Software Test Process Assessment Methodology - II
|
|
- Gwenda Joseph
- 6 years ago
- Views:
Transcription
1 Journal of Engineering Computers & pplied Sciences(JECS) ISSN No: Software Test Process ssessment Methodology - II Dr.S. K. Sudarsanam, Professor, VIT Business School Chennai, VIT University, Chennai, India bstract This paper provides a methodology for rating the process areas of TPI. TPI (Test Process Improvement) model TPI is Sogeti and Capgemini's highly-effective approach to test process assessment and improvement, providing an objective insight into the maturity of an organisation s entire test processes. The TPI model has 4 key area groups and 20 key areas. This paper provides a quantitative method of measuring the process compliance for each of TPI key areas. Keywords: TPI, Test Process improvement (TPI), Key reas, Levels, Checkpoints and Test process Rating. Introduction TPI Test Process Improvement is a tried and tested structured assessment of an organization s testing maturity with a view to improving its overall testing and Q effectiveness and efficiency. are given. The implementation of improvement activities carried out using the suggestions would enable the organizations to reach the desired level of maturity for each of the key areas of TPI. TPI (Pol, 1995) offers insight to the maturity of the test processes within the organization. TPI also offers guidelines for Software process improvements (similar to CMMI, TMMI, ISO and IEEE Testing standards). It reveals the strengths and weaknesses of existing test processes within an organization and provides structured methodology and key areas for test process improvement. There are broadly three key area groups in TPI. They are (LTIO) Life Cycle related areas, Technology related areas, Infrastructure and tools related areas and Organization related areas. Levels : There are four maturity levels, B, C and D. Each of the key area is assessed against the maturity level with being the lowest level of maturity and D being the hightest level of maturity. Checkpoints are used to determine the level of maturity for each of the key area. There are four maturity scales : dhoc (0), Controlled (1-5), Efficient (6-10) and Optimizing (11-13). Improvement Suggestions : In the TPI model, for every maturity level of each key area improvement suggestions There are 21 Key reas in the TPI model covering all the aspects of the test process. Each of the key area has different maturity levels starting from which is covered in all key areas and ending with D which is covered in only few key areas. Under each maturity level, there are checkpoints for each of the key area. Higher maturity levels automatically imply the compliance of lower maturity levels (there may be some exceptions). No. of checkpoints Checkpoint compliance Key reas B C D B C D Test Strategy Test Life-Cycle Model Moment of involvement Estimating and Planning Test Design Techniques Static Test Techniques Open ccess Journals Blue Ocean Research Journals 20
2 Journal of Engineering Computers & pplied Sciences(JECS) ISSN No: Metrics Test utomation Test Environment Office Environment 3 3 Commitment and motivation Test functions and training Scope of methodology Communication Reporting Defect Management Testware Management Test Process Management Evaluation Low-level testing Integration Testing The table shows the Key areas and the no. of checkpoints in the maturity levels, B, C and D. The checkpoint compliance shows the no. of checkpoints which are satisfied by a Software Testing organization in each of the key test process areas. TPI Rating nd Compliance: Currently the TPI compliance is reported as maturity level compliance in the scale of 0-13 for each of the key area. (as in the table below): Open ccess Journals Blue Ocean Research Journals 21
3 Journal of Engineering Computers & pplied Sciences(JECS) ISSN No: new rating methodology is proposed in addition to the current methodology which clearly gives the areas of non-compliance and areas of improvement. a) For each of the Key area, the compliance levels of checklists for each of the maturity levels are listed out. b) For the organization which wants to get TPI compliance assessed, for each of the key area the compliance of the checklists for each of the maturity levels (,B,C and D) are assessed c) For example, if an organization satisfies 3 out 3 checklists in Level, then its compliance is 3 in Level under that particular process are d) The percentage of compliance under each level (,B, C and D) is calculated for each of the key areas ratio of checkpoint compliance to number of checkpoints e) Overall percentage of compliance is also calculated for each of the key areas. Comparison Of The Current TPI Compliance Reporting With New Proposed Rating Method: TPI process audit was carried for a testing organization for 21 key areas. Each of the key area is assessed for compliance of checklists of, B, C and D and the level of compliance for the organization are reported in the table below: Key reas No. of checkpoints Checkpoint compliance B C D B C D Test Strategy Test Life-Cycle Model Moment of involvement Estimating and Planning Test Design Techniques Static Test Techniques Metrics Test utomation Test Environment Office Environment 3 3 Commitment and motivation Test functions and training Scope of methodology Communication Reporting Defect Management Testware Management Test Process Management Evaluation Low-level testing Integration Testing Open ccess Journals Blue Ocean Research Journals 22
4 Journal of Engineering Computers & pplied Sciences(JECS) ISSN No: The table below shows the compliance reporting suggested by TPI model Scale Key rea Controlled Efficient Optimizing Test Strategy B Test Life-Cycle B Moment of involvement Estimating and Planning B Test Design Techniques B Static Test Techniques Metrics B C Test utomation B C Test Environment B C Office Commitment and motivation B C Test functions and training B C Scope of methodology B C Communication B Reporting B C Defect B C Testware Management B C Test Process Management B C Evaluation Low-level testing Integration Testing B C Overall Level of Compliance Compliance Key reas B C D Test Strategy 0.00% 40.00% 0.00% 0.00% 8.70% Test Life-Cycle Model % % % Moment of involvement % 0.00% 0.00% 0.00% 25.00% Estimating and Planning % % % Test Design Techniques 50.00% % 0.00% 66.67% Static Test Techniques 50.00% 0.00% 33.33% Metrics % 50.00% 50.00% 0.00% 55.56% Test utomation % 83.33% % 92.86% Test Environment 75.00% 66.67% 0.00% 66.67% Office Environment % % Commitment and motivation % % % % Test functions and training % % % % Scope of % % 66.67% 0.00% 66.67% th d l Communication % 75.00% 0.00% 69.23% Reporting % % 0.00% 0.00% 50.00% Defect Management % % % % Testware Management % 71.43% % 83.33% Test Process Management % % 66.67% 88.89% Evaluation % 0.00% 0.00% 40.00% Low-level % 0.00% 0.00% 20.00% t ti Integration Testing % 57.14% 66.67% 73.33% Open ccess Journals Blue Ocean Research Journals 23
5 Journal of Engineering Computers & pplied Sciences(JECS) ISSN No: The table above provides the new TPI reporting model suggested The new model clearly provides the percentage of compliance for each key area for each maturity level and also the overall compliance level for the key area. This would help organizations identify easily the areas of improvement and can use the suggestions for improvement to implement process assets and attain a higher level of maturity for those areas where the compliance is low (less than 70%). Conclusion This paper provides a new process compliance rating mechanism which can be used as a reference and guideline for carrying out TPI process maturity assessments for Software Test processes in IT organizations cutting across all domains of business. lso, this can be used by Quality Management teams and Software Engineering Process groups (SEPG) to carry out internal assessment of their organizations to find out the current level of maturity for each of the key test process areas. Compared with the rating mechanism outlined by TPI, the compliance rating appraisal suggested in the previous section provides the rating compliance percentage for each of the key process areas and would help clearly identify the areas of TPI compliance and areas for improvement. This would help all the stakeholders involved to be better equipped with their understanding of the TPI assessment guidelines, maturity levels, checklists of each level for each area, rating scale and scoring methods. References [1]. TMMi Foundation, TMMI Framework and Levels, 2009, [2]. TPI Home Pages, Sogeti Nederland B.V., [ ] [3]. TMP Home Pages, TMap - Sogeti Nederland B.V., 2004, [ ] [4]. Koomen T and Pol M., Test Process Improvement: practical step-by-step guide to structured testing, CM Press, London, England, 1999 [5]. Koomen T et al, TMap Next a result driven testing, UTN Publishers, Netherlands, Nov 2009, ISBN-13: Open ccess Journals Blue Ocean Research Journals 24
ISTQB Expert Level. Improving the Testing Process. Erik van Veenendaal. Vice-President ISTQB.
ISTQB Expert Level Improving the Testing Process Erik van Veenendaal Vice-President ISTQB (eve@improveqs.nl) 1 Erik van Veenendaal Founder and major shareholder ImproveQS In testing since 1989 working
More informationTMap NEXT Test Manager
TMap NEXT Test Manager Preparation Guide Edition 201607 Copyright 2016 EXIN All rights reserved. No part of this publication may be published, reproduced, copied or stored in a data processing system or
More informationProcess Improvement for Present and Future. Erik van Veenendaal.
Test Improvement with TMMi Process Improvement for Present and Future Erik van Veenendaal www.erikvanveenendaal.nl Erik van Veenendaal www. erikvanveenendaal.nl Founder and major shareholder ImproveQS
More informationComing up soon: TMMI
Coming up soon: TMMI What to expect Jan Jaap Cannegieter Vice President SYSQA Almere Quality Assurance in ICT / 1 Agenda The history: TMM Why TMMI What we know in advance TMMI compared to other models
More informationTMap Suite Test Engineer
Preparation Guide TMap Suite Test Engineer Edition 201610 Copyright 2016 EXIN All rights reserved. No part of this publication may be published, reproduced, copied or stored in a data processing system
More informationAdvanced Tester Certification Test Manager
Home > Advanced Tester Certification Test Manager Advanced Tester Certification Test Manager Accredited training for the ISTQB Advanced Tester Certification Test Manager (CTAL- TM) certification. This
More informationPractical IT Research that Drives Measurable Results OptimizeIT Strategic Planning Bundle
Practical IT Research that Drives Measurable Results OptimizeIT Strategic Planning Bundle Info-Tech Research Group 1 An IT Strategy must lay out a roadmap and budget for investment to establish the systems,
More informationSecurity Testing Improvement Profile (STIP) An evaluation scheme for security testing
Security Testing Improvement Profile (STIP) An evaluation scheme for security testing SASSI13 Security Assessment for Systems, Services and Infrastructures September 2013 at the Technical University (TU)
More informationMaGMa: a framework and tool for use case management
MaGMa: a framework and tool for use case management 1 Introduction A Security Operations Center (SOC) has a central role in protecting against, and dealing with cyberattacks. In the ever changing landscape
More informationBCS EXIN ITAMOrg Software Asset Management Specialist Syllabus Version 1.1 December 2016
BCS EXIN ITAMOrg Software Asset Management Specialist Syllabus Version 1.1 December 2016 This professional certification is not regulated by the following United Kingdom Regulators - Ofqual, Qualification
More informationImplementing ITIL v3 Service Lifecycle
Implementing ITIL v3 Lifecycle WHITE PAPER introduction GSS INFOTECH IT services have become an integral means for conducting business for all sizes of businesses, private and public organizations, educational
More informationISO/ IEC (ITSM) Certification Roadmap
ISO/ IEC 20000 (ITSM) Certification Roadmap Rasheed Adegoke June 2013 Outline About First Bank Motivations Definitions ITIL, ISO/IEC 20000 & DIFFERENCES ISO/ IEC 20000 Certification Roadmap First Bank
More informationStandard Glossary of Terms used in Software Testing. Version 3.2. Advanced Test Automation - Engineer Terms
Standard Glossary of Terms used in Software Testing Version 3.2 International Software Testing Qualifications Board Copyright Notice This document may be copied in its entirety, or extracts made, if the
More informationFOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY
FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY The Foundation Certificate in Information Security (FCIS) course is designed to provide
More informationInformation Security Management System (ISMS) ISO/IEC 27001:2013
Information Security Management System (ISMS) ISO/IEC 27001:2013 Course No. 110B Attendees will learn how to help your organization manage the security of assets such as financial information, intellectual
More informationSDLC Maturity Models
www.pwc.com SDLC Maturity Models SecAppDev 2017 Bart De Win Bart De Win? 20 years of Information Security Experience Ph.D. in Computer Science - Application Security Author of >60 scientific publications
More informationEXIN Expert in IT Service Management based on ISO/IEC Preparation Guide
EXIN Expert in IT Service Management based on ISO/IEC 20000 Preparation Guide Edition June 2016 Copyright 2016 EXIN All rights reserved. No part of this publication may be published, reproduced, copied
More informationA Study on Website Quality Models
International Journal of Scientific and Research Publications, Volume 4, Issue 12, December 2014 1 A Study on Website Quality Models R.Anusha Department of Information Systems Management, M.O.P Vaishnav
More informationTraining Quality Standard Scoring Analysis. Release 1 April 2009
Training Quality Standard Scoring Analysis Release 1 April 29 2 Training Quality Standard The Training Quality Standard is an assessment framework and a process for assessing organisations using that framework,
More informationSAMPLE REPORT. Business Continuity Gap Analysis Report. Prepared for XYZ Business by CSC Business Continuity Services Date: xx/xx/xxxx
SAMPLE REPORT Business Continuity Gap Analysis Report Prepared for XYZ Business by CSC Business Continuity Services Date: xx/xx/xxxx COMMERCIAL-IN-CONFIDENCE PAGE 1 OF 11 Contact Details CSC Contacts CSC
More informationManchester Metropolitan University Information Security Strategy
Manchester Metropolitan University Information Security Strategy 2017-2019 Document Information Document owner Tom Stoddart, Information Security Manager Version: 1.0 Release Date: 01/02/2017 Change History
More informationISO 27001:2013 certification
www.pwc.ch/cybersecurity ISO 27001:2013 certification Building confidence in your digital future Our approach to certification PwC offers a four-phase approach to help with your ISO 27001 project, using
More informationExam Requirements v4.1
COBIT Foundation Exam Exam Requirements v4.1 The purpose of this document is to provide information to those interested in participating in the COBIT Foundation Exam. The document provides information
More informationGuidance Solvency II data quality management by insurers
Guidance Solvency II data quality management by insurers De Nederlandsche Bank N.V. Guidance Solvency II data quality management by insurers Guidance document of De Nederlandsche Bank N.V., dated 1 September
More informationISO / IEC 27001:2005. A brief introduction. Dimitris Petropoulos Managing Director ENCODE Middle East September 2006
ISO / IEC 27001:2005 A brief introduction Dimitris Petropoulos Managing Director ENCODE Middle East September 2006 Information Information is an asset which, like other important business assets, has value
More informationNational State Auditors Association Vulnerability Management: An Audit Primer September 20, 2018
Office of the Legislative Auditor State of Minnesota National State Auditors Association Vulnerability Management: An Audit Primer September 20, 2018 Christopher Buse Deputy Legislative Auditor Boot Camp
More informationThe Experience of Generali Group in Implementing COBIT 5. Marco Salvato, CISA, CISM, CGEIT, CRISC Andrea Pontoni, CISA
The Experience of Generali Group in Implementing COBIT 5 Marco Salvato, CISA, CISM, CGEIT, CRISC Andrea Pontoni, CISA Generali Group at a glance Let me introduce myself Marco Salvato CISA, CISM, CGEIT,
More informationGreen Star Volume Certification. Process Guide
Green Star Volume Certification Process Guide Contents Executive Summary... 3 Volume Certification... 3 The Volume Certification Process Guide... 3 Questions?... 4 Volume Certification Summary... 5 Stage
More informationCertified Information Security Manager (CISM) Course Overview
Certified Information Security Manager (CISM) Course Overview This course teaches students about information security governance, information risk management, information security program development,
More informationCapgemini employ 30,000+ (2010) people in India with offices in Mumbai, Bangalore, Kolkata, Pune, Hyderabad, Chennai and Delhi/NCR.
Project: Interact Release 2.0 Client: Vonage (NYSE:VG) Duration: February 2008 to June 2009 Employer: Capgemini India Pvt. Ltd. Website: www.capgemini.com About Capgemini: Capgemini is a major French company,
More informationQuality Assurance & Standards
Quality Assurance & Standards PSD3 Nov 2013 1 Overview Quality Assurance (QA)» checking what we are producing QA standards» checking the checking 2 Further Reading Sommerville» 9 th Edition, Chap. 24»
More informationBCS Foundation Certificate in Software Asset Management Essentials Syllabus
BCS Foundation Certificate in Software Asset Management Essentials Syllabus Version 4.6 March 2017 This qualification is not regulated by the following United Kingdom Regulators - Ofqual, Qualification
More information7 th BICSI Southeast Asia Conference 2009 Building the Next Generation Broadband Network
7 th BICSI Southeast Asia Conference 2009 Building the Next Generation Broadband Network Business Impact Analysis A Regional Perspective Presented by Lim Sek Seong Vice President Sek_Seong@BCM-Institute.org
More informationAssessment Plan. Academic Cycle
College of Business and Technology Division or Department: School of Business (Business Administration, BS) Prepared by: Marcia Hardy Date: June 21, 2017 Approved by: Margaret Kilcoyne Date: June 21, 2017
More informationData Management and Security in the GDPR Era
Data Management and Security in the GDPR Era Franck Hourdin; Vice President, EMEA Security Russ Lowenthal; Director, Database Security Product Management Mike Turner; Chief Operating Officer, Capgemini
More informationTest Automation Success is a choice, not luck
Tools for Software Hier soll der QA Titel and rein Testing Test Automation Success is a choice, not luck Ruud Teunissen Polteq Test Services BV www.qs-tag.de Host: imbus AG www.qs-tag.de Test automation
More informationImplementation of Business Continuity Management System (BCMS) based on ISO 22301:2012 requirements
Implementation of Business Continuity Management System (BCMS) based on ISO 22301:2012 requirements Summary This five-day intensive training course enables participants to develop the necessary expertise
More informationEffective COBIT Learning Solutions Information package Corporate customers
Effective COBIT Learning Solutions Information package Corporate customers Thank you f o r y o u r interest Thank you for showing interest in COBIT learning solutions from ITpreneurs. This document provides
More informationWELCOME ISO/IEC 27001:2017 Information Briefing
WELCOME ISO/IEC 27001:2017 Information Briefing Denis Ryan C.I.S.S.P NSAI Lead Auditor Running Order 1. Market survey 2. Why ISO 27001 3. Requirements of ISO 27001 4. Annex A 5. Registration process 6.
More informationCertificate Software Asset Management Essentials Syllabus. Version 2.0
Certificate Software Asset Management Essentials Syllabus Version 2.0 June 2010 Certificate in Software Asset Management Essentials Leaning Objectives Holders of the ISEB Certificate in SAM Essentials
More informationProgram Review for Information Security Management Assistance. Keith Watson, CISSP- ISSAP, CISA IA Research Engineer, CERIAS
Program Review for Information Security Management Assistance Keith Watson, CISSP- ISSAP, CISA IA Research Engineer, CERIAS Disclaimer and Purpose PRISMA, FISMA, and NIST, oh my! PRISMA versus an Assessment
More informationMetrics for Information Security Management Jesus Leonardo Garcia Rojas Innovaciones Telemáticas
Metrics for Information Security Management Jesus Leonardo Garcia Rojas Innovaciones Telemáticas lgarcia@intelematica.com.mx How do we know how secure an organization is? Manager asks, Are we secure? Without
More informationOverview public training courses November 2015 April 2016
Overview public training courses November 2015 April 2016 For the program from May 2016 and furter: see www.polteq.com Page Training Duration Price Examination fee November '15 December '15 January '16
More informationStandard Glossary of Terms used in Software Testing. Version 3.1. Expert Test Manager Terms
Standard Glossary of Terms used in Software Testing Version 3.1 Expert Test Manager Terms International Software Testing Qualifications Board Copyright Notice This document may be copied in its entirety,
More informationData Collection & Industry Standards
Data Collection & Industry Standards (Chapter 8 Software Project Estimation) Alain Abran (Tutorial Contribution: Dr. Monica Villavicencio) 1 Copyright 2015 Alain Abran Topics covered 1. Introduction 2.
More informationENGINEERING AND TECHNOLOGY MANAGEMENT
Engineering and Technology Management 1 ENGINEERING AND TECHNOLOGY MANAGEMENT Master of Science in Engineering Technology Management Tim Hardin, PhD Director Brenda L. Johnson, MS Assistant Director OSU
More informationfalanx Cyber ISO 27001: How and why your organisation should get certified
falanx Cyber ISO 27001: How and why your organisation should get certified Contents What is ISO 27001? 3 What does it cover? 3 Why should your organisation get certified? 4 Cost-effective security management
More informationApplying ISO/IEC Quality Model to Quality Requirements Engineering on Critical Software
Applying ISO/IEC 9126-1 Quality Model to Quality Engineering on Critical Motoei AZUMA Department of Industrial and Management Systems Engineering School of Science and Engineering Waseda University azuma@azuma.mgmt.waseda.ac.jp
More informationINFORMATION SECURITY MANAGEMENT SYSTEMS CERTIFICATION RESEARCH IN THE ROMANIAN ORGANIZATIONS
U.P.B. Sci. Bull., Series D, Vol. 77, Iss. 4, 2015 ISSN 1454-2358 INFORMATION SECURITY MANAGEMENT SYSTEMS CERTIFICATION RESEARCH IN THE ROMANIAN ORGANIZATIONS Bogdan ŢIGĂNOAIA 1, Anca-Alexandra PURCĂREA
More informationSix Sigma in the datacenter drives a zero-defects culture
Six Sigma in the datacenter drives a zero-defects culture Situation Like many IT organizations, Microsoft IT wants to keep its global infrastructure available at all times. Scope, scale, and an environment
More informationAssessing the Feasibility of Security Metrics
Advances in Communications, Computing, Networks and Security 10 Abstract 88 Assessing the Feasibility of Security Metrics B. Heinzle and S.M. Furnell Centre for Security, Communications and Network Research
More informationOIL & GAS DIVISION TRAINING CONSULTING ENGINEERING IMPLEMENTING AUDITING. Reva Phoenix Engineers & Consultants India Private Limited
www.revaphoenix.com Reva Phoenix Engineers & Consultants India Private Limited OIL & GAS DIVISION TRAINING CONSULTING ENGINEERING IMPLEMENTING AUDITING 01 INTRODUCTION We at Reva Phoenix Engineers & Consultants
More informationTowards an Agile Foundation for the Creation and Enactment of Software Engineering Methods: The SEMAT Approach
Towards an Agile Foundation for the Creation and Enactment of Software Engineering Methods: The SEMAT Approach Brian Elvesæter 1, Michael Striewe 2, Ashley McNeile 3 and Arne-Jørgen Berre 1 1, P. O. Box
More informationProtect Your Organization from Cyber Attacks
Protect Your Organization from Cyber Attacks Leverage the advanced skills of our consultants to uncover vulnerabilities our competitors overlook. READY FOR MORE THAN A VA SCAN? Cyber Attacks by the Numbers
More information2 The IBM Data Governance Unified Process
2 The IBM Data Governance Unified Process The benefits of a commitment to a comprehensive enterprise Data Governance initiative are many and varied, and so are the challenges to achieving strong Data Governance.
More informationBCS Specialist Certificate in Change Management Syllabus
BCS Specialist Certificate in Change Management Syllabus Version 2.0 April 2017 This qualification is not regulated by the following United Kingdom Regulators - Ofqual, Qualification in Wales, CCEA or
More informationIntegration Technologies Group, Inc. Uncompromising Performance
Integration Technologies Group, Inc. Uncompromising Performance Agenda Current Market Information Overview of ISO 27001 Overview of ISO 27001 Requirements, Controls and Assets Identify the Scope Overview
More informationC106: DEMO OF THE INFORMATION SECURITY MANAGEMENT SYSTEM - ISO: 27001:2005 AWARENESS TRAINING PRESENTATION KIT
C106: DEMO OF THE INFORMATION SECURITY MANAGEMENT SYSTEM - ISO: 27001:2005 AWARENESS TRAINING PRESENTATION KIT Buy: http://www.globalmanagergroup.com/iso27001training.htm Chapter-1.0 CONTENTS OF ISO 27001-2005
More informationHow to Underpin Security Transformation With Complete Visibility of Your Attack Surface
How to Underpin Security Transformation With Complete Visibility of Your Attack Surface YOU CAN T SECURE WHAT YOU CAN T SEE There are many reasons why you may be considering or engaged in a security transformation
More informationNational Cyber Security Strategy (NCS) Toolkit
National Cyber Security Strategy (NCS) Toolkit Let s create a toolkit to help states to develop or improve their national cyber security strategies Examples of Topics To Be Addressed The role, objectives
More informationLarge Scale Repository Auditing to ISO José Carvalho
Large Scale Repository Auditing to ISO 16363 José Carvalho jcarvalho@sdum.uminho.pt Topics RCAAP Project ISO 16363 Methodology Results (preliminary audit) Future steps 2 Authors Eloy Rodrigues José Carvalho
More informationIT123: SABSA Foundation Training
IT123: SABSA Foundation Training IT123 Rev.002 CMCT COURSE OUTLINE Page 1 of 8 Training Description: SABSA is the world s leading open security architecture framework and methodology. SABSA is a top-tobottom
More informationCAPM & PMP Exam Preparation Boot Camp
CAPM & PMP Exam Preparation Boot Camp About This Course In this course, you will gain the essential knowledge and preparation needed to pass either the Certified Associate in Project Management (CAPM)
More informationSoftware Quality Assurance Text and Readings
Software Quality Assurance Text and Readings Hall Ince, D. (1994) ISO 9001 and Software Quality Assurance, McGraw-Hill, London Macfarlane, M. Eating the elephant one bite at a time. McCall et al. (1997)
More informationDESCRIPTION OF AUDITING STANDARDS
June 7, 2017 DESCRIPTION OF AUDITING STANDARDS ISAE 3402 (FORMER SAS 70) AUDITING STANDARD Customers require that the service organizations demonstrate they have the adequate internal control system to
More informationBCS Specialist Certificate in Service Desk and Incident Management Syllabus
BCS Specialist Certificate in Service Desk and Incident Management Syllabus Version 1.9 April 2017 This qualification is not regulated by the following United Kingdom Regulators - Ofqual, Qualification
More informationREQUEST FOR EXPRESSIONS OF INTEREST
REQUEST FOR EXPRESSIONS OF INTEREST (CONSULTING SERVICES FIRMS SELECTION) Country : INDIA Project : FINANCING PUBLIC PRIVATE PARTNERSHIP THROUGH SUPPORT TO THE INDIA INFRASTRUCTURE FINANCE COMPANY LIMITED
More informationROLE DESCRIPTION IT SPECIALIST
ROLE DESCRIPTION IT SPECIALIST JOB IDENTIFICATION Job Title: Job Grade: Department: Location Reporting Line (This structure reports to?) Full-time/Part-time/Contract: IT Specialist D1 Finance INSETA Head
More informationSpringforward, Inc. Capability Statement Section 508 Compliance
Springforward, Inc. Capability Statement Section 508 Compliance Point of Contact: Springforward, Inc. Kimberly June, CEO 410.382.9302 (Mobile) kjune@springforwardtek.com www.springforwardtek.com Table
More informationInformation Security Continuous Monitoring (ISCM) Program Evaluation
Information Security Continuous Monitoring (ISCM) Program Evaluation Cybersecurity Assurance Branch Federal Network Resilience Division Chad J. Baer FNR Program Manager Chief Operational Assurance Agenda
More informationBusiness Architecture Implementation Workshop
Delivering a Business Architecture Transformation Project using the Business Architecture Guild BIZBOK Hands-on Workshop In this turbulent and competitive global economy, and the rapid pace of change in
More information2014, IJARCSSE All Rights Reserved Page 303
Volume 4, Issue 1, January 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com A Novel Software
More informationOWASP - SAMM. OWASP 12 March The OWASP Foundation Matt Bartoldus Gotham Digital Science
OWASP - SAMM Matt Bartoldus Gotham Digital Science OWASP 12 March 2009 Copyright The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP
More informationMHA Consulting BCM Metrics Resiliency Through Measurement
0 MHA Consulting BCM Metrics Resiliency Through Measurement Presented by: Michael Herrera, CBCP March, 2013 2009 2013 MHA MHA Consulting All All Rights Rights Reserved. Reserved. Agenda 1 Overview A Menu
More informationSecurity analysis and assessment of threats in European signalling systems?
Security analysis and assessment of threats in European signalling systems? New Challenges in Railway Operations Dr. Thomas Störtkuhl, Dr. Kai Wollenweber TÜV SÜD Rail Copenhagen, 20 November 2014 Slide
More informationInformation Technology Branch Organization of Cyber Security Technical Standard
Information Technology Branch Organization of Cyber Security Technical Standard Information Management, Administrative Directive A1461 Cyber Security Technical Standard # 1 November 20, 2014 Approved:
More informationITG. Information Security Management System Manual
ITG Information Security Management System Manual This manual describes the ITG Information Security Management system and must be followed closely in order to ensure compliance with the ISO 27001:2005
More informationIndustrial Security - Protecting productivity IEC INDA
Industrial Security - Protecting productivity IEC 62443 - INDA siemens.com/industrialsecurity Industrial Security IEC 62443 Page 2 07.10.2015 IACS, automation solution, control system Industrial Automation
More informationChange Detection System for the Maintenance of Automated Testing
Change Detection System for the Maintenance of Automated Testing Miroslav Bures To cite this version: Miroslav Bures. Change Detection System for the Maintenance of Automated Testing. Mercedes G. Merayo;
More informationIntroduction to ISO/IEC 27001:2005
Introduction to ISO/IEC 27001:2005 For ISACA Melbourne Chapter Technical Session 18 th of July 2006 AD Prepared by Endre P. Bihari JP of Performance Resources What is ISO/IEC 17799? 2/20 Aim: Creating
More informationSynergies of the Common Criteria with Other Standards
Synergies of the Common Criteria with Other Standards Mark Gauvreau EWA-Canada 26 September 2007 Presenter: Mark Gauvreau (mgauvreau@ewa-canada.com) Overview Purpose Acknowledgements Security Standards
More informationAvanade s Approach to Client Data Protection
White Paper Avanade s Approach to Client Data Protection White Paper The Threat Landscape Businesses today face many risks and emerging threats to their IT systems and data. To achieve sustainable success
More informationLearning Level Advance...
Course Introduction The course uses a mixture of taught sessions, interactive group discussions, exercises, continuous assessment and examination to achieve its aims. The practical exercises are based
More informationCOURSE BROCHURE. ITIL - Intermediate Service Transition. Training & Certification
COURSE BROCHURE ITIL - Intermediate Service Transition. Training & Certification What is ITIL ST? The intermediate level of ITIL offers a role based hands-on experience and in-depth coverage of the contents.
More informationBYOD Policy. Table of Contents
Version 1.6 Table of Contents Bring Your Own Device (BYOD) Access and Use Policy... 3 Overview... 3 Components of the BYOD Strategy and Basics for BYOD Policy... 4 Device Choices... 4 User Experience and
More informationRealising the IB-Group Total Organisational Test Policy (TOTP) Testing as a Business Asset
Erik Kwast, Test Advisor Realising the IB-Group Total Organisational Test Policy (TOTP) Testing as a Business Asset Julien Bensaid, Test Consultant 2004 Capgemini and IB-Groep - All rights reserved 1 Who
More informationSecurity Management Models And Practices Feb 5, 2008
TEL2813/IS2820 Security Management Security Management Models And Practices Feb 5, 2008 Objectives Overview basic standards and best practices Overview of ISO 17799 Overview of NIST SP documents related
More informationTDWI Data Governance Fundamentals: Managing Data as an Asset
TDWI Data Governance Fundamentals: Managing Data as an Asset Training Details Training Time : 1 Day Capacity : 10 Prerequisites : There are no prerequisites for this course. About Training About Training
More informationISO 27001:2013 ISMS. - By Global Manager Group.
Presentation about revised ISO 27001:2013 standard for Information Security Management System - By www.globalmanagergroup.com Introduction What is ISO 27001:2013? What is ISMS? Why Choose an ISO 27001?
More informationFrameworks and Standards
Frameworks and Standards Chris Davis and Mike Schiller. IT Auditing: Using Controls to Protect Information Assets (second edition) Autumn, 2011 Prepared by Nataliia Semenenko Content Why do we need frameworks
More informationTHE ESSENCE OF DATA GOVERNANCE ARTICLE
THE ESSENCE OF ARTICLE OVERVIEW The availability of timely and accurate data is an essential element of the everyday operations of many organizations. Equally, an inability to capitalize on data assets
More informationTIPA Lead Assessor for ITIL
TIPA Lead Assessor for ITIL Course Syllabus Fifalde Consulting Inc. +1-613-699-3005 ITIL is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries 2017 Fifalde
More informationSample Exam Privacy & Data Protection Foundation
Sample Exam Sample Exam Privacy & Data Protection Foundation SECO-Institute issues the official Business Continuity courseware to accredited training centres where students are trained by accredited instructors.
More informationISTQB in a Nutshell. ISTQB Marketing Working Group. February 2012 v10
ISTQB in a Nutshell ISTQB Marketing Working Group February 2012 v10 Contents 1 2 3 4 5 Introduction to ISTQB ISTQB : Worldwide Footprint Syllabi and Exams Benefits Contacts 2 What is ISTQB? ISTQB : International
More informationHow to prioritise your transformation to-do list
How to prioritise your transformation to-do list Phil Dearson Econsultancy Digital Transformation Consultant 18 November 2014 Copyright Econsultancy Building your transformation roadmap - methodology Interviews
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationBOARD OF DIRECTORS (OPEN) Meeting Date: 14 th November 2018
BORD OF DIRECTORS (OPEN) Meeting Date: 14 th November 2018 Open BoD 14.11.18 Item 14 TITLE OF PPER TO BE PRESENTED BY CTION REQUIRED Senior Information Risk Owner (SIRO) nnual Report Phillip Easthope,
More informationUnderstanding Security Metrics to Drive Business and Security Results
Understanding Security Metrics to Drive Business and Security Results Jennifer Bayuk Professor, Systems Security Engineering Stevens Institute of Technology for NJ CISO Executive Summit May 4, 2009 1 Professor
More informationThreat and Vulnerability Assessment Tool
TABLE OF CONTENTS Threat & Vulnerability Assessment Process... 3 Purpose... 4 Components of a Threat & Vulnerability Assessment... 4 Administrative Safeguards... 4 Logical Safeguards... 4 Physical Safeguards...
More informationBCS Practitioner Certificate in Information Risk Management Syllabus
BCS Practitioner Certificate in Information Risk Management Syllabus Version 6.5 April 2017 This qualification is not regulated by the following United Kingdom Regulators - Ofqual, Qualification in Wales,
More information