SQA Relationships to Other Assurance Activities

Some of the more important relationships of SQA to othermanagement and assurance activities are described below.

1. Configuration Management Monitoring
SQA assures that software Configuration Management (CM)activities are performed in accordance with the CM plans,standards, and procedures. SQA reviews the CM plans forcompliance with software CM policies and requirements andprovides follow-up for nonconformances. SQA audits the CMfunctions for adherence to standards and procedures andprepares reports of its findings.

The CM activities monitored and audited by SQA includebaseline control, configuration identification,configuration control, configuration status accounting, andconfiguration authentication. SQA also monitors and auditsthe software library. SQA assures that:
Baselines are established and consistently maintained for use in subsequent baseline development and control.

Software configuration identification is consistent and accurate with respect to the numbering or naming of computer programs, software modules, software units, and associated software documents.

Configuration control is maintained such that the software configuration used in critical phases of testing, acceptance, and delivery is compatible with the associated documentation.

Configuration status accounting is performed accurately including the recording and reporting of data reflecting the software's configuration identification, proposed changes to the configuration identification, and the implementation status of approved changes.

Software configuration authentication is established by a series of configuration reviews and audits that exhibit the performance required by the software requirements specification and the configuration of the software is accurately reflected in the software design documents.

Software development libraries provide for proper handling of software code, documentation, media, and related data in their various forms and versions from the time of their initial approval or acceptance until they have been incorporated into the final media.

Approved changes to baselined software are made properly and consistently in all products, and no unauthorized changes are made.

2. Verification and Validation Monitoring
SQA assures Verification and Validation (V&V) activities bymonitoring technical reviews, inspections, and walkthroughs.The SQA role in formal testing is described in the nextsection. The SQA role in reviews, inspections, andwalkthroughs is to observe, participate as needed, andverify that they were properly conducted and documented.SQA also ensures that any actions required are assigned,documented, scheduled, and updated.
Formal software reviews should be conducted at the end ofeach phase of the life cycle to identify problems anddetermine whether the interim product meets all applicablerequirements. Examples of formal reviews are thePreliminary Design Review (PDR), Critical Design Review(CDR), and Test Readiness Review (TRR). A review looks atthe overall picture of the product being developed to see ifit satisfies its requirements. Reviews are part of thedevelopment process, designed to provide a ready/not-readydecision to begin the next phase. In formal reviews, actualwork done is compared with established standards. SQA'smain objective in reviews is to assure that the Managementand Development Plans have been followed, and that theproduct is ready to proceed with the next phase ofdevelopment. Although the decision to proceed is amanagement decision, SQA is responsible for advisingmanagement and participating in the decision.
An inspection or walkthrough is a detailed examination of aproduct on a step-by-step or line-of-code by line-of-codebasis to find errors. For inspections and walkthroughs, SQAassures, at a minimum, that the process is properlycompleted and that needed follow-up is done. The inspectionprocess may be used to measure compliance to standards.

3. Formal Test Monitoring
SQA assures that formal software testing, such as acceptancetesting, is done in accordance with plans and procedures.SQA reviews testing documentation for completeness andadherence to standards. The documentation review includestest plans, test specifications, test procedures, and testreports. SQA monitors testing and provides follow-up onnonconformances. By test monitoring, SQA assures softwarecompleteness and readiness for delivery.
The objectives of SQA in monitoring formal software testingare to assure that:
The test procedures are testing the software requirements in accordance with test plans.
The test procedures are verifiable.
The correct or "advertised" version of the software is being tested (by SQA monitoring of the CM activity).
The test procedures are followed.
Nonconformances occurring during testing (that is, any incident not expected in the test procedures) are noted and recorded.
Test reports are accurate and complete.
Regression testing is conducted to assure nonconformances have been corrected.
Resolution of all nonconformances takes place prior to delivery.

Software testing verifies that the software meets itsrequirements. The quality of testing is assured byverifying that project requirements are satisfied and thatthe testing process is in accordance with the test plans andprocedures.