Would this be excellent advice for computerization efforts ?

Question:What would the motive be for a "rogue staff member" to endanger the lives of people? Banking software is a bit of a different proposition: the motive in that case is that if you can inject a trojan into the software you can potentially make millions of dollars. The same kind of incentive isn't there in your case.

Code reviews can help, to a point. But the kinds of code reviews you're talking about would impair productivity by a factor of 10x or 20x, and there's STILL no guarantee that you're going to get a working system when you're done.

Logging really doesn't do much. If you're going to fudge the results, you're going to fudge the logs too. There's no way I can think of to effectively protect log files any more than there is to protect the data. The only real use of log files that I can think of is that they allow mistakes to be retroactively corrected. (e.g. incorrectly executed bank deposits over a period of months).

Best Answer - Chosen by Asker: What would the motive be for a "rogue staff member" to endanger the lives of people? Banking software is a bit of a different proposition: the motive in that case is that if you can inject a trojan into the software you can potentially make millions of dollars. The same kind of incentive isn't there in your case.

Code reviews can help, to a point. But the kinds of code reviews you're talking about would impair productivity by a factor of 10x or 20x, and there's STILL no guarantee that you're going to get a working system when you're done.

Logging really doesn't do much. If you're going to fudge the results, you're going to fudge the logs too. There's no way I can think of to effectively protect log files any more than there is to protect the data. The only real use of log files that I can think of is that they allow mistakes to be retroactively corrected. (e.g. incorrectly executed bank deposits over a period of months).

. Sounds good to me.