This is a debatable topic. Different people have different opinions about the code reviews. Some people think code review task does not add any value to the customer. You can't say that I spent 300 hours reviewing the code because customer does not understand and does not care as long as he/she gets what he/she wanted. Also, some people will not feel comfortable having peer programmers reviewing their code. That said, there are people who think code review is important; it helps find the bugs, subtle design issues also helps find the impacts of the code change in a huge existing system.
So both categories of people are right here, because several parameters are considered before saying if the code review is really needed. Consider for example a team where programmers are in different experience levels and the software system the team is dealing with is legacy system. Relatively modifying the legacy code written by somebody else some time back with no good documentation, comments is prone to pose the impacts on software functionality if the code changes are not reviewed with someone who understands the design of the entire system. So these are just few parameters that I'm mentioning and it varies between team to team and nature of the project in hand.
There are third category of people who think that its programmers responsibility to code it perfect from quality perspective. The review sometimes does not guarantee that all the software defects/impacts are found. It’s the programmer who is coding has to gather as much information as the programmer wants to better understand the existing as well as the system before changing something in the system. Of course this takes a while for newbie programmers to be expert programmers or coders. This can be achieved with coaching the team members about coding, system and the domain.
Then who are the best reviewers? Is it somebody other than who coded? How difficult is the code review task? Why is code review really needed? Answers to these questions have to be found before taking up the reviews. The best person to review is the one who has knowledge about the entire software system, including sub-systems. Based on the past experiences of the nature of issues found in the system, the reviewer thinks towards if there is chance of something not working or a problem with the code that makes it not function with other sub-systems or if there is any security vulnerability or loop hole in the code.
So it does make sense to define the review focus. Of course the review can focus on several aspects, but based on the nature the software and its past performance; the review focus should be defined. For example, for legacy system, it’s about finding the impacts, for network related software, the review focus will be on finding security vulnerable etc. In my opinion, review is required; however, the review focus has to be defined. Review is a tough task sine the reviewer has to put himself into the mind of the programmer who coded and then think how the code is going to work.
