Having an open communication channel with the project team is useful to clarify any assumptions in specification, documentation, implementation, or discuss interim findings.
- Findings may also be shared with the project team immediately on a private repository to discuss impact, fixes and other implications.
- If the audit spans multiple weeks, it may help to have a weekly sync up call. A counterpoint to this is to independently perform the entire assessment so as to not get biased by the project team’s inputs and opinions.
- Open Communication Channel
- Clarify Assumptions
- Discuss Findings/Impact/Fixes
- Update Status