Auditing is included in some definitions of configuration management. An
audit ensures that the product�the configuration item released for use�fulfills
the requirements and is complete as delivered.
This includes configuration
management information, so that everything required is delivered in the expected
versions and that the history of each item can be thoroughly accounted for. This
activity area is not considered part of configuration management in this book.
It's viewed as an activity area under general quality assurance, which partly
concerns the products and partly the processes, rather than a configuration
management activity area.
This may be a controversial point of view, but the idea of audits is a legacy
from the Department of Defense origin of configuration management. Today there
is a much broader understanding in the software industry of the importance of
quality assurance and, therefore, also of configuration management.
Auditing uses configuration information extensively in the form of status
reports, but it also uses quality assurance techniques and methods, such as
reviewing and test. In practice, people involved in configuration management
also carry out the audit.