Add to collection(s) Add to saved
  1. Social Science
  2. Psychology
  3. Conformity

Pertemuan 14 Matakuliah : A0214/Audit Sistem Informasi Tahun : 2007

advertisement 
Matakuliah : A0214/Audit Sistem Informasi
Tahun
: 2007
Pertemuan 14
QUALITY MANAGEMENT
Bina Nusantara
The Auditor’s Role in the Development Process
•
•
•
•
•
•
•
•
•
Bina Nusantara
Review user requirements
Review manual and application controls
Check all technical specifications for compliance with company standards
Perform design walkthroughs at the end of each development phase
Submit written recommendations for approval after each walkthrough
Ensure implementation of recommendation before beginning the next phase
Review test plans
Present findings to management
Maintain independence to remain objective
Risk Assessment
• Process Risks
–
–
–
–
Lack of strategic direction
Lack of development standards
Lack of a formal systems development process
Negative organizational climate
• Application Risks
–
–
–
–
Bina Nusantara
Application complexity and magnitude
Inexperienced staff
Lack of end user involvement
Lack of management commitment
Audit Plan
•
•
•
•
•
Compliance with standards and procedure
Efficient and economical operation
Conform systems to legal requirements
Include the controls necessary to protect against loss or serious error
Provide the controls and audit trails needed for management, auditor, and
operational review
• Document the system : provide an understanding of the system that is required
for appropriate maintenance and auditing
Bina Nusantara
Software Development Controls Review
•
•
•
•
•
Bina Nusantara
Development standards
Testing strategy
Implementation and training
Problem management
Change management
SDLC
•
•
•
•
Bina Nusantara
Auditor influence is significantly increased when there are formal procedures and required
guidelines identifying each phase and project deliverable in the SDLC and the extent of
auditor involvement
Auditors will be able to review all relevant areas and phases of the SDLC, identify any
missing areas for the development team, and report independently to management on the
adherence to planned objectives and procedures
Auditors can identify selected parts of the system and become involved in the technical
aspects based upon their skills and abilities
Auditors can provide an evaluation of the methods and techniques applied in the systems
development process, as defined earlier
Auditing Quality Assurance
• Goals
– Quality Assurance Activities are planned and documented
– Adherence of project activities and products to applicable standards,
procedures and requirements is verified objectively
– All impacted groups are aware of and corporative with Quality Assurance
activities
– Noncompliance issues are addressed with senior management
Bina Nusantara
Auditing Quality Assurance
• Commitments
– The SQA functions are in place on all software projects
– The SQA group has a reporting channel to senior management that is
independent of all project related groups
– Senior management periodically reviews SQA activities and results
Bina Nusantara
Auditing Quality Assurance
• Abilities
–
–
–
–
Bina Nusantara
The SQA group exists and is active
Adequate resources and funding are provided
SQA personnel are adequately trained
Project team members understand and support the SQA function within their
project.
Auditing Quality Assurance
• Activities
–
–
–
–
Bina Nusantara
An SQA plan is prepared according to a documented procedure
The SQA plan is reviewed by all impacted groups
The SQA plan is managed and controlled
SQA activities are performed according to the SQA plan that covers responsibilities
and authority, resource requirements, schedule and funding, role in establishing
software development plans, standards, and procedures, evaluations to be performed,
audits and reviews to be conducted, project standards and procedures to be used in
audits, and procedures for documenting and reviewing finding
Auditing Quality Assurance
• Activities
– The SQA function participates in the preparation and reviews of the project
development plan, standards, and procedures
– The SQA function reviews the software engineering activities to verify compliance
– The SQA function audits designated software work products to verify compliance with
standards, procedures, and contractual obligations and identifies, documents, and
tracks deviations and corrections
– The SQA function periodically reviews its findings with the customer SQA function and
IT senior management
Bina Nusantara
Auditing Quality Assurance
• Measurements
– Measurement are devised and utilized to determine the cost, schedule, and
effectiveness of SQA activities
• Verification
– SQA activities are reviewed periodically with senior management
– Subcontractor management activities are reviewed periodically with project
management
– Independent experts periodically review Quality Assurance activities and work
products
Bina Nusantara
Audit Report
• Depending on the audit scope and the length of the project, interim reports may
be needed at the completion of major phases in the development process. Key
reporting points include:
–
–
–
–
–
Bina Nusantara
Planning
Design
Testing
Implementation
Post Implementation
Related documents
Document14457092 14457092
Document14457092 14457092
Matematika Pertemuan 24 Matakuliah : D0024/Matematika Industri II
Matematika Pertemuan 24 Matakuliah : D0024/Matematika Industri II
Chapter 16 – Multiple Choice Type Questions
Chapter 16 – Multiple Choice Type Questions
NOTES OF GARDENS GROUP AGM
NOTES OF GARDENS GROUP AGM
Bob Crachitt
Bob Crachitt
Cardiff U3A Walking Group Walking Programme from April to
Cardiff U3A Walking Group Walking Programme from April to
Matematika Pertemuan 11 Matakuliah : D0024/Matematika Industri II
Matematika Pertemuan 11 Matakuliah : D0024/Matematika Industri II
Matematika Pertemuan 13 Matakuliah : D0024/Matematika Industri II
Matematika Pertemuan 13 Matakuliah : D0024/Matematika Industri II
CROSBY U3A 19TH ANNUAL GENERAL MEETING HELD ON
CROSBY U3A 19TH ANNUAL GENERAL MEETING HELD ON
Download
advertisement