1st Edition

Software Quality Assurance Integrating Testing, Security, and Audit

By Abu Sayed Mahfuz Copyright 2016
    390 Pages 46 B/W Illustrations
    by Auerbach Publications

    390 Pages 46 B/W Illustrations
    by Auerbach Publications

    Software Quality Assurance: Integrating Testing, Security, and Audit focuses on the importance of software quality and security. It defines various types of testing, recognizes factors that propose value to software quality, and provides theoretical and real-world scenarios that offer value and contribute quality to projects and applications. The practical synopsis on common testing tools helps readers who are in testing jobs or those interested in pursuing careers as testers. It also helps test leaders, test managers, and others who are involved in planning, estimating, executing, and maintaining software.

    The book is divided into four sections: The first section addresses the basic concepts of software quality, validation and verification, and audits. It covers the major areas of software management, software life cycle, and life cycle processes. The second section is about testing. It discusses test plans and strategy and introduces a step-by-step test design process along with a sample test case. It also examines what a tester or test lead needs to do before and during test execution and how to report after completing the test execution.

    The third section deals with security breaches and defects that may occur. It discusses documentation and classification of incidences as well as how to handle an occurrence. The fourth and final section provides examples of security issues along with a security policy document and addresses the planning aspects of an information audit. This section also discusses the definition, measurement, and metrics of reliability based on standards and quality metrics methodology CMM models. It discusses the ISO 15504 standard, CMMs, PSP, and TSP and includes an appendix containing a software process improvement sample document.

    CONCEPT

    Quality Concept and Perspectives
    Introduction
    Software Quality Concept
    Software Quality Characteristics
    ISO/IEC 9126
    Control Objectives for Information and Related Technology (COBIT)
    Validation and Verification
    Reviews and Audit

    Management and Process
    Introduction
    Software Management
    Software Life Cycle Models
    Life Cycle Processes

    TESTING

    Testing: Concept and Definition
    Introduction
    Testing in the Software Life Cycle
    Requirements
    Software Testing Life Cycle
    Kinds/Types of Testing
    Suggested Readings

    Testing: Plan and Design
    Introduction
    Plan and Strategy
    Test Plan
    Test Tools
    Test Scope
    Test Approach and Stages
    Test Schedule
    Defect Reporting and Tracking
    Roles and Responsibilities
    Reference Documents
    Testing Estimation
    Lessons Learned
    Test Design Factors
    Test Case Specification and Design

    Test: Execution and Reporting
    Introduction
    Starting Test Execution
    Test Result Reporting
    View and Analyze Test Results

    CHALLENGES

    Incident Management
    Introduction
    Overview on Incident Management
    Why Incident Management Is Important
    Identification
    Investigation and Analysis
    Response and Recovery
    Issues
    Security Incidents

    Defect Management
    Introduction
    Definition and Analysis
    Process and Methodology
    Root Cause Analysis
    Defect Prevention

    Risk Vulnerability and Threat Management
    Introduction
    Risk Management
    Vulnerability, Risk, and Threat Analysis
    Risk Management Life Cycle
    Effective methods to identify Risks
    Risk Assessment Matrix
    Risk Response Strategy
    Risk Assessment & Contingency Plan
    Vulnerability Risk and Threat Analysis
    OCTAVE and Risk Management
    Appendix A: Sample
    Appendix B: Risk Factors

    SOFTWARE QUALITY EXPECTATION

    Information Security
    Introduction
    Definition and Importance
    Methodology
    Security Policy Document

    Information Audit
    Introduction
    Definition and Planning
    Audit Process and Procedure
    Auditing and Information Security

    Software Reliability and Process Improvement
    Introduction
    Definition and Measurement
    Measurement-Based Assurance
    Quality Metrics Methodology
    Software Reliability Measurement & Estimation
    CMMs The Capability Maturity Model SEI/CMM
    Software Process Improvement and Capability Determination (SPICE)
    Appendix: Software Process Improvement

    Biography

    Abu Sayed Mahfuz, ITIL, MIS, MA, has over 15 years of experience in the business and information technology profession, including database manager, technology manager, software quality lead, and technology instruction in several prestigious multinational companies. He is a distinguished trainer, speaker, and book author. Mr. Mahfuz earned his master’s degree in computer and information systems from the University of Detroit Mercy and two other master’s degrees from Malaysia and Bangladesh. He also holds ITIL Foundation certification and several software quality, cyber security, and phishing related internal certifications from Hewlett Packard.