What is Compliance Testing (Conformance testing)?

Definition – What is Compliance Testing?

Compliance testing” also know as Conformance testing is a nonfunctional testing technique which is done to validate, weather the system developed meets the organization’s prescribed standards or not.

There is a separate category of testing known as “Non Functional Testing”.

Nonfunctional testing, as the name suggests, focuses on the nonfunctional features of the software.  These nonfunctional features (which are not limited to) can include the below points:

  • Load testing
  • Stress Testing
  • Volume Testing
  • Compliance testing
  • Operations Testing
  • Documentation Testing

As of now I am trying to throw some light on the 4th point which is Compliance Testing.

Compliance testing Explanation:

This is basically a kind of an audit which is done on the system to check if all the specified standards are met or not. To ensure that the compliances are met, sometimes a board of regulators and compliance expert people are established in every organization. This board puts a check whether the development teams are meeting the standards of the organization or not .The teams do an analysis to check that the standards are properly enforced and implemented. The regulatory board also works simultaneously to improve the standards, which will in turn lead to better quality.

Compliance testing is also known as Conformance testing. The standards normally used by the IT industry, are basically defined by the large organizations like IEEE (International institute of electrical and electronics engineers) or W3C (World Wide Web Consortium) etc. It can also be carried out by a independent / third party company which specializes in this type of testing and service.

Objectives:

Objectives of compliance testing include:


  • Determining that the development and maintenance process meets the prescribed methodology.
  • Ensures whether the deliverables of each phase of the development, meets the standards, procedures and guidelines.
  • Evaluate the documentation of the project to check for completeness and reasonableness

When to use compliance testing:

It is solely the management’s call. If they want, they have to enforce sufficient tests to validate the degree of compliance to the methodology and identify the violators. But it may be possible that, lack of compliance is due NOT understanding the methodology or they are misunderstood. Management should ensure that the teams have a proper and a clear understanding of the standards, procedures and methodology. They can arrange proper training for the team if needed.

It may be possible that the standards are not published properly or may be that the standards itself are of poor quality. In such a situation, efforts should me made either to rectify it or to adopt a new methodology. It is important that the compliance check should be made right from the inception of the project than at the later stage because it would be difficult to correct the application when the requirement itself are not adequately documented.

How to do it?

Doing Compliance check is quite straight forward. A set of standards and procedures are developed and documented for each phase of the development lifecycle. Deliverables of each phase needs to compare against the standards and find out the gaps. This can be done by the team through the inspection process, but I would recommend an independent team to do it. After the end of the inspection process, the author of each phase should be given a list of non compliant areas that needs to corrected. The inspection process should again be done after the action items are worked upon, to make sure that the non conformance items are validated and closed.

Conclusion

Compliance testing is performed to ensure the compliance of the deliverables of each phase of the development lifecycle. These standards should be well understood and documented by the management. If required trainings and sessions should be arranged for the team. Compliance testing is basically done through the inspection process and the outcome of the review process should be well documented.