The Software. Audit Guide. ASQ Quality Press. Milwaukee, Wisconsin. John W. Helgeson



Similar documents
15 Organisation/ICT/02/01/15 Back- up

Contents. Introduction and System Engineering 1. Introduction 2. Software Process and Methodology 16. System Engineering 53

Secure Code Development

Certified Software Quality Engineer (CSQE) Body of Knowledge

JOB DESCRIPTION APPLICATION LEAD

Certified Information Systems Auditor (CISA)

IT Sr. Systems Administrator

Effective Methods for Software and Systems Integration

CONTENTS Preface xv 1 Introduction

Schneps, Leila; Colmez, Coralie. Math on Trial : How Numbers Get Used and Abused in the Courtroom. New York, NY, USA: Basic Books, p i.

Management. Project. Software. Ashfaque Ahmed. A Process-Driven Approach. CRC Press. Taylor Si Francis Group Boca Raton London New York

CONTENTS. List of Tables List of Figures

SOFTWARE DEVELOPMENT PLAN

Domain 1 The Process of Auditing Information Systems

Project Audit & Review Checklist. The following provides a detailed checklist to assist the PPO with reviewing the health of a project:

Managing and Maintaining Windows Server 2008 Servers

Appendix H Software Development Plan Template

Your Software Quality is Our Business. INDEPENDENT VERIFICATION AND VALIDATION (IV&V) WHITE PAPER Prepared by Adnet, Inc.

2003 Patricia Ensworth Page 1

Determining Best Fit. for ITIL Implementations

Blend Approach of IT Service Management and PMBOK for Application Support Project

PHASE 9: OPERATIONS AND MAINTENANCE PHASE

System Development Life Cycle Guide

PROJECT MANAGEMENT PLAN TEMPLATE < PROJECT NAME >

Software Quality Testing Course Material

T141 Computer Systems Technician MTCU Code Program Learning Outcomes

Expert Oracle Enterprise

CDC UNIFIED PROCESS JOB AID

Contents. Foreword. Acknowledgments

M6430a Planning and Administering Windows Server 2008 Servers

CONTENTS. Preface. Acknowledgements. 1. Introduction and Overview 1 Introduction 1 Whatis the CMMI"? 2 What the CMMI* is Not 3 What are Standards?

How To Integrate Software And Systems

Designing and Coding Secure Systems

Testing Tools Content (Manual with Selenium) Levels of Testing

JavaScript Patterns. Stoyan Stefanov. O'REILLY' Beijing Cambridge Farnham Koln Sebastopol Tokyo

The Data Access Handbook

IT INFRASTRUCTURE MANAGEMENT SERVICE ADDING POWER TO YOUR NETWORKS

CSE 435 Software Engineering. Sept 16, 2015

What is a life cycle model?

Table of Contents. CHAPTER 1 Web-Based Systems 1. CHAPTER 2 Web Engineering 12. CHAPTER 3 A Web Engineering Process 24

Software Project Management Plan (SPMP)

Draft Documents RFP 3.2.4

INCIDENT RESPONSE CHECKLIST

Planning and Administering Windows Server 2008 Servers

Implementing the Project Management Balanced Scorecard

ITIL: Service Operation

Services Providers. Ivan Soto

Data Center Storage. Hubbert Smith. Implementation, and Management »C) Cost-Effective Strategies, CRC Press J Taylor & Francis Group

Business Continuity Planning and Disaster Recovery Planning

Configuring Managing and Maintaining Windows Server 2008 Servers (6419B)

Example Software Development Process.

Networking. Cloud and Virtual. Data Storage. Greg Schulz. Your journey. effective information services. to efficient and.

M6419 Configuring, Managing and Maintaining Windows Server 2008 Servers

Please Note: Temporary Graduate 485 skills assessments applicants should only apply for ANZSCO codes listed in the Skilled Occupation List above.

How to Write a Software Process Procedures and Policy Manual for YOUR COMPANY

(Refer Slide Time: 01:52)

Module: Sharepoint Administrator

Winning the Hardware-Software Game

IT Security Standard: Computing Devices

for Research and Guiding Innovation for Positive R&D Outcomes Lory Mitchell Wingate

R3: Windows Server 2008 Administration. Course Overview. Course Outline. Course Length: 4 Day

6419: Configuring, Managing, and Maintaining Server 2008

Introduction. Acknowledgments Support & Feedback Preparing for the Exam. Chapter 1 Plan and deploy a server infrastructure 1

How To Write An Slcm Project Plan

Information Technology General Controls Review (ITGC) Audit Program Prepared by:

EMC E Exam Name: Virtualized Data Center and Cloud Infrastructure Design Specialist

Introduction to Agile Software Development Process. Software Development Life Cycles

Modern Industrial Automation Software Design

Executive's Guide to Project Management

Project Management Guidelines

Effective Software Security Management

Understanding the Pros and Cons of Combination Networks 7. Acknowledgments Introduction. Establishing the Numbers of Clients and Servers 4

AGILENT SPECIFICATIONS INFORMATICS SOFTWARE SUPPORT AND SERVICES GOLD-LEVEL

AUDIT REPORT INTERNAL AUDIT DIVISION. Audit of business continuity and disaster recovery planning at UNON

THE CERTIFIED SIX SIGMA BLACK BELT HANDBOOK

System Administration of Windchill 10.2

INNOVATION MANAGEMENT

ITIL A guide to release and deployment management

Body of Knowledge General Knowledge (16 questions) Quality principles Benefits of software quality Organizational and process benchmarking

STSG Methodologies and Support Structure

Management. ITIL Release. Dave Howard. A Hands-on Guide. CRC Press. Taylor & Francis Group. Taylor St Francis Croup, an Informa business

ITIL: Foundation (Revision 1.6) Course Overview. Course Outline

HP Data Replication Solution Service for 3PAR Virtual Copy

Certified Software Quality Engineer (CSQE) Body of Knowledge

Noorul Islam College of Engineering M. Sc. Software Engineering (5 yrs) IX Semester XCS592- Software Project Management

Configuring, Managing and Maintaining Windows Server 2008 Servers

Introduction to the ITS Project Management Methodology

The CMDB at the Center of the Universe

Benefits to the Quality Management System in implementing an IT Service Management Standard ISO/IEC

Validating Enterprise Systems: A Practical Guide

Table of Contents. Auditor's Guide to Information Systems Auditing Richard E. Cascarino Copyright 2007, John Wiley & Sons, Inc.

CONFIGURATION MANAGEMENT PLAN GUIDELINES

SOFTWARE TESTING AS A SERVICE

MNLARS Project Audit Checklist

OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

Transcription:

The Software Audit Guide John W. Helgeson ASQ Quality Press Milwaukee, Wisconsin

Contents Preface Acknowledgments xv Xlx Part I Audit Fundamentals 1 Chapter 1 Introduction 3 1.1 Definitions 7 1.2 Process and Quality 7 1.3 Quality 8 1.4 Auditor's Notes 8 1.5 Types of Audits 9 1.6 Standards 10 1.7 Capability Maturity Model Integration 11 1.8 Hierarchy of Standards and Requirements 12 1.9 Quality Record 14 1.10 Timeline and Name Game 14 1.11 General Audit Process 15 1.11.1 Purpose and Scope 16 1.11.2 Contact and Document Requests 16 1.11.3 Review the Documents 16 1.11.4 Announcement 17 1.11.5 Writing the Checklist 17 1.11.6 Opening Meeting 17 1.11.7 The Audit 17 1.11.8 Closing Meeting 17 1.11.9 Writing the Report 17 1.11.10 Present the Report to the Client 18 1.11.11 Review the Corrective Actions 18 1.11.12 Auditing Corrective Actions 18 1.12 How to Use the Questions 18 1.13 Examples 19 vii

viii Contents Chapter 2 Software Audit Life Cycle 21 2.1 Software Development Life Cycles 22 2.1.1 The Waterfall Model 23 2.1.2 The Spiral Model 25 2.1.3 The Incremental Model 26 2.1.4 Prototyping 27 2.1.5 The Object-Oriented Programming System (OOPS) 28 2.1.6 Blending of Models (or Hybrid) 29 2.1.7 Cleanroom 29 2.1.8 Rapid Application Development 29 2.1.9 Agile 29 2.1.10 Extreme Programming 30 2.2 How Audits Fit into the Life Cycle 30 2.2.1 Proof of Concept (or Demo) 32 2.2.2 Idea/Functional Specification 34 2.2.3 Analysis/Planning 37 2.2.4 Software Design 41 2.2.5 Coding (and Unit Testing) 46 2.2.6 Test (System Integration) 49 2.2.7 Maintenance (Production and Deployment) 51 Part II Audit Activities 57 Chapter 3 The Audit's Purpose and Scope 59 3.1 Purpose 61 3.2 Scope 63 3.3 Management's Part in an Audit 64 3.4 Preparing for the Audit 64 Chapter 4 Opening Meeting 67 4.1 The Meeting 67 4.1.1 Introductions 68 4.1.2 Present the Purpose and Scope of the Audit 68 4.1.3 Review Previous Audits 68 4.1.4 Explain the Quality Audit 68 4.1.5 Explain How the Audit Will Work 69 4.1.6 Daily Meetings 69 4.1.7 Questions and Answers 70 4.2 An Escort 70 4.3 Work Space 70 4.4 A Brief Tour 70 4.5 Meeting the People 71 4.6 Informal Overview Presentation 72 4.7 Explain the Questions 73 Chapters Conducting the Audit 75 5.1 Roles of the Auditors 76 5.1.1 Lead Auditor 76 5.1.2 Auditor 76

Contents ix 5.2 The Audit 77 5.3 WorkSheet/Checklist 78 5.4 Findings Form 79 Chapter 6 Meetings and Final Report 83 6.1 Caucus Meeting 83 6.2 Closing (Exiting) Meeting 84 6.3 Final Report 85 6.3.1 Executive Summary 86 6.3.2 Identify Documents Reviewed 87 6.3.3 Preparation Dates 87 6.3.4 Specify the Standards 87 6.3.5 Software Risk Analysis 87 6.3.6 Description of Areas 87 6.4 Writing the Report 88 6.5 Detail Finding Pages 89 6.6 Presenting the Report 90 6.7 Corrective Action Requests 90 Chapter 7 Audit Follow-up and Closure 91 7.1 Immediate Actions 92 7.2 Temporary Actions 93 7.3 Permanent Actions 94 7.4 Conclusion 95 Part III Audit Constants 97 Chapter 8 "Project" Management 99 8.1 Upper and Middle Management 99 8.2 Accounting 100 8.3 Project Manager '02 Chapter 9 Schedule 105 9.1 Types of Project Management Systems 107 9.2 Simple Charts 108 9.3 Interdependences 109 9.4 Partially Completed 110 9.5 Baselines 113 9.6 Critical Path 114 9.7 More Schedule Points 117 Chapter 10 Project Status Reports 119 Chapter 11 Configuration Management 121 11.1 Document Control 123 11.2 Baselining 124 11.3 Software Configuration Control 125 11.4 Incident Tracking 128 11.5 Incident Report and Analysis 131 11.6 Software Meeting or Board 133 11.7 Backups and Recovery 135

x Contents 11.8 Disk Array File Server 137 11.9 Formal Release 138 11.10 Field Configuration Control 140 Chapter 12 Software Quality and Continuous Improvement 143 12.1 Software Quality 143 12.2 Continuous Improvement 145 Chapter 13 Customer Satisfaction 149 Part IV Audit Processes 153 Chapter 14 Reviewing Software Documents 155 14.1 The Governing Standards 155 14.2 Quality Manual 157 14.3 Contractual Documentation 159 14.4 Organizational Chart 160 14.5 Schedule 162 14.6 General Documents Discussion 164 14.7 Software Development Plan 166 14.8 Functional Specification 167 14.9 Software Requirement Specification 170 14.10 Software Design Specification 173 14.11 Software Configuration Management Plan 177 14.12 Performance Specification 178 14.13 Processes, Procedures, and Work Instructions 179 14.14 Test Plan 180 14.15 Software Quality Plan 181 14.16 Database Layouts/Schemas 181 Chapter IS Peer Reviews 183 15.1 Peer Review Basics 185 15.2 Peer Review of the Sales Order 187 15.3 Peer Review of the Software Development Plan 188 15.4 Peer Review of the Requirements or Functional Specification 189 15.5 Peer Review of the Design Plan 190 15.6 Peer Review of the Code 191 15.7 Peer Review of the Test Plan 192 Chapter 16 Hidden Software 195 16.1 Direct Software 195 16.1.1 S pecialized Drivers 197 16.1.2 Interface Routines for Databases 197 16.1.3 Package Software 199 16.1.4 Protocols for Specialized Hardware 201 16.1.5 Operating Systems 201 16.2 Indirect Software 203 16.2.1 Homegrown Debugging Software 203 16.2.2 Simulation Software/Test Equipment 204 16.2.3 Automated Software Testing Scripts 205

Contents xi 16.2.4 Installation Scripts 205 16.2.5 Software to Populate a Database 206 16.3 Summary 206 Chapter 17 Firmware 207 17.1 Planning 208 17.2 Design 209 17.3 Testing 210 17.4 Configuration Control 211 17.5 Production 211 Chapter 18 Software Coding Standards 215 18.1 Programs and the Documentation 217 18.2 Program Headers 217 18.3 Body of the Program 219 18.4 Naming Conventions 220 18.5 Structures 221 18.6 Auto-Generated Code 222 Chapter 19 Metrics 223 19.1 Aging and Priority Metrics 225 19.2 Performance Metrics 226 19.3 Complexity Metrics 226 Chapter 20 Independent Verification and Validation 229 20.1 Verification 230 20.2 Validation 234 Chapter 21 Testing 237 21.1 Unit Testing 240 21.2 Functional Testing 241 21.3 Integration Testing 243 21.4 Acceptance Testing 246 21.5 Regression Testing 248 21.6 Automated Testing 249 21.7 Performance Testing 251 Final Thoughts 255 Index 257

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information