Introduction
  簡(jiǎn)介
  The very term auditor and audit makes many of us feel uncomfortable. Many industries have independent inspectors and auditors. As function points become more widely used and become a more important part of decision making, those using the function point counts will want them independently reviewed and audited. Auditing is the process by which a competent, independent person accumulates and evaluates evidence about quantifiable information related to a specific entity for the purpose of determining and reporting on the degree of correspondence between the quantifiable information and established criteria.
  一說起審計(jì)師和審計(jì)，我們中的許多人都會(huì)感到不安。如今，許多行業(yè)都有獨(dú)立的監(jiān)察員和審計(jì)師。隨著功能點(diǎn)算法應(yīng)用日漸廣泛，并成為決策支持的重要組成部分時(shí)，那些使用功能點(diǎn)估算的結(jié)果需要被獨(dú)立復(fù)審和審計(jì)。審計(jì)是一個(gè)由權(quán)威、獨(dú)立的專業(yè)人士，收集和評(píng)估特定實(shí)體的大量信息證據(jù)，并根據(jù)這些大量信息和已建立的標(biāo)準(zhǔn)之間的吻合程度進(jìn)行決策和匯報(bào)的過程。
  Like other industries that have prescribed guidelines (such as accounting), independent auditors can provide valuable feedback on the actual function point count and the overall function point counting process. An function point auditor should be independent, but an auditor can be still be inside your company, perhaps part of your metrics team, or they can be an independent third party.
  和其他有既定指導(dǎo)方針的行業(yè)（如會(huì)計(jì)業(yè)）一樣，獨(dú)立的審計(jì)師可以對(duì)實(shí)際功能點(diǎn)估算和整個(gè)功能點(diǎn)估算過程提供很有價(jià)值的反饋。原則上審計(jì)師應(yīng)該是獨(dú)立的，但仍可來自企業(yè)內(nèi)部，可以是你的度量團(tuán)隊(duì)中的一部分，也可以來自是獨(dú)立的第三方團(tuán)隊(duì)。
  To do an audit of any kind, there must be information in a verifiable form and some standard (hopefully IFPUG 4.0) by which the auditor can evaluate the information. The auditor may go to the business premises to examine records and obtain information about the reliability of the function point counts. On the other hand, there may be adequate information that can be sent to the function point auditor that can be reviewed off site.
  任何一項(xiàng)審計(jì)都必須有可證實(shí)的信息和一些標(biāo)準(zhǔn)（最好是IFPUG 4.0）做為評(píng)估的依據(jù)。審計(jì)師可能會(huì)做一些商業(yè)假設(shè)來審核記錄，并獲取功能點(diǎn)估算的可靠性信息，另一方面，審計(jì)師也需要足夠多的信息，以便離開評(píng)估點(diǎn)現(xiàn)場(chǎng)后仍可以復(fù)審。
  Accumulating and Evaluating Evidence
  收集和評(píng)估證據(jù)
  Reviewing a function point count to insure IFPUG 4.0 counting guidelines were followed would be considered a compliance audit. The purpose of a compliance audit is to determine whether the function point counts follow specific procedures and guidelines set down by the IFPUG Counting Practices Committee. The results of a compliance audit are generally reported to someone within the organizational unit being audited rather than to a broad spectrum of users.
  審核功能點(diǎn)估算過程以確保其遵守了IFPUG 4.0 估算指導(dǎo)方針被稱之為兼容性審計(jì)。兼容審計(jì)的目的是審核功能點(diǎn)估算是否遵守IFPUG估算實(shí)踐委員會(huì)制定的每個(gè)程序和操作規(guī)程。其結(jié)果通常被匯報(bào)給被審計(jì)的組織單位里的某個(gè)人，而不是大多數(shù)用戶。
  Evidence is defined as any information used by the auditor to determine whether the function point count being audited is in compliance with IFPUG guidelines. Evidence can take many different forms, the function point count, system documentation, conversations with developers and users, and interviews with individuals that conducted the original count. The auditor gathers evidence to draw conclusions.
  證據(jù)即審計(jì)師用于決定被審計(jì)的功能點(diǎn)估算是否遵守IFPUG指南的所有信息。證據(jù)有很多種表現(xiàn)形式，如功能點(diǎn)數(shù)據(jù)，系統(tǒng)文檔，和開發(fā)人員、用戶的交談信息，和執(zhí)行最初估算的人的面談信息等。審計(jì)師收集證據(jù)并由此分析出結(jié)論。
  Of course the function point count itself can be used as evidence, but using the function point count alone would be severely inadequate. It is impossible to determine the accuracy of a function point count without evaluating additional evidence.
  當(dāng)然，功能點(diǎn)數(shù)據(jù)本身也可以做為證據(jù)，但只使用功能點(diǎn)數(shù)據(jù)是遠(yuǎn)遠(yuǎn)不夠的。想單純使用功能點(diǎn)數(shù)據(jù)而不評(píng)估其他證據(jù)就得到正確的功能點(diǎn)估算是不確實(shí)際的。
  If an auditor was given the task of auditing a company with 500,000 function points it would be impossible to review every count. The auditor may select only 20 or 30 applications to actually audit. The actual sample size will very from auditor to auditor and audit to audit. The decision of how many items to test must be made by the auditor for each audit procedure. There are several factors that determine the appropriate sample size in audits. The two most important ones are the auditors' expectations of the number of errors and the effectiveness of the clients internal function point counting procedures. The suggested procedures at the end of this document can help in determining both of these criteria.
  比如,如果一個(gè)審計(jì)師接到一個(gè)有500000個(gè)功能點(diǎn)的公司的審計(jì)任務(wù)，那他就不可能逐一審計(jì)每個(gè)功能點(diǎn)。這時(shí)候，審計(jì)師會(huì)只選擇20到30個(gè)應(yīng)用去做實(shí)際審計(jì)。實(shí)際審計(jì)樣本的大小因人而異，且每次審計(jì)都會(huì)有所不同。其數(shù)量必須由每個(gè)審計(jì)師針對(duì)每次審計(jì)決定。樣本大小選取的合理性取決定于幾個(gè)因素，其中最重要的兩個(gè)因素是審計(jì)師對(duì)錯(cuò)誤數(shù)量的預(yù)期和客戶內(nèi)部功能點(diǎn)估算程序的有效性。本文最后建議的20步曲可以有效幫助你決定這兩個(gè)因素。
  Additionally, the evidence must be pertain or be relevant to the audit. The auditor must be skilled at finding areas to test or review further. For example, the auditor may determine during conversations that their was some confusion about external inputs and external interface files. In this case, the auditor would review the actual system documentation and the function point count to insure that the all the external input and external interface file were treated correctly. Another example, would be that the function point counter had never counted a GUI application. The auditor would review a series of screens and determine if the original counter had correctly counted such items as radio buttons, check boxes, and so on.
  另外，證據(jù)必須依附于審計(jì)或和審計(jì)相關(guān)。審計(jì)師必須擅長(zhǎng)發(fā)現(xiàn)那些要進(jìn)行驗(yàn)證或進(jìn)一步復(fù)審的區(qū)域。比如，審計(jì)師在交談中發(fā)現(xiàn)外部輸入和外部接口文件有混淆，在這種情況下，審計(jì)師應(yīng)復(fù)審實(shí)際系統(tǒng)文檔和功能點(diǎn)估算，以確認(rèn)所有的外部輸入和外部邊界文件都正確處理。另一個(gè)例子，可能功能點(diǎn)估算人員從沒做過GUI應(yīng)用估算，這時(shí)，審計(jì)師應(yīng)復(fù)查一系列的頁面屏幕，以保證如radio boxes,check boxes等這些項(xiàng)都估算正確。
  The evidence must be considered believable or worthy of trust. If evidence is considered highly trusty worthy, it is a great help in assisting the auditor with a function point audit. On the other hand, if the evidence is in question such as incomplete documentation (or old documentation) then the auditor would have to scrutinize these areas of the count more closely. Additionally, the auditor should make note in the final report of any evidence they requested and the client was not able to provide.
  證據(jù)必須是可信的或令人信服的。如果證據(jù)被認(rèn)為高度可信，將大大有利于審計(jì)師的功能點(diǎn)。另一方面，如果證據(jù)是可疑的，比如不充分的文檔記載或舊的文檔，則審計(jì)師將不得不深入仔細(xì)地審核這些地方。另外，審計(jì)師應(yīng)在最終報(bào)告中說明有哪些證據(jù)是他們要求，而客戶不能提供的。
  All evidence should be evaluated based upon valuation, completeness, classification, rating, mechanical accuracy, and analytical analysis.
  所有證據(jù)都應(yīng)該在評(píng)價(jià)（valuation）、完整性（completeness）、分類（classification）、分級(jí)（rating）、機(jī)械準(zhǔn)確性（mechanical accuracy）和類比分析（analytical analysis）的基礎(chǔ)上被評(píng)估。
  Valuation: The objective deals with whether items included in the function point count should of been included. Perhaps the original function point count included additional transactions or files that should not of been included.
  評(píng)價(jià)（Valuation）：目的是確定功能點(diǎn)估算中包含的檢查項(xiàng)是否該包含。有可能最初的功能點(diǎn)估算包含了多余的事務(wù)或不應(yīng)包含的文件。
  Completeness: The objective deals with including all transactions and files in the final function point count. It is important that the application team review the final function point count to insure all transactions and files have been included. The valuation and completeness objectives emphasize opposite audit concerns. Valuation deals with potential overstatement and completeness with unrecorded transactions and files.
  完整性（Completeness）：目的是將所有事務(wù)和文件包含進(jìn)最終的功能點(diǎn)估算。應(yīng)用小組復(fù)審最終的功能點(diǎn)估算以確保包含了所有的事務(wù)和文件,這點(diǎn)非常重要。評(píng)價(jià)和完整性分別強(qiáng)調(diào)審計(jì)的兩個(gè)相反的關(guān)注點(diǎn)。評(píng)價(jià)處理那些可能出現(xiàn)的多余事務(wù)或文件，而完整性則處理不被包含的事務(wù)和文件。
  Classification: Classification involves determining whether all transactions and files have been correctly classified. It is important to make sure the external input and external interface file have been classified correctly for example.
  分類（classification）：分類決定所有的事務(wù)和文件是否被正確分類。比如說確保所有的外部輸入和外部接口文件都已經(jīng)被正確分類就非常重要。
  Rating: This objective deals with determining if the transactions and files were appropriately ranked as low, average or high. To complete this objective a detail examination of the data elements and files referenced.
  分級(jí)（rating）：分級(jí)決定所有的事務(wù)和文件是否被正確的劃分為低、中、高三個(gè)等級(jí)。為達(dá)到這一目標(biāo)，詳盡的數(shù)據(jù)元素和文件的檢查是值得借鑒的手段。
  Mechanical Accuracy: Testing the mechanical accuracy involves rechecking a sample of the computations and transfers of information from one document to the next. Rechecking of computations consists of testing the original function point counters arithmetical accuracy. This is most important if an automated tool was not used while counting function points.
  機(jī)械準(zhǔn)確率（echanical Accuracy）：檢測(cè)機(jī)械準(zhǔn)確率包括審核樣本的計(jì)算結(jié)果是否正確及信息各文檔中的傳遞是否正確。復(fù)查計(jì)算結(jié)果包含最初功能點(diǎn)數(shù)學(xué)計(jì)算正確性的驗(yàn)證，如果在計(jì)算功能點(diǎn)的時(shí)候沒使用自動(dòng)計(jì)算工具，這個(gè)驗(yàn)證就必不可少。
  Analytical Analysis: This procedure is another way that a function point count can be validated. For example, the ratio of external inputs, external output, external inquiry, internal logical file, and external interface file can be compared with other applications meeting similar business needs. Also, the general system characteristics can be reviewed and compared to similar applications. Analytical procedures should be performed early in the audit so to help the auditor determine areas that need to be more thoroughly investigated.
  類比性分析（analytical Analysis）：這個(gè)步驟是另一種驗(yàn)證功能點(diǎn)估算的方法。舉個(gè)例子，外部輸入、外部輸出、外部查詢、部邏輯文件，和外部借口文件的比率是可以和其他相近商業(yè)目的的應(yīng)用進(jìn)行類比。同樣，通用的系統(tǒng)功能的復(fù)審也可以和相似的應(yīng)用進(jìn)行比較。該步驟應(yīng)在審計(jì)的早期進(jìn)行，以便審計(jì)師可以決定哪些關(guān)鍵區(qū)域需要更透徹的審查。
  Before an audit or validation of a function point count can take place a procedure should be in place to evaluate a the count(s). A procedure, at a minimum, should cover all the areas mentioned above. The procedure does not have to be a rigid document that is followed, but a guideline to conduct the audit. At the end of this article is a 20 step procedure that should assist anyone with developing their own guidelines or with auditing a function point count.
  在審計(jì)或功能點(diǎn)估算驗(yàn)證進(jìn)行之前，都應(yīng)該有一套程序支持。這套程序最低限度應(yīng)該涵蓋以上提到的四個(gè)領(lǐng)域。它不必是一個(gè)人人必須遵守的嚴(yán)格文檔，但它是審計(jì)師執(zhí)行審計(jì)的指導(dǎo)方針。在本文最后提供的“功能點(diǎn)估算審計(jì)20步曲”可以幫助審計(jì)師編寫自己的指導(dǎo)方針，也可以協(xié)助他們執(zhí)行功能點(diǎn)估算審計(jì)。
  （待續(xù)）