Conducting Audits

Code Insight 6.14.2 SP2

Code Insight provides a process that allows the owner to select a project auditor, and the progress of the audit can be managed as part of the project workflow.

After a project is completely defined by an owner and the policies are reviewed with respect to the new project by the policy administrator, the selected project auditor is assigned a task to conduct an audit for the project codebase.

The auditor is responsible for running scans for the workspaces associated with the project, as well as analyzing results and building project inventory based on forensic evidence and automatic OSS component version detection.

Once the project audit is completed by the auditor, the task is closed allowing the project to obtain a compliant status (assuming all detected inventory is compliant as well).

The activities associated with performing a code audit and analysis, as well as publishing project inventory items are detailed in Auditing and Analysis Overview.