UP TO 50% OFF on Combo Courses!

CISA Domain 3 – Information Systems Acquisition, development and implementation- Part 4

PART 4 – CISA Domain 3 – Information Systems Acquisition, development and implementation

  • What are the various testing classifications?
    • Unit Testing
    • System testing
    • Integration/interface testing
    • Final acceptance testing – QAT & UAT
  • What are the other types of testing?
    • Alpha and beta testing
    • Functional testing
    • Pilot testing
    • Regression testing
    • White box testing
    • Parallel testing
    • Black box testing
    • Sociability testing
  • What are the changeover techniques?
    • Parallel changeover
    • Phased changeover
    • Abrupt changeover

1. Testing classifications:

  • Unit testing:
    • The testing of an individual program or module.
    • Unit testing uses a set of test cases that focus on the control structure of the procedural design.
    • These tests ensure that the internal operation of the program performs according to specification.
  • Interface or integration testing
    • The tests that verify and validate the functioning of the application under test with other systems, where a set of data is transferred from one system to another
    • A hardware or software test that evaluates the connection of two or more components that pass information from one area to another
    • The objective is to take unit-tested modules and build an integrated structure dictated by design.
  • System testing:
    • The testing of the software application as a whole to check if the system is complaint with the user requirements.
    • It is an end to end user perspective testing intended to find defects in the software system.
  • Final acceptance testing:
    • After the system staff is satisfied with their system tests, the new or modified system is ready for the acceptance testing, which occurs during the implementation phase.
    • Final acceptance testing has two major parts:
    • Quality assurance testing (QAT):
      • QAT focuses on the documented specifications and the technology employed.
      • QAT is performed primarily by the IT department.
      • The participation of the end user is minimal and on request.
      • QAT does not focus on functionality testing.
    • User acceptance testing (UAT):
      • UAT should be performed in a secure testing or staging environment
      • On completion of acceptance testing, the final step is usually a certification and accreditation process
Points to remember:

  • Failure in this testing stage would have the GREATEST impact on the implementation of new application software – Acceptance testing

2.Other types of testing:

  • Alpha and beta testing:
    • An alpha version is an early version of the application system (or software product) submitted to internal users for testing.
    • The first stage, called alpha testing, is often performed only by users within the organization developing the software
    • The second stage, called beta testing, a form of user acceptance testing, generally involves a limited number of external users.
  • Pilot testing:
    • A preliminary test that focuses on specific and predetermined aspects of a System
    • Proof of concept are early pilot testing.
  • White box testing:
    • Software testing method in which the internal structure/design/implementation of the item being tested is known to the tester
  • Black box testing:
    • Software testing method in which the internal structure/ design/implementation of the item being tested is NOT KNOWN to the tester.
    • An integrity-based form of testing associated with testing components of an information system’s “functional” operating effectiveness without regard to any specific internal program structure
  • Functional testing: It ensures that the product actually meets the client’s needs
  • Regression testing: The process of rerunning a portion of a test scenario or test plan to ensure that changes or corrections have not introduced new errors.
  • Parallel testing: This is the process of feeding test data into two systems – the modified system and an alternative system (possibly the original system) and comparing the results
  • Sociability testing:Purpose of this test to confirm that the new or modified system can operate in its target environment without adversely impacting existing systems.
Points to remember:

  • The CISA candidate should be familiar with all the above types of testing. CISA question will be scenario based and the candidate is expected to identify which type of testing is to be used.
  • White box testing – dynamic analysis tool for the purpose of testing software modules

3. Changeover (Go-live or cutover) techniques:

  • Parallel changeover:
    • This technique includes running the old system, then running both the old and new systems in parallel, and finally, fully changing over to the new system after gaining confidence in the working of the new system.
    • Advantages:
      • minimize the risk of using the newer system
      • help in identifying problems, issues or any concerns that the user comes across in the newer system in the beginning
    • Disadvantages:
      • running two systems at the same time is higher costs.
      • The parallel changeover process also can be quite time-consuming.
  • Phased changeover:
    • The phased changeover technique is considered a compromise between parallel and direct changeovers.
    • In a phased changeover, the new system is implemented one stage at a time
    • Advantages:
      • Low cost and
      • Isolates errors
    • Disadvantages:
      • the process takes a long time to complete because phases need to be implemented separately.
  • Abrupt changeover:
    • In this approach the newer system is changed over from the older system on a cutoff date and time, and the older system is discontinued once changeover to the new system takes place
    • Advantages:
      • Low cost
    • Disadvantages:
      • Asset safeguarding
      • Data integrity
      • System effectiveness
      • System efficiency
      • Change management challenges (depending on the configuration items considered)
      • Duplicate or missing records (duplicate or erroneous records may exist if data cleansing is not done correctly)
Points to remember:

  • The CISA candidate should be familiar with all the changeover techniques with its advantages and disadvantages.
  • The CISA candidate is expected to know where the use which type of changeover technique.
  • Most Risky changeover technique/Low cost changeover – Abrupt/Direct changeover
  • Costliest changeover technique/ Least risky changeover technique – Parallel changeover
  • Changeover in Phases – Phased changeover

Part 1, Part 2, Part 3, Part 4, Part 5, Part 6, Part 7, Part 8, Part 9

Aswini Srinath ( )
Writer And Editor
I am a qualified Chartered Accountant based out of Chennai, with 8+ years of experience in various roles in finance domain including CA Practice, financial reporting and auditing. I have always been keen to challenge myself by exploring potential capabilities outside of my core competency. Picked up Information Security as one such thing. Cleared CISA with 2nd Rank in ISACA Chennai Chapter in 2019. Since then, i have been sharing my learning and experience to a small group of avid followers, helping them prepare for their CISA exams. This article is also one such attempt, where I summarize the key areas in each domain based on the importance and weightage from an exam point of view.