ID	S87
Version	1.0.0
Type	Overarching Standard
Status	Published
Effective Date	31 Mar 2024
Framework(s)	Digital Social Care Records
Traceability Matrix

Description

Ensures that Suppliers' software delivery test processes are of sufficient quality and rigour.

It is essential that Solutions demonstrate a high-quality approach to software development and testing. Within the area of software testing, there are various established standards and many good industry practices in place.

This Standard does not seek to mandate adherence to a particular standard, it does however through compliance evidence look to establish that an appropriate level of quality and rigour are in place with respect to software testing, with ISO/IEC/IEEE 29119 providing a reference point.

According to ISO, Standards are "Guideline documentation that reflects agreements on products, practices, or operations by nationally or internationally recognised industrial, professional, trade associations or governmental bodies". They are guideline documents, therefore not compulsory unless mandated. The standards and external references within provide a clear benchmark for good industry practices which the Authority would expect a Supplier to follow. As such, they provide a guide to Suppliers on what level of quality the Authority expects from software development testing.

The International Software Testing Standard - ISO/IEC/IEEE 29119

An internationally agreed set of standards for software testing that can be used within any software development life cycle or organisation:

ISO/IEC/IEEE 29119-1: Concepts & Definitions, published in September 2013
ISO/IEC/IEEE 29119-2: Test Processes, published in September 2013
ISO/IEC/IEEE 29119-3: Test Documentation, published in September 2013
ISO/IEC/IEEE 29119-4: Test Techniques, published in December 2015
ISO/IEC/IEEE 29119-5: Keyword-Driven Testing, published in November 2016

ISO/IEC/IEEE 29119 is used to provide a guidance checklist, used to establish Suppliers entering a Framework demonstrate quality within their software testing. Context and Risk-based Approach ISO/IEC/IEEE 29119 part 1 states "Software testing is performed as a context-managed process.". It also states "A key premise of this Standard is the idea of performing the optimal testing within the given constraints and context using a risk-based approach". These statements stand true for almost any testing approach.

Further Guidance

http://context-driven-testing.com/

http://softwaretestingstandard.org

http://www.satisfice.com/tools/htsm.pdf

Requirements

Testing Requirements

Applicable Framework(s)	Requirement ID	Requirement Text	Level
All	TEST-1	Irrespective of the Software Development Life Cycle (SDLC) implemented e.g Waterfall or Agile, there will be organisational and project specific test processes underpinned by appropriate artefacts. Example evidence could include but not constrained to: Test Policy Test Strategy Test Plans Risk identification process as applied to Solution testing Irrespective of the Software Development Life Cycle (SDLC) implemented e.g Waterfall or Agile. How is testing within development phases established, such as; Unit Module or Component System or Functional Integration (including APIs) Performance and Load Testing Scalability, Resilience and Recovery Testing Security Testing User Acceptance Testing Usability Testing Accessibility Testing How testing automation is incorporated into the software build and distribution process, such as continuous build integration Testing Qualifications within Supplier organisation Retrospective process improvement	MUST
All	TEST-2	There will be Test Management Processes covering test planning and design. Example evidence could include: Test Automation (automated scope as opposed to manual testing automated) Test Regression and process for establishing coverage scope during a specific and subsequent Solution releases Covering both Functional and non-Functional Testing Techniques used e.g. Risk-based, static/dynamic testing, testing heuristics, exploratory testing, smoke testing	MUST
All	TEST-3	There will be Test Management Processes covering test execution and management. Example evidence could include: Tooling used, explaining how results are captured Test Execution Management Repeatability Defect/Incident Management Test Environment Management	MUST
All	TEST-4	There will be Test Management Processes covering test completion and Reporting. Example evidence could include: Comprehensive test results captured within test tooling Incident management on completion Quality Criteria for exiting testing	MUST

Test Environments Requirements

The Test Environment requirements detail the test environment(s) requested by the framework authority to support testing and assurance of central services, to aid interoperability testing, and the assurance of connecting Supplier Solutions.

Applicable Framework(s)	Requirement ID	Requirements	Level
All	TEST-ENV-5	In addition to a functional test environment, the Supplier must ensure that a non-functional test environment is available to do Volumetrics and Performance testing and other non-functional testing for their Solution.	MUST
All	TEST-ENV-6	The Supplier shall support end-user organisations to aid training of their users on the Supplier Solution(s). This includes Solutions with Spine connectivity, including all Core Messaging and CIS services, enabled through integration with the SPINE Training environments.	MUST
All	TEST-ENV-7	The Supplier must ensure that their test environments support robust access controls (security features) both at Solution level and Infrastructure level so that only authorised users and authorised external connecting Supplier Solutions can access the test environment.	MUST
All	TEST-ENV-12	The Supplier shall ensure that the performance of the test Solution is comparable to the LIVE service levels for the restricted volumes in the Test environment, in order to provide a realistic expectation of performance behavior in the LIVE estate.	MUST
All	TEST-ENV-13	The Supplier must provide any necessary documentation pertaining to external interfaces to allow the integration of connecting systems.	MUST

Capabilities

Applicable Capabilities

All Suppliers' Solutions delivering any Capabilities will need to meet this Standard.

Roadmap

Items on the Roadmap which impact or relate to this Standard