"Where Information Technology Is Purely Business & Engineering"
Professor Rino Nori's Fairfield University School of Engineering graduate school home page
IT Quality Assurance (QA) and Software Verification & Validation (V&V) Reviews of a Project
Objective of the IT Quality Assurance (QA) and V&V Review:
Within our practice, and within our terminology, QA reviews are performed at specific points of an IT project, normally at three check points during the lifetime of each project. The purpose of the reviews is to obtain an independent assessment of the project direction, progress and overall quality, and a perfunctory validation of the interim and final project deliverables. The reviews require the full and active cooperation of the internal and external (vendor) project team, complete honesty and total access to all project interim material and deliverables. The reviews aid the project team by providing an unbiased perspective and an added level of expertise to the project, and they aid the project sponsor by providing the assurance that an objective third party has validated the work being performed on their behalf.
Based upon the client requirement, we will tune our review approach to support adherence to various industry standards, such as the IEEE standard on independent Verification and Validation, 1012 revised 2004. Our practices will support the review of projects requiring strict adherence to specific Industry and governmental guidelines and regulations on Verification & Validation. As described by the IEEE standard 1012-2004:
" The verification process provides objective evidence whether the software and its associated products and processes:
The validation process provides evidence whether the software and its associated products and processes
The verification process and the validation process are interrelated and complementary processes."
Functions of the IT Quality Assurance (QA) and V&V Review:
A QA review is in many ways similar to a financial audit, i.e. it relies upon complete access and honesty and attests that (based upon a sample review) the proper steps and practices are being followed. We use engagement tailored proprietary systems development checklists as an aid in conducting each project’s three QA reviews, for V&V engagements the number of reviews varies. The checklists are our guide and outline during the conduct of the review. If any items are found to be lacking, we delve into the matter at a far greater level of detail, hence the overall knowledge and expertise of the reviewer is critical. These reviews are not “surprise visits”, the project team is made aware of the timing and scope of each review, and is encouraged to work with the reviewer in a collegial atmosphere.
For V&V the approach is in many ways similar, except that the scope is defined, at a minimum by regulations and normally much of the status requires verification, i.e. compliance testing is required.
Cost, Effort & Deliverables of the IT Quality Assurance (QA) and V&V Review:
QA reviews are conducted only by our principals and are billed at a pre-agreed fixed cost plus travel. For planning purposes we estimate each QA review as one to two (maximum of three) work days of effort depending upon the complexity of the system and other matters. This estimate includes a half to one day for the technical QA review with the project team and the remainder for: reviewing background project material in advance of the review, analyzing the results, discussing the findings and recommendations with the project team, and issuing a QA Summary Document of our findings and recommendations to the project sponsor. For planning purposes you may assume the cost of a review at a fixed $5K plus expenses, however this quote is adjustable based upon the size and scope of the project, the number of project locations and the size and number of project teams. A small one location project can be reviewed for about $2k whereas a massive ERP implementation may cost several times the planning cost assumption.
V&V reviews are conducted only by our principals. Unlike a "one time QA review", V&V reviews are by definition a collection of reviews at predefined project points. For V&V reviews the cost is dependant upon the scope of the review, the standards being followed, and the nature of the project. V&V reviews are priced on an hourly basis.
Requesting an IT Quality Assurance (QA) Review:
Telephone or visit our office and describe the nature of your project and of your concerns. Initially we will normally suggest a one time review, and based upon that review we may make further recommendations. We will schedule the on site visit and request background material for our review. Billing for the one time review will be a fixed cost and at completion.
Requesting a Verification & Validation (V&V) Review:
These engagements normally specify a program of periodic visits across agencies, locations, systems and projects and the specific standards to be adhered to. Please email us your RFP and we will analyze it; if appropriate we will submit a proposal.