Software Development Compliance – Internal control audits

This page describes a usage or software configuration that may not be supported by IBM. The document template examples are not delivered with Rational products; however, they represent common report configurations.

This is the fifth and final in a series of articles on how the Rational solution for Collaborative Lifecycle Management (CLM) support software development compliance. It is highly recommended you first read the overview article in the series before proceeding.

To support internal control audits, you first have to document how you have implemented the controls then prove that your teams are following them. The other articles in this series give examples of how you can automate internal controls related to work authorization, segregation of duties and process change control. In this article, we will demonstrate:

  • Generation of audit reports that capture historical proof of adherence to process and compliance rules
  • Traceability from internal controls to implementation and testing of those controls to provide an audit trail

The attached PDF file provides a walk through with screen shots of examples of these implementations. This is a subset of a hands-on lab exercise that walks through the solutions in detail. We also provide the RPE document templates used in the examples to help you get started.

For more information

About the author

As an Industry Solutions Lead for Rational, Cindy VanEpps leads several initiatives that tie together an integrated set of Rational tools to support specific scenarios. She recently led the effort to create a solution for the Financial Services Sector to support planning for compliance based on portfolio management and collaborative lifecycle management. Creating simplicity and elegance from the complex and horrendous is her passion. She can be contacted at

Was this information helpful? Yes No 1 person rated this as helpful.