Software Development Process Audit


A fixed price consultancy-led review of the software development lifecycle (SDLC) or application lifecycle management (ALM) process.

Whether your software development process revolves around in-house, offshore, “right-shore”, or out-sourced resources it needs to be effective and efficient. Software is produced to directly serve the business that calls for it, yet all too often it falls short of expectations.

This audit will reveal potential problem areas, risks, weaknesses as well as direct opportunities for improvement in all aspects of the process.

The deliverables of the audit include:

  • Executive summary
  • Report that details strengths, weaknesses, and risks of the current SDLC
  • Recommendations for improvement
  • Briefing session



It’s all too easy to believe software that appears to work is actually doing what it is supposed to. Metrics are often misplaced and regularly measure superficial and irrelevant data.

Clients are vulnerable to questions of accountability when the problem really relates to a line of carelessly-written code deep within a system.

Mismatches between requirements and delivered features are exactly as common as are misunderstandings between business and technical people. This is no coincidence.

Organisations that commission Storm’s software development audit gain the benefits of:

  • Protection through independent validation of the process
  • Risk assessment and opportunity for mitigation
  • Due diligence
  • Advance notice of potential problem areas

Opportunities and recommendations for improvement


Storm’s software development process audit comprises 4 activities, which are explained in more detail below. The activities are:

  1. End to end process review
  2. Requirements gathering audit
  3. Solution provision audit
  4. Report and presentation

The review is led by a Principal Consultant.

End to end process review

Customer interviews are conducted to reveal their overall satisfaction with the development process, and the ensuing results. The investigation seeks to establish the defect rate and efficiency of dealing with defects.

Requirements gathering

Interviews with those people whose role is business analyst, although that may not be their formal job title. This role is absolutely vital in defining the needs that are to be addresses by software and the tests that define the criteria for acceptance.

Solution provision

Interviewing the solution developers and technical architects is geared towards revealing their diligence towards addressing actual requirements as well as their technical capabilities.


The report synthesises the research and findings into a single comprehensive document which Storm customarily presents at executive level.

The report may be shared with all stakeholders in order to provide a starting-point for overall process improvement, to the mutual advantage of all.