Security Testing

When considering testing for any Projects or Changes, Test Managers / Test Leads / Team Leaders also need to take into consideration any technical security implications the Project / Change will introduce.

Where activities are undertaken within GoR institution critical systems and sensitive data, it is mandatory to undertake technical security reviews and assessments. Security Review(s) and Assessment(s) are required to ensure all vulnerabilities are detected prior, during and on a periodic basis. A request should be made to undertake a Technical Security Review as part of the overall plan of testing.

Note: Security Testing is required to be conducted separately and by an independent party not involved in the implementation.

If such a test is required, a Security Review and Assessment form needs to be completed and submitted thereon. The assessment form should be addressed to the tester indicating reason for security testing, which type of security testing is going to be done, on which module, schedules, tools to be used, way of reporting defects and communication, agree on confidentiality of data and respect terms and conditions that are applied.

Purpose of the document

Overview

Scope

Purpose of this Software Testing policy

Mission Statement

Software Testing Policy Objectives and Principles

Benefits of the Software Testing Policy

Purpose of Software Testing Guidelines

Definition of Testing

Risk Based Approach to Testing

Software Testing Guidelines Objectives

Roles and Responsibilities

Fundamental Test Planning Process and Strategies

Approaches to Manual Testing

Approaches to Automated Testing

Defect Management

Purpose of the Test Data document

Ways of Collecting Test Data

Practical guideline on how to use test data

Performance testing

Security Testing

Statuses

Evaluation of test processes and test improvement (Continuous Improvement)

Project Lesson Learned workshops

Test control

Review History

Security Testing

No Comments