Why (NOT) Code Reviews?
Code reviews is not the most beloved verification method for a developer (in the end of the day it makes you proof-read others code, and everyone knows that all code other than yours is not good enough - #irony). But remember that Code Reviews are one of the most cost-effective verification methods available: Fixing a bug in software while developing it is way much cheaper than fixing it after the formal testing phases begin (several studies on the subject can be found - just "google" for it).Also, things that we should bear in mind before we start complaining about having to do code reviews are:
- There are things that are much easier to verify looking at the code directly (e.g. correct use of RDBMS transactions) than by integration / system testing. "White box" rules here and saves us hours (as a team - because on some cases we are saving testers' time).
- For some critical parts of your code it might be a good idea to have them being checked (read: code reviewed) prior to any deployment to production, e.g., code involved in authentication, authorization, money transfers, etc..
Code Reviews in your QMS/SDP
Your QMS/SDP might have a Verification Process defining a code review procedure on how to conduct code reviews (see "Further Reading"). And how metrics related to code reviews are to be collected (and when, and by whom). Examples are: code review speed, preferably per technology; number of defects detected, number of defects fixed, defect fix cost - e.g. in minutes, etc.And What About Supporting Tools?
So in order to "reap the benefits" (read: improve SW Quality and save money), give the developer teams a help by supporting the procedure with tools. For instance: Crucible (a plugin to Atlassian JIRA). Or any other. Anything other than making people use printed code and / or word processor annotated documents.Further Reading
Examples (permissions could apply; INTERNAL):- Example of a QMS Verification Process (Supporting Processes): https://quality.critical.pt/QMS%20PT/SUP-support/SUP-03-verification/CSW-QMS-2002-PCS-0354-verification.pdf#search=crucible%20guidebook
- Example of Code Review Support Tool Guidebook: https://quality.critical.pt/QMS%20PT/SUP-support/SUP-03-verification/CSW-QMS-2002-PCS-0354-verification.pdf#search=crucible%20guidebook
- Example of a code review under Crucible: https://crucible.critical.pt/cru/ATG-5#CFR-11408