Code audits are one of the main things Zao offers to our clients. Many of our clients are strategically looking at how they can expand their businesses, and a crucial aspect of that is making sure their technology is not hindering their growth.
There’s a lot of muddled information about what a code audit should look like, and many clients start their search for a code audit without any idea of what to expect, what questions to ask, or what they should be looking for when vetting developers to do the job.
Are you looking for a code audit? Here’s what you need to know and ask before you sign that check:
Code Audit Questions Clients Need to Ask
— What is the final deliverable I can expect from this audit?
Depending on your developer, the final deliverable can range from a simple confirmation that everything is working as it should to an in-depth delivery document that details what is working, what isn’t, and appropriate recommendations for improvement.
Nowadays, we all research what we’re spending our money on before we pay up. Whether that research is looking at Yelp reviews of local restaurants or comparing the best and the worst Amazon reviews on new products, we want to make sure we’re getting the best bang for our buck. So often, though, clients don’t ask what they can expect to receive when it comes to code audits.
Maybe you just want a developer to look things over and confirm if everything is solid. That’s great! If you find a developer that will simply send over an email with a 👍🏼 and “Everything’s cool,” then they’re a good choice for you!
If you’re looking for a more intensive analysis of your current code, you’ll want to find a developer who provides that. Since there’s no industry standard on what deliverable comes with a code audit, you’ll need to investigate to find the developer that is providing what you want.
Here at Zao, our code audits come with an exhaustive document that assesses our clients’ current technology with a specific eye on their needs and challenges, and includes recommendations that pragmatically account for budget, time, and priority.
We also provide a timeline that, should the client choose to work with us on implementing those recommendations, gives a realistic perspective on how long it will take for those technical goals to be accomplished. Lastly, we detail in each recommendation how and why this change adds value to our clients’ businesses.
— What kind of code do you audit?
Investigating the details of what to expect from your code audit is vital because some developers only offer specialized code audits. Some developers exclusively audit plugins, themes, or apps, whereas others are focused on auditing detailed eCommerce integrations or your entire site.
If you know you’re looking for a specific kind of code audit, finding a developer who specializes and focuses on that kind of development is key. If you’re looking for a full site audit, but the developer you’ve contracted with focuses specifically on auditing Genesis themes, you may not get the most effective and comprehensive audit that you need.
— Can you provide more details on code audits you’ve done? Do you have a sample I can look at?
When you find out more about the scope of a developer’s experience and take a look at a code audit sample, you’ll get a better understanding what the end deliverable will be–even beyond the initial response. You’ll get a better idea of how your developer tackles code audits and communicates the end result.
This information is crucial, as it helps you understand what to expect of your developer, and can help you find a developer who communicates in a way that works best for you.
— What kinds of clients have you worked with in the past?
Most developers have worked with companies that span a broad range of industries, and can tackle projects in unfamiliar industries like a champ. However, knowing if their experience includes working with companies in your particular niche helps you know whether or not you’ll need to explain specific industry nuances to them.
Your technology needs to meet your business’ needs, and those can vary slightly from industry to industry. Knowing your developer’s history with your industry can help you determine what kind of crucial information you need to communicate–or whether your developer is already in a position to take on those challenges without extra explanation.
In an initial introduction, everyone is on their best behavior.
Job interviews are like dating. As Chris Rock says, “When you meet somebody for the first time, you’re not meeting them, you’re meeting their representative.” You need to know what red flags to look for when seeking out a developer–and how to look past the friendly representative to make sure it’s going to be a good fit.
— A dev who doesn’t ask questions
If you’re talking with a developer about a code audit (and potentially more work beyond that) and they don’t ask detailed questions about what you’re looking for, what your current technology is, what kind of pain-points you’ve experienced, and more, you have a problem.
You want a developer who is invested in your company’s success, in solving your technical problems, and bringing value to your business. A developer who doesn’t ask questions isn’t going to know what you need, nor have the full understanding required to adequately assess what is going on with your site.
That’s one of the reasons that we ask detailed questions and make sure we know exactly where our clients are coming from. We want to make sure that we have specific notes on what to look for and what they’re trying to accomplish with their technology. Even if our clients don’t have the technical savvy to articulate what they need done, by knowing their goals, their struggles, and their technical history, we can help by capitalizing on our technical knowledge to come up with creative solutions.
— A dev who can’t tell you in concrete, clear terms what you’re going to get
There’s a reason asking about the deliverable is so important. Code audits, without planning, can beget intangible results. Unlike design, there’s no Photoshop mockup, or unlike copywriting, there’s no first draft. If a developer isn’t willing to say, “Here is the end result you can expect from me,” it’s a huge red flag.
Your developer needs to be able to set your expectations accordingly. You need to know what you are paying for at the end of this–and a developer who cannot tell you what you are getting for your money is not one you should hire.
We know vetting developers who, as far as you may be concerned, basically work magic on the internet, can be stressful. It doesn’t have to be, though. Now that you’re armed with these questions and red flags to look out for, you can assess which developer is going to be able to provide the code audit you need.
Have any other questions about code audits that we haven’t covered? Drop ‘em in the comments; we’re here to help!