Now that the product or service is built, we move to the test phase and plan testing (Figure 6.2). Testing is a quality control activity: find and fix defects. We are fortunate to have consistent and broad guidance from quality, service, and project management specialties to apply to testing activities. (The NIST cybersecurity framework is operationally focused, and testing during a cybersecurity project is not directly addressed.) For example, the ISO 9001:2000 quality management standard guides the user on how to deliver products and services: “In planning product realization, the organization shall determine the following, as appropriate: … c) required verification, validation, monitoring, inspection, and test activities ...
Get Shields Up now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
