Conference Presentations

Testing: The Big Picture

If all testers put all their many skills in a pot, surely everyone would come away with something new to try out. Every tester can learn something from other testers. But can a tester learn something from a ski-instructor? There is much to gain by examining and sharing industry best practices, but often much more can be gained by looking at problem solving techniques from beyond the boundaries of the Testing/QA department. Presented as a series of analogies, Brian Bryson covers the critical success factors for organizations challenged with the development and deployment of quality software applications. He takes strategies and lessons from within and beyond the QA industry to provide you with a new perspective on addressing the challenges of quality assurance.

Brian Bryson, IBM Rational Software
Sarbanes and Oxley: Your New Stakeholders

Determining whether legal and contractual issues apply to your development efforts isn't always simple. There may be some obvious factors: a well-regulated industry, service level agreements, and state or federal agency oversight. However, other factors may not be so obvious. The new Sarbanes-Oxley Act is largely legally untested, subjecting your company to unknown legal issues. You have an eCommerce site that stores credit card information. Your portal collects personal information. You produce proprietary software . . . and more. Covering legal, compliance, and audit throughout the QA process lifecycle, Elle Ringham discusses the right questions to ask and what to do with those answers. She provides guidelines for working with stakeholders, attorneys, and auditors. Take away audit templates, metrics to help you, and sample reports you may need to produce.

  • Legal and compliance issues within QA scope
Elle Ringham, Fidelity National Financial
Sarbanes-Oxley Compliance: Burden or Opportunity for QA?

Did they have to create more work for IT? There is no doubt that Sarbanes-Oxley (SOX) and similar compliance regulations have created a significant new workload for IT departments, including many QA/Test groups. Companies that have gone through initial compliance of SOX now must deal with the new challenge of its ongoing maintenance. For QA groups, SOX compliance can be an opportunity to increase their business value in the IT department by leveraging automation tools, new technologies, and improving the processes that support compliance. Rutesh Shah offers observations on how QA/Test teams can help ensure SOX compliance and optimize efforts toward complex compliance procedures. Come and review sample test reports, audit trails, and quality metrics for SOX compliance.

Rutesh Shah, InfoStretch Corporation
Quality Assurance and Testing in an FDA Regulated Environment

How can we reduce costs associated with FDA imposed computer systems validation (CSV) guidelines and improve test coverage at the same time? Experienced in the use of automated testing tools in FDA regulated environments, Eric Toburen shares the challenges of complying with FDA validation guidelines. For many companies, manual CSV is a like a heavy boat anchor that slows projects and increases costs while adding no value other than the perception that the practice avoids an auditor's attention. Find out how automated testing and test management practices can be used to shorten the CSV lifecycle and improve test coverage. After deployment use the automated tests for regression testing to enable the deployment of bug fixes and upgrades minimizing the need for re-evaluation.

Eric Toburen, Genilogix
Testing Windows Registry Entries

Warning: Registry keys may be hazardous to your program's health! Registry key entries in Windows applications-visible or hidden-are often neglected by testers. A registry key entry is a program feature just like any other application function and as such needs to be validated. Michael Stahl describes why registry keys should be accorded special attention during testing and proposes a strategy for mitigating risks posed by incorrect registry key entries. He suggests a test strategy, as well as coding standards for input value and type validation, default values, regeneration, and naming rules. Michael demonstrates the use of correct and incorrect registry keys in common commercial applications.

Michael Stahl, Intel Corporation
How Much Quality is Enough?

Are you striving for more quality than you really need? How would you know? "Good enough" quality does not mean "substandard" or "mediocre" but is actually an optimal and responsible economic principle we use everyday. Managing test lead for Quardev Laboratories, Jon Bach says because quality is expensive, the "good enough" framework provides the criteria to enhance decision-making about when to ship. He discusses the perils of quality-at-all-cost techniques and shares examples of software that features sufficient quality. Find out how testers and test managers can help project stakeholders know whether they are releasing software with too little quality or are unnecessarily striving for too much quality.

Jon Bach, Quardev Laboratories
Negotiating the Defect Minefield for a Successful Product Release

Software success is strongly influenced by how you finish a project. For that, a special set of skills is required. Many projects fail in their endgame during testing, not because of the testing itself but because of the late discovery of defects and functional gaps that show the software as not viable. Join Robert Galen as he focuses on a set of high level practices and techniques that will help improve your management and steering within the endgame. Learn about a release framework with the right testing tempo and key milestones. Define formal release criteria and add flexibility and depth to your defect fix-don't fix decisions. As a manager in the difficult release endgame, your behavior and leadership can make the difference between a successful release and perceived failure. Robert’s guidance will increase the odds of successfully delivering your release.

Robert Galen, Thomson/Dialog
Twelve-Step Program for a Better Test Process

We can't make software better by testing the quality into it. However, if we manage our testing processes and educate the rest of the team about what it takes to make better software, we can make a difference. First, we have to get the testing world under control and work to reasonable expectations; then, we can spread the word to the rest of the organization. Judy McKay describes how to gain control of the test process-while still getting the real work done-and shares ways to educate the rest of the team about quality awareness. Using Judy's twelve-step program, test managers and testers will regain their sanity as they take control of the testing workflow and share it with the project team. By allowing developers to become part of your world, quality assurance can become a reality in your organization.

Judy McKay, Test & Automation Consulting LLC
(Almost) Painless Code Reviews

Peer code review is universally acknowledged as a valuable practice that often catches 60 percent to 90 percent of the bugs in code. So why would most developers rather be poked in the eye with a sharp stick than attend a Fagan style inspection meeting? Take a cue from the crowd working on Wine (www.winehq.com), an open source implementation of the Windows API. The Wine team has evolved code review practices to avoid the chaos and poor communication that can result from a team of part-time developers distributed across the globe. Frederic Boulanger explains how to adapt the Wine code review system to the needs of a commercial software development team. The "single committer" review method improves code quality, helps keep errors out of source control, and quickly integrates new developers into your team.

Frederic Boulanger, Macadamian Technologies Inc
Unitizing Legacy and New Code for Unit Testing

All code is unit testable, regardless of its origin and current state. Although it may not appear so, there are techniques you can use to safely get any piece of code under automated unit tests. Michael Feathers shows the dependency breaking techniques he has used to safely de-couple legacy code for unit testing. He discusses not only the different challenges in Java, C#, C++, and C but also common heuristics you can use to bring your code under test. Learn about the value and power of deterministic change with fully automated unit tests. Identify internal and external dependencies in sections of code and establish ways to break these dependencies with or without refactoring tools.

Michael Feathers, Object Mentor

Pages

CMCrossroads is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.