A technical audit is a means to verify the quality and content of deliverables from suppliers (external suppliers or internal software/IT delivery teams). Audits can be usefully employed at regular intervals during a project, toward the end of a project as a means of validating the final deliverable, and are also often performed before completing acquisition of software or businesses for which technology comprises a significant portion of the value or risk.
By their nature, technology audits can be complex and vary from a couple of days to several weeks of effort depending on the level of assurance you are seeking. It is increasingly important to be able to trust that the solutions delivered by your suppliers have lasting value, low numbers of bugs, valid documentation and carry low risk in terms of security, performance and unexpected costs.
Common components of an audit include:
- verifying the quality and content of deliverables from suppliers
- validating the supplier's adherence to industry standards and best practice
- validating technical architectures
- performing load tests to validate performance and scalability
- penetration testing, to assess the software's vulnerabilities
- validating documentation formats and content
- validating licensing requirements>
- assessing the delivery team's processes and skillset
- valuing the software
Software is complex. There are a myriad of programming languages, frameworks, open source and propriety solutions, standards, techniques and methodologies that a supplier can choose. It is important to be able to assess technical architectures and the quality of deliverables as they relate not only to the technologies used but also to your business requirements and the balance of short & long-term objectives.
The most basic form of audit can be accomplished in just a few days and will give you an indication as to the potential issues that may exist and a high level assessment of the suitability of the solution to your requirements.