Lecture 4_Change Control, CA SA PDF
Document Details
Uploaded by Deleted User
Tags
Summary
This document provides an overview of Change Control, Configuration Auditing, and Status Accounting in software maintenance and configuration management (SCM). It discusses the process, steps, and essential factors involved in managing changes to software products and systems.
Full Transcript
TMA4093 Software Maintenance & Configuration Management (SCM) Change Control Configuration Auditing Status Accounting What is Change Control? Definition: SEE FOR A systematic process of managing YOURSELF!...
TMA4093 Software Maintenance & Configuration Management (SCM) Change Control Configuration Auditing Status Accounting What is Change Control? Definition: SEE FOR A systematic process of managing YOURSELF! and regulating modifications to software products and systems to ensure that all changes are introduced in a controlled and coordinated manner. The reality of change control in a software engineering context has been summed up beautifully by James Bach Change control is vital. We worry about change because a tiny perturbation in the code can create a big failure in the product. But it can also fi x a big failure or enable wonderful new capabilities. To prevent unauthorized changes, reduce the risks of unintended consequences, and ensure that all modifications align with project goals, standards, and quality requirements. Why Change Control is Essential 1. Risk Management Change control reduces risks by assessing changes before implementation. It helps prevent defects, SEE FOR YOURSELF! delays, and cost overruns, and enables quick rollbacks to restore functionality if issues arise. 2. Enhanced Collaboration and Communication Centralized change control improves communication across teams, ensuring alignment on updates and preventing misunderstandings, leading to more efficient collaboration. 3. Resource Optimization Prioritizing critical changes allows for better resource allocation, helping teams stay on track, within budget, and prepared for rollbacks when needed. 4. Traceability and Compliance Change control ensures traceability, supporting quality assurance and regulatory compliance. It allows for quick rollbacks if changes affect compliance. 5. Agility and Adaptability Change control enables teams to adapt to evolving needs while maintaining system integrity. Rollbacks to stable versions ensure minimal disruption during problematic updates. Overview of Change Control Process Too much change control and we create SEE FOR YOURSELF! problems. Too little, and we create other problems. For a large software project, uncontrolled change rapidly leads to chaos. For such projects, change control combines human procedures and automated tools to provide a mechanism for the control of change. Change Control Process Generally, the change control process flow takes 5 steps: 1. Change request 2. Review 3. Decision Making 4. Implementation of Change 5. Verify Ensure changes are managed, documented, and controlled to maintain software quality and stability. Minimize risks while facilitating necessary changes. (Pressman & Maxim, 2015) Change Request Submission Who Can Submit: Developers, QA team, project managers, product owners, and stakeholders (including end-users). E.g. User feedbacks on bug, developer refactor the authentication module, add new feature request, etc Key Information in a Change Request Submission: Request Details: Description of the change, rationale, and objectives. Requester Information: Name and role of the person submitting. Priority Level: Indication of urgency or importance. Supporting Documentation: Relevant files, screenshots, or data for context. Evaluation and Impact Analysis (Review) Purpose: Assess the feasibility, risks, and impact of the requested change on the project and system. Key Roles and Responsibilities: Technical Lead: Analyzes technical feasibility, identifies potential system impacts and evaluates resource needs. Project Manager: Assesses effect on scope, timeline, and budget. Product Owner: Reviews the change’s alignment with business and product goals and Prioritizes the change request QA Lead: Identifies testing needs and quality risks. Outcome: A well-informed recommendation for the Change Control Board (CCB). Approval and Rejection Process(Decision Making) Purpose: Change Control Board (CCB) evaluates change requests and decides whether to approve, reject, or defer. Process: 1. CCB Review: The CCB reviews the request and impact analysis. 2. Factors Considered: ✓ Technical Impact: System stability and performance. ✓ Project Impact: Scope, schedule, and resource effects. ✓ Business Alignment: Alignment with goals and priorities. ✓ Risk Assessment: Identified risks and mitigations. 3. Decision Outcomes: Approve: Move to implementation. Inform the request owner. Reject: No further action. Inform the request owner with reasons Defer: Postpone decision for further review or additional information. Inform the request owner of the delay and next steps. Implement the Change Purpose: Apply the approved change to the system in a controlled and planned manner. Process: 1. Deploy Change: Apply the change in the designated environment. Responsible: Development Team, DevOps 2. Update Configuration: Ensure configuration items (CIs) are aligned with the change. Responsible: Configuration Manager, Technical Lead 3. Communicate Progress: Notify relevant stakeholders of the implementation status. Responsible: Project Manager, Product Owner Outcome: The change is deployed and integrated into the system, ready for verification to confirm its success. Verification and Closure Purpose: Ensure that the change was successfully implemented and meets its objectives before finalizing the process. Process: 1. Testing: Perform tests to validate the change and ensure it works as intended. Responsible: QA Team, Development Team 2. Review and Validation: Check that the change aligns with the original requirements and objectives, ensuring no regressions or issues. Responsible: Product Owner, QA Lead 3. Monitoring: Observe system performance post-change to identify any potential issues, If issues arise, a rollback can be triggered to restore stability. Responsible: System Admin, Operations Team 4. Closure: Finalize the change, update documentation, and close the change request. Responsible: Configuration Manager, Project Manager Outcome: The change is verified as successful, with all issues addressed and documented. The change request is closed, and the system remains stable. Change Control Board (CCB) CCB is responsible for reviewing, approving, or rejecting change requests. Composition: includes representatives from various departments, such as: Project managers or product owners who understand project goals and priorities. Developers or technical leads who assess technical feasibility. Quality assurance (QA) leads who evaluate testing requirements. Operations or support staff who assess potential impacts on users or performance. Role in Review: The CCB reviews the change request, conducts risk analysis, and decides whether to approve or reject the request based on its impact and alignment with project goals. Role in Decision Making: Ensures changes align with project goals, timelines, and resource constraints, and verifies compliance with standards. Configuration Audit Configuration Audit in Software Configuration Management (SCM) process is verifying that configuration items (CIs) and their associated changes meet specified requirements, standards, and baselines. Configuration audits ensure that the SCM process maintains the system’s integrity, accuracy, and compliance. How can a software team ensure that the change has been properly implemented? Technical Review + Configuration Audit Technical review focuses on the technical correctness of the CI that has been modified A software configuration audit complements the technical review by assessing a configuration item for characteristics that are generally not considered during review. E.g. CIs traceability, consistency and integration Configuration Audit The audit asks and answers the following questions: Has the change specified in the ECO been made? Have any additional modifications been incorporated? Has a technical review been conducted to assess technical correctness? Has the software process been followed and have software engineering standards been properly applied? Has the change been “highlighted” in the SCI? Have the change date and change author been specified? Do the attributes of the configuration object reflect the change? Have SCM procedures for noting the change, recording it, and reporting it been followed? Have all related SCIs been properly updated? Status Accounting Status Accounting involves tracking, recording, and reporting the status of configuration items (CIs) to maintain accurate, current information on configuration changes. SCM tasks answer the following questions: (1) What happened? (2) Who did it? (3) When did it happen? (4) What else will be affected? Configuration Audit in Change Control Audit Process: 1. Change Request Submission Audit: Verify alignment with existing configuration baselines. Responsible: Configuration Manager 2. Evaluation & Impact Analysis Audit: Assess impact of the proposed change on configuration items (CIs). Responsible: Configuration Manager, Technical Lead 3. Approval & Decision Audit: Confirm compliance with standards and documentation requirements. Responsible: CCB, Configuration Manager 4. Implementation Audit: Ensure proper updates to CIs and that changes align with the request. Responsible: Configuration Manager, Development Team 5. Verification & Closure Audit: Conduct final checks and ensure the configuration baseline is updated. Responsible: Configuration Manager, QA Lead Outcome: The configuration audit ensures all changes are tracked, compliant, and correctly integrated into the system. Status Accounting in Change Control Purpose: Track and report the status of configuration items (CIs) during the change control process to ensure proper management. 1. Change Request Submission Status Accounting: Log the status of submitted change requests and impacted CIs. Responsible: Configuration Manager 2. Evaluation & Impact Analysis Status Accounting: Document evaluation status and any impact on existing CIs. Responsible: Configuration Manager, Technical Lead 3. Approval & Decision Status Accounting: Record the approval status and decision details, ensuring traceability. Responsible: CCB, Configuration Manager 4. Implementation Status Accounting: Track the status of implemented changes and updated CIs. Responsible: Configuration Manager, Development Team 5. Verification & Closure Status Accounting: Finalize status, ensuring changes are verified and baseline is updated. Responsible: Configuration Manager, QA Lead Outcome: Status accounting ensures transparency, traceability, and proper integration of changes throughout the process. Thank You