Sofema Aviation Services is pleased to offer the following procedures are as a guideline only, To use as a basis on which to focus the need for the development of associated process and proceduresĀ for Managing and Auditing Aviation Software.
Auditing Aviation Software consists of a means of monitoring the software development and other processes which the organization uses to ensure quality. The process by which this is achieved are multiple and open to the relevant organization to determine may include processes driven by for example ISO 9000.
As any quality auditor will attest, without adequate procedures the value of the audit diminishes as the effectiveness of the audit is impaired.
There are many standards available to satisfy the overall requirement, this document is intended to be used for guidance. It is generally understood that any software used to support aviation is subject to more robust testing.
Sofema Aviation Services is pleased to provide guidance on your specific auditing needs in particular in respect of auditing aviation software.
Documented Policies Procedures and Standards
Effective Management of Software requires that we have Documented Policies Procedures and Standards, these need to be documented in a controlled many with Effectively and Revision Control Processes.
Current Practice
Procedures should be consistent and well established, this is a perquisite for effective auditing of the aviation software.
Organisation elements and provision of Resources
The organization should have sufficient competent resources to manage each element of the process. Competency should be managed.
Criteria to be applied to the Software in General
Effective, Usable, Accessible, Flexible, Accepted, Desirable, Efficient and Continuously Evolving.
Installation and Configuration Records
Records should show the configuration control process and the installation status.
Records of Operational Testing
Records should show that all elements of the software have been thoroughly and vigorously tested.
Records of release of Software into the live environment
Any upgrades or releases into the live environment should be identified with records kept of pre release testing.
Records of Problems Report and Status
Management of user reported problems, feedback or status should be detailed and should show the nature of the response, and appropriate outcomes.
Records of back up and evidence of compliance with security controls including audit trials, Provision of adequate back up facilities.
All security measures used to support the software should be recorded, with user access and configuration controls identified.
Performance and Capacity monitoring records
The ability of the software to operate adequately when loaded should be evidenced during the testing process, records should be maintained of this activity.
Please visit www.sassofia.com or email office@sassofia.com