Audit plans, including goals, schedules, participants, contractor participation, and procedures are documented in the configuration management (CM) plan (see SWE-103).
When planning audits, it is important to remember that audits are samplings, not a look at every record. It is also important to remember that auditors should not have any direct responsibility for the software products they audit.
The basic steps in an audit are:
The Department of Defense Configuration Management Guidance Handbook
|STEP||STEPSMA (Safety and Mission Assurance) Technical Excellence Program (STEP) Level 2 Software Configuration Management and Data Management course taught by the Westfall Team|
The STEP 2 course suggests that the following be included in a PCA
Additional audit topics to consider include:
NASA/SP-2007-6105, NASA Systems Engineering Handbook,
Consider the following options when deciding when to conduct audits:
Additional guidance related to configuration audits may be found in the following related requirements in this Handbook: