Passing the IT audit without a hitch

Increasingly, an external IT audit (formerly 'EDP audit') is a reason for organisations to improve their testing. For each IT change, it must be possible to demonstrate which tests have been carried out, what the results were and how the process of acceptance went. A large part of this testing challenge lies in consistent recording.

Testing with TOPdesk

This consistent recording is the challenge for many organisations. A service management application such as TOPdesk is often used to process changes. It records user reports in the form of incidents and problems. Insight into the various reports leads to change requests (also known as 'Request for Change' or 'RFC'). The service management application keeps track of the status of the RFC: design, build, test and finally 'ready for live'.

However, recording that an RFC is in the testing phase still says little about the progress of the testing process. After all, an auditor working from the guidelines established by ISACA demands more insight into the underlying testing activities (AI7 Install and Accredit Solutions and Changes). Therefore, test results are temporarily recorded in Excel and stored on a network drive or other location. This costs an unnecessary amount of time (and thus money), moreover, the change process cannot be closed with this method.

Testersuite

By using Testersuite as a solution for testing and test management, a test cycle for the relevant RFC can easily be started with reuse of previously prepared test cases (for example, from the implementation project). This includes a reference to the RFC in the service management application. After scheduling the updated tests, the testers or core users perform the tests, recording the results in Testersuite . Any test findings are recorded and easily handled through a workflow. Automatic reporting takes place for all actions where the person and time is also stored. In this way, it is also clear afterwards who performed which test, who gave approval and what the test results were.

Demonstration of the formal process is important in an IT audit. With Testersuite as a tool for testing and test management, you can easily meet compliance rules without spending extra time recording test results. When you use the out of the box integration with TOPdesk, it is possible to provide insight into the entire change process from A to Z. Your IT auditor will easily gain insight into the creation of the change, the phases completed and those involved in the process. This integration also encourages structured testing of changes and the reuse of test cases created in the past.

Want to know more about this topic? Schedule a no-obligation consultation with us.