santosh malvi

 Profile Answers by santosh malvi 

• Apr 16th, 2007

 

Conformance testing, also known as compliance testing, is a methodology used in engineering to ensure that a product, process, computer program or system meets a defined set of standards. These standards are commonly defined by large, independent entities such as the Institute of Electrical and Electronics Engineers (IEEE), the World Wide Web Consortium (W3C) or the European Telecommunications Standards Institute (ETSI).

Conformance testing can be carried out by private companies that specialize in that service. In some instances the vendor maintains an in-house department for conducting conformance tests prior to the initial release of a product or upgrade. In the software industry, once the set of tests has been completed and a program has been found to comply with all the applicable standards, that program can be advertised as having been certified by the organization that defined the standards and the corporation or organization that conducted the tests.

Thanks
Santosh Malvi

srinivasulub1981

 Profile Answers by srinivasulub1981 Questions by srinivasulub1981

• May 7th, 2009

 

Hi

Compliance Testing

 

What is compliance testing?  Its basically an audit of a system carried out against a known criterion.  A compliance test may come in many different forms dependant on the request received but basically ca be broken down into several different types:

 

• Operating Systems and Applications: A verification that an operating system and/or applications are configured appropriately to the companies needs and lockdown requirements, thus providing adequate and robust controls  to ensure that the Confidentiality, Integrity and Availability of the system will not be affected in its normal day to day operation.

 

• Systems in development: A verification that the intended system under development meets the configuration and lockdown standards requested by the customer.

 

• Management of IT and Enterprise Architecture: A verification that the in-place IT management infrastructure encompassing all aspects of system support has been put in place.  This is to ensure effective change control, audit, business continuity and security procedures etc. have been formulated, documented and put in place. 

 

• Interconnection Policy:  A verification that adequate security and business continuity controls governing the connection to other systems, be they Telecommunications, Intranets, Extranets and Internet etc. have been put in place, have been fully documented and correspond to the stated customer requirements. 

Srinivas