0

On the Difference Between an Audit and an Assessment

“Audits” and “Assessments” may appear similar, but they are substantially different

One of the fundamental tasks of quality management is a systematic evaluation to the adherence of quality aspects. Typically, one or several national and international institutions applies to any given discipline, such as product design and development. Currently, Automotive SPICE (see http://www.automotivespice.com), led by the German auto manufacturers association VDA (https://www.vda.de/en.html), is arguably one of the most relevant standards in software and systems development.

In this context, terms “audit” and “assessment” are distinct. The “Automotive SPICE Assessment Model”, a supplementary document to Automotive SPICE standard,  provides the following definitions:

Audit: An evaluation of work products and processes against specifications, standards, processes or other agreements, generally carried out on the basis of check lists.

Assessment: A formalized and standardized evaluation of the processes of an organizational unit against a reference model (the “process reference model”). The assessor’s experience is used in the assessment, depending on the situation.

While neither audits nor standards can possibly be fully objective, assessments tend to have more standardized rating schemes, such as ranks (e.g., “none-partially-mostly-fully,” etc.) Audits tend to be “black vs. white” outcome ratings, not unlike test cases (which are rated either passed or failed).

Neither the VDA’s standard, nor my attempt to refine it, satisfy me, since definitions may still appear too vague (terms like “usually” or “generally” are not too helpful).

I am therefore proposing a clearer and less general distinction:

  • audits are based on the quality manager’s checklist, while
  • assessments are based on formal standards and reference models.

While still imperfect, that kind of definition leaves less space to rhetorical argument and the simplicity of it appears hard to top.

Note that having a (possibly comprehensive) checklist does not necessarily suffice. The intention, stylistic aspects, internal policies, and other numerous characteristics determines the effectiveness of any checklist.

Also, standards like Automotive SPICE or any other given standard, like CMMI or functional safety standard ISO 26262, are naturally subject to interpretation and – even worse – corporate politics.

The most important aspect of them all is the professional skill and the experience of the quality manager. Otherwise, as a popular proverb goes: “A fool with a tool is still a fool,” which is often accredited to the renowned computer scientist Grody Booch and can be applied to any standard or checklist.

_____________________________________________________________

About the Author

Roman MildnerRoman Mildner, Certified Project Manager (PMP) and member of the United Mentors Network (UMN), has worked in the IT industry since 1992 and an independent consultant and project manager since 1998. His professional offering includes IT strategy consulting, project management and process improvement. For more details, please visit his UMN page.

Leave a Reply

Login if you are a registered user.




*