Software Development Compliance – Process change control
Cindy VanEpps, IBM Rational software
Last updated: February 08, 2013
Build basis: IBM Rational Collaborative Lifecycle Management (CLM) v3.0.1.x, v4.0.x (Rational Team Concert)
This is the fourth in a series of articles on how the Rational solution for Collaborative Lifecycle Management (CLM) support software development compliance. It is highly recommended you first read the overview article in the series before proceeding.
A highly configurable process provides great flexibility for a team. However, in a regulated environment, you must ensure that the internal controls for IT governance implemented in the process are enforced and cannot be circumvented. Therefore, changes to certain parts of the process specification must be more highly controlled. This article will show how project areas, permissions, and a custom work item type can be leveraged to provide the control required while not overly-restricting the flexibility teams need. In this article, we will demonstrate:
- How a shared process configuration is used for controlling parts of the process configuration across an organization
- How to use a custom work item type for capturing and approving process changes
- The process change history recorded by Team Concert
The attached PDF file provides a walk through with screen shots of examples of these implementations. This is a subset of a hands-on lab exercise that walks through the solutions in detail. We also provide the RTC process template used in the examples to help you get started.
For more information
- Work Authorization and Requirements Integrity
- Segregation of duties in Regulated Software Development
- Internal control audits
- Support for Capability Maturity Model Integration
- Open Source Policy Compliance
About the author
As an Industry Solutions Lead for Rational, Cindy VanEpps leads several initiatives that tie together an integrated set of Rational tools to support specific scenarios. She recently led the effort to create a solution for the Financial Services Sector to support planning for compliance based on portfolio management and collaborative lifecycle management. Creating simplicity and elegance from the complex and horrendous is her passion. She can be contacted at email@example.com.
Copyright © 2012 IBM Corporation