Unit III

Life Cycle Testing Approach

Requirement Testing
The most cost effective phase in which to detect a
system flaw.
Testing the system requirement increase the probability
that the requirement will be good one.
Requirement are properly recorded
Correctly interpreted by the information services
project team.
Recorded in accordance with the departments
guidelines, standards and procedure.

OBJECTIVES
Determine that the requirements fairly represent what the user
needs
Determine that the needs have been defined and documented
Verify that a cost/benefit study has been performed and that it
is reasonable
Determine that the business problem has been solved
Verify that the control requirements have been specified
Verify that a reasonable process was followed in developing
the business solution
Verify that a reasonable alternative was selected among the
most probable alternative solution

CONCERNS

Take Higher-caliber person to perform the test

Requires new testing methods
Continue until requirements are complete
Management review occur after requirement
phase is complete(senior management).
Recommended test process outlined on the 15
requirements phase test factor and the test
concerns for each factor

WORKBENCH
DO

CHECK
REWORK

Project
Deliverables
Defining
Req.

Task 1
Prepare Risk
Matrix

Task 2
Perform Test
Factor Analysis

Task 3

Req. Gathering
Process

Conduct a Req.
Walkthrough

Req. accurate
&
complete

Test Report

INPUT
Business problem is well defined
Requirement phase : Initiated by management request,
and should conclude with a proposal to management on
the recommended solution
Develops a series of solutions
Requirement team should select a preferred solution

Deliverables needed by testers

Proposal to management describing the problem, the
alternatives and proposing a solution
Cost/benefit study describing the economics of the
proposed solution
Detailed description of the recommended solution
List of system assumptions such as life of the
project,the value of money, the average skill of the
user, and so on

Do Procedures
Task 1. Prepare a risk matrix
Task 2. Perform a Test factor Analysis for the
Requirement Phase
Task 3. Conduct a Requirements Walkthrough

Task 1. Prepare a Risk Matrix

Identification of risks and steps to be taken for each risks
Starts in the requirements phase and is expanded and
completed in the design phase
Five step process

Identify Risk Team

Identify Risks
Establish control objectives
Identify controls in each system segment
Determine adequacy of controls

1.1. Identify Risk Team

( 3 to 6 members)
Risk team may be part of requirement team or test team
Following Skills needed

Knowledge of user application

Understanding of risk concepts
Ability to identify controls
Familiarity with both application and information service risks
Understanding of information services concepts and system design
Understanding of computer operations procedures

Risk Team Members

User area
Internal auditor
Risk consultant
Data processor
Security officer
Computer operations manager

1.2.Identify Risks

identify the risk associated with application-oriented or environmental oriented

Two methods for identifying the risk

1.Risk analysis scenario brainstorms the potential application risks using their
experience, judgment, and knowledge

2. Risk checklist
Category : Uncontrolled System Access
Category : Ineffective security practices for the Application(repeat
payment to the same party )
Category : Procedural errors at the information services facility(files
destroyed during DB reorganization)
Category : Program Errors(records deleted from sensitive files without
guarantee that deleted record can be reconstructed)
Category : Communication system failure

1.3.Establish Control Objectives

Adequacy of control cannot be tested until the
acceptable level of loss from each risk has been
defined
After control objectives defined, the requirements
can be tested to determine whether those objectives
are achievable

 Risk matrix Eg(requirement)

1.4. Identify controls in each system

segment(design phase only)

Origination
Data entry-transfer to machine readable media
Communication-manual or electronic
Processing-system logic to date
Storage
Output-translation of data from computer media
to media
Use-satisfication of the business need through
the results of system processing

1.5. Determine adequacy of controls

Risk team assesses whether controls are
adequate to reduce each of the identified risks
to the acceptable level

Task 2. Perform a Test factor Analysis for

the Requirement Phase
1. Requirements Comply with Methodology (Methodology Test Factor)
2. Functional specifications Defined (Correctness Test Factor)
3. Usability specifications Determined (Ease-of-Use Test Factor)
4. Maintenance specifications Determined (Maintainable Test Factor)
5. Portability Needs Determined (Portable Test Factor)
6. System Interface Defined (Coupling Test Factor)
7. Performance Criteria Established (Performance Test Factor)
8. Operational Needs Defined (Ease-of-Operations Test Factor)
9. Tolerance Established (Reliability Test Factor)
10. Authorization Rules Defined (Authorization Test Factor)
11. File Integrity Requirements Defined (File Integrity Test Factor)
12. Reconstruction Requirements Defined (Audit Trail Test Factor)
13. Impact of Failure Defined (Continuity-of-processing Test Factor)
14. Desired Service Level Defined (Service Level Test Factor)
15. Access Defined (Security Test Factor)

 Test Team make one of the following four

judgments
Very adequate
Adequate evaluation
Inadequate assessment
Not applicable

Task 3. Conduct a Requirements

Walkthrough
Create a situation in which a team of skilled individuals can
help the project team in the development of the project
solutions
Amount of time for each steps depend upon the size of the
application being reviewed and the degree of assistance.
Five Step process
1. Establish Ground Rules
2. Select team/Notify Participants
3. Project Presentation
4. Questions/Recommendations
5. Final Report

1. Establish Ground Rules

Size and makeup of the walkthrough team(3-6
members)
Responsibility of the walkthrough
team(recommendations, comments, questions)
Obligation of the project team to answer
Approximate length, time, and location
Confidentiality of information
Aspects of the system that are not challengeable or
discussible
Who will receive the results of the walkthrough?

2. Select team/Notify Participants

Information services project manager / system
analyst
Senior management with responsibility over the
computerized area
Operations management
User management
Consultants possessing needed expertise

3.Project Presentation
Statement of the goals and objectives of the
project
Background information
List of any exceptions made by the project team
Discussions of alternatives
Using representative transactions as a basis

4. Questions/Recommendations
Evoke discussion
Recorder (member of project team)

5. Final Report
Entire walkthrough team should agree on the
contents of the report
Recorder may prove valuable information in
developing the report
Report should be issued within five days of the
conclusion of the walkthrough

 Output
Report indicating requirement deficiencies
Indicate where requirements are not accurate and/or
complete

Conclusion
Testers should perform the following steps
during requirements phase testing:
1. Prepare a risk matrix.
2. Perform a test factor analysis.
3. Conduct a requirements walkthrough.
4. Perform requirements testing.
5. Ensure requirements are testable.

Requirements Based Testing

SW High-Level
Reqs. Development

Desired Model
Properties

Software
Model

Cover the
Properties!

SW Integration
(Executable Code Production)

Properties are
Requirements