Name: Tanusha Bhuruth

Id: 1410274

Case study: Cisco

a) In phase 1, the same person who developed the code could also place it
into production. Describe 2 risks that can emerge as a result of this
practice?
1. Lack of documented code reviews
Documented code reviews make it easier for other persons to understand it.
However, when the same person who developed the code places it into
production, there may be a lack of documented code reviews. As a result, if at
a later date, another programmer is looking at the code, he will not have the
same feeling of personal judgment.
2. Inconsistent developer standards
Different developers have different style of programming. Therefore, other
developers may not understand the code written by the developer who
developed the code.

b) In Phase 2, the person who developed the code could not also be
responsible for placing it into production. Instead, a developer who wanted
to change a line of code would submit the request through a Web-based
application-change tracking and development tool. Describe 2 potential
benefits of this practice?
1. It may help to ensure compliance with file-naming standard and identify other
errors, for any necessary corrections.
2. It may relieve developers of the responsibility for deploying code to production

c) In Phase 3, Cisco IT that it needed to bring greater rigor to application

change management. Discuss how can Cisco IT achieve this? What are
the core activities that need to be considered?
To achieve this, Cisco IT needs a new instance for managing software projects
that would help increase quality, mitigate risk by creating processes that are
repeatable and predictable, and reduce development costs
Activities:
1. Configuration Identification

Identify all items within configurations (source code, test cases, test plan,
requirements specification document, test suites), milestones and
baselines.
2. Control
Making changes to configuration items.
3. Status accounting
Record/report current status and history of all changes to the configuration
items thus enhancing visibility of entire software.
4. Release processing
Distribute software configuration item outside the development activity.
5. Auditing
Perform audits to ensure conformity between items in configuration. This can
be done in parallel to testing phase.

d) In relation to (c), discuss how Cisco IT can achieve Software Quality

Assurance (SQA) goals?
Cisco can achieve SQA goals by applying repeated processes for managing
change and predicting effect. They can also ensure that the expertise and
resources to consistently deliver the expected product/service are available.
Finally, Cisco IT can place a focus on internal processes, including
How consistently processes deliver desired outcomes (effectiveness)
The productivity of a process compared the resources used (efficiency)
e) List 5 examples of configurable items which can be used in Phase 3?
1. Requirements document
2. Software plans
3. Source code
4. Test case
5. Frameworks