Organisations developing new systems or implementing off-the-shelf systems should not only use a sound project management methodology but should also follow a customised systems development life cycle (SDLC) audit methodology. This will ensure that the new system will be implemented within time and within budget, while providing for the needs of the business – at an operational and strategic level. A SDLC audit examines and evaluates a number of best practices.
At BDO, we believe any SDLC methodology audit should cover at least the following aspects of a system development and implementation project:
- Business case and management approval
- Feasibility studies
- Change management
- Project management
- Change control
- Business requirements definition
- Technical requirements definition
- Application functionality
- Testing phases
- Implementation phase
- Post implementation review.
SDLC audits can be performed by BDO under different circumstances and to achieve different objectives. For example, many clients have approached us in the past to perform post-implementation reviews to advise on:
- Whether a selected service provider was competent to continue providing system development, implementation and/or maintenance services to them - and, if required, how to terminate existing contracts in a legal and appropriate manner, normally entailing a detailed legal and SDLC audit, performed by senior attorneys and IT auditors
- Errors made and how to prevent them during future projects.
BDO can also be contracted in an advisory role to monitor and advise on current system development and implementation projects – either from an audit best practice point of view or to provide project management services to a client.