Can RTC support the auditing of development artefacts?
Accepted answer
Jason, RTC, RRC and RQM can definitely support creating reports to support an audit. Many customers today using one or more of the products above are passing development lifecycle audits for standards such as ASPICE, CMMI, ISO 26262 (an Automotive functional safety standard), DO-178B(international standard for software assurance for airborne software...used by the FAA before a plane can fly), and other standards.
The questions is what kind of audit do you want to do? Many of the standards above have a process called Quality Assurance where an independent organization will check that each part of the development lifecycle is being followed. This can cover areas such as project planning (do you have a process?), requirements management (do you manage and track requirements well? Do you have proper Change Control Board reviews and approvals? etc.), Can you trace your requirements to test, design and other artifacts? Are their complete test records and evidence with the required level on independence (i.e., the person developing an item can't be the person doing the testing in many cases), and so on.
Once you know what you want to audit, then you can create reports in the approriate product(s) or create cross product reporting with Rational Publishing Engine (perhpas a report that shows reqs mapped to design artifacts or Defects mapped to work item resolutions, mapped to design/code artifacts that were modified).
I hope this helps. The comments above are general, but the products you mentioned can definitely be used to support audit and many customers are doing so today.
The questions is what kind of audit do you want to do? Many of the standards above have a process called Quality Assurance where an independent organization will check that each part of the development lifecycle is being followed. This can cover areas such as project planning (do you have a process?), requirements management (do you manage and track requirements well? Do you have proper Change Control Board reviews and approvals? etc.), Can you trace your requirements to test, design and other artifacts? Are their complete test records and evidence with the required level on independence (i.e., the person developing an item can't be the person doing the testing in many cases), and so on.
Once you know what you want to audit, then you can create reports in the approriate product(s) or create cross product reporting with Rational Publishing Engine (perhpas a report that shows reqs mapped to design artifacts or Defects mapped to work item resolutions, mapped to design/code artifacts that were modified).
I hope this helps. The comments above are general, but the products you mentioned can definitely be used to support audit and many customers are doing so today.