COMPLIANCE TESTING, also known as conformance testing, regulation testing, standards testing, is a type of testing to determine the compliance of a system with internal or external standards. It falls under non-functional testing.
- compliance testing: Testing to determine the compliance of the component or system.
The depth of compliance testing could range from a high-level audit on a sampling basis to a detailed scrutiny of each specified standard. Compliance testing can also be done by an external organization or audit firm with the goal of achieving the relevant compliance certification.
Internal standards are standards set by the company itself. For example, a web application development company might set the standard that all webpages be responsive or HTTPS be enabled in all web applications.
External standards are standards / regulations set outside of the company or by a national or international body:
- Contractual (Between any of the two: Company, Client, Vendor, Other Stakeholders)
Below are some bodies who have set standards that might be relevant to software testing:
- Institute of Electrical and Electronics Engineers (IEEE)
- World Wide Web Consortium (W3C)
- General Data Protection Regulation (GDPR)
- Health Insurance Portability and Accountability Act (HIPAA)
- International Organization for Standardization (ISO)
- Payment Card Industry Security Standard Council (PCI SSC)
Note that the standards set by these bodies encompass many areas including processes, products and personnel; standards specific to software testing is a tiny part.
Methods & Types
The method and type of testing conducted during compliance testing depends on the specific regulation / standard being assessed. In most cases, Security Testing is very relevant to Compliance Testing.
Last Updated on September 7, 2020 by STF