E-Book, Englisch, 390 Seiten
Reihe: Internal Audit and IT Audit
Integrating Testing, Security, and Audit
E-Book, Englisch, 390 Seiten
Reihe: Internal Audit and IT Audit
ISBN: 978-1-4987-3555-1
Verlag: CRC Press
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
The book is divided into four sections: The first section addresses the basic concepts of software quality, validation and verification, and audits. It covers the major areas of software management, software life cycle, and life cycle processes. The second section is about testing. It discusses test plans and strategy and introduces a step-by-step test design process along with a sample test case. It also examines what a tester or test lead needs to do before and during test execution and how to report after completing the test execution.
The third section deals with security breaches and defects that may occur. It discusses documentation and classification of incidences as well as how to handle an occurrence. The fourth and final section provides examples of security issues along with a security policy document and addresses the planning aspects of an information audit. This section also discusses the definition, measurement, and metrics of reliability based on standards and quality metrics methodology CMM models. It discusses the ISO 15504 standard, CMMs, PSP, and TSP and includes an appendix containing a software process improvement sample document.
Zielgruppe
Quality assurance professionals or new quality assurance testers; test leaders, including test managers and other testing resources who are involved in planning, estimating, executing, and maintaining software.
Autoren/Hrsg.
Fachgebiete
Weitere Infos & Material
CONCEPT
Quality Concept and Perspectives
Introduction
Software Quality Concept
Software Quality Characteristics
ISO/IEC 9126
Control Objectives for Information and Related Technology (COBIT)
Validation and Verification
Reviews and Audit
Management and Process
Introduction
Software Management
Software Life Cycle Models
Life Cycle Processes
TESTING
Testing: Concept and Definition
Introduction
Testing in the Software Life Cycle
Requirements
Software Testing Life Cycle
Kinds/Types of Testing
Suggested Readings
Testing: Plan and Design
Introduction
Plan and Strategy
Test Plan
Test Tools
Test Scope
Test Approach and Stages
Test Schedule
Defect Reporting and Tracking
Roles and Responsibilities
Reference Documents
Testing Estimation
Lessons Learned
Test Design Factors
Test Case Specification and Design
Test: Execution and Reporting
Introduction
Starting Test Execution
Test Result Reporting
View and Analyze Test Results
CHALLENGES
Incident Management
Introduction
Overview on Incident Management
Why Incident Management Is Important
Identification
Investigation and Analysis
Response and Recovery
Issues
Security Incidents
Defect Management
Introduction
Definition and Analysis
Process and Methodology
Root Cause Analysis
Defect Prevention
Risk Vulnerability and Threat Management
Introduction
Risk Management
Vulnerability, Risk, and Threat Analysis
Risk Management Life Cycle
Effective methods to identify Risks
Risk Assessment Matrix
Risk Response Strategy
Risk Assessment & Contingency Plan
Vulnerability Risk and Threat Analysis
OCTAVE and Risk Management
Appendix A: Sample
Appendix B: Risk Factors
SOFTWARE QUALITY EXPECTATION
Information Security
Introduction
Definition and Importance
Methodology
Security Policy Document
Information Audit
Introduction
Definition and Planning
Audit Process and Procedure
Auditing and Information Security
Software Reliability and Process Improvement
Introduction
Definition and Measurement
Measurement-Based Assurance
Quality Metrics Methodology
Software Reliability Measurement & Estimation
CMMs The Capability Maturity Model SEI/CMM
Software Process Improvement and Capability Determination (SPICE)
Appendix: Software Process Improvement
