【文章內(nèi)容簡介】 esting process – Test plan ? Bottom up ? Top down – Conduct and report test results – Address outstanding issues Business Application Development 33 ?Description of traditional SDLC phases – Development ? Testing Classifications – Unit testing – Interface or integration testing – System testing ? Recovery testing ? Security testing ? Stress/volume testing ? Performance testing – Final acceptancce testing ? Quality Assurance Testing (QAT) ? User Acceptance Testing (UAT) Business Application Development 34 ?Description of traditional SDLC phases – Development ? Other types of testing – Alpha and beta testing – Pilot testing (preliminary, evaluation) – Whitebox testing (developer) – Blackbox testing (user) – Function/validation testing – Regression testing (postfix – Same test data) – Parallel testing – Sociability testing (platform and interfaces) ? Automated applicating testing Business Application Development 35 ?Description of traditional SDLC phases – Implementation ? Implementation Planning ? Enduser Training ? Data Conversion ? Changeover (Golive or cutover) Techniques ? Certification/Accreditation Business Application Development 36 ?Description of traditional SDLC phases – Implementation ? Implementation Planning – Develop tobe support structure ? Gap analysis ? Role Definition – Establish support function ? SLA ? Implementation Plan/Knowledge transfer plan ? Training plans Business Application Development 37 ?Description of traditional SDLC phases – Implementation ? Implementation Planning – Enduser Training ? Should be considered early in the development process – Data Conversion ? Refining migration scenario ? Fallback (rollback) scenario Business Application Development 38 ?Description of traditional SDLC phases – Implementation ? Implementation Planning – Changeover (Golive or cutover) Techniques ? Parallel Changeover ? Phased Changeover ? Abrupt Changeover – Certification/Accreditation ? Difference between certification and accreditation Business Application Development 39 ?PostImplementation Review – Assess adequacy – Evaluate projected cost benefits (ROI) – Develop remendations to address inadequacies – Develop an plan for implementing the remendations – Assess the development project process ? Were the chosen methodologies/standards/techniques followed? ? Were appropriate project management techniques used? Business Application Development 40 ? Risks Associated with Software Development – New system doesnt meet business users’ needs, requirements, and expectations – New systems may exceed limits of financial resources and be pleted late. – Foremost cause of these problems is a lack of discipline in managing the software development process. – Merely following a methodology does not ensure success of a development project. IS Auditor should see User involvment and level of Senior management support. Business Application Development 41 ? Use of Structured Analysis, Design, and Development Techniques – Develop system context diagrams – Perform hierarchical data flow/control flow deposition – Develop control transformations – Develop minispecifications – Develop data dictionaries – Define all external events—inputs from external environment – Define single transformation data flow diagrams from each external event Business Application Development 42 Alternative Application Development Approaches 43 Alternative Forms of Software Project Organization 44 Alternative Forms of SW Project Organization ?Other SW dev approaches – Incremental or progressive development – Iterative development – Variants of iterative development ? Evolutionary development ? Spiral development ? Agile development 45 Alternative Forms of SW Project Organization ?Agile Development – Characteristics ? The use of small, timeboxed subprojects or iterations ? Replanning the project at the end of each iteration ? Relatively greater reliance, pared to traditional methods, on tacit knowledge – the knowledge in people’s heads – as opposed to external knowledge that is captured in project documentation ? A heavy influence on mechanisms to effectively disseminate tacit knowledge and promote teaam work. ? Some of the agile methods stipulate pairwise programming ? A change in the role of the project manager. 46 Alternative Forms of SW Project Organization ?Agile Development (cont.) – Other Characteristics ? Only plan for the next iteration of development in detail ? Agile development’s adaptive approach to requirements does not emphasize managing a requirement baseline. ? Agile development’s focus is to quickly prove an architecture by building actual functionality vs. Formally defining ―earlyon‖ software and data architecture in increasingly more detailed models and descriptions ? Agile development assumes limits to defect testing, but attempts to validate functions through a frequentbuild test cycle and correct problem in the next subproject, before too much time and cost is incurred. ? Agile development does not emphasize defined and repeatable processes, but instead perform and adapts its development based on frequent inspections. 47 Alternative Forms of SW Project Organization ?Prototyping – Also known as heuristic or evolutionary development – The process of creating a system through controlled trial and error procedures to reduce the level of risks in developing the system. – It enables the developer and customer to understand and react to risks at each evolutionary level. – Usually uses faster development tools, such 4th generation techniques – Initial emphasis of prototype is usually placed on the report and screen