of the requirements.
Obtain commitment from project participants that they can Obtain commitment from project participants that they can
RDM 2.3 RDM 2.4 The former RDM 2.4 practice is now RDM 2.3
implement the requirements. implement the requirements.
Develop, record, and keep updated bidirectional traceability Develop, record, and keep updated bidirectional traceability
RDM 2.4 RDM 2.5 The former RDM 2.5 practice is now RDM 2.4
among requirements and activities or work products. among requirements and activities or work products.
Ensure that plans and activities or work products remain Ensure that plans and activities or work products remain
RDM 2.5 RDM 2.6 The former RDM 2.6 practice is now RDM 2.5
consistent with requirements. consistent with requirements.
Develop and keep requirements updated for the solution and Develop and keep requirements updated for the solution and
RDM 3.1 RDM 3.1
its components. its components.
RDM 3.2 Develop operational concepts and scenarios. RDM 3.2 Develop operational concepts and scenarios.
RDM 3.3 Allocate the requirements to be implemented. RDM 3.3 Allocate the requirements to be implemented.
Identify, develop, and keep updated interface or connection Identify, develop, and keep updated interface or connection
3 RDM 3.4
requirements.
RDM 3.4
requirements.
RDM 3.5 Ensure that requirements are necessary and sufficient. RDM 3.5 Ensure that requirements are necessary and sufficient.
RDM 3.6 Balance stakeholder needs and constraints. RDM 3.6 Balance stakeholder needs and constraints.
Validate requirements to ensure the resulting solution will Validate requirements to ensure the resulting solution will
RDM 3.7 RDM 3.7
perform as intended in the target environment. perform as intended in the target environment.
 Risk and Opportunity Management (RSK)
Intent: Identifies, records, analyzes, and manages potential risks or opportunities.

Value:
Mitigates adverse impacts or capitalizes on positive impacts to increase the likelihood of meeting objectives.

Additional The term risk refers to uncertainties that may have a negative impact on achieving objectives. The term opportunity refers to uncertainties that
Required may have a positive impact on achieving objectives.
PA Info:

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any RSK practice statements
Identify and record risks or opportunities and keep them Identify and record risks or opportunities and keep them
1 RSK 1.1
updated.
RSK 1.1
updated.
RSK 2.1 Analyze identified risks or opportunities. RSK 2.1 Analyze identified risks or opportunities.
2 Monitor identified risks or opportunities and communicate Monitor identified risks or opportunities and communicate
RSK 2.2 RSK 2.2
status to affected stakeholders. status to affected stakeholders.
RSK 3.1 Identify and use risk or opportunity categories. RSK 3.1 Identify and use risk or opportunity categories.
Define and use parameters for risk or opportunity analysis and Define and use parameters for risk or opportunity analysis and
RSK 3.2 RSK 3.2
handling. handling.
Develop and keep updated a risk or opportunity management Develop and keep updated a risk or opportunity management
RSK 3.3 RSK 3.3
3 strategy. strategy.
Develop and keep updated risk or opportunity management Develop and keep updated risk or opportunity management
RSK 3.4 RSK 3.4
plans. plans.
Manage risks or opportunities by implementing planned risk or Manage risks or opportunities by implementing planned risk or
RSK 3.5 RSK 3.5
opportunity management activities. opportunity management activities.
 Service Delivery Management (SDM)
Intent: Deliver services and manage the service delivery system.

Value: Increase customer satisfaction by delivering services that meet or exceed customer expectations.

This includes:
Additional - Delivering services in accordance with service delivery approaches and agreements
Required - Managing changes to the service delivery system
PA Info: - Receiving and processing service requests
- Maintaining service delivery performance when changes occur

If Safety is included in the selected view: ensure the service system addresses and is consistent with all relevant safety related requirements
and considerations.
If Security is included in the selected view: ensure the service system addresses and is consistent with all relevant security related
requirements and considerations.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any SDM practice statements
1 SDM 1.1 Use the service system to deliver services. SDM 1.1 Use the service system to deliver services.
Develop, record, keep updated, and follow service Develop, record, keep updated, and follow service
SDM 2.1 SDM 2.1
agreements. agreements.
Receive and process service requests in accordance with Receive and process service requests in accordance with
SDM 2.2 SDM 2.2
service agreements. service agreements.
SDM 2.3 Deliver services in accordance with service agreements. SDM 2.3 Deliver services in accordance with service agreements.
2 Analyze existing service agreements and service data to Analyze existing service agreements and service data to
SDM 2.4 SDM 2.4
prepare for updated or new agreements. prepare for updated or new agreements.
Develop, record, keep updated, and follow the approach for Develop, record, keep updated, and follow the approach for
SDM 2.5 SDM 2.5
operating and changing the service system. operating and changing the service system.
Confirm the readiness of the service system to support the Confirm the readiness of the service system to support the
SDM 2.6 SDM 2.6
delivery of services. delivery of services.
Develop, record, keep updated, and use organizational Develop, record, keep updated, and use organizational
3 SDM 3.1
standard service systems and agreements.
SDM 3.1
standard service systems and agreements.
 Strategic Service Management (STSM)
Intent: Develops and deploys standard services that are compatible with strategic business needs and plans.

Value: Increases likelihood of meeting business objectives by aligning standard services with customer needs.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any STSM practice statements
1 STSM 1.1 Develop a list of current services. STSM 1.1 Develop a list of current services.
Develop, keep updated, and use descriptions of current Develop, keep updated, and use descriptions of current
STSM 2.1 STSM 2.1
services. services.
Collect, record, and analyze data about strategic needs and Collect, record, and analyze data about strategic needs and
STSM 2.2 STSM 2.2
2 capabilities for service delivery. capabilities for service delivery.
Develop, keep updated, and follow an approach for providing Develop, keep updated, and follow an approach for providing
STSM 2.3 new or changed services derived from strategic needs and STSM 2.3 new or changed services derived from strategic needs and
capabilities. capabilities.
Develop, keep updated, and use the set of organizational Develop, keep updated, and use the set of organizational
3 STSM 3.1
standard services and service levels.
STSM 3.1
standard services and service levels.
 Supplier Agreement Management (SAM)
Intent: Selects qualified suppliers, establishes agreements, and manages the resulting supplier and acquirer activities over the term of the agreement.

Value: Maximizes the probability of mutual success for acquirers and suppliers.

If Data is included in the selected view: Identify data-related considerations, e.g., privacy, data quality, to be included in the supplier agreement.
Additional
If Safety is included in the selected view: Identify hazard and safety-related considerations, e.g., functional safety, to be included in the supplier
Required agreement.
PA Info: If Security is included in the selected view: Identify security-related considerations, e.g., physical security, database and information access,
background checks, personnel clearances, to be included in the supplier agreement.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement
New practice information and statement, “Identify, evaluate,
SAM 1.1 Identify, evaluate, and select suppliers.
and select suppliers.”
1 SAM 1.2 Develop and record the supplier agreement. SAM 1.1 Develop and record the supplier agreement. The former SAM 1.1 practice is now SAM 1.2.
SAM 1.3 Accept or reject the supplier deliverables. SAM 1.2 Accept or reject the supplier deliverables. The former SAM 1.2 practice is now SAM 1.3.
SAM 1.4 Process supplier invoices. SAM 1.3 Process supplier invoices. The former SAM 1.3 practice is now SAM 1.4.
New practice information and practice statement, “Identify
Identify evaluation criteria, potential suppliers, and distribute
SAM 2.1 evaluation criteria, potential suppliers, and distribute supplier
supplier requests.
requests.”
New practice information and practice statement, “Evaluate
Evaluate supplier responses according to recorded evaluation Monitor supplier as specified in the supplier agreement and supplier responses according to recorded evaluation criteria
SAM 2.2 SAM 2.1
criteria and select suppliers. keep agreement updated. and select suppliers.” Added Security Context Specific
2 information
Manage supplier activities as specified in the supplier The former SAM 2.1 practice is now SAM 2.3, initial phrase of
SAM 2.3 SAM 2.2 Perform activities as specified in the supplier agreement.
agreement and keep agreement updated. practice updated to “Manage supplier activities… “
Verify that the supplier agreement is satisfied before accepting Verify that the supplier agreement is satisfied before accepting
SAM 2.4 SAM 2.3 The former SAM 2.3 practice is now SAM 2.4.
the acquired supplier deliverable. the acquired supplier deliverable.
Manage invoices submitted by the supplier according to the Manage invoices submitted by the supplier according to the
SAM 2.5 SAM 2.4 The former SAM 2.4 practice is now SAM 2.5.
supplier agreements. supplier agreements.
Conduct technical reviews of supplier performance activities Select technical supplier deliverables for analysis and conduct
Updated practice statement to, “Conduct technical reviews of
SAM 3.1 SAM 3.1
and selected deliverables. technical reviews. supplier performance activities and selected deliverables.”
3 Manage supplier performance and processes based on criteria Select and monitor supplier processes and deliverables based Updated practice statement to, “Manage supplier performance
SAM 3.2 SAM 3.2
in the supplier agreement. on criteria in the supplier agreement. and processes based on criteria in the supplier agreement."
Updated practice statement to, “Select measures and apply
analytical techniques to quantitatively manage suppliers
Select measures and apply analytical techniques to Select measures and apply analytical techniques to
against their performance targets.” Reflective of community
4 SAM 4.1 quantitatively manage suppliers against their performance SAM 4.1 quantitatively manage supplier performance to achieve quality
comment on when High Maturity should be applied from
targets. and process performance objectives.
acquirer to their own and their suppliers’ process performance
analysis and objectives.
 Technical Solution (TS)
Intent: Designs and builds solutions that meet requirements.

Value: Provides a cost-effective design and solution that meets customer requirements and reduces rework.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any TS practice statements
1 TS 1.1 Build a solution to meet requirements. TS 1.1 Build a solution to meet requirements.
TS 2.1 Design and build a solution to meet requirements. TS 2.1 Design and build a solution to meet requirements.
2 TS 2.2 Evaluate the design and address identified issues. TS 2.2 Evaluate the design and address identified issues.
TS 2.3 Provide guidance on use of the solution. TS 2.3 Provide guidance on use of the solution.
TS 3.1 Develop criteria for design decisions. TS 3.1 Develop criteria for design decisions.
TS 3.2 Develop alternative solutions for selected components. TS 3.2 Develop alternative solutions for selected components.
TS 3.3 Perform a build, buy, or reuse analysis. TS 3.3 Perform a build, buy, or reuse analysis.
3 TS 3.4 Select solutions based on design criteria. TS 3.4 Select solutions based on design criteria.
Develop, keep updated, and use information needed to Develop, keep updated, and use information needed to
TS 3.5 TS 3.5
implement the design. implement the design.
Design solution interfaces or connections using established Design solution interfaces or connections using established
TS 3.6 TS 3.6
criteria. criteria.
 Verification and Validation (VV)
Verification and validation includes activities that:
Intent: • Confirm selected solutions and components meet their requirements
• Demonstrate selected solutions and components fulfill their intended use in their target environment
Value: Verification and validation of selected solutions and components throughout the project increases the likelihood that the solution will satisfy the
customer.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement No change to any VV practice statements
Perform verification to ensure the requirements are Perform verification to ensure the requirements are
VV 1.1 VV 1.1
implemented and record and communicate results. implemented and record and communicate results.
1 Perform validation to ensure the solution will function as Perform validation to ensure the solution will function as
VV 1.2 intended in its target environment and record and VV 1.2 intended in its target environment and record and
communicate results. communicate results.
VV 2.1 Select components and methods for verification and validation. VV 2.1 Select components and methods for verification and validation.
Develop, keep updated, and use the environment needed to Develop, keep updated, and use the environment needed to
2 VV 2.2
support verification and validation.
VV 2.2
support verification and validation.
Develop, keep updated, and follow procedures for verification Develop, keep updated, and follow procedures for verification
VV 2.3 VV 2.3 Updated value statement. Updating the value statement changes an appraisable component.
and validation. and validation.
Develop, keep updated, and use criteria for verification and Develop, keep updated, and use criteria for verification and
VV 3.1 VV 3.1
3 validation. validation.
VV 3.2 Analyze and communicate verification and validation results. VV 3.2 Analyze and communicate verification and validation results.
 Workforce Empowerment (WE)
Aligns the workforce to the organization's business objectives and empowers individuals and workgroups to perform their roles efficiently and
Intent: effectively.

Value:
Enhances the capability of the workforce to contribute to the success of the business.

CMMI V3.0 CMMI V2.2 CMMI V3.0 Release Notes Implications for non-practice statement changes
PG Practice # Practice Statement Practice # Practice Statement
1 WE 1.1 Identify and allocate commitments to workgroups.
Record and allocate work assignments and keep them
WE 2.1 updated based on an assessment of qualifications, skills, and
related criteria.
2 WE 2.2
Manage the transition of individuals in and out of roles and
workgroups.
Develop, keep updated, and use communication and
WE 2.3 WE is a newly added PA in CMMI V3.0
coordination mechanisms within and across workgroups.
Develop, keep updated, and use workforce competencies to
WE 3.1
build organizational capabilities and achieve objectives.
Develop, keep updated, and use an organizational structure
3 WE 3.2
and approach to empower workgroups.
Develop, keep updated, and use organizational compensation
WE 3.3
strategies and mechanisms.