Independent Verification and Validation (IV&V) helps to assure quality by providing an objective second opinion during project implementation.  Verification evaluates whether a product, service or system is accurate based on written specification, requirements, regulations or other conditions.  Validation certifies that a product, service or system accomplishes its intended purpose.

Traditionally, IV&V is conducted for software, with established processes used to verify and validate software to specified software integrity levels; however, IV&V can also be conducted for plans, processes, projects and products beyond software components, assuring quality throughout all parts of a system.

Approach

IBG's approach to Independent Verification and Validation (IV&V) services expands beyond software verification and validation to cover system V&V, financial auditing, quality assurance and risk management.  Using a proven, standards-based framework, IBG provides a low-risk approach, while allowing flexibility to adapt to project requirements and constraints. 

IBG's approach is hands-on.  IBG understands that direct interaction with a system as well as its developers is required to fully understand how it works and satisfies requirements.  IBG does not provide "rubber-stamp" or "robo-sign" approvals of design and test documentation, holding system developers to the same quality standards that would be expected of IBG-developed systems.  

Framework

IBG's IV&V framework is based on a foundation of the IEEE 1012-2004 Software Verification & Validation standard, which address IV&V activities throughout the software design life cycle (SDLC). 

IBG's framework expands coverage beyond software to cover additional non-software processes, project and product components, incorporating methods and best practices from disciplines such as risk management and business process re-engineering.  In IBG's framework, the granularity of IV&V tasks depends on the integrity level required of the system being developed, which is in turn based on system security, mission criticality, information privacy and other considerations.

IBG's framework is adaptable, allowing IBG personnel to develop tools and templates as required to facilitate the assessment of artifacts delivered for evaluation.  IBG's framework in turn produces artifacts to aid in the delivery of products that are compliant with the project technical and contractual requirements.

IBG's framework identifies flaws, deviations, risks or errors as early as possible--when they are easier and more cost effective to correct.  The framework can be used to accomplish system IV&V by examining the correctness, completeness, compliance, consistency, reliability, and maintainability at each step in the process. 

Standards

IBG's approach to IV&V and framework are based on international standards and best practices including:

• ISO 9001:2008 Quality management systems — Requirements, ISO/IEC 12207:2008 Software Life Cycle Processes
• IEEE 1012-2004 Software Verification and Validation, IEEE 829-2008 Software Test Documentation, ANSI/IEEE 1008-1987 Software Unit Testing, IEEE 1028-2008 Software Review and Audits
• CMM (Capability Maturity Model)
• ASQ standards
• Because applicable IV&V standards do not always exist in specific industries, IBG borrows and adapts standards and best practices from other industries as necessary. 

Services

IBG's IV&V services include the following:

• Concept documentation evaluation
• Process review
• Traceability analysis
• Source code and source code documentation evaluation
• Interface analysis
• Criticality analysis
• Test case generation
• Test plan review
• Test procedure generation and review
• Test execution
• Quality assurance analysis
• Hazard analysis
• Security analysis
• Risk analysis
• Regression test analysis
• Production readiness analysis
• Metrics analysis
• Training process analysis
• Installation configuration audit
• Release management analysis
• Lessons learned analysis
• Security compliance

Benefits

IBG IV&V services provide the following benefits:

• A standards-based approach that complies with regulations, legislation, accepted best practices and procedures
• A flexible and adaptable framework that evolves to meet system needs
• Low-risk proven methods for conducting IV&V, QA and security audit tasks
• A holistic and comprehensive approach that addresses IV&V for system components beyond just software
• IV&V specialists and analysts who also hands-on experience building systems
• Insight into product and project risk, allowing early detection and correction of defects