Configuration Audit

Version control, Identification and change control help the software developer to maintain order in what would otherwise be a fluid and chaotic condition. Moreover even the most successful control mechanisms track a change only until an ECO is generated. How can we ensure that the change has been properly implemented? The answer of this question is twofold that are: (1) the software configuration audit and (2). Formal technical reviews

The main work of formal technical review is to focuses on the technical correctness of the configuration object which has been modified. The reviewers consider the SCI to determine consistency with other omissions, SCIs, and potential side things. The formal technical review should be conducted for all but the most trivial changes.

Software configuration audit complements the formal technical review through assessing a configuration object for characteristics which are commonly not considered during review. The audit answers and asks the following questions which are given below:

1.  Has the exact change in the ECO been made?  Have any additional modifications been incorporated?

2.  Has a formal technical review been conducted to assess technical correctness?

3.  Have software engineering standards been properly followed?

4.  Do the attributes of the configuration Object reflect the change? Has the change been shown in the SCI? Have the change author and change date been specified?

5.  Have SCM process for noting the change recording it and Reporting it been followed?

6.  Have all related SCIs been updated mannerly?

In some of the cases the audit questions are asked as category of a formal technical review. Moreover when SCM is a formal activity the SCM audit is conducted differently through the quality assurance group.