Evolution towards Hybrid Software Development Methods and Information Systems Audit Challenges
Abstract
:1. Introduction
2. Classification of Software Development Methodologies
2.1. Traditional Software Development Methodologies
2.1.1. Waterfall Model
- Simple and easy to understand and follow.
- Linear advancement and completion of each level for proceeding to the next one.
- Clear determination of goals.
- Detailed plan and documentation that empowers communication between peers.
- Difficult to establish changes that were not incorporated in the analysis and design.
- Uncertainty at the beginning of development.
- Software is delivered at the end.
- Testing takes place at the end.
- Users are not actively involved.
2.1.2. Incremental Model
- Increased flexibility and adaptability.
- Enhanced quality, due to code tests occurring on each increment.
- Improved code reliability.
- Need for resources to be committed for extensive periods.
- Requires strong change management control processes.
- Requires that both problem and solution are well-understood.
2.1.3. Structured Systems Analysis and Design Methodology (SSADM)
- Structured methodology that offers room for better communication between peers and high visibility throughout the generated documentation.
- Enhanced flexibility and modularization.
- Rigid control throughout the life cycle.
- Schedule flaws, due to high attention paid to the analysis.
- Requires capital to be implemented and maintained.
- Practically inefficient to be applied in smaller projects.
2.1.4. Prototyping Methodology
- Active involvement by users.
- Early detection of missing functionality.
- Risk of project failure is relatively reduced.
- Overall cost efficiency, due to early detection of errors and missing functionality.
- Time consumption for prototype building before proceeding to final product development.
- Upfront costs for building prototypes, which are eventually leveled with saving capital from the final product development.
- Insufficient to produce detailed functional specifications documents for each prototype.
2.1.5. V-Model variations
V-Model
- Overall simplicity that enables easy adoption by teams and onboarding of new team members.
- Straightforward to follow and efficient when requirements are stable.
- Increased transparency by specific deliverables expected in each phase.
- Poor flexibility to manage ongoing changes in requirements.
- Software is delivered at the end of the deployment and in the absence of prototypes or other artifacts that may eliminate user acceptance failure risks.
- Requires high technical expertise of the team.
VV-Model
- Closer connection between development and testing activities occurring in each phase.
- Establishes a high level of collaboration and responsibility between development and testing teams.
- High discipline model.
- Increased complexity, which usually leads to the adoption of the V-model instead of the VV-model.
- Requires classification of critical application tests to secure efficient resource allocation.
- Demanding on budget and time.
2.1.6. Spiral Model
- Risk-driven approach.
- Provides a viable framework for integrated software–hardware integration.
- Early estimation of cost (radius of the spiral).
- Risk management that comparatively eliminates customer satisfaction issues.
- Rule and protocol strictness that must be effectively implemented
- Considerably high complexity of SDLC processes.
- Amount of documentation due to several intermediate stages.
- End date is difficult to calculate at the beginning.
- Not suitable for small and considerably simple projects.
2.1.7. Fountain Model
- Enables incremental and iterative software development.
- Allows overlapping of activities between phases.
- Enhanced flexibility in changing requirements.
- Limited documentation production throughout the SDLC.
- Demanding in resources to facilitate overlapping development.
- Limited risk management due to object reuse generalization.
2.1.8. Rapid Application Development (RAD)
- High speed of product delivery.
- Increased quality, due to users’ involvement in analysis and design.
- Enhanced flexibility.
- Overall risk management.
- Scalability when projects expand and require inter-team communications.
- Front-end development focus that undergoes back-end best practices.
- Success depends on highly skilled and experienced developer teams.
- Requires commitment from stakeholders, which in large enterprises is a matter of scheduling conflicts between senior managers.
2.1.9. Unified Process (UP) and Rational Unified Process (RUP)
- Empowers team collaboration.
- Capability for incorporating changes, both from customer and development team.
- A framework for unifying software processes within organizations, with the use of UML diagrams for team collaboration.
- Suitable for both small and large projects.
- High complexity.
- Requires intimate familiarization.
- No working software until the end of coding, thus risks regarding meeting customer expectations.
- Integration throughout the SDLC.
2.1.10. Microsoft Solution Framework (MSF)
- Enhanced speed and flexibility.
- Increased risk management.
- Shared responsibility.
- Complexity in the construction process.
- Increased administration needs.
2.1.11. Additional Heavyweight Methodologies in the Literature
- Bing-Bang [58]: No document or process followed.
- Code and Fix [59]: Also called “Cowboy coding”, a two-face model where software engineers code in 1st phase and fix on the 2nd, until satisfying the customer.
- Sashimi model [60]: A waterfall model with an option for overlaying development phases.
- Sawtooth model [61]: A variation of the V-model, incorporating prototyping.
- Ropes model [62]: Rapid object-oriented process for embedded systems.
- Parallel model [63]: Parallel concurrent development occurs when different versions of an object are developed simultaneously.
- WINWIN model [64]: Extends the spiral model by adding Theory W activities (“make everyone a winner”) to the front of each cycle.
- Component-based model [65]: Identifying and reusing already existing components.
- Architecture-based model [66]: Approaching software design in terms of major design elements and their relationships among them.
- Intelligent model [67]: Also called the “knowledge-based software development model”, a combination of the Waterfall model with an expert system to integrate knowledge.
2.2. Agile Software Development
- “Individuals and interactions over processes and tools”.
- “Working software over comprehensive documentation”.
- “Customer collaboration over contract negotiation”.
- “Responding to change over following a plan”.
2.2.1. Crystal Family
- Elaboration through feedback directly from users.
- Improved team communications.
- Frequent deliveries of software.
- Minimum documentation approach.
- Risk for scope creep due to lack of pre-defined plans.
2.2.2. Adaptive Software Development (ASD)
- Strong collaboration between the developers and the customer.
- High visibility on product and progress.
- Low risk for project completion delays.
- Iterative testing imposes costs on the project’s life cycle.
- Engagement of resources in a wider timely manner for iterations.
- Difficult to scale or work in parallel project streams.
2.2.3. Scrum
- Team obtains the full idea about the product before development.
- Acceptance of changes at any time during the development.
- Quick development of software.
- Able to develop software according to the priority of the requirements.
- Schedule never changes.
- Teams are self-managed.
- Requires major culture transformations within organizations to be fully adopted.
- Teams need training and accumulated experience to become efficient.
- Detailed estimates for scope, budget, and time are limited to the sprint level.
- Documentation is limited.
2.2.4. Dynamic Systems Development Method (DSDM)
- High user involvement.
- Increased visibility during project elaboration.
- Quick delivery (80% of software in 20% of development time).
- Tight schedule and budget control.
- Requires skilled and experienced personnel.
- Comparatively limited freedom provided to developers for creativity.
- Occurrence of management overheads.
- Difficult to be adapted for small teams.
2.2.5. Feature-Driven Development (FDD)
- Fast delivery, with short iterations.
- Usually favored by clients due to tangible and frequent results.
- Emphasizes quality at all steps.
- Provides high visibility of progress.
- Strong dependency on the chief programmer, who selects the features and mentors the team.
- Limited documentation.
- Unfavorable for small projects.
2.2.6. Extreme Programming (XP)
- Code simplicity and maintainability.
- Enhanced flexibility.
- High interaction with users to meet customer expectations.
- Reduced project failure.
- Creates working software faster.
- Relatively costly.
- Lack of measuring code quality assurance.
- Provides better results when developers are collocated.
2.2.7. Test-Driven Development
- High maintainability of code.
- Smooth refactoring that makes new feature additions easier to code.
- Cost-effectiveness, due to elimination of code errors that require rework.
- Continuous testing may delay development progress.
- Requires mindset change, skills, and team training to learn and adjust to TDD.
2.2.8. Lean Software Development (LSD)
- Eliminate waste.
- Amplify learning.
- Defer commitment.
- Deliver as fast as possible.
- Empower the team.
- Build integrity in.
- See the whole.
- Increased collaboration and decision-making capability of the team.
- Streamlined approach that eliminates waste.
- Early delivery of working software.
- Economies of scale from waste elimination and resources utilization.
- Requires organization-wide cultural change.
- Demands strong documentation and precise data for every step.
- Considerably difficult to scale.
2.2.9. Large-Scale Scrum (LeSS)
- One Product Backlog for all teams.
- One Definition of Done for all teams.
- One Product Owner.
- One Sprint.
- One Potentially Releasable Product on every Sprint.
- Many cross-functional teams.
- Cost efficiencies by economies of scale.
- Operation simplification.
- Resource utilization and elimination of co-existence of multiple roles.
- High visibility across teams and the customer.
- Requires organization maturity to apply.
- Demands a skillful and experienced Product Owner to cope with teams.
- Requires extensive organizational training for adaptation and maintenance.
2.2.10. Kanban
- Increased progress visibility.
- Capability for focusing on priorities.
- Strongly collaborative environment.
- Reduced costs and waste.
- Lack of timeframes associated with each phase.
- Cannot be used independently, it usually fits other frameworks (e.g., Scrum).
- Focus on task monitoring and transition.
- Inability to iterate results for required reworks.
2.2.11. Agile Unified Process
- Applicable to both small and large software development projects.
- Constant flow of software delivery.
- Increased customer satisfaction, as they are involved in the development process.
- Flexibility for handling changes in requirements.
- Requires trained and skilled resources.
- Considerably heavy and streamlined in comparison to other agile methodologies.
- Lack of emphasis on document designs.
- Difficult to estimate the cost of the product at the beginning of the project.
2.2.12. DevOps
- Continuous release and deployment
- Increased collaboration, visibility, and trust within the team.
- Fast delivery and scalability.
- Requires DevOps expertise.
- Speed is usually prioritized over security.
- Costly to adapt and maintain.
2.2.13. Scrumban
- Visualizing work with Kanban board.
- Work in Progress (WIP) limitations at each workflow stage.
- Pulling items, when needed, placed into freeze.
- Explicit team policies, enabling members to take quicker decisions.
- Shorter planning meetings for updating the backlog queue.
- Retention of constant Scrum events such as reviews and retrospectives.
- Metrics based on cycle time and lead time, in contrast to velocity.
- Enhanced flexibility, combining elements from existing lightweight software development methodologies.
- Elaboration of a team’s level of Scrum effectiveness.
- Limitation of workflow delays.
- Effectiveness is dependent on team control over their workload.
- Demands experience in both Scrum and Kanban.
2.2.14. SAFe
- Alignment and visibility between teams on the enterprise level.
- Controlled environment for iterative development with a lean mindset.
- Waste elimination.
- Requires high commitment from all involved enterprise levels and users.
- Extensive terminology and process overhead.
- Complexity regarding man-day cost estimations.
2.2.15. Scrum/XP Hybrid
- Small releases, enabling progress visibility for customers.
- Continuous testing, integration, and refactoring.
- Collective code ownership.
- Requires considerable experience in both Scrum and XP practices from teams.
- Scrum-wrapped XP projects need to anticipate the non-colocation of developers.
2.3. Hybrid Software Development
- Practices: The range of tasks of the development team during SDLC, and their rules of progression for process running. Practices are categorized into single practices, (i.e., code refactoring, daily stand-ups), and methods (i.e., Lean, Crystal, KanBan, etc.).
- Frameworks: These are one or many selected practices and methods, specifying the SDLC management routines to be followed by the software development team.
- Context: This is derived from project goals and is related to accumulated success factors. These factors guide the selection of practices and methods, defining the desired outcome when applying a framework.
2.3.1. Waterfall-Agile Approach
2.3.2. Waterfall-Iterative Approach
2.3.3. Pipeline Approach
2.3.4. Combinations of Approaches, Frameworks, and Practices
- Combination of approaches. According to Prenner [143], hybrid development occurs primarily as a matter of combination between the three profound approaches: WAA, WAI, and Pipeline. Notably, the Waterfall model finds usage in all three of these approaches.
- Combination of frameworks and practices. Combinations between different frameworks and practices to establish hybrid software development were studied thoroughly by the international research project named HELENA (Hybrid DEveLopmENt Approaches in software development systems) [149,150], publishing their results as shown in Figure 33.
- Scrum with Iterative Development
- Scrum with Prototyping
- Waterfall with Iterative Development
- Scrum with Kanban (or Scrumban)
- Scrum with DevOps
3. Information Systems Audit Challenges in the Modern ERA
- Internal: run by auditors within their organization as self-assessments. These audits restrict the sharing of findings outside the organization and cannot be used for licensing.
- External: in the case of vendor–supplier relationships, a customer orders and operates an audit to verify the expected level of performance of their relationship.
- Independent: run from third-party independent auditors for licensing, certification, or product approval.
- Executive business model: examines how the organization is governed.
- Business processes: middle-management administration processes for business operations.
- System of systems: the connection of hardware and software for day-to-day business operations.
- Technical interfaces: the lowest level; most vulnerable for breaches, failures, and faults.
3.1. Factors That Affect Information System Audits
3.1.1. Business Environment
3.1.2. Technology Landscape
3.1.3. Sociopolitical Global Trends
3.1.4. The Need for Governance
3.2. IT Governance Frameworks
- IT Assurance Framework (ITAF) [162]: an ISACA framework for designing, conducting, and reporting IT audits.
- IT Infrastructure library (ITIL) [163]: a set of practices for the alignment of IT with business goals, providing a baseline for planning, implementing, and measuring deliverables.
- The Open Group Architecture Framework (TOGAF) [164]: a framework for governing enterprise information technology architecture.
- Committee of Sponsoring Organizations (COSO) [165]: a voluntary organization that provides guidance to organizations with its frameworks for operational performance, internal control, risk management, and fraud deterrence.
- VAL IT [166]: a COBIT-based framework that enables the creation of business value from IT-enabled investments.
3.3. IT Governance Standards
- International Standards Organization (ISO) IT Standards [167]. The International Standards Organization raises specifications for products, services, and good practices, assisting organizations to become more effective and efficient. The key standards that apply to IS/IT are:
- ISO 9001 (Quality Management Systems). Stipulates the requirements of a quality management system.
- ISO 15489 (Records management). Specifies the rules to create, capture, and manage records.
- ISO 19011 (Guidelines for auditing management systems). Provides guidance for the internal and external auditing of managed systems.
- ISO 20000 (IT operations). The first standard for IT services management; includes the design, transition, delivery, and improvement of service requirements, securing value creation for both the customer and the service provider.
- ISO 27000 (IT security). Establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization.
- ISO/IEC/IEEE 42010:2011 (Systems and software engineering—Architecture description). Specifies the required architecture content, architecture frameworks, and architecture languages description for the creation, analysis, and sustainment of IT system architecture descriptions.
- ISO 27002 (Information security controls). Provides the appropriate range of generic information security controls and implementation guidance.
- ISO 31000 (Risk). Assists organizations in effectively managing the risks in an environment full of uncertainty.
- ISO 38500 (Governance). Provides a framework for effective IT governance for top management to understand and satisfy legal, regulatory, and ethical obligations with respect to organization use of IT.
- Information System Audit & Control Association (ISACA) Standards [168]. ISACA provides the minimum acceptable performance required to meet the professional responsibilities set out in the ISACA Code of Professional Ethics. These standards are collected, maintained, and published as a factsheet by ISACA known as the IT Assurance Framework (ITAF).
- International Standards for Supreme Audit Institutions (ISSAI) Standards [169]. Some specific ISSAIs relating to the audit of information systems are:
- ISSAI 5300 Guidelines on IT audit.
- ISSAI 5310 Guidelines for Information Systems Security audit.
- ISSAI 5450 Guidelines for Public Debt Information Systems audit.
3.4. Governance in Software Development
- Value management. Securing alignment and impact of the software developed by the organization.
- Flexibility. Leveraging resource utilization towards the selection of the most appropriate software development methodology for the case at hand.
- Risk management. Enabling continuous risk management during the SDLC, adhering to internal and external needs for compliance.
- Change management. Establishing a change management mechanism during the SDLC that enables the embrace of changes.
3.5. IS/IT Control Audit Objectives
3.6. Information Systems Audit Process
- Audit planning.
- Scheduling of audits.
- Competence assurance of auditors.
- Audit team selection.
- Audit roles and responsibilities assignment.
- Conducting audits.
- Records maintenance.
- Performance tracking.
- Issues tracking.
- Reporting to management.
3.7. Auditing SDLCs
3.7.1. Evolutionary Development
Traditional SDLCs Audit
- Feasibility Study phase auditor’s interest. Includes review of the business case, needs analysis, cost justification, risk mitigation plan, and occurrence of formal management approval to proceed to the next phase.
- Requirements Definition phase auditor’s interest. Involves obtaining complete functional/non-functional requirements, flowcharts, and conceptual entity relationship diagrams (ERDs). Requirements must be connected to success factors and acceptance test criteria comprising security concerns, while management acknowledges and formally approves plans and estimated costs.
- System Design phase auditor’s interest. Reviewing the design baseline and design documents including flowcharts and model diagrams. Assessing integrity control of the flowing data, traceability of user transactions, quality control alignment, and evidence of management approval to proceed to the next phase.
- Development phase auditor’s interest. Primarily, verification that quality control processes are followed during software development. This includes debugging and fixing issues throughout recorded testing, while compliance to original requirements is derived through formal user acceptance, followed by management review and agreement to proceed to the next phase.
- Implementation phase auditor’s interest. Confirmation of software installation and operation when entering the production environment and support of end-users with documentation support. Management needs to have agreed before the new software is deployed to the production environment.
- Post-implementation phase auditor’s interest. Verification of software development project closure and alignment of the output with the organization’s objectives by contacting reviews to confirm that the new software system was developed as designed and that controls were applied throughout the SDLC.
- Disposal phase auditor’s interest. Validation that previous version disposals followed respective processes and documents and that accounting records are in place.
Agile Development Audit
- Start early with data collection. It is essential to have a working data sample to start the audit process, which can be later updated during the audit lifecycle. Early data checks are essential for identifying preliminary issues with data compilation, reading issues, and processing outcomes.
- Preserve team’s motivation. It is recommended to avoid the introduction of work optimization frameworks to high-performing agile teams with proven capacity to deliver.
- Adapt on the fly during sprints. When running agile in sprints, changes are accommodated according to a team’s decision, with limited justifying documentation and management approval needed. Teams need to maintain development progress with no discounts on quality and risk management.
- Adhere to agile mindset communication. Auditing agile organizations depends on interaction with the development team in the absence of hierarchical approvals and strict communication protocols, which may seem paleolithic to the team. Complementary agility perception and motivation by both the auditor and auditees are key to success.
- Possess an understanding of the big picture. This will lead to safer conclusions on what needs to be audited and how can be approached, monitored, and reported.
Continuous Auditing
3.7.2. Revolutionary Development
4. Discussion
5. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Nuša, E.; Rojko, K.; Lesjak, D. Traditional and new ICT spending and its impact on economy. J. Comput. Inf. Syst. 2022, 62, 384–396. [Google Scholar] [CrossRef]
- Global ICT Spending, Forecast 2020–2023. Available online: https://www.idc.com/promo/global-ict-spending/forecast (accessed on 14 June 2022).
- The role of ICT in the 4th Industrial Revolution. Available online: https://www.acts-net.org/events/past-events/58-the-role-of-ict-in-the-4th-industrial-revolution-4ir (accessed on 18 May 2022).
- Veldhoven, Z.V.; Vanthienen, J. Digital transformation as an interaction-driven perspective between business, society, and technology. Electron. Mark. 2021, 32, 629–644. [Google Scholar] [CrossRef] [PubMed]
- Zimmermann, A.; Schmidt, R.; Bogner, J.; Jugel, D.; Möhring, M. Software evolution for digital transformation. In Proceedings of the 13th International Conference on Evaluation of Novel Approaches to Software Engineering (ENASE), Funhal, Madeira, Portugal, 23–24 March 2018; pp. 205–212. [Google Scholar] [CrossRef]
- Kuhrmann, M.; Diebold, B.; Münch, J.; Trektere, K.; McCaffery, F.; Garousi, V.; Felderer, M.; Linssen, O.; Hanser, E.; Prause, C. Hybrid software development approaches in practice: A European perspective. IEEE Softw. 2019, 36, 20–21. [Google Scholar] [CrossRef] [Green Version]
- Wysocki, W. A hybrid software process management support model. In Proceedings of the 24th International Conference on Knowledge-Based and Intelligent Information & Engineering Systems, Procedia Computer Science, Virtual Conference, 16–18 September 2020; pp. 2312–2321. [Google Scholar]
- Vijayasarathy, L.; Butler, C. Choice of software development methodologies: Do organizational, project, and team characteristics matter? IEEE Softw. 2016, 33, 86–94. [Google Scholar] [CrossRef]
- Manifesto for Agile Software Development. Available online: https://www.agilealliance.org/agile101/the-agile-manifesto (accessed on 21 May 2022).
- Mateescu, G.; Vladescu, G. Auditing hybrid IT environments. Int. J. Adv. Comput. Sci. Appl. 2014, 5, 1–10. [Google Scholar] [CrossRef] [Green Version]
- The New Equation. Available online: https://www.pwc.com/jp/en/press-room/pwc-the-new-equation210701.html (accessed on 9 May 2022).
- Tell, P.; Klünder, J.; Küpper, S.; Raffo, D.; MacDonell, S.G.; Münch, J.; Pfahl, D.; Linssen, O.; Kuhrmann, M. What are hybrid development methods made of? An evidence-based characterization. In Proceedings of the International Conference on Software and Systems Process (ICSSP), Montréal, QC, Canada, 25 May 2019; IEEE Computer Society Press: Los Alamitos, CA, USA, 2019; pp. 105–114. [Google Scholar] [CrossRef]
- Cannon, D.; O’Hara, B.; Keele, A. CISA: Certified Information Systems Auditor, Study Guide, 4th ed.; John Wiley & Sons, Inc.: Indianapolis, IN, USA, 2016. [Google Scholar]
- Avison, D.; Fitzgerald, G. Methodologies for developing information systems: A historical perspective. In The Past and Future of Information Systems: 1976–2006 and Beyond, Proceedings of the IFIP 19th World Computer Congress, TC-8, Information System Stream, Santiago, Chile, 21–23 August 2006, 1st ed.; Avison, D., Elliot, S., Krogstie, J., Pries-Hege, J., Eds.; Springer: Berlin, Germany, 2006; Volume 214, pp. 27–38. [Google Scholar]
- Royce, W. Managing the development of large software systems. Proc. IEEE WESCON 1970, 26, 328–388. [Google Scholar]
- Senarath, U.S. Waterfall methodology, prototyping and agile development. Tech. Rep. 2021, 1–16. [Google Scholar] [CrossRef]
- Thakur, D.; Deepti, S.; Chaudhary, A. A comparative study between waterfall and incremental software development life cycle model. Int. J. Emerg. Trends Sci. Technol. 2015, 2, 2202–2208. Available online: https://journals.indexcopernicus.com/api/file/viewByFileId/174825.pdf (accessed on 5 August 2022).
- Ruël, H.J.M.; Bondarouk, T.; Smink, S. The waterfall approach and requirement uncertainty. Int. J. Inf. Technol. Proj. Manag. 2012, 2, 43–60. [Google Scholar] [CrossRef] [Green Version]
- Waterfall Methodology: Working, Advantages & Disadvantages. Available online: https://www.analyticssteps.com/blogs/waterfall-methodology-working-advantages-disadvantages (accessed on 5 August 2022).
- Basili, V.; Turner, J. Iterative enhancement: A practical technique for software development. IEEE Trans. Softw. Eng. 1975, 1, 390–396. [Google Scholar] [CrossRef]
- Basili, V.; Larman, C. Iterative and incremental development: A brief history. IEEE Comput. Soc. 2003, 36, 76–79. [Google Scholar]
- Incremental Delivery. Available online: https://www.gristprojectmanagement.us/software-2/incremental-delivery.html (accessed on 27 May 2022).
- Boateng, K.O.; Nunoo-Mensah, H. eLAB: An electronic lab simulation tool. In Proceedings of the 1st Conference in Engineering, Science, Technology and Entrepreneurship, Kumasi, Ghana, 6–7 August 2015. [Google Scholar]
- What is Incremental Model- Advantages, Disadvantages and When to Use It? Available online: http://tryqa.com/what-is-incremental-model-advantages-disadvantages-and-when-to-use-it/ (accessed on 5 August 2022).
- Parthasarathy, S. Structured systems analysis and design method (SSADM). In Systems Analysis Design & Introduction to Software Engineering, 4th ed.; Everest Publishing House: Pune, India, 2015; pp. 41–51. [Google Scholar]
- The use of SSADM (Structured Systems Analysis and Design Methodology) as a Standard Methodology on Information Systems Projects, Seminar Paper. 2001. Available online: https://www.grin.com/document/106034 (accessed on 5 August 2022).
- Naumann, J.D.; Jenkins, A.M. Prototyping: The new paradigm for systems development. MIS Q. 1982, 3, 29–44. [Google Scholar] [CrossRef]
- Helmy, M.A.W.; Hassan, N.; Mohd, Z.; Hanafi, H. Web based intelligent appointment system. In Proceedings of the Merapatkan Jurang Digital: Masyarakat Berpengetahuan, Model Malaysia, Kuala Lumpur, Malaysia, 18–19 March 2009; pp. 124–136. [Google Scholar]
- Susanto Azhar, M. System development method with the prototype method. Int. J. Sci. Technol. Res. 2019, 8, 141–144. [Google Scholar]
- Advantages and Disadvantages of Prototype Model. Prototyping Model in Software Engineering for Testing. Available online: https://www.aplustopper.com/advantages-and-disadvantages-of-prototype-model/ (accessed on 5 August 2022).
- Weilkiens, T.; Lamm, J.G.; Stephan, R.; Markus, W. The V-model. In Model-Based System Architecture, 1st ed.; John Wiley & Sons: Hoboken, NJ, USA, 2016; pp. 343–352. [Google Scholar]
- Fleischer, C.; Sauer, D.V.; Barreras, J.V.; Schaltz, E.; Christensen, A. Development of software and strategies for battery management system testing on HIL simulator. In Proceedings of the 11th International Conference on Ecological Vehicles and Renewable Energies (EVER 2016), Monte Carlo, Monaco, 6–8 April 2016. [Google Scholar] [CrossRef]
- Using V Models for Testing. Available online: https://insights.sei.cmu.edu/blog/using-v-models-for-testing (accessed on 30 May 2022).
- Durmuş, M.; Ustoglu, I.; Tsarev, R.; Börcsök, J. Enhanced V-Model. Informatica 2018, 42, 577–585. [Google Scholar] [CrossRef] [Green Version]
- Boehm, B. A spiral model of software development and enhancement. IEEE Comput. 1988, 21, 61–72. [Google Scholar] [CrossRef]
- Munassar, N.M.A.; Govardhan, A. A comparison between five models of software engineering. IJCSI Int. J. Comput. Sci. Issues 2010, 7, 94–101. [Google Scholar]
- Bhosale, S. Spiral model: Applications in web based applications. IPASJ Int. J. Comput. Sci. 2014, 2, 1–4. [Google Scholar]
- Doshi, D.; Jain, L.; Gala, K. Review of the spiral model and its applications. Int. J. Eng. Appl. Sci. Technol. 2021, 5, 311–316. [Google Scholar] [CrossRef]
- Henderson-Selers, B.; Julian, M.E. The fountain model for object-oriented system development. Object Mag. July-August 1993, 21, 71–79. [Google Scholar]
- Pillai, K. The fountain model and its impact on project schedule. ACM SIGSOFT Softw. Eng. Notes March 1996, 21, 32–38. [Google Scholar] [CrossRef]
- Fountain Model in Software Development Life Cycle (SDLC). Available online: https://ugcnet-computerscienceguide.blogspot.com/2022/01/fountain-model-in-software-development.html (accessed on 5 August 2022).
- Advantages and Disadvantages of Software Engineering Waterfall Model, Prototype Model, Fountain Model and V Model and Applicable Scenarios. Available online: https://blog.katastros.com/a?ID=00500-0a0f26d6-121e-4ef3-ae75-211c0c4e4f15 (accessed on 5 August 2022).
- Fountain Model. Available online: https://blog.actorsfit.com/a?ID=01500-a412fec7-2ed1-4837-917b-8157ee32a0b4 (accessed on 8 August 2022).
- Martin, J. Rapid Application Development, 3rd ed.; Macmillan Publishing Company: New York, NY, USA, 1991. [Google Scholar]
- Abd Ghadas, Z.A.; Wan Ismail, W.N.S.; Abdul Aziz, A.; Harun, N.A.; Jusop, M.; Rahman, C.A. LAFAMS: Account management system for Malaysian small legal firms. Pertanika J. Soc. Sci. Humanit. 2015, 23, 239–250. [Google Scholar]
- What is RAD Model? Phases, Advantages and Disadvantages. Available online: https://www.guru99.com/what-is-rad-rapid-software-development-model-advantages-disadvantages.html (accessed on 8 August 2022).
- The Advantages and Disadvantages of RAD Software Development. Available online: http://www.my-project-management-expert.com/the-advantages-and-disadvantages-of-rad-software-development.html (accessed on 8 August 2022).
- Kirpitsas, I. Implementation of Web-Based Application for Self Assessment of Professional Qualifications. Master’s Thesis, Interdepartmental Programme of Postgraduate Studies (I.P.P.S.) in Information Systems, University of Macedonia, Thessaloniki, Greece, 15 November 2019; pp. 32–44. [Google Scholar]
- Booch, G. The UML and the rational unified process. IEEE Softw. 2020, 37, 12. [Google Scholar]
- Jacobson, I.; Booch, G.; Rumbaugh, J. The unified process. IEEE Softw. 1999, 16, 96–102. [Google Scholar]
- What are the Advantages of Unified Process in Software Engineering? Available online: https://www.raiseupwa.com/miscellaneous/what-are-the-advantages-of-unified-process-in-software-engineering/ (accessed on 8 August 2022).
- The Difference Between Agile and Unified Process Methodology. Available online: https://blog.bydrec.com/agile-vs-unified-process-methodology (accessed on 8 August 2022).
- Microsoft Solutions Framework (MSF). Available online: http://architectureportal.org/microsoft-solutions-framework (accessed on 1 June 2022).
- Microsoft Solutions Framework v3 Overview. Available online: https://www.researchgate.net/publication/236735939_Microsoft_Solutions_Framework_v3_Overview (accessed on 30 May 2022).
- Giotis, T.C. How to deliver successful IT projects using MSF team model and MSF process model. In Proceedings of the PMI® Global Congress, Budapest, Hungary, 14–16 May 2007. [Google Scholar]
- Microsoft Solutions Framework. Basic Principles. Available online: https://newline.tech/microsoft-solutions-framework-basic-principles/ (accessed on 8 August 2022).
- The Advantages and Disadvantages of the MSF Method. Available online: https://blog.actorsfit.com/a?ID=01300-6cacab87-424d-48d0-8893-550f7a919986 (accessed on 8 August 2022).
- Johnson, J. Bing Bang Boom; Technical Report; The Standish Group International Inc.: Boston, MA, USA, 2014. [Google Scholar] [CrossRef]
- Cowboy Coding: Code & Fix Model. Available online: https://study.com/academy/lesson/cowboy-coding-code-fix-model.html (accessed on 3 June 2022).
- Matkovic, P.; Tumbas, P. A comparative overview of the evolution of software development model. J. Ind. Eng. Manag. 2010, 1, 163–172. [Google Scholar]
- Sherrell, L.; Chen, L. The w life cycle model and associated methodology for corporate web site development. Commun. AIS 2001, 5, 7. [Google Scholar]
- Douglas, B.P. ROPES: Rapid object-oriented process for embedded systems. In Doing Hard Time: Developing Real-Time Systems using UML, Objects, Frameworks, and Patterns Reading; Addison-Wesley Professional: Boston, MA, USA, 1999; pp. 14–16. [Google Scholar]
- Parallel Development, IBM Rational Synergy 7.2.0. Library. Available online: https://www.ibm.com/docs/en/rational-synergy/7.2.0?topic=synergy-parallel-development (accessed on 18 May 2022).
- Boehm, B.; Port, D.; Yang, Y. WinWin spiral approach to developing COTS-based applications. In COTS-Based Software Systems; EDSER-5 Position Paper; Dean, J., Grave, A., Eds.; Springer: Berlin/Heidelberg, Germany, 2003. [Google Scholar]
- Hasselbring, W. Component-based software engineering. Int. J. Softw. Eng. Knowl. Eng. 2002, 17, 289–305. [Google Scholar] [CrossRef]
- The Architecture Based Design Method. Available online: https://www.researchgate.net/publication/235088008_The_Architecture_Based_Design_Method (accessed on 22 May 2022).
- Kravets, A.; Shcherbakov, M.; Kultsova, M.; Tadashi, I. Knowledge-based software engineering. In Proceedings of the 11th Joint Conference, JCKBSE 2014, Volgograd, Russia, 17–20 September 2014; pp. 156–171. [Google Scholar]
- How to Get Agile Right, Boston Consulting Group. Available online: https://www.bcg.com/featured-insights/how-to/agile (accessed on 16 May 2022).
- Williams, L.; Cockburn, A. Guest editors’ introduction: Agile software development: It’s about feedback and change. IEEE Comput. 2003, 36, 39–43. [Google Scholar] [CrossRef]
- Mccauley, R. Agile development methods poised to upset status quo. ACM SIGCSE Bull. 2003, 33, 14–15. [Google Scholar] [CrossRef]
- Schuh, P. Integrating Agile Development in the Real World; Charles River Media, Inc.: Needham, MA, USA, 2004; ISBN 1584503645. [Google Scholar]
- Disciplined Agile Software Development: Definition, Ambysoft Inc. Available online: http://www.agilemodeling.com/essays/agileSoftwareDevelopment.htm (accessed on 28 May 2022).
- Crystal Clear a Human-Powered Methodology for Small Teams. Including The Seven Properties of Effective Software Projects. 2004. Available online: https://www.researchgate.net/publication/234820806 (accessed on 30 May 2022).
- Cockburn, A. Crystal Clear: A Human-Powered Methodology for Small Teams: A Human-Powered Methodology for Small Teams, 1st ed.; Fuller, J., Ed.; Addison-Wesley Professional: Boston, MA, USA, 2004. [Google Scholar]
- Anwer, F.; Aftab, S.; Waheed, U.; Muhammad, S. Agile software development models TDD, FDD, DSDM, and crystal methods: A survey. Int. J. Multidiscip. Sci. Eng. 2017, 8, 1–10. [Google Scholar]
- Crystal Method in Agile. Available online: https://www.toolsqa.com/agile/crystal-method/ (accessed on 8 August 2022).
- Crystal Methods in Agile Development/Framework. Available online: https://www.geeksforgeeks.org/crystal-methods-in-agile-development-framework/ (accessed on 8 August 2022).
- Bayer, S.; Highsmith, J. Radical software development. Am. Program. 1994, 7, 35–42. [Google Scholar]
- Than, M.Z. An Analysis on Adaptive Software Development (ASD) Framework. Tech. Rep. 2012. Available online: https://www.researchgate.net/publication/360083381_An_Analysis_on_Adaptive_Software_Development_ASD_Framework (accessed on 30 May 2022). [CrossRef]
- Adaptive Software Development (ASD). Available online: https://airfocus.com/glossary/what-is-adaptive-software-development/ (accessed on 8 August 2022).
- Characteristics of Adaptive Software Development. Available online: https://www.geeksforgeeks.org/characteristics-of-adaptive-software-development/ (accessed on 8 August 2022).
- 15th Annual State of Agile Report. Available online: https://digital.ai/resource-center/analyst-reports/state-of-agile-report (accessed on 8 August 2022).
- SCRUM Development Process. Available online: https://scrumorg-website-prod.s3.amazonaws.com/drupal/2016-09/Scrum%20OOPSLA%201995.pdf (accessed on 7 June 2022).
- Mathai, M.; Venugopal, R.; Abraham, J.T. Hybrid model for software development. Int. J. Res. Eng. Technol. 2016, 5, 198–202. [Google Scholar]
- Usmani, N.; Farooqui, S.; Ali, M.; Mahmood, W. Benefits to organizations after migrating to scrum. In Proceedings of the 29th International Business Information Management Association Conference, Vienna, Austria, 3–4 May 2017; pp. 3815–3828. [Google Scholar]
- Hema, V.; Thota, S.; Kumar, S.; Padmaja, C.; Krishna, C.; Mahender, K. Scrum: An effective software development agile tool. In Proceedings of the IOP Conference Series: Materials Science and Engineering, Warangal, India, 9–10 October 2022; Available online: https://iopscience.iop.org/article/10.1088/1757-899X/981/2/022060/pdf (accessed on 5 August 2022).
- Morampudi, N.; Gaurav, R. Evaluating strengths and weaknesses of agile scrum framework using knowledge management. Int. J. Comput. Appl. 2013, 65, 1–6. Available online: https://research.ijcaonline.org/volume65/number23/pxc3886058.pdf (accessed on 8 August 2022).
- Top Scrum Master Challenges & Ways to Overcome Them. Available online: https://www.knowledgehut.com/blog/agile/5-hurdles-that-scrum-masters-commonly-face (accessed on 8 August 2022).
- Zafar, I.; Nazir, A.; Abbas, M. The Impact of Agile Methodology (DSDM) on Software Project Management. In Proceedings of the International Conference on Engineering, Computing & Information Technology ICECIT 2017, Akdeniz University, Antalya, Turkey, 21–23 August 2017; pp. 1–6. [Google Scholar]
- The DSDM Agile Project Framework 2014 Onwards. Available online: https://www.agilebusiness.org/page/TheDSDMAgileProjectFramework (accessed on 8 August 2022).
- Pareto Principle. Available online: https://corporatefinanceinstitute.com/resources/knowledge/economics/pareto-principle/ (accessed on 7 August 2022).
- DSDM—Dynamic Systems Development Method. Available online: https://mark-whitfield.com/dsdm-dynamic-systems-development-method/ (accessed on 22 August 2022).
- Dynamic Systems Development Methodology. Available online: https://www.ukessays.com/essays/information-systems/dynamic-systems-development-methodology.php (accessed on 8 August 2022).
- Jeff De Luca on Feature Driven Development. Available online: https://www.it-agile.de/fileadmin/docs/FDD-Interview_en_final.pdf (accessed on 6 June 2022).
- Feature Driven Development & Empirical Modelling. Available online: https://warwick.ac.uk/fac/sci/dcs/research/em/publications/web-em/04/featurelist.pdf (accessed on 9 June 2022).
- Palmer, S.; Felsing, J. A Practical Guide to Feature Driven Development, 1st ed.; Prentice Hall: Haboken, NJ, USA, 2002; p. 57. [Google Scholar]
- What Is DSDM? Available online: https://www.codeproject.com/Articles/5097/What-Is-DSDM (accessed on 7 August 2022).
- Feature Driven Development (FDD): An Agile Methodology. Available online: https://www.toolsqa.com/agile/feature-driven-development/ (accessed on 8 August 2022).
- Feature Driven Development (FDD). Available online: https://code-mentor.org/feature-driven-development-fdd/ (accessed on 8 August 2022).
- Beck, K. Extreme Programming Explained, 1st ed.Addison-Wesley Professional: Boston, MA, USA, 1999. [Google Scholar]
- Kumar, R.; Maheshwary, P.; Malche, T. Inside agile family software development methodologies. Int. J. Comput. Sci. Eng. 2019, 7, 650–660. [Google Scholar] [CrossRef]
- Yadav, K.; Yasvi, M.; Shubhika. Review on extreme programming-XP. Int. J. Adv. Electron. Comput. Sci. 2019, 6, 21–27. Available online: http://www.iraj.in/journal/journal_file/journal_pdf/12-574-156567485721-27.pdf (accessed on 7 June 2022).
- Extreme Programming (XP). Available online: https://teachcomputerscience.com/extreme-programming-xp/#Disadvantages_of_Extreme_Programming (accessed on 7 June 2022).
- Beck, K. Test Driven Development: By Example, 1st ed.; Addison-Wesley Professional: Boston, MA, USA, 2002. [Google Scholar]
- Parsons, D.; Lal, R.; Lange, M. Test driven development: Advancing knowledge by conjecture and confirmation. Future Internet 2011, 3, 281–297. [Google Scholar] [CrossRef]
- 6 Compelling Benefits of (TDD) Test Driven Development. Available online: https://www.knowledgehut.com/blog/agile/6-compelling-benefits-of-tdd-test-driven-development (accessed on 8 August 2022).
- Advantages and Disadvantages of Test Driven Development (TDD). Available online: https://www.geeksforgeeks.org/advantages-and-disadvantages-of-test-driven-development-tdd/ (accessed on 8 August 2022).
- Cawley, O.; Wang, X.; Richardson, I. Lean software development—What exactly are we talking about? In Proceedings of the 4th International Conference on Lean Enterprise Software and Systems (LESS), Galway, Ireland, 1–4 December 2013. [Google Scholar]
- Advantages of Lean Software Development. Available online: https://www.instinctools.com/blog/advantages-of-lean-software-development/ (accessed on 8 August 2022).
- Larman, C.; Vodde, B. Large-Scale Scrum, More with LeSS, 1st ed.; Addison-Wesley Professional: Boston, MA, USA, 2016; pp. 10–13. [Google Scholar]
- Introduction to LeSS. Available online: https://less.works/less/framework/introduction (accessed on 8 August 2022).
- Large Scale Scrum (LeSS): A Short & Crisp Introduction. Available online: https://echometerapp.com/en/large-scale-scrum/ (accessed on 8 August 2022).
- Nine Disadvantages of LeSS, From Someone Who’s Doing It. Available online: https://seattlescrum.com/nine-disadvantages-of-less/ (accessed on 8 August 2022).
- Ahmad, M.O.; Dennehy, D.; Conboy, K.; Oivo, M. Kanban in software engineering: A systematic mapping study. J. Syst. Softw. 2017, 137, 96–113. [Google Scholar] [CrossRef] [Green Version]
- A Lean Approach to Efficient Workflow Management. Student Guide. Lean, Agile & Kanban Processes for Software Projects by Evan Leybourn. Available online: https://theagiledirector.com/images/LeanKanban.pdf (accessed on 26 May 2022).
- Ganev, P. Advantages and Disadvantages of Using Scrum, Kanban and Scrumban for Software Development. Available online: https://www.academia.edu/36983292/Peter_Ganev_Advantages_and_disadvantages_of_using_Scrum_Kanban_and_Scrumban_for_software_development (accessed on 8 August 2022).
- Ahmad, M.; Oivo, M.; Markkula, J. Kanban in software development: A systematic literature review. In Proceedings of the 39th Euromicro Conference Series on Software Engineering and Advanced Applications, Santander, Spain, 4–6 September 2013; pp. 9–16. [Google Scholar] [CrossRef]
- Ambler, S.; Nalbone, J.; Vizdos, M. Enterprise Unified Process: Extending the Rational Unified Process, 1st ed.; Prentice Hall PTR: Hoboken, NJ, USA, 2005; ISBN 0-13-191451-0. [Google Scholar]
- Edeki, C. Agile unified process. Int. J. Comput. Sci. Mob. Appl. 2013, 1, 13–17. [Google Scholar]
- Agile Software Development Methods: What is the Agile Unified Process? Available online: https://blog.bydrec.com/agile-software-development-methods-what-is-the-agile-unified-process (accessed on 8 August 2022).
- The Agile Unified Process (AUP). Available online: https://www.methodsandtools.com/archive/archive.php?id=21 (accessed on 8 August 2022).
- Yarlagadda, R.T. DevOps and its practices. SSRN Electron. J. 2021, 9, 111–119. [Google Scholar]
- What is DevOps? Atlassian. Available online: https://www.atlassian.com/devops (accessed on 19 August 2022).
- Talks We Like: 10+ Deploys Per Day: Dev and Ops Cooperation at Flickr, by Hammond and Allspaw. Available online: https://www.rundeck.com/blog/twl-10-deploys-per-day-hammond-allspaw (accessed on 8 August 2022).
- Almeida, F.; Simões, J.; Lopes, S. Exploring the benefits of combining devops and agile. Future Internet 2022, 14, 63. [Google Scholar] [CrossRef]
- DevOps as a Service: Advantages and Disadvantages. Available online: https://logicera.net/devops-as-a-service-advantages-and-disadvantages/ (accessed on 8 August 2022).
- Disadvantages of using DevOps. Available online: https://www.3pillarglobal.com/insights/disadvantages-of-using-devops/ (accessed on 8 August 2022).
- Bhavsar, K.; Gopalan, S.; Shah, V. Scrumban: An agile integration of scrum and kanban in software engineering. Int. J. Innov. Technol. Explor. Eng. 2020, 9, 1626–1634. [Google Scholar] [CrossRef]
- Ladas, C. Scrumban-Essays on Kanban Systems for Lean Software Development; Modus Cooperandi Press: Seattle, WA, USA, 2009. [Google Scholar]
- Aini, Q.; Budiarto, M.; Putra, P.; Santoso, N. Gamification-based The Kampus Merdeka Learning in 4.0 era. IJCCS Indones. J. Comput. Cybern. Syst. 2021, 15, 31–42. [Google Scholar] [CrossRef]
- What is Scrumban? The Best Parts of Scrum and Kanban. Available online: https://www.process.st/scrumban/ (accessed on 8 August 2022).
- Leffingwell, D.; Yakyma, A.; Knaster, R.; Jemilo, D.; Oren, I. SAFe® Reference Guide, Scaled Agile Framework® for Lean Soft-1644 Ware and Systems Engineering, 1st ed.; Addison-Wesley Professional: Boston, MA, USA, 2016; pp. 1–7. [Google Scholar]
- Part I: Overview SAFe®. Available online: https://www.oreilly.com/library/view/safe-40-distilled/9780134209487/part01.html (accessed on 19 August 2022).
- Introducing the Scaled Agile Framework. Available online: https://scalingsoftwareagility.wordpress.com/2011/10/23/introducing-the-scaled-agile-framework%E2%84%A2/ (accessed on 29 May 2022).
- Benefits of Scaled Agile Framework (SAFe). Available online: https://www.tietoevry.com/en/blog/2019/06/benefits-of-scaled-agile-framework-safe/ (accessed on 8 August 2022).
- Mar, K.; Schwaber, K. Scrum with XP. InformIT 2002. Available online: http://www.informit.com/articles/article.aspx?p=26057 (accessed on 8 August 2022).
- Scrum and eXtreme Programming (XP). Available online: https://www.scrum.org/resources/blog/scrum-and-extreme-programming-xp (accessed on 8 August 2022).
- Fuior, F. Key elements for the success of the most popular Agile methods. Rev. Română Inform. Autom. 2019, 29, 7–16. [Google Scholar] [CrossRef]
- Pros and Cons of Scaled Agile Framework. Available online: https://premieragile.com/advantages-and-disadvantages-of-scaled-agile-framework/ (accessed on 8 August 2022).
- Scrum is Not Enough: How to Sell the Benefits of Scrum + Extreme Programming. Available online: https://techbeacon.com/app-dev-testing/scrum-not-enough-how-sell-benefits-scrum-extreme-programming (accessed on 8 August 2022).
- Glass, R.L. The state of the practice of software engineering. IEEE Softw. 2003, 20, 20–21. [Google Scholar] [CrossRef]
- Küpper, S.; Rausch, A.; Andelfinger, U. Towards the systematic development of hybrid software development processes. In Proceedings of the International Conference on the Software and Systems Process ICSSP ’18, Gothenburg, Sweden, 26–27 May 2018; pp. 157–161. [Google Scholar] [CrossRef]
- Prenner, N.; Unger-Windeler, C.; Schneider, K. How are hybrid development approaches organized?—A systematic literature review. In Proceedings of the International Conference on Software and Systems Process ICSSP ’20, Seoul, Korea, 10–11 October 2020; pp. 145–154. [Google Scholar] [CrossRef]
- Introduction to Unified Modeling Language (UML), 3rd INSPIRATION Training 4–5 December 2012. Available online: https://www.gfa-group.de/web-archive/inspire/www.inspiration-westernbalkans.eu/5/9/5/3/7/7/Introduction_to_the_Uni-1691fied_Modeling_Language__UML_.pdf (accessed on 8 August 2022).
- Types of UML Diagrams. Available online: http://www.peter-lo.com/Teaching/U08182/Types%20of%20UML%20Diagrams.pdf (accessed on 8 August 2022).
- Kandl, S.; Elshuber, M. A Formal Approach to System Integration Testing. Available online: https://arxiv.org/ftp/arxiv/papers/1404/1404.6743.pdf (accessed on 9 August 2022).
- What Is User Acceptance Testing (UAT): A Complete Guide. Available online: https://www.softwaretestinghelp.com/what-is-user-acceptance-testing-uat/ (accessed on 9 August 2022).
- Gharajeh, M.S. Waterative model: An integration of the waterfall and iterative software development paradigms. Database Syst. J. 2019, 10, 75–81. [Google Scholar]
- Kuhrmann, M.; Diebold, P.; Münch, J.; Tell, P.; Garousi, V.; Felderer, M.; Trektere, K.; Mccaffery, F.; Linssen, O.; Hanser, E.; et al. Hybrid software and system development in practice: Waterfall, scrum, and beyond. In Proceedings of the International Conference on Software and Systems Process ICSSP ’17, Paris, France, 5–7 July 2017; pp. 30–39. [Google Scholar] [CrossRef]
- Kuhrmann, M.; Nakatumba-Nabende, J.; Pfeiffer, R.H.; Tell, P.; Klünder, J.; Conte, T.; MacDonell, S.G.; Hebig, R. Complementing materials for the HELENA-Edu Study. Tech. Rep. 2019. [Google Scholar] [CrossRef]
- Gantz, S.D. The Basics of IT Audit, 1st ed.; Syngress Publications, Elsevier Inc.: Waltham, MA, USA, 2014; p. 16. [Google Scholar]
- Sayana, A. The evolution of information systems audit. ISACA J. 2022, 1, 1–5. [Google Scholar]
- Largest Companies by Market Cap. Available online: https://companiesmarketcap.com (accessed on 26 May 2022).
- Global Internet Penetration Rate as of April 2022, By Region. Available online: https://www.statista.com/statistics/269329/penetration-rate-of-the-internet-by-region (accessed on 30 May 2022).
- Friedman, T.L. The World Is Flat: A Brief History of the Twenty-First Century, 1st ed.; Penguin Books Ltd.: London, UK; ISBN 13 9780141022727.
- Cybercrime Statistics, Surfshark. Available online: https://surfshark.com/research/data-breach-impact/statistics (accessed on 21 May 2022).
- Grembergen, V.V. From IT governance to enterprise governance of IT: A journey for creating business value out of IT. In Proceedings of the conference on e-Business, e-Services, and e-Society, I3E 2010, Buenos Aires, Argentina, 3–5 November 2010; p. 3. [Google Scholar]
- Introduction to COBIT, Its Role in IT Governance and How to Apply It in UCIT, Excerpts from University of Calgary IT Session. 5 June 2009, pp. 6. Available online: https://slideplayer.com/slide/1652467/ (accessed on 14 June 2022).
- Information Systems Audit and Control Association (ISACA). COBIT 5: A Business Framework for the Governance and Management of Enterprise IT; ISACA: Rolling Meadows, IL, USA, 2012. [Google Scholar]
- ISACA. COBIT® 2019 Framework: Introduction & Methodology; ISACA: Schaumburg, IL, USA, 2019; p. 19. [Google Scholar]
- Radovanovic, D.; Radojević, T.; Lucic, D.; Šarac, M. IT audit in accordance with Cobit standard. In Proceedings of the 33rd International Convention on Information and Communication Technology, Electronics and Microelectronics: MIPRO 2010, Opatija, Croatia, 25 May 2010; pp. 1137–1141. [Google Scholar]
- IT Assurance Framework (ITAF) Fact Sheet. Available online: https://www.isaca.org/-/media/files/isacadp/project/isaca/why-isaca/fact-sheets/itaf-fact-sheet_0318.pdf?la=en&hash=AC15112AAB593ED96DB4866B6622C5302EF87C35 (accessed on 8 June 2022).
- ITIL® 4: The Framework for the Management of IT-Enabled Services. Available online: https://www.axelos.com/certifications/itil-service-management (accessed on 10 June 2022).
- The TOGAF® Standard, 10th Edition. Available online: https://www.opengroup.org/togaf (accessed on 10 June 2022).
- The Committee of Sponsoring Organizations (COSO). Available online: https://www.csu.edu/internalaudit/cosoandcobit.htm (accessed on 10 June 2022).
- Val IT Framework. Available online: https://cio-wiki.org/wiki/Val_IT_Framework (accessed on 10 June 2022).
- International Organization for Standardization. Available online: https://www.iso.org/home.html (accessed on 10 June 2022).
- ISACA Standards, Guidelines, Tools and Techniques. Available online: https://www.isaca.org/en/resources/isaca-journal/issues/2020/volume-1/standards-guidelines-tools-and-techniques (accessed on 11 June 2022).
- The International Standards of Supreme Audit Institutions. Available online: https://www.intosai.org/fileadmin/downloads/documents/open_access/ISSAI_100_to_400/issai_200/issai_200_en.pdf (accessed on 11 June 2022).
- Chulani, S.; Williams, C.; Yaeli, A. Software development governance and its concerns. In Proceedings of the 1st international Workshop on Software Development Governance, Leipzig, Germany, 12 May 2008. [Google Scholar] [CrossRef]
- IT Audit Manual. AFROSAI-E Information Technology Audit Guideline, 1st ed. Available online: https://afrosai-e.org.za/wp-content/uploads/2019/07/IT-Audit-Manual-2017-1st-Edition.pdf (accessed on 1 June 2022).
- Sircar, S.; Nerur, S.P.; Mahapatra, R. Revolution or evolution? A comparison of object-oriented and structured systems development methods. MIS Q. 2001, 25, 457–471. [Google Scholar] [CrossRef]
- Chong, E. Auditing agile-a brave new world. ISACA J. 2016, 2, 1–6. [Google Scholar]
- Joshi, P.L. A review of Agile internal auditing: Retrospective and prospective. Int. J. Smart Bus. Technol. 2021, 9, 13–32. [Google Scholar] [CrossRef]
- Javanmard, M.; Alian, M. Comparison between agile and traditional software development methodologies. Cumhur. Univ. Fac. Sci. Sci. J. 2015, 36, 1386–1394. [Google Scholar]
- Agile Audit Practice, ISACA Now Blog. Available online: https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2017/agile-audit-practice (accessed on 6 June 2022).
- Mkoba, E.; Marnewick, C. Conceptual framework for auditing agile projects. IEEE Access 2020, 8, 126460–126476. [Google Scholar] [CrossRef]
- Gartner Research: Adopting Agile in Audit, Gartner, Inc. 2019. Available online: https://www.gartner.com/en/audit-risk/trends/agile-auditing (accessed on 9 August 2022).
- O’Donnel, J. Innovations in audit technology: A model of continuous audit adoption. J. Appl. Bus. Econ. 2010, 10, 11–20. [Google Scholar]
- Codere, D. Global Technology Audit Guide Continuous Auditing: Implications for Assurance, Monitoring, and Risk Assessment; The Institute of Internal Auditors: Altamonte Springs, FL, USA, 2005; p. 7. [Google Scholar]
- Vasarhelyi, M.A.; Teeter, R.A.; Krahel, J.P. Audit education and the real-time economy. Issues Account. Educ. 2010, 25, 405–423. [Google Scholar] [CrossRef]
- IEEE 1471-2000. IEEE Recommended Practice for Architectural Description for Software-Intensive Systems. Available online: https://standards.ieee.org/ieee/1471/2187/ (accessed on 8 August 2022).
- ISO/IEC/IEEE 42010:2011, Systems and Software Engineering—Architecture Description. Available online: https://www.iso.org/standard/50508.html (accessed on 8 August 2022).
- ISO and IEEE Publish New Edition of Standard for Architecture Description of Systems. Available online: http://www.iso-architecture.org/ieee-1471/pr-42010-2011-12.html (accessed on 8 August 2022).
- Kruchten, P. Architectural blueprints. The “4 + 1” view model of software architecture. IEEE Softw. 1995, 12, 42–50. [Google Scholar] [CrossRef] [Green Version]
- Górski, T. The 1 + 5 architectural views model in designing blockchain and IT system integration solutions. Symmetry 2021, 13, 2000. [Google Scholar] [CrossRef]
Attribute | Agile Audit | Traditional Audit |
---|---|---|
Focus | Defined value expectations | Audit objectives |
Engagement | Sequential | Linear stages |
Planning | Iterative and incremental | Master plan |
Ownership | Team-based | Internal audit team |
Findings | Collaborative discovery | Audit objectives |
Documentation | Rationalized | Detailed |
Resources management | Time-boxed | Dedicated |
Status updates | Iterative and incremental | Master plan |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Kirpitsas, I.K.; Pachidis, T.P. Evolution towards Hybrid Software Development Methods and Information Systems Audit Challenges. Software 2022, 1, 316-363. https://doi.org/10.3390/software1030015
Kirpitsas IK, Pachidis TP. Evolution towards Hybrid Software Development Methods and Information Systems Audit Challenges. Software. 2022; 1(3):316-363. https://doi.org/10.3390/software1030015
Chicago/Turabian StyleKirpitsas, Ioannis K., and Theodore P. Pachidis. 2022. "Evolution towards Hybrid Software Development Methods and Information Systems Audit Challenges" Software 1, no. 3: 316-363. https://doi.org/10.3390/software1030015