Original Date: 07/25/2005
Revision Date: 09/12/2006
Best Practice : Evaluating and Auditing Software Process Implementation
Northrop Grumman Electronic Systems implemented the auditing of its software development process as part of its Management System Internal Audits to ensure compliance with procedures and processes. Trends within the Software Development Group have been identified, supporting management action and follow up in a closed-loop system. This process has also supported a better internal understanding of the company’s standard software process and the internal sharing of best practices.
Northrop Grumman Electronic Systems (NGES) implemented the auditing of its software development process as part of its Management System Internal Audits (MSIAs). In modern systems, software development often approaches half the cost of developing a system and is a significant part of the life cycle cost. For NGES to meet customer needs and remain competitive, software development must be as efficient as possible. MSIAs and evaluations have been implemented to ensure that quality products and services meet customer requirements.
Evaluations are conducted by a multi-discipline team led by Quality Assurance. A comprehensive evaluation of 28 key process elements is conducted, ensuring all software aspects (including software quality assurance) are covered. The evaluations identify issues early, cover the complete life cycle of the project, and look at the same process element many times over the life of the project to ensure continuous process compliance. A report grades the findings as either “major” or “minor” and links them to a specific process and ISO clause. The report is recorded online, with results going to all stakeholders and to management. An action timetable is then established that includes project auditing and management follow up to ensure expeditious resolution of the findings. Metrics are generated relative to the health of the process. Evaluations identify trends crossing project lines, giving management the opportunity to correct the trends if necessary. A closed-loop process develops focus areas for future evaluations. The evaluation report also cites key strengths.
The NGES audit and evaluation process is an integral part of the management approach that has enabled the NGES Aerospace Division to operate at a Capability Maturation Model Integration (CMMI) Level 5, significantly increasing the efficiency and quality of the software process. Other important benefits include lead auditors training new auditors to foster an understanding of standards and the software process; early detections of process issues that are carried back as lessons learned to other projects, serving to educate and prevent the occurrence of similar issues; an “Opportunities for Improvements” section of the audit report that suggests ways to improve a compliant process and promotes benchmarking and best practices.
For more information see the
Point of Contact for this survey.