Category Archives: Organization

What Developers and Testers need to know about the ISO 27001 Information Security Standard

Image courtesy ofrenjith krishnan at

Image courtesy ofrenjith krishnan at

Late in 2013, the International Organization for Standardization released a new version of its ISO 27001 information security standard. The standard covers requirements applying to all organizations and ones relevant only for organizations with in-house software development and integration projects. They impact testers, developers, and release managers. This article summarizes the relevant facts and points out topics that testing and development teams have to work on.

Click here to read the article, which I published in the testing experience magazine…

Information security risks in test environments – two new articles in German

Image courtesy of khunaspix /

Image courtesy of khunaspix /

Two articles appeared in the magazine “SQ-Magazin”. Both are in German and focus on risks in test environments (Testdaten als Risikofaktor) respectively on how data loss prevention tools address them (Data-Loss-Prevention-Tools minimieren Sicherheitslücken in Testumgebungen).

How Scrum Changes Test Centers

Do you like agility? Do you like being celebrated like a rock star? There was once such an opportunity. You and the authors of this paper missed it. Until recently, developers lusted after tales of agile and Scrum projects. This changed as agile became the new normal for development projects and talks about Scrum mainstream. In the testing community, in contrast, Scrum brought
uncertainty. Is agility the ultimate chance for developers to get rid of nasty testers? Or does agility only change job profiles? This article provides the answers.

Read the Konrad Schlude’s and my article how scrum changes test centers here…

This article appeared in the August 2013 issue of Agile Record.

Test Data Management in Practice

Do you have issues with your legal and compliance department because test environments contain sensitive data outsourcing partners must not see? Do your testers have idle time because test data are missing or test environments have inconsistent data? If any of these challenges applies to your situation, the concepts of this paper can help. The first concept is database-application-aware test cases. They enforce that test cases for business applications provide all information needed for repeatable execution. Second, a type
concept eases the test case maintenance and preparation of test data for a test start without delays. Third, a test data catalogue lists database objects for the various types. Finally, architectural patterns describe various ways to set up test environments with production and/or synthetic test data. This paper focuses on integrating these concepts into the daily test process. This includes the tool aspect, which we illustrate with our Swisscom Test Data Organizer. Read the complete article Test Data Management in Practice

This article appeared appeared in the conference journal of the Software Quality Days 2013, Vienna.

Three New Technologies That Will Disrupt Your Test Organization

New technologies such as Cloud, SOA, and multi-tenant systems boost ASP and BSP sourcing models. This fundamentally changes the task portfolio and staffing needs of test organizations. CIOs prevent quality and cost problems by initiating the change process early.

Read the complete article about future trends in testing here…

This article appeared at the 2012 Software Testing, Analysis, and Review West Conference (STARWEST 2012), September 30 – October 5th, 2012, Anaheim, CA