Software Audit

Software Audit is a comprehensive service tailored for organizations looking for expert assessment of either ongoing Azure development or up and running Azure-based software.

For ongoing Azure development, the audit helps uncover potential challenges such as lack of resources, performance bottlenecks, low quality, or security vulnerabilities. For up and running Azure-based software, the audit focuses on generating specification for software maintenance.

The outcome of the audit is a report highlighting problematic areas and giving rigorous recommendations for possible improvements of custom Azure-based software solutions.

When to consider a Software Audit

• Project delays or budget overruns
• Doubts about code quality
• Security concerns
• New team onboarding
• Change in development vendor
• Preparing for scaling
• Unexpected system behavior
• Compliance or regulatory requirements
• Pre-acquisition or investment due diligence
• Lack of internal technical expertise
• Transition to maintenance phase
• Planning a software upgrade

Input for Software Audit

1. Audit objectives
2. Project history
3. Available documentation
4. Backlog
5. List of issues
6. Source codes
7. Project team history
8. Deployment infrastructure access
9. Communication model

Software Audit results

Project artifacts

• Technology stack
• Solution architecture
• Coding styles and standards
• Best practices

• Team structure and requirements
• Hardware and software
• Licenses and subscriptions

• Scope and backlog
• Schedule and timeline
• Estimates and cost
• Quality

• Scope, time and schedule management
• Risk management
• Communication management
• Stakeholder management
• Quality management
• Resource management
• Deployment process
• BA process
• QA/QC process
• UI/UX design process

• Personal data protection and privacy – GDPR, CCPA
• Accessibility – WAI-ARIA, WCAG
• Quality management - ISO 9001
• Information security - ISO 27001
• Health information management - HIPAA
• Food safety - HACCP
• Payment card security - PCI DSS

• Register
• Response plan

Recommendations

• Full team replacement
• Substitution of individual team members
• Team seniority improvement
• Project management team change
• Team structure change
• Special trainings
• Certification
• Software architecture change
• Technology stack replacement
• Requirements update
• Deployment upgrade
• UI/UX improvements
• Security improvements
• Documentation updates and improvements
• Additional security or compliance audits