Scope creep is the uncontrolled expansion of a project’s scope, which can result in delays, cost overruns, and quality issues. To mitigate the risk of scope creep, an IS auditor should look for projectchange management controls, which are processes and procedures for managing changes to the project’s scope, schedule, budget, and quality. Project change management controls ensure that changes are properly requested, approved, documented, communicated, and implemented. Source code version control, existence of an architecture review board, and configuration management are also important for software development, but they do not directly address the risk of scope creep. References: ISACA Frameworks: Blueprints for Success, Project Management Institute: A Guide to the Project Management Body of Knowledge
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit