Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 17 Code Review, Test Data, and Code Comparison.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 17 Code Review, Test Data, and Code Comparison."— Presentation transcript:

1 Chapter 17 Code Review, Test Data, and Code Comparison

2 Audit Evidence Collection and Evaluation What was expected to happen / not happen? What did happen?/not happen? What type of evidence do we have? Is the evidence reliable? What is the exposure and $ of risk

3 Evidence Collection Techniques Program Code Review obtain program source-code listings to evaluate the quality of the program code Test Data design a sample of data to be executed by the program Code Comparison compare two versions of a program’s source or object code to determine if attributes are common

4 Where Do Program Defects Occur? Tentative Conclusions a small number of program modules will have a large number of faults Requirement specifications and design errors are as prominent as coding errors Design errors relate to interface problems with users

5 Objectives of Code Review Identify erroneous code Identify unauthorized code Identify ineffective code Identify inefficient code Identify nonstandard code

6 Source-Code Review Methodology 1. Source Code Selection 2. Review Programming Standards 3. Understand the Program Specifications 4. Obtain Source Code 5. Review Programming Language Used 6. Review Source Code 7. Formulate Flaw Hypotheses

7 Review Source Code

8 COBOL Reserved Words SelectIf RedefinesGo To Open/CloseGo To…Depending On File StatusPerform…Until Invalid KeySearch/Search All Accept Inspect DisplayEvaluate…When CopyCall

9 Benefits & Costs of Code Review Primary Benefit provides a level of detailed knowledge about a program that auditors will find difficult to acquire using other evidence-collection techniques Primary Disadvantage Cost

10

11 Black-Box Test-Data Design Methods user interface errors errors in interfacing w/ external systems or databases efficiency problems initialization errors termination errors

12 Equivalence Partitioning The objective during test-data design is to select a test-data design element that falls within the class and one that falls outside the class.

13 Decision Tree for Test-Data Design

14 White-Box Test-Data Design Methods Focus is on whether defective execution paths exist in a program Primary goal is to identify the control structure underlying the code full statement coverage full branch coverage full path coverage

15

16

17 Fig 17-8

18

19

20 Loop Testing Tested as part of a basis path testing strategy Types of Loops Simple loops have no other loops embedded within their control structure Nested loops have other loops embedded within their control structure

21

22 Automated Aids Test data/file generators Test capture/playback tools Test coverage/execution path monitor tools Test drivers/harnesses Test output comparators Static analyzers

23 Benefits & Costs of Test Data Major Benefit allows auditors to examine the quality of program code directly Major Disadvantage often time-consuming and costly

24 Program Code Comparison Provides some assurance that the correct version of software is being audited Provides some assurance that any software used as an audit tool is the correct version of the software

25 Types of Code Comparison Source-code Comparison software provides meaningful listing of any discrepancies between two versions of source code Object-code Comparison software provides listing of any discrepancies between two versions of source code (does not identify nature and cause of discrepancies)

26 Benefits & Costs of Code Comparison Primary Benefit easy was of identifying changes made to programs neither costly to purchase nor to execute Primary Cost does not provide any evidence directly on the quality of the code being compared

27

Download ppt "Chapter 17 Code Review, Test Data, and Code Comparison."

Similar presentations

Verification and Validation

Verification and Validation
Whitebox Testing Fra: CS2335 - Fall 2002. Whitebox Testing AKA Structural, Basis Path Test Normally used at unit level Assumes errors at unit level are.

Whitebox Testing Fra: CS Fall Whitebox Testing AKA Structural, Basis Path Test Normally used at unit level Assumes errors at unit level are.
Testing and Quality Assurance

Testing and Quality Assurance
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Systems Design, Implementation, Maintenance, and Review Chapter 13.

MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Systems Design, Implementation, Maintenance, and Review Chapter 13.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 23 Slide 1 Software testing.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 23 Slide 1 Software testing.
Testing an individual module

Testing an individual module
1 Software Testing and Quality Assurance Lecture 5 - Software Testing Techniques.

1 Software Testing and Quality Assurance Lecture 5 - Software Testing Techniques.
Introduction to Software Testing

Introduction to Software Testing
1 Software Testing Techniques CIS 375 Bruce R. Maxim UM-Dearborn.

1 Software Testing Techniques CIS 375 Bruce R. Maxim UM-Dearborn.
Security Assessments FITSP-M Module 5. Security control assessments are not about checklists, simple pass-fail results, or generating paperwork to pass.

Security Assessments FITSP-M Module 5. Security control assessments are not about checklists, simple pass-fail results, or generating paperwork to pass.
Test Design Techniques

Test Design Techniques
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 27 Slide 1 Quality Management 1.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 27 Slide 1 Quality Management 1.
Software Testing Verification and validation planning Software inspections Software Inspection vs. Testing Automated static analysis Cleanroom software.

Software Testing Verification and validation planning Software inspections Software Inspection vs. Testing Automated static analysis Cleanroom software.
University of Palestine software engineering department Testing of Software Systems Fundamentals of testing instructor: Tasneem Darwish.

University of Palestine software engineering department Testing of Software Systems Fundamentals of testing instructor: Tasneem Darwish.
System/Software Testing

System/Software Testing
Software Quality Assurance and Testing prof. A. C. (Alex) Telea Course description.

Software Quality Assurance and Testing prof. A. C. (Alex) Telea Course description.
Verification and Validation Yonsei University 2 nd Semester, 2014 Sanghyun Park.

Verification and Validation Yonsei University 2 nd Semester, 2014 Sanghyun Park.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 22 Slide 1 Verification and Validation.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 22 Slide 1 Verification and Validation.

Similar presentations

Ads by Google