Soft audit practice・Audit Day 12: Preparation of Audit Report (2/2)

02/02/2021Audit for soft-Develop..

 In the audit overview, the purpose of the audit and its results are specified at the beginning.

In this article, we will introduce some points to note regarding the outline of the audit report, the request for correction, and how to write the comments.

In the audit summary on the first page, information that can identify the target of this audit report, such as the date and place of the audit, is described, and then the audit results are written as a summary. Whether the audit results passed or failed the audit conditionally passed. For people in the organization of the person who has undergone the audit, the first thing they want to know is whether or not the audit is successful, so let’s clearly state this first.

On top of that, if any of the problems found in the audit include improvement requests that request improvement, we will continue to request the creation and submission of an improvement plan .

Be sure to find and write one good point

Next to the summary, concretely explain the good points of the other organization found through the audit. write . Sometimes it’s hard to find a good point, but Father Gutara has always tried to find one good point and write it down. 

Among the purposes of software auditing, the most important thing for the company is to improve the software development capabilities of the audited organization. And if the people in charge of the audited organization do not mind the work never be effective are willing to do so. It is a daunting task for everyone to point out their problems. If all the problems are pointed out in the audit report, the desire to think about countermeasures will be diminished. It is the same in any country that human beings are repulsed when they are denied and rejoiced when they are affirmed. 

Therefore, at the beginning of the audit report, first pick up the good points in the audit, praise them and pay homage to the other party . By doing so, first release the tension of the other party listening to the audit report, and then the problems that follow Create an atmosphere where you can objectively understand what you have pointed out.

Write the correction requirements specifically in a list format

From the second page, write down the correction requirements in a table. This page is the most important for audits aimed at improving software development capabilities. Write down the items you want the audited organization to improve as specifically as possible, and ask the other organization to consider effective measures.

The correction request and the next comment will be attended by those who were not in the audit when the audited organization considers countermeasures. A concrete and concise explanation is the best way to get them to understand exactly what the problem is. If you do not write it concretely, the problem may be misunderstood, and if that happens, the measures you have taken will be out of focus.

In the correction request, first write the checklist number to tell you which item in the checklist you noticed the problem. Then, what kind of problems or had happened, it is what kind of material whether it is determined that the problem point look at the, or, hearing throat or do such answer content you write what was judged et al and problems.

Don’t forget to explain why the problem is bad

Next, what’s wrong with that problem ? 'll add an explanation of the problem. Only after explaining so far can you understand why you consider the problems you have addressed to be problems. Also, if possible, if you can give any suggestions on the plan and direction of countermeasures, write them down as well. 

I have repeated it many times, but the purpose of software development audits is not to point out, but to improve software development skills. So, partner organizations can be carried further is able to continue finished the proposed measures, such as, the proposed measures will be actually executed it is the most important.

No matter how much you request countermeasures, problems that are difficult to solve by the project alone, such as problems that go beyond the boundaries of the division of duties as an organization and problems that are difficult to procure due to high cost of countermeasures. It is unlikely that effective measures will be implemented. Father Gutara often dared not write such items in his report, even if there were problems .

Comments are reference information for the other organization

Next to the correction request, create a list of comments. The comment is not enough to request a correction request, but it is an item that tells you the problem that it seems that if the other organization takes measures, it will help improve the software development skill .

Therefore, it is up to the organization of the other party to consider and implement countermeasures for the content written in the comments. As a software development audit, it is a level thing that I noticed, so I will leave it as a comment.

However, in some cases, the organization of the other party may consider countermeasures for comments, so the points to note regarding how to write are the same as the correction requirements. Write down the problem as specifically and simply as possible, and be careful to communicate what the problem is.

Write both Japanese and English or the local language

The description of each page was created by first writing it out in Japanese, examining the content, and then writing the translation in English or the local language. The primary purpose of the audit report is to submit it to the auditee and have it used to consider countermeasures for problems, so English or the local language is essential. At the same time, there is also the aspect of telling the company what the other party’s software development capabilities were, and what points they have weaknesses in so that they should be careful when proceeding with development. Therefore, I also left the Japanese description.

When the audit report is ready, we will explain the contents at the closing meeting.

The end of the audit is the closing meeting. Use the audit report to explain the problems found in the audit, convince the other engineer, leader, or manager that there is a problem, and have them proceed with countermeasures. Then, in the next article, I will introduce the points for holding a closing meeting.

Next : Soft audit practice・Audit Day 13: Closing Meeting and Follow-up