What are the software audit and control steps

[nehabologna]

Hi, if I develop a machine learning model to find/predict the defects in a software system. How can I make sure my model will pass the audit by quality assurance team if the software industry has adopted/deployed my model? Are there any steps/checklists etc so that I can assess/gauge my model and the steps I performed to develop the model.

Warm regards
Neha

 

[yodon]

I'm a bit lost here, sorry.

What will your QA team audit for? Generally, these audits will consider compliance to a standard (e.g., IEC 62304) or basic software engineering practices (configuration status accounting). An audit would likely be done irrespective of what you do regarding deployment (or acceptance).

With machine learning, you're generally in a state of perpetually verifying that the model still works after new information is learned. This is often running known materials through and ensuring the results have not been negatively affected. This, though, isn't an audit (or necessarily done by SW QA - but they may audit to see if you're doing what you said you'd do in terms of re-verification).

The error prediction concept is interesting. There are a lot of static analysis tools already that look for typical coding errors. I'm curious how your tool will continually learn and predict errors.

 

[nehabologna]

Thank you yodon for your reply.

I guess the audit team will also evaluate the process we performed to build and validate the machine learning model. What comes in my mind (my wild guess) is that they will check how data is gathered and if it is preprocessed or not? Similarly, they will see how data is separated into train/test split, etc.. I need some document/literature, (which have mentioned the audit steps) so that I can cite/refer it while submitting my answer to the examination committee.