Using Auditors for Project Requirements Gathering
Abstract The goal of the paper is to examine the benefits of using auditors for gathering project requirements. My opinion is that they can be invaluable in this process, because: they can leverage prior audit documentation to quickly get up to speed on new or proposed projects; they can use established relationships with stakeholders; and, they are already accustomed to the interviewing process. The manner in which this topic will be tackled is by examining the similarities of tasks performed by auditors and project managers. Guidelines and standards used by these two different professionals will also be reviewed and compared. The case will then be made for using auditors in lieu of or in addition to business analysts and project managers for project requirements gathering. Using Auditors for Project Requirements Gathering Regardless of the industry, auditors get a bad rap. The general perception that most people seem to have is that they are boring, humorless people that only exist to ruin your day. While there may be some truth to that – dependent on the individual – they are really intelligent, hardworking and (mostly) friendly people that are there to help. Because of the nature of the field, their job is to investigate and help solve problems. Many people tend to forget this out of pure ignorance and fear; the natural tendency is for them to recoil at the very notion of someone poking around and telling them what is wrong with the way they do things. Granted, this type of activity is part of the process, but a little understanding can turn this viewpoint into a positive one.
PCI.org (2006) provides an excellent description of what auditing is, and what auditors do:
Auditing is about understanding requirements, looking for opportunities for improvement, looking for best practices, asking questions, gathering information, analyzing what’s seen and heard, forming opinions and reaching conclusions. This effort requires that auditors be prepared,
PCI.org (2006) provides an excellent description of what auditing is, and what auditors do:
Auditing is about understanding requirements, looking for opportunities for improvement, looking for best practices, asking questions, gathering information, analyzing what’s seen and heard, forming opinions and reaching conclusions. This effort requires that auditors be prepared,
References: Egeland, B. (2009). The IT Auditor’s Role in the Software Development Process. Retrieved from http://pmtips.net/auditors-role-software-development-process/ Glen, P. (2008). Project Managers: Stop “Gathering” Project Requirements. Retrieved from http://www.techrepublic.com/blog/tech-manager/project-managers-stop-gathering-it-requirements/623 Gray, G. L., Gold, A. H., Jones, C. G., Miller, D. W. (2010) Strategies for Improving Systems Development Project Success ISACA. (2006) COBIT Mapping: Mapping of PMBOK with COBIT 4.0. Retrieved from http://www.isaca.org/Knowledge-Center/Research/Documents/research-PMBOK-Mapping-COBIT-28-Aug-06FINAL.pdf?Token=B287E14A-C3EA-49E4-91A8-4E0D9FBB250A ISACA. (2010) IT Standards, Guidelines and Tools and Techniques for Audit and Assurance and Control Professionals ISACA. (2009). Systems Development and Project Management Audit Assurance Program. Retrieved from http://www.isaca.org/Knowledge- Center/Research/ResearchDeliverables/Pages/Systems-Development-and-Project-Management-Audit-Assurance-Program.aspx Singleton, T. W. (2006). What Every IT Auditor Should Know About Project Risk Management. Retrieved from http://www.isaca.org/Journal/Past-Issues/2006/Volume-5/Pages/What-Every-IT-Auditor-Should-Know-About-Project-Risk-Management1.aspx (Unknown) (2006) Guide for Quality System Manual Internal Audit. Retrieved from http://www.pci.org/pdf/markets/certifications/QSM_guidelines.pdf