[1] "Software product" mostly, but not exclusively, refers to some kind of technical document.
1028[2] offers a list of 32 "examples of software products subject to audit", including documentary products such as various sorts of plan, contracts, specifications, designs, procedures, standards, and reports, but also non-documentary products such as data, test data, and deliverable media.
The term "software audit review" is adopted here to designate the form of software audit described in IEEE Std.
"The purpose of a software audit is to provide an independent evaluation of conformance of software products and processes to applicable regulations, standards, guidelines, plans, and procedures".
[3] The following roles are recommended: The following principles of an audit should find a reflection:[4] This list of audit principles for crypto applications describes - beyond the methods of technical analysis - particularly core values, that should be taken into account Parts of Software audit could be done using static analysis tools that analyze application code and score its conformance with standards, guidelines, best practices.