BIZOPS- 39 – User Acceptance Quality Testing

What is this control about?

User Acceptance Quality Testing refers to the phase in the software development lifecycle where end-users evaluate the software to determine if it meets their requirements and expectations before its final deployment.

Available tools in the marketplace

Tools:

Qualio EtQ reliance

Available templates

TrustCloud has a curated list of templates internally or externally sourced to help you get started. Click on the link for a downloadable version:

• No template for this control

Control implementation

Here are some guidelines to implement an effective records of User Acceptance Quality Testing program:

• Define UAQT Objectives and Scope: Clearly define the objectives of UAQT, including what needs to be tested and the expected outcomes. Determine the scope of UAQT, specifying which functionalities or features will be tested by end-users.

• Identify User Representatives: Identify end-users or representatives who will participate in UAQT. Ensure that the selected users represent the target audience and have a good understanding of the application’s purpose and functionality.

• Develop UAQT Test Plan: Create a detailed test plan that outlines the testing approach, test scenarios, test cases, and acceptance criteria. Document the testing schedule, roles, responsibilities, and communication channels for effective coordination.

• Prepare Test Environment: Set up a dedicated testing environment that mirrors the production environment as closely as possible. Ensure that the test environment contains the latest version of the software to be tested.

• Conduct UAQT Sessions: Schedule UAQT sessions with the participating end-users and provide them with clear instructions on how to perform the tests. Encourage end-users to simulate real-world scenarios and provide feedback on the usability, functionality, and overall user experience.

• Document Test Results and Feedback: Document the test results, including any defects or issues identified during UAQT. Record feedback from end-users regarding their experience, suggestions for improvements, and any unmet requirements.

• Review and Analyze UAQT Results: Conduct a thorough review and analysis of the UAQT results and feedback. Prioritize and categorize identified issues based on their severity and impact on the user experience.

• Resolve Issues and Make Improvements: Collaborate with the development team to resolve identified issues and defects. Implement necessary improvements based on the feedback received from end-users.
• Repeat UAQT Iterations (if needed): If major changes have been made to the software, or significant issues were identified and addressed, consider conducting additional UAQT iterations to validate the changes and improvements.

• Obtain Final User Acceptance: Once all identified issues have been resolved, seek final acceptance from end-users for the tested software. Obtain sign-off from the users to indicate their satisfaction with the software’s functionality and usability.

• Document UAQT Results and Sign-Off: Document the final UAQT results, including the acceptance sign-off from end-users. Maintain proper records for future reference and compliance purposes.

What evidence do auditors look for?

Most auditors, at a minimum, are looking for the below-suggested action:

• AQT Test Plan: The documented UAQT test plan outlining the objectives, scope, test scenarios, test cases, and acceptance criteria. Evidence that the test plan has been reviewed and approved by relevant stakeholders.
• Test Records: Records of UAQT sessions conducted with participating end-users, showing who conducted the tests, when they were performed, and the test results. Test data used during UAQT to simulate real-world scenarios

Evidence example

For the suggested action, an example is provided below:

• AQT Test Plan and Record

Screenshot source