Increasingly, an external IT audit (formerly 'EDP audit') is a reason for organisations to improve their testing. For each IT change, it must be possible to demonstrate which tests have been carried out, what the results were and how the process of acceptance went. A large part of this testing challenge lies in consistent recording.
This consistent recording is the challenge for many organisations. A service management application such as TOPdesk is often used to process changes. It records user reports in the form of incidents and problems. Insight into the various reports leads to change requests (also known as 'Request for Change' or 'RFC'). The service management application keeps track of the status of the RFC: design, build, test and finally 'ready for live'.
However, recording that an RFC is in the testing phase says little about the course of the testing process. After all, an auditor working on the basis of the guidelines drawn up by ISACA requires more insight into the underlying test activities (AI7 Install and Accredit Solutions and Changes). Therefore, test results are temporarily recorded in Excel and stored on a network drive or other location. This costs an unnecessary amount of time (and therefore money), and moreover, it is not possible to complete the change process in this way.
By using Testersuite as a solution for testing and test management, it is easy to start an test cycle for the relevant RFC with the reuse of previously drafted test cases (e.g. from the implementation project). This includes a reference to the RFC in the service management application. After scheduling the updated tests, the testers or core users carry out the tests, with the results being recorded in Testersuite . Any test findings are registered and easily handled via a workflow. All actions are automatically recorded, including the person and time. In this way, it is also possible to see in retrospect who carried out which test, who gave approval and what the test results were.
Demonstration of the formal process is important during an IT audit. Using Testersuite as a tool for testing and test management, you can easily comply with compliancy regulations without spending extra time recording test results. When you use the integration with TOPdesk, you can gain insight into the entire change process from A to Z. Your IT auditor can easily gain insight into the entire process. Your IT auditor can easily gain insight into the creation of the change, the phases completed and those involved in the process. This integration also stimulates the structured testing of changes and makes it easier to reuse test cases that were created in the past.
