UNIT-5 :: DEVOPS MATURITY MODEL

DevOps Maturity Model: Key factors of DevOps maturity model, stages of DevOps
maturity model, DevOps maturity Assessment

******************************************************************************

What is DevOps Maturity?

DevOps Maturity is a pattern that establishes the position of an organization in

the DevOps process, and by extension, also determines what more needs to be done to
achieve certain pre-defined, aspired outcomes. Embracing DevOps as a continuous
journey and not a destination is crucial to attaining DevOps maturity.

That’s because the DevOps Maturity Model is designed to manage growth through
continuous training covering all organizational aspects, including but not limited to
development and operations. This training helps boost skills and aptitudes needed to adopt
DevOps in true earnest, which, in turn, results in an enhanced capacity to tackle
challenges of greater complexity and scale.

To be able to assess an organization’s standing in its DevOps journey and chalking out a
roadmap for improvement, DevOps Maturity Model focuses on the effectiveness of
organizational processes such as adopting certain business practices and zeroing in on
capabilities required to achieve higher maturity levels and improve performance.

To achieve this through continuous learning, the DevOps Maturity Model relies on
organizational perspectives and access to both development and operations teams.

4 Key Factors of DevOps Maturity Model

When on the path to embracing or augmenting DevOps capabilities, every organization

has a host of questions, doubts, and dilemmas. How is a successful DevOps adoption
defined? When can they claim that they’re practicing DevOps? When can they call their
DevOps practices mature? And most importantly, how to get there?
To provide clarity, we sum it up in four key tenets of DevOps that all mature ecosystems
have in common. This can be considered a benchmark for assessing the maturity of
DevOps practices:

Culture

DevOps must be looked at as a cultural shift more than a technological one. Leveraging
the potential of these practices not only requires efficient cross-functional collaborations
but also a pervasive outlook on the organizational level capable of embracing and
overcoming rapid and repeated failures. Getting all stakeholders on board is also equally
critical to ensure that the shift to DevOps practices isn’t self destroying in any way.

According to a Gartner report, three-fourth of DevOps initiatives are expected to fail

meeting their goals, owing to an organizational inability to foster a culture ready to
embrace this change. The report cites unrealistic expectations, lack of considerations for
business outcomes, inadequate collaboration, and the unwillingness of staff to get behind
the change as the key factors for these failures. While some organizations may be slated to
fail, yours doesn’t have to be one of them. This can be ensured by adhering to the
following guidelines for bring up a culture ready for DevOps:

1. Create a dedicated team for each product

2. Boundaries between development and testing are eliminated

 3. Each team is given its own backlog

4. The dedicated team is responsible for carrying their product all the way to the
production stage

5. All requirements and expected outcomes are clearly defined

6. Workflow and processes are prioritized as per release needs

Testing

Releasing code weekly, daily, or even on an hourly basis is fast becoming a norm. The
concept of continuous testing has evolved out of a need to perform testing and
maintenance at a much faster rate for the sake of keeping up the sequence of notes of
releases.

With applications gaining prominence in their role in lending a competitive edge to

business processes, the criticality of achieving the right balance of speed and accuracy is
being acknowledged now more than ever. Any performance or build quality issues can
hamper the end-user experience. On the other hand, delivery delays directly translate to
losing the competitive edge. Both these factors continue to be a potential roadblock in
implementing continuous testing in true earnest.

On the other side, getting results of continuous testing right means accelerating the time -
to-market, improving code quality, developing a mechanism for continuous feedback, and
eliminating the gap between development, testing, and operations.

An extremely high level of maturity in DevOps can set you up for using continuous testing
optimally and extracting maximum value from it.

DevOps maturity on the testing front is reflected in the following processes and practi ces:

• Having a dedicated test environment for every product

• Automating functional tests, performance tests, integration tests, security

tests, and acceptance tests
 • Running automated unit tests manually

• Security and unit testing for all committed changes automatically

• Continuously analysing and validating unit test coverage

• Defining and automating regression testing

• Carrying out risk analysis, which serves as a basis for exploratory testing

Automation (CI/CD)

The goal of automation or CI/CD is to enhance software quality by pre -emptive

elimination of issues through continuous testing. This is made possible by the ability to
detect quality issues and defects in code changes on a smaller level early on in the
process. As a result, the feedback loop between the users and development teams is
shortened drastically.

Besides, CI/CD also enables development teams to commit changes more frequently
without compromising stability. The approach is primarily seen as a best practice for agile
development, but it also serves as fundamental to the robustness of DevOps initiatives. If
you need speed and quality at the same time, eliminating manual steps or cumbersome
processes is your best way at achieving it.

Automation and CI/CD serve as a proxy for identifying these elements that make
processes slow moving, and correct course.

On this count, DevOps maturity is indicated by a host of factors:

1. An efficient build process backed by artifacts, logs, and a history of every

code commit and execution

2. A deployment pipeline capable of catering to all environments using the same

set of standardized procedures

3. Rapid release of a sequence of notes for efficient code management

 4. Making database changes as part of the deployment process through fully
automated and versioned scripts stored in version control or code migrations

Architecture

An organization’s ability to mature its DevOps processes is governed by the robustness of

its foundations – determined by application architecture. It is one of the determining
factors in whether an organization will be able to manage DevOps for rapid-release
sequence. If your system is not designed to support quick, frequent, and easy testing, you
will end up with bottlenecks no matter what.

The same holds for deployment as well. The challenge also is that there is no one -size-
fits-all architecture to support DevOps maturity. Different styles support different goals.
You must choose one that fits your needs, aligns with your goals, and is compatible with
development technologies and tech infrastructure.

For a DevOps maturity, you’re your strive for the following architectural practices:

1. Placing minimal business logic in hard-to-test places

2. Setting up modules within the system with clear boundaries

3. Each module is equipped to function independently, without interfering with

or impacting the work of others

4. Building applications as products rather than solutions, and enabling

meaningful unit testing for each

5. Clearly defining desired quality attributes

6. Quick and frequent testing of every application component

7. Ability to extract sanitized production data

8. Architecture designed to prevent circuit breakers or cascading failures

5 Stages in DevOps Maturity Model

The DevOps Maturity Model comprises five stages. To able to get a reality check on their
maturity levels, organizations should not lose focus of these:

3 Components of a Complete DevOps Maturity Model

A complete DevOps Maturity Model operates on three levels: evaluating the state of
skills, identifying scope for growth, outlining a roadmap to achieve DevOps goals. To be
able to do that, the DevOps Maturity Model must consist of three key components:
 1. DevOps Maturity for Application

The DevOps maturity for application is defined by how secure the code development
process is, right from development to production stage. Delivering on this aspect of
maturity requires extensive builds, tests, security scans, code coverage, and constant
monitoring of the automated elements in the deployment pipeline.

2. DevOps Maturity by Data

To measure DevOps maturity by data you have to take into account the ability of DataOps
to take action for automating data changes and automatically verify functionality.

3. DevOps Maturity by Infrastructure

DevOps maturity by infrastructure is centred on the ability to ease and streamline

infrastructure handling skills related to automation and facilitating self-service through
store environments, especially in connection with other businesses.

What to Map Using DevOps Maturity Model and Why?

There are a host of parameters that need to be examined at every step of the way to assess
an organization’s DevOps maturity, and more importantly, achieve it. Some of the key
criteria to map using the DevOps Metrics are:

• Are your finished designs and discharge frequency resulting in high ROI?

• Do your secure deployments outdo the broken ones?

• Is your Mean Time To Recovery (MTTR) from a near-total failure or

breakdown as close to zero as possible?

• What does the lead generation from the development of code to its
deployment look like?

• What is the deployment frequency for new codes?

The answer to these questions will give you a realistic idea of where you stand in your
DevOps maturity journey.

But why is this important? Here are a few key advantages of continuously mapping your
DevOps maturity:

• Your IT processes remain nimble and flexible.

• You gain the ability to tap events.

• Identifying areas where there is scope for improvement becomes easier.

• You are better poised to optimize scalability and operational performance.

• You can enhance the quality of software products as well as increase delivery
frequency.

DevOps maturity Assessment

DevOps has become an integral part of many organizations, as most of them have already

adopted or have begun to adopt DevOps culture and practices. But we must understand that

DevOps is not a destination but a journey towards continuously improving or automating the

organizational process.

For all its benefits, DevOps adoption is not exactly a piece of cake for organizations. Much

beyond simply implementing DevOps toolsets, this adoption also demands that multiple teams

make a paradigm shift towards the DevOps culture, mindset, and processes.
To better understand the level of DevOps adoption, it is important to have a measurable metric.

This is where DevOps assessment comes in, as it helps organizations benchmark and improve

the current DevOps state for different components like release process, culture, and automation.

DevOps assessment is not a one-time task but a periodic set of assessments defined to measure

the current state of the organization and its teams. It also helps the organization to understand the

progress made so far as compared to the previous set of DevOps Assessments and the next steps

required to reach the next milestone.

How does It work?

Now that we know why we need DevOps Assessment, let's understand how we can use it to

measure an organization's DevOps maturity. A DevOps Assessment covers the following steps

(depending on the maturity model):

a) Kick-off
A DevOps Assessment usually starts with a kick-off meeting as an initial discovery phase of the
current setup, where key stakeholders describe the organization's needs, pain points, and future
milestones. The key aspects of this meeting are:

• Mutual understanding with major pain points

• High-level goals & scope of the assessment
• Ballpark timelines with bifurcation

b) Workshop
Usually conducted over one week, the workshop is the most important step of the DevOps
Assessment. This is where the DevOps team sits with various stakeholders of the team with the
following objectives:
 • Identify business drivers
• Identify challenges
• Define Roadmap

c) Reporting
A report captures the current set of DevOps maturity parameters and compares them with
benchmark parameters. It is also lists the future roadmap along with suggested improvements
and is shared with the organization.

This report consists of multiple sections like:

• As-in state of the complete environment

• Key findings for each of the stages of DevOps Assessment
• Future roadmap
• Quick wins (based on the roadmap)

d) Self-Assessment
Some DevOps Assessments also provide the option to go for online self-assessment. This covers
different aspects of assessment and identifies the strengths and weaknesses of the system. Many
mature organizations have created their self-assessment portals, which help them calculate the
maturity level for several stages/components. This helps organizations to benchmark their
current as-is State of DevOps.
What does it cover?
Though different assessment providers cover different stages for evaluating the DevOps maturity
of an organization, some of the most common ones are:

• Process
• Culture
• Technology & Automation
• Collaboration
• Security
• Outcomes

1) Process
Processes are a vital part of an organization and the teams. Setting up the right processes makes
it simpler for an organization to achieve DevOps maturity realistically. Defining processes
standardizes the complete setup and provides advancement for the DevOps environment where
every stage corresponds to corporate policies and its specific business objectives.

2) Culture
Culture is a crucial component in measuring DevOps maturity. Culture involves the close
collaboration of multiple teams - between developers, operation team members, testing team
members, and database administrators. DevOps culture increases collaboration and transparency
between different team members and enhances the learning curve within the team and thereby
within the complete organization.

3) Technology and automation

Technology and automation play a significant role in successful DevOps adoption. Choosing the
right technology and the respective toolsets helps in making the complete setup more mature in
terms of DevOps. DevOps Assessment verifies whether the toolsets being used within the
environment are relevant enough and covers all DevOps aspects.
On the other hand, automation supports DevOps toolsets in achieving continuous delivery &
continuous deployments. With more and more automation within the system, the goal is to
automate every repetitive task. This helps the organization enhance resource efficiency
and extend DevOps maturity.

4) Collaboration
Collaboration is one of the most important pillars on which DevOps works. An organization that
collaborates well can benefit in many ways, for example, by merging multiple teams with
different mindsets and expertise towards achieving a common goal.

Collaboration also helps in cross-training, where multiple team members with different skillsets
provide training and encourage each other to learn and grow mutually.

5) Security
Shifting left with security in DevOps is almost a mandatory task nowadays. It is done to ensure
that the right security is in place at the right stages of the SDLC lifecycle. DevOps Assessment
covers each aspect of security at every component of the ecosystem. It also checks whether the
right set of security parameters/compliance is being used.

Security assessment also covers if the security is being integrated from the initial set of stages
along with the right set of security factors.

6) Outcomes
This is the core of all the previous stages, where various proposals are made based on the
following outcomes:

• Workflow recommendations
• Team design is based on the business perspective
• Major risks
• Backlogs for improving DevOps practices
 • Recommended KPIs for applications
• Agile best practices
• Recommended training

How is DevOps Assessment accomplished?

There are two models for DevOps Assessments:

a)Self-Assessments
b) Detailed Custom Assessments

a) Self-Assessments
As the name suggests, self-assessment comprises pre-defined questionnaires, which include
questions from various categories and their respective sub-categories to cover the complete
ecosystem.

Some of the assessment providers give an option of choosing the size of DevOps Assessment,
with a small size having a smaller number of questions as compared to the large size assessment.

At the end of the self-assessment, an auto-generated report provides the scores of each section of
the questionnaire, along with high-level recommendations based on the inputs received in the
questionnaire.

Nagarro has also created a self-assessment portal to evaluate the DevOps maturity of a project. It
takes 5 different components and evaluates a project across those components and sub-
components. In the end, it also generates a clear, user-friendly report with the current DevOps
maturity level.
b) Detailed Custom Assessments
Since one size doesn’t fit all, the other assessment model also covers custom assessments. It
involves the following aspects:

a) Pre-assessment workshops, including interviewing key stakeholders and understanding high-

level components of the complete ecosystem.

b) Assessment workshops:

• Identify business drivers

• Understand a system as is
• Define where to go
• Identify challenges
• Proof of Concept
• Prepare roadmap

c) Post-workshop activities include a tailored fit maturity model, along with a custom roadmap to
enhance the DevOps maturity along with proof of concept (if required)