ABSTRACT
According to Merriam-Webster, an audit is “A complete and careful examination of the financial records of a business or person” or “A careful check or review of something.” According to dictionary.com:
books, accounts, documents and vouchers of an organization to ascertain how far the financial statements present a true and fair view of the concern. It also attempts to ensure that the books of accounts are properly maintained by the concern as required by law. Auditing has become such an ubiquitous phenomenon in the corporate and the public sector that academics started identifying an “Audit Society.” e auditor perceives and recognizes the propositions before him/her for examination, obtains evidence, evaluates the same and formulates an opinion on the basis of his or her judgment, which is communicated through the audit report.*
According to IEEE Standard 1028, examples of software products subject to audit include, but are not limited to, the following:†
• Backup and recovery plans • Contingency plans • Contracts • Customer or user representative complaints • Disaster plans • Hardware performance plans • Installation plans • Installation procedures • Maintenance plans •Management review reports
• Operations and user manuals • Procurement and contracting methods • Reports and data (e.g., review, audit, project status, anomaly
reports, and test data) • Request for proposal • Risk management plans • Standards, regulations, guidelines, plans, specifications, and
procedures • System build procedures •Technical review reports •Vendor documents •Walkthrough reports •Deliverable media (such as tapes and diskettes)
Audits shall be conducted to ensure 1. As-coded software products (such as a software item) reflect
the design documentation. 2. e acceptance review and testing requirements prescribed
by the documentation are adequate for the acceptance of the software products.
