Product Lifecycle Risk Audit Work Program
This sample work program reviews the risks in the planning and initiation, requirements analysis, design, development, testing, implementation and roll-out, and post implementation areas of IT projects. For planning and initiation, some of the risk areas reviewed are: system requirements specification, cost benefit analysis, quality/time/cost, prioritization, methodology, and management approval and sponsorship.
Work program tasks include: determine the availability of technology required and company experience with IT; interview designers to determine how they assessed the ability of operational users to comprehend and use the system as planned; obtain a copy of effort estimates and review for reasonability in view of system functionality; and obtain estimating standards and determine how they were applied.