"In CMMI process improvement work, an independent examination of a work product or set of work products to determine whether requirements are being met." (Sandy Shrum et al, "CMMI: Guidelines for Process Integration and Product Improvement", 2003)
"An independent examination of work products or work processes to assess compliance with defined processes, procedures, standards, specifications, or other criteria." (Richard D Stutzke, "Estimating Software-Intensive Systems: Projects, Products, and Processes", 2005)
"An inspection of the plans, procedures, or records of a part of a business to determine whether or not a plan was followed and if a desired outcome was achieved. In this book, an audit looks into various aspects of a product launch or a bidding situation (win/loss)." (Steven Haines, "The Product Manager's Desk Reference", 2008)
"In the context of security, a review of a system in order to validate the security of the system. Generally, this either refers to code auditing or reviewing audit logs." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)
"Review of a company’s financial and accounting records and supporting documents by a professional, such as a certified public accountant. This also refers to an examination of an individual’s or a corporation’s tax returns to verify accuracy." (Sue Johnson & Gwen Moran, "The Complete Idiot's Guide® To Business Plans", 2010)
"An independent evaluation of software products or processes to ascertain compliance to standards, guidelines, specifications, and/or procedures based on objective criteria, including documents that specify the following:
- The form or content of the products to be produced
- The process by which the products shall be produced
- How compliance to standards or guidelines shall be measured." (Tilo Linz et al, "Software Testing Foundations" 4th Ed, 2014)
"The systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled" (David Sutton, "Information Risk Management: A practitioner’s guide", 2014)
"An independent assessment that takes a well-defined approach to examining an organization’s internal policies, controls, and activities." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed, 2015)
"A systematic assessment of significant importance to the organization that determines whether the system or process being audited satisfies some external standards." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed, 2018)
"An independent evaluation of software products or processes to ascertain compliance to standards, guidelines, specifications, and/or procedures based on objective criteria, including documents that specify: (1) The form or content of the products to be produced (2) The process by which the products shall be produced (3) How compliance to standards or guidelines shall be measured [IEEE 1028]." (Software Quality Assurance)
"Formal inspection and verification to check whether a standard or set of guidelines is being followed, that records are accurate, or that efficiency and effectiveness targets are being met" (ITIL)
No comments:
Post a Comment