Soft audit practice・Preparation 1: Explanation of audit plan
- 1. Introducing the practice of software development audit in detail
- 2. In software development audit, we first explain the audit to the other party.
- 3. Explanation of software development audit and installation of consent of the other party
- 4. Presentation of software development audit plan
- 5. Overview of development audit
- 6. Explain the general work flow on the day of the audit in the itinerary
- 7. If the audit schedule is domestic, it is basically one day
- 8. 2.5 to 3 days when auditing overseas companies
- 9. Even if the foreign language is not good, there is a computer language at the end. .. ..
Introducing the practice of software development audit in detail
Since we have introduced the outline of software development audit in the previous articles, we will introduce the concrete procedure of software development audit from here . There is no right answer because the method of software development audit is a unique method that Gutara’s father calls it in the first place. It is an introduction that my father Gutara did this, so if there is something that seems to be useful, I think that you can use it as a reference when auditing software development contractors.
In software development audit, we first explain the audit to the other party.
Software development audits are roughly divided into three stages: (1) advance preparation by the day, (2) on-site audit work on the day, and (3) utilization of audit results (follow-up). I will introduce them in order, but first of all, I will introduce (1) advance preparations up to the day.
As introduced in the article on Software Development Audit Overview / Method 1, the procedure for software development audit is based on the ISO9001 audit procedure. Therefore, we will proceed with the work in the order of advance preparation, on-site audit, and follow-up after the audit. In this article, we will introduce the contents of preparations to be made by the day of the audit. If you are accustomed to ISO9001 auditing, you can skip this article and proceed to the next article on practice and confirmation points on the day .
Explanation of software development audit and installation of consent of the other party
Software development audits are like those created by Gutara’s father, so there is no activity called software development audits in general . So, first of all, I explain to the other company that software development auditing is done for this purpose, and start by getting the other company to approve the audit.
This area is a bit more work than the methods that are widely known in the world, such as ISO9001 and CMMI. Well, if you ask , " Roughly speaking, it’s a software development version of ISO9001 auditing!" , Most companies will understand that they will be audited. However, the other company has various questions about how many days the audit will take, what kind of things will be confirmed and what are the pass / fail criteria, what will happen if the audit results fail. It is often held.
As introduced in the article on the outline and purpose of software auditing, the purpose of software development auditing can be broadly divided into three categories: selection of contractors, improvement of development capabilities of contractors, and quality confirmation of defect-fixed versions. Therefore, if you explain the outline of the audit according to the purpose of the software development audit at that time, it will be easier for the other company to understand.
Also, even if you explain the software development audit without materials, it is difficult for the other company to understand, so it is also a theory to explain the software development audit while presenting the template of the audit plan as introduced below. It is effective in advancing.
Presentation of software development audit plan
In order to explain the software development audit to the other company and have them understand it, and to prepare for the audit in the other company, first create an audit plan for the software development audit and then write it. It is good to explain how to proceed with the specific audit. In addition, by writing an audit plan, the contents of the audit preparation will be concreted.
So what should you write in the audit plan for software development audits and what should you do to prepare for the audit? Let’s take an example of the audit plan template that Father Gutara has used so far.
(Click to open pdf)
Overview of development audit
First, as an overview of soft auditing , write the purpose of the audit, the audit method, the project to be audited , the planning date, etc. Also , I will briefly mention in the overview part how many auditors there are and whether there is follow-up after the audit. If you write out the outline part in bullet points, it will be easier for the other party to understand.
Next, I will post the audit schedule . The itinerary, the audit timetable and, whether to carry out any check in each time zone in any way, also on the receiving end of the audit is what kind of person corresponds what is assumed that, we will write, etc. .. This itinerary is also used to manage the audit time on the day of the audit.
Finally, write down the materials that you request the other party to submit in advance as preparations for the audit, and the materials and equipment that you would like to have prepared on the day of the audit. Here, the auditing side (it’s your company)
Explain the general work flow on the day of the audit in the itinerary
For the company to be audited, it is the most important thing to know what will be confirmed on the day of the audit, so I will convey this part in an easy-to-understand manner using the schedule on the day of the audit .
Since the software development audit is based on the ISO9001 audit procedure, the work flow on the day of the audit follows ISO9001. Specifically, the opening meeting is held first , then the company to be audited introduces the company, then the audit using the audit checklist is carried out, and finally the closing meeting including the report of the audit result. The order is to do.
This general audit flow is written in the itinerary in the audit plan. The part of conducting an audit using the audit checklist corresponds to No.3, No4, and No.5 in the example of the audit plan, and the content and time allocation change here according to the purpose of the software development audit. However, opening meetings, company introductions by partner companies, and closing meetings are standard items that are carried out in almost every audit.
If the audit schedule is domestic, it is basically one day
Software development audit, domestic company If you want to audit the 9:00 -17 basically in one day is often carried out at. If you want to check a lot of things, it is possible to assemble an audit of 2 days or 3 days, but Father Gutara aims to narrow down the items of the checklist used for the audit and finish it in 1 day. ..
Since software development audits are just a means, it is necessary to carry out cost performance as well as possible within the range where the original purpose can be achieved . With that in mind, in the experience of Father Gutara, an audit that could be completed in one day was the most appropriate.
If the purpose is to select a development contractor , a one-day audit will give you an idea of the software development skills of the other company. Even if it takes more than two days, the judgment in the one-day audit does not change much. Even if the purpose is to improve the skills of a company that has already outsourced development, rather than spending days finding a large number of improvements and having them work on them all at once, steadily find the improvements found in the one-day audit. It is more effective in terms of continuity of improvement to have them take measures and then carry out an audit again after the improvement is completed. Not sure of the quality of the degree modified version if the audit is the purpose of, if as is OK in the audit of one day put out, it is better ordered the redo of the development and testing of the bug fixes.
However, in the case of auditing for the purpose of improving the skills of the development contractor, if you want to give guidance on technical improvement that goes into the specific contents of the development technology and test technology, add another day or two. in some cases. However, this additional schedule is more of a design and test technology instruction than a software development audit.
2.5 to 3 days when auditing overseas companies
It only takes one day to audit a domestic company, but it took 2.5 to 3 days for an overseas company to be audited. The content of the audit is the same as for a domestic company , but the reality is that it takes two to three times as much time and effort to overcome the language and cultural barriers .
The biggest problem for my father, Gutara, is what the technical terms of software should be in the language of the other country, and the ideas used in the development and testing of Japanese software are within the other organization. This is the basic part of translating technical documents, such as which one corresponds to the development method . If you don’t know this, you won’t be able to convey your thoughts well.
My father, Gutara, is not good at foreign languages, so I sometimes had an interpreter attend the audit. But unfortunately, even if there is an interpreter, it is difficult to translate technical terms unless the person is familiar with software technology. For example, when using the term equivalence analysis in a discussion of test technology, if this technical term is not correctly translated into the language of the other country, what we want to convey will not be conveyed to the other party. And only those who know the technique of equivalence analysis can translate correctly.
Since it is difficult to get the cooperation of an interpreter who is familiar with software technical terms, we often run into the wall of this technical term in the field of software audits. Then, what to do in such a case, for example, in the case of equivalence analysis, if you draw the idea in a simple picture and explain that it is this idea, the other party is also a software engineer, so I am convinced that this is the case. I often give them.
Even if the foreign language is not good, there is a computer language at the end. .. ..
My father, Gutara, is not good at foreign languages, so I often came across this kind of scene. For that reason, it took 2.5 to 3 days overseas to complete the work in one day in Japan. This depends on the language ability of the person doing the audit, so I think it is better not to refer to the experience of Father Gutara very much.
But, say the language skills there is no overseas software development audit of the what can not be performed, its never to worry about Re . In the case of software development audits, even if you don’t have a little language ability , if you know the computer language , you can do something about it, and my father Gutara also helped me a lot.
If you can’t explain what you want to say, you 'll eventually want to write pseudocode in C on your whiteboard to discuss this! Speaking of which, it was immediately transmitted. Even if you don’t understand the natural language English or Chinese, if the content you want to convey is in the technical field of software, there is a last resort to convey it using a universal computer language .