Presentation is loading. Please wait.

Presentation is loading. Please wait.

Test Automation Considerations with Regulatory Practices

Published byArron Lambert Modified over 7 years ago

Similar presentations

Presentation on theme: "Test Automation Considerations with Regulatory Practices"— Presentation transcript:

1 Test Automation Considerations with Regulatory Practices
Lunch and Learn October 12, 2016 This session will be recorded

2 Agenda Sarbanes Oxley (SOX) FDA Requirements ISO/CMMI/Six Sigma
“If these tests are executed manually by the business, they may still need to be retested by external auditor. If this is done by a third party, your company will incur the cost of testing and documentation which must be repeated each year. With automation, there is no business intervention in running the tests and documenting the findings. With automation, one person can execute both tests and results, which can then be reviewed/confirmed with business and auditors.” Sarbanes Oxley (SOX) FDA Requirements ISO/CMMI/Six Sigma HIPPA/PCI/GDPR

3 SOX By mapping existing manual controls to controls that are built into your application, you can take advantage of test automation. Test of Design of the control Test of Effectiveness of the control Control Automation Auditing and logging features can be automated Database Activity Monitoring turned on Automate printing of audit reports Securing privileged accounts Security related to which users could perform which features/functions Test automation allows you to spread out controls testing (samples) Frees-up key resources at key times of the year Continuous testing helps reduce fraud Management control evidence is readily available The Sarbanes-Oxley Act of 2002 (SOX) is an act passed by U.S. Congress in 2002 to protect investors from the possibility of fraudulent accounting activities by corporations. The SOX Act mandated strict reforms to improve financial disclosures from corporations and prevent accounting fraud.

4 How TurnKey Has Helped with SOX
Created test flows for approvals, audits, management, and different views ensuring that different users have different access Login, navigate to page, check page title, frame name and link Negative testing – Add logic to make “failing tests” pass Flip keywords to make it pass when it sees a negative condition Build out hundreds of different data scenarios within the same spreadsheet to test different user logins Data for tests is isolated to only those tests – special users were created to run the tests with varying permission sets Helped establish test development/execution “workflows” to ensure that tests had proper sign-off

5 FDA Regulatory Requirements
Focus on ALM environment – cFactory has to play by the rules! ALM/UFT Permissions must be locked down which can impact automated test creation and execution eApprove Process for all tools is required Installation Qualification (IQ) test plan and execution Verify expected results for all installation software and manual processes for ALM, UFT, cFactory, Accelerator(s), tools and utilities Operation Qualification (OQ) test plan and execution Verify that cFactory, UFT, ALM, Accelerators all worked properly in the installed environment Customized approval workflows must be established for all steps involved in test case development and execution Version control required to strictly lock down test cases and results Nothing can be deleted from ALM Test maintenance needs to be done in “Dev” environment

6 How TurnKey Has Helped With FDA Regulations
Developed IQ and OQ test plans Executed IQ and OQ test plans and reported results Provide documented minimum permissions required for cFactory, UFT and ALM and worked with Customers’ IT to help establish these Helped structuring ALM to keep versions clear, maintenance easy and execution results readily available Helped with versioning (either using HP or cloning baseline in ALM)

7 ISO/CMMI/Six Sigma/etc.
Standards need to be created for: Test case design Test case automation Test case execution Defect tracking standards Test environment standards Review process for test cases must be documented Once all tests are executed, determine if all requirements and standards are met Final review of results ALM versioning often used, or separate major releases by project

8 How TurnKey Helps with ISO/CMMI/etc.
Test case design is simplified with cFactory – no coding standards and standard reviews needed Help identify what components to create and why cFactory works well with HP versioning Assist with cloning environments for archival ALM Best Practices shared at last month’s Lunch-n-Learn are very useful

9 HIPPA/PCI/GDPR Data regulations General Data Protection Regulation (GDPR) will be required in the EU by 2018 Cannot use customer information in a test environment DBA will take a copy of the production DB or a subset of it, then mask it, and push it to another DB for testers to consume Data sub-setting is important Huge impact for QA/Testers and Application Owners who want to use “realistic” test data while ensuring compliance with Standards Need to make sure data is always available Data is quickly consumed Long wait times for next “batch” of data for testing

10 How TurnKey helps with HIPPA/PCI/GDPR
Test automation can generate consumable data Partnered with CA to sell Test Data Manager (TDM) – creates data pools for use across the business Acquire subsets of data from database Mask and sanitize it according to rules Or, synthesize data according to rules Ability to refresh data frequently TurnKey dataGen™ Synthetic test data can generate realistic test data, ensuring data integrity without using actual customer data

11

Download ppt "Test Automation Considerations with Regulatory Practices"

Similar presentations

Feb 2015 QCWiz Capability QE&A Automation COE.

Feb 2015 QCWiz Capability QE&A Automation COE.
Chapter 7 Database Auditing Models

Chapter 7 Database Auditing Models
 What is Software Testing  Terminologies used in Software testing  Types of Testing  What is Manual Testing  Types of Manual Testing  Process that.

 What is Software Testing  Terminologies used in Software testing  Types of Testing  What is Manual Testing  Types of Manual Testing  Process that.
Michael Solomon Tugboat Software Managing the Software Development Process.

Michael Solomon Tugboat Software Managing the Software Development Process.
Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,

Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,
Chapter 7 Database Auditing Models

Chapter 7 Database Auditing Models
Best in Class Controls for AP The Institute of Financial Operations Indiana – Southern Illinois Chapter June 15, 2011 Sherry DePew.

Best in Class Controls for AP The Institute of Financial Operations Indiana – Southern Illinois Chapter June 15, 2011 Sherry DePew.
Kyle McDuffie, Vice President Beckman User Meeting 2001 Delaware. Orlando. Holland. UK Instrument Integration and Regulatory Compliance.

Kyle McDuffie, Vice President Beckman User Meeting 2001 Delaware. Orlando. Holland. UK Instrument Integration and Regulatory Compliance.
The Islamic University of Gaza

The Islamic University of Gaza
Information Systems Security Computer System Life Cycle Security.

Information Systems Security Computer System Life Cycle Security.
Seattle Area Software Quality Assurance Group Release and Configuration Management, The Acceleration of Change and Its Contribution To Software Quality.

Seattle Area Software Quality Assurance Group Release and Configuration Management, The Acceleration of Change and Its Contribution To Software Quality.
What is Sure BDCs? BDC stands for Batch Data Communication and is also known as Batch Input. It is a technique for mass input of data into SAP by simulating.

What is Sure BDCs? BDC stands for Batch Data Communication and is also known as Batch Input. It is a technique for mass input of data into SAP by simulating.
1 Software Development Configuration management. \ 2 Software Configuration  Items that comprise all information produced as part of the software development.

1 Software Development Configuration management. \ 2 Software Configuration  Items that comprise all information produced as part of the software development.
SWE © Solomon Seifu 2010 1 CONSTRUCTION. SWE © Solomon Seifu 2010 2 Lesson 13-2 Testing.

SWE © Solomon Seifu CONSTRUCTION. SWE © Solomon Seifu Lesson 13-2 Testing.
Auditing Information Systems (AIS)

Auditing Information Systems (AIS)
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 7 Database Auditing Models.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 7 Database Auditing Models.
Anubha Gupta | Software Engineer Visual Studio Online Microsoft Corp. Visual Studio Enterprise Leveraging modern tools to streamline Build and Release.

Anubha Gupta | Software Engineer Visual Studio Online Microsoft Corp. Visual Studio Enterprise Leveraging modern tools to streamline Build and Release.
People Inc. from P&A Software

People Inc. from P&A Software
Review of IT General Controls

Review of IT General Controls
Core ELN Training: Office Web Apps (OWA)

Core ELN Training: Office Web Apps (OWA)

Similar presentations

Ads by Google