The purpose of configuration verification and audit (CVA) is to ensure the composition of a project’s CIs and CI changes are registered, assessed, approved, tracked, and correctly implemented.
The verification and audit process may encompass the following:
PCM verification and audit establishes that the functional and performance requirements of a project and its deliverables have been achieved by the design and project implementation. PCM verification and audit is performed on initial, interim and final deliverable versions including whenever a CI is baselined or released. This chapter includes the following major sections:
6.1 | Verification |
6.2 | Audit |
6.3 | Verification and Audit Activities |
6.1 Verification
PCM verification ensures that PCM’s goals are achieved through a systematic comparison of requirements with the initial, interim and final results of testing, analysis, demonstration or inspections.
6.2 Audit
PCM audit is the independent process of ensuring the project’s CIs were built according to their defined documentation. An audit is not intended to replace reviews, tests, or inspections of the project’s deliverables.
PCM auditing increases the visibility of a project, compares the actual process with the documented process, and uncovers any process deficiencies. The PCM audit provides an additional tool to help a project manager determine how well a project is going, to identify and reassess risks, and to solve problems.
PCM verification is usually accomplished through formal CM audits, which are usually conducted at least once for each release, such as: Functional Configuration Audit (FCA), and Physical Configuration Audit (PCA).
Additional PCM audits may include:
6.3 Verification and Audit Activities
PCM verification and audit activities consist of planning, execution, report creation and communications.
6.3.1 Planning Verification and Audits
It is essential for the PCM verification and audit to be planned at each project’s critical points, where major configuration risks are most likely to occur. Some organizations have an enterprise CM plan that establishes CM policies, processes, and procedures to be used by all projects. Any existing enterprise CM plan may be adapted to a project’s needs and the appropriate PCM verifications and audits scheduled.
6.3.2 Executing Verification and Audits
It is essential for a project manager to establish the necessary time, structure, and resources to do the PCM verification and audit activities as planned in the project’s CM plan or project management plan. Through CM, a project manager needs to ensure all recommendations and nonconformity issues are addressed and appropriately scheduled for correction.
6.3.3 Reporting
The following identifies PCM reports that a project manager may expect from the verification and audit process:
6.3.4 Communicating Results of Verification and Audits
A project manager has the responsibility to communicate the PCM verification and audit results to the appropriate stakeholders as established in the project’s communications plan or CM plan.