TEST PLAN
LECTURE 4 : WEEK 4
SEN 460
: FALL 2016
Concerns
Not enough training.
Us-versus-them mentality. Lack of testing tools.
Lack of management understanding/support of testing Lack of customer and user involvement
Not enough time for testing. This is common complaint. Over-reliance on independent testers
Inputs
Two inputs are used in developing the test plan:
Project plan.
This plan should address the totality of activities required to implement the project and control that implementation. The plan should also include testing.
Project plan assessment and status report.
DO PROCEDURES
The following six tasks should be completed during the execution of this step:
1. Profile the software project.
2. Understand the software project’s risks. 3. Select a testing technique.
4. Plan unit testing and analysis. 5. Build the test plan.
TASK1:PROFILE THE SOFTWARE PROJECT
This task can be divided into the following two subtasks:
1. Conduct a walkthrough of the customer/user areas.
1. Because testers represent the customer/users, they should have access to
the users of the system.
2. Two main purpose
1. to give an overview of the totality of activities users perform 2. to gain an appreciation of the how the software will be used
2. Develop a profile of the software project.
3. The primary objective of understanding the business responsibilities of
DEVELOPING A PROFILE OF THE
SOFTWARE PROJECT
The following is the profile information that is helpful
1. Project objectives
2. Development process 3. Customer/users
4. Project deliverables 5. Cost/schedule
6. Project constraints
7. Developmental staff competency 8. Legal/industry issues
9. Implementation technology 10. Databases built/used
TASK 2: UNDERSTAND THE
PROJECT RISKS
Reliability
Authorization
File integrity
Audit trial
Continuity of processing
Service level
Methodology
Correctness
Ease of use
Maintainable
Portable
Coupling
Performance
Ease of operation
RELIABILITY
Assurance that the application will perform its
intended function with the required precision
over an extended period of time. The
correctness of processing deals with the
ability of the system to process valid
transactions correctly, while reliability relates
to the system’s being able to perform
The level of accuracy and completeness expected in the
operational environment is established.
Data integrity controls are implemented in accordance with
the design.
Manual, regression, and functional tests are performed to
ensure the data integrity controls work.
The completeness of the system installation is verified.
The accuracy requirements are maintained as the
applications are updated.
AUTHORIZATION
Assurance that data is processed in accordance
with the intents of management
.
In an application system, there is both general and specificauthorization for the processing of transactions
.
General authorization governs the authority to
conduct different types of business, whereas
The rules governing the authorization of transactions are defined.
The application is designed to identify and
enforce the authorization rules.
The application implements the authorization rules.
Unauthorized data changes are prohibited during the installation process.
The method and rules for authorization are preserved during maintenance.
File Integrity
Assurance that the data entered into the application
File Integrity
Requirements for file integrity are defined.
The design provides for the controls to ensure
the integrity of the file.
The specified file integrity controls are
implemented.
The file integrity functions are tested to ensure
they perform properly.
The integrity of the files is preserved during the
Audit Trial
The capability to substantiate the
processing that has occurred. The
processing of
data
can be supported
through the retention of sufficient
evidential matter to substantiate the
accuracy, completeness, timeliness,
and authorization
of data. The process of
Audit Trial
The requirements to reconstruct processing are defined.
The audit trail requirements are incorporated
into the system.
The audit trail functions are tested to ensure the
appropriate data is saved.
The audit trail of installation events is recorded.
The audit trail requirements are updated during
Continuity of Processing
The ability to sustain processing in the
event problems occur. Continuity of
processing ensures that the necessary
procedures and backup information are
available to recover operations should
integrity be lost.
Continuity of processing includes the
timeliness of recovery operations and the
ability to maintain processing periods when
Continuity of Processing
The impact of each system failure is defined.
The contingency plan and procedures have been
written.
Recovery testing verifies that the contingency
plan functions properly.
The integrity of the previous systems is ensured
until the integrity of the new system is verified.
The contingency plan is updated and tested as
Service level
Assurance that the desired results will be available
within a time frame acceptable to the user.
To achieve the desired service level, it is
necessary to match user requirements with
available resources.
Resources include input/output capabilities,
Service level
The desired service level for all aspects of the system
The method to achieve the predefined service levels
The programs and manual systems are designed to
Stress testing is conducted to ensure that the system
service level when both normal and above normal
A fail-safe plan is used during installation to ensure
The predefined service level is preserved as the
Access Control
Assurance that the application system resources will be
protected against accidental and intentional
modification, destruction, misuse, and disclosure.
Access Control
Access to the system is defined.
The procedures to enforce the access rules are designed. The defined security procedures are implemented.
Compliance tests are utilized to ensure that the security
procedures function in a production environment.
Access to the computer resources is controlled during
installation.
The procedures controlling access are preserved as the
Any Questions !!!
END OF LECTURE
