I've been in charge of code reviews at work for about six months now. A few random points:
- Before the code review, the code should be pushed through Perl::Tidy and Perl::Critic according to your internal coding standards. This avoids wasting time arguing about code layout and basic style issues. If you find things in a code review that were not detected by Perl::Critic, see if you can tweak your Perl::Critic policies to find them next time.
- The code review must be in writing. Otherwise, there is no proof it has been performed.
- Most of the code review work should be done before the code review meeting.
- Have at least two code reviewers.
- Take a look a Fagan Inspections. Though probably more formal than you want, you should get some good code review ideas from this well-respected method.
According to Karl Wiegers, the Seven Deadly Sins of Software Reviews are:
- Participants don't understand the review process.
- Reviewers critique the producer, not the product.
- Reviews are not planned.
- Review meetings drift into problem-solving.
- Reviewers are not prepared.
- The wrong people participate.
- Reviewers focus on style, not substance.
Some useful code review links:
Updated 23-June: Added "Seven Deadly Sins of Software Reviews" and associated links.