Project Assurance and/or System Development and Implementation (SDLC) Audits
Organisations developing new systems or implementing off-the-shelf systems should not only enforce a sound project management methodology but also follow a customized SDLC methodology to ensure that the new system will be implemented within time, within budget, and providing in the needs of the business – at an operational and strategic level. A SDLC audit examines and evaluates a number of best practices.
Any SDLC methodology audit should cover at least the following aspects of a system development and implementation project:
- Business case and management approval.
- Feasibility studies.
- Change management.
- Project management.
- Change control.
- Business requirements definition.
- Technical requirements definition.
- Application functionality.
- Testing phases.
- Implementation phase.
- Post implementation review.
SDLC audits can be performed by BDO under different circumstances and to achieve different objectives. For example, many clients had approached us in the past to perform post implementation reviews in order to ascertain or to advise on:
- Whether the selected service provider was competent to continue providing system development / implementation / maintenance services to them (and, if required, how to terminate existing contracts in a legal and appropriate manner – normally entailing a detailed legal and SDLC audit, performed by senior attorneys and IT auditors).
- Errors made and how to prevent them during future projects.
BDO can also be contracted in an advisory role to monitor and advise on current system development and implementation projects – either from an audit / best practice point of view or to provide project management services to a client.