Auditing Services for the Transportation Industry
Much of the transportation infrastructure is controlled and managed by safety-critical software. Many software engineering practices used in other safety-critical industries are applicable to the transportation industry. In addition, there may also be federal and state regulations and contractual requirements that apply.My team of experienced software engineers typically works together with software developers, transit authorities, and Quality Assurance organizations and can perform all required audits, including:
- Assessing compliance of software subcontractors to standards and regulations
- Performing risk assessments and identifying safety cases
- Functional audits
- In-process audits
- Physical audits
Audits are performed in these safety-related areas:
- Commercial-off-the-Shelf (COTS) Hardware and Software for Train Control Applications: System Safety Considerations, DOT/ FRA/ORD-03/14 April 2003
- Introduction to Software Configuration Management, FRA, August 2006
- 49 CFR Part 236—Rules, Standards, and Instructions Governing the Installation, Inspection, Maintenance, and Repair of Signal and Train Control Systems, Devices, and Appliances
- Software Management Control Plan
- Software Hazard Reporting
- IEEE Standard 12207 Systems and Software—Software Development Lifecycle Processes
I hold ASQ Certifications as a Quality Auditor and Software Quality Engineer. Each audit begins with a detailed Audit Plan that identifies what, when, where, and who. The Audit Plan is reviewed and approved prior to the audit. Members of the client's staff are encouraged to participate on the Audit Team.
- An Opening Meeting is held on the first day of the audit to review the audit process and the audit scope with all of the stakeholders and management.
- Daily summary meetings are held to review the day’s findings.
- A Closing Meeting is held on the last day of the audit with stakeholders and management in order to ensure everyone has a clear understanding of the audit findings and observations.
Once the audit is completed, a detailed Audit Report is prepared identifying the regulatory source for each finding. If requested, a detailed "gap analysis" is provided.
The Audit Report is reviewed and discussed with the client to ensure that the report is accurate and that findings are relevant.