Ask the Experts

Ask the Experts

• Agile planning: Focus on average time over many iterations

  When it comes to Agile planning, average time over many iterations is a more important metric than individual story estimates.  Continue Reading

• Application security plan: Who is responsible for testing?

  Step one in devising an application security plan is determining whether the development team or the security group is responsible for testing.  Continue Reading

• Scrum team commitments: More harm than good

  Most inexperienced Scrum teams overcommit on what they will deliver, and when. Agile leader Lisa Crispin says that does more harm than good.  Continue Reading

• Project managers should boost team collaboration for greater success

  Project managers must facilitate team collaboration. Doing so may require new tools and techniques in today's distributed workplace.  Continue Reading

• Why user interface testing is important

  User interface testing is essential for ensuring a positive user experience, according to Agile expert Lisa Crispin.  Continue Reading

• How does the role of project manager change in the cloud?

  Agile and ALM expert Yvette Francino discusses how the role of project manager may change when applications are developed and tested in the cloud.  Continue Reading

• How to ensure product performance and quality in Agile enterprises

  Agile teams must work together in new ways to ensure product performance, quality and value for customers. Agile expert Lisa Crispin explains how.  Continue Reading

• Requirements management process: Security and application performance

  Organizations need to explicitly address security and application performance during the requirements management process according to expert Dan Cornell.  Continue Reading

• Agile metrics, tools and processes: Tenets for the project manager

  The Agile project manager must understand the basics of collaboration, servant leadership, Agile metrics and the tools and processes the team uses.  Continue Reading

• The role of the Scrum Master in project management

  Agile expert Lisa Crispin explains how Scrum teams do not necessarily need a separate “project manager,” as the Scrum Master often fills that role.  Continue Reading

• Defect tracking: What is the purpose?

  Defect tracking can be tedious, yet comparing tracked defects can also help testers improve their work. Expert Pete Walen explains how the reasons behind defect tracking makes a difference.  Continue Reading

• Understanding test data: How project managers evaluate test cases

  While many organizations may look for simple ways to measure progress, it is important for project managers to fully interpret and understand test results, whether that data comes from automated tests or manual tests.  Continue Reading

• Test automation tools for DevOps teams: What is needed?

  ALM expert Kevin Parker recommends tools teams should take advantage of in DevOps, from a Release Vault to test automation tools.  Continue Reading

• When to perform post-production testing

  In some cases, testing post-production is needed, according to expert Pete Walen. He discusses the potential situations where post-production testing is helpful and what expectations we can have for performance testing.  Continue Reading

• Portfolio management and “end-to-end” ALM: What tools are needed?

  Expert Kevin Parker advocates for the integration of the people, processes, tools and automation in the application development lifecycle in order to achieve effective portfolio management.  Continue Reading

• What is the software tester's role in release management?

  In this expert response, Lisa Crispin explains how the tester contributes to the release management process on an Agile development team.  Continue Reading

• Requirements gathering and ALM: How to improve the process

  More and more organizations are looking for ways to improve their requirements gathering and management processes, according to expert Kevin Parker.  Continue Reading

• What is the link between test cases and requirements?

  Expert Pete Walen describes the intricacies of the relationship between requirements and test cases, explaining how the context and the realities of the requirements make a difference in how test cases are produced.  Continue Reading

• The role of software testers in requirements gathering

  Testers play an important role in determining requirements, according to expert Pete Walen. He explains how throughout the project lifecycle, testers must ask questions that can help generate the discussion needed to avoid problems down the line.  Continue Reading

• Integration testing: What are the challenges?

  Expert Pete Walen describes common problems with integration testing and offers insights into implementing it correctly, so that both internal and external users can benefit.  Continue Reading

• The benefits and drawbacks of test automation

  Software testing expert Pete Walen discusses the potential advantages and disadvantages of test automation in this response.  Continue Reading

• Exploring integration testing in the Agile development lifecycle

  Agile expert Lisa Crispin explores the various meanings and offers tips to testers on how to work integration testing into the Agile development lifecycle.  Continue Reading

• Generating code from software requirements: Is it possible?

  Software requirements, descriptions of features that will solve a problem, are not necessarily transferable into coding languages. Requirements management expert Scott Sehlhorst explains the nature of requirements and availability of tools that ...  Continue Reading

• Automation in your SDLC: Identifying vital ALM tools

  Process-centric tools and dashboards are among the ALM trends identified by expert Kevin Parker. Here he discusses how these trends are now indispensable to automation in the SDLC.  Continue Reading

• How traceability benefits the software development lifecycle

  Read expert Scott Sehlhorst’s explanation to learn how traceability of requirements improves visibility into building the right product as well as building the product right.  Continue Reading

• The end of an iteration: When is testing in Agile complete?

  Agile development expert Lisa Crispin explains how software testers can meet objectives with each iteration and seek support from team members such as programmers and DBAs.  Continue Reading

• Social media: What is personal and what is professional?

  In this expert response, Lisa Crispin discusses the personal and professional uses of social media and the benefits of the blending of these two areas of our online lives.  Continue Reading

• The purpose of the Agile retrospective in Agile development

  In this expert response, Lisa Crispin explains various ways to conduct retrospectives, discussing what teams stand to gain from them and how they contribute to the ongoing improvements inherent in Agile development processes.  Continue Reading

• Participating in conferences and workshops: What will I learn?

  When attending classes, conference and workshops, attendees may have unrealistic expectations of what they will gain, or how they will learn useful information. Expert Peter Walen offers some tips on how to actively participate in the learning ...  Continue Reading

• Software testing during the build and release phase

  While perhaps no testing is absolutely required during the build and release phase of a project, according to expert Pete Walen, there are specific results that need to be reviewed. In this response he explains what to look for when supporting ...  Continue Reading

• Testing in Agile development: Separating developing and testing

  Each testing team has different needs, and each tester needs control over his or her own testing environment, according to expert Lisa Crispin. Read this response for insights into how to manage testing activities in Agile development.  Continue Reading

• Exploratory testing and regression testing in continuous integration

  Expert Lisa Crispin explains how and when to implement exploratory testing, automated regression testing and manual regression tests in an Agile development environment.  Continue Reading

• Security tools and application lifecycle management

  Security and security tools have become more necessary to the application lifecycle, according to recent research. In this response, expert John Overbaugh discusses why security tools are essential to ALM and explains how he sees security activities...  Continue Reading

• Data protection for non-sensitive and sensitive information

  Expert John Overbaugh defines security as confidentiality, integrity and availability of information across systems and applications. Read this response for an explanation of security concerns for all applications.  Continue Reading

• Change management and impact analysis: Reviewing requirements changes

  Expert Sue Burk explains the importance of gaining proper approval for requirements changes and offers suggestions for the most efficient ways to communicate between analysts, architects, developers and project managers.  Continue Reading

• APM tools: Applying automated testing earlier in the development lifecycle

  ALM expert Kevin Parker advocates for the use of application performance monitoring tools earlier in the development lifecycle, in concert with earlier automated testing. Read this response for his take on the uses of APM tools.  Continue Reading

• Types of performance testing for Web applications

  In this response, expert Pete Walen describes performance testing approaches that can steer your team in the right direction to enhance performance and avoid failures.  Continue Reading

• When tracking changes to test cases is necessary

  Is it necessary to track changes made to test cases? Expert Pete Walen explores this issue and offers some helpful advice.  Continue Reading

• Contract negotiation: Agile development and defining requirements up front

  In this response, expert Lisa Crispin explains how experienced Agile teams can negotiate contracts that satisfy customers while also ensuring all necessary development and testing activities are completed.  Continue Reading

• Agile teams and software defect tracking: Is a DTS necessary?

  In this expert response, Lisa Crispin discusses the pros and cons of DTS and offers advice to teams on how to best manage their bug-free development approach.  Continue Reading

• Eliciting and analyzing embedded systems requirements

  Read this expert response for Sue Burk's suggestions for what techniques developers can use in embedded systems requirements gathering and analysis.  Continue Reading

• How to overcome challenges with eliciting requirements for embedded systems

  In this response, expert Sue Burk describes the importance of the relationship between hardware and software in embedded systems, and how they must be able to communicate and collaborate with each other.  Continue Reading

• Tools and processes for embedded software testing

  Many people are buzzing about embedded software these days, and this complex technology raises questions about platform, testing and quality. In this expert response, Pete Walen discusses his experience with testing embedded software and the tools ...  Continue Reading

• How to define security requirements and manage risk in software development

  Defining business security requirements is a collaborative effort, involving the participation of architects, business analysts and regulatory bodies. There is no black-and-white answer about achieving the best possible security for your software ...  Continue Reading

• How to overcome the top two challenges associated with getting requirements right

  Expert Sue Burk identifies the top challenges in accurately defining requirements as the challenge of involving the appropriate decision makers and subject matter experts in requirements development, and the struggle to meet the needs of both ...  Continue Reading

• Understanding the dependencies between requirements in a Scrum environment

  Prioritizing user stories for each iteration in a Scrum environment can be challenging if the project owner does not understand the dependencies between requirements. In this expert response, Lisa Crispin shares best practices for prioritizing user ...  Continue Reading

• How user stories help to define software requirements

  User stories play an important role when defining requirements and they also contribute to living documentation during the software development process. In this expert response, Lisa Crispin offers key practices for ensuring that requirements align ...  Continue Reading

• Mapping software requirements to test cases

  Even though you must have at least one test case per requirement, it's possible not to have a one-to-one mapping between each requirement and test case. In this response, expert Sue Burk explains how it is important to trace the relationship between...  Continue Reading

• Tracking changes to requirements in Agile development

  All development teams need to track requirements changes, but depending on the software development lifecycle and overall ALM process, the best approach to change tracking may not be the same across the board. In this response, expert Mike Jones ...  Continue Reading

• When and how to perform penetration testing

  Hackers are increasingly sophisticated in how they exploit weaknesses in network and Web application security. In this response, expert John Overbaugh explains the importance of penetration testing and how to ensure comprehensive security of your ...  Continue Reading

• Security requirements for any Web application

  When verifying security on your Web application, there are some general considerations that everyone should check off the list. Expert John Overbaugh offers insight into application security standards and steps your team can take while developing ...  Continue Reading

• Best practices for managing remote employees

  As working remotely becomes increasingly common, more managers find themselves in the situation where they are managing one or more people who are working at home in a remote location. With little interpersonal contact, how can a manager be ...  Continue Reading

• How to gain acceptance of organizational change

  Any organizational change can meet with internal resistance. In this response, SSQ Site Editor Yvette Francino offers advice on how to win buy-in from those affected through honest communication and continuous improvement.  Continue Reading

• Verifying user authentication and data encryption in your Web service

  Application security is a tricky aspect of development, and it’s usually best to rely on the professionals to authenticate users and encrypt data. However, there are steps development teams can take to validate that these processes are being ...  Continue Reading

• How to implement traceability into requirements management

  Traceability offers a number of benefits to the requirements management process and supports business goals, change propagation and change impact analysis. In this expert response, Sue Burk explains the many uses of traceability and provides tips on...  Continue Reading

• Test automation for your team: How to begin

  Initiating test automation on your project team may seem challenging, or even overwhelming. Fortunately, expert Karen Johnson has been through this process and has some insights into how to best begin. She offers some questions you can ask of your ...  Continue Reading

• How to begin the software requirements gathering process: Elicitation and analysis techniques

  The software requirements gathering process for a new agile development project can seem daunting at first. In this expert response, Sue Burk offers advice on how to begin using elicitation techniques and choosing analysis models that fit your ...  Continue Reading

• Performance testing of ERP applications: How to ensure Scrum teams have needed expertise

  Performance testing is a vital aspect of software development and ideally should occur throughout the development process. In this expert response, Lisa Crispin discusses how to best match performance testing expertise on the Scrum team with the ...  Continue Reading

• Practicing Scrum with outsourced QA teams

  QA and testing are integral parts of software development, and expert Lisa Crispin holds that the team operates more effectively when QA is not outsourced. However, when this isn't possible, the quality testing group must be involved in daily scrum ...  Continue Reading

• Application development for mobile phones: Testing across different devices

  New mobile phone models enter the market all the time, and it seems daunting to perform application testing on the various devices available. Expert Karen Johnson carefully examines the factors developers must consider and offers strategies on how ...  Continue Reading

• How to best manage user stories in your agile development projects

  User stories serve several important purposes for agile development teams. In this expert response, Sue Burk explains the full range of uses for user stories, discusses how to best document requirements details, and offers different approaches to ...  Continue Reading

• Functional requirements and nonfunctional requirements in software engineering explained

  Clearly defining both functional and nonfunctional requirements in software engineering projects is important from both a business perspective and a performance perspective. In this expert response, Sue Burk offers definitions and examples for both ...  Continue Reading

• Understanding functional and non-functional requirements in the software development lifecycle

  The premise that functional and non-functional requirements exist separately is a misconception. In this expert response, Robin Goldsmith explains the how these two types of specifications are inter-related and correlate with particular ...  Continue Reading

• Tools that generate test cases from software requirements

  In this expert response, requirements expert Robin Goldsmith gives examples of a variety of tools, including tools based on use cases, state analysis tools, and all pairs tools, which generate test cases from software requirements. He also explains ...  Continue Reading

• How to regression test Web-based applications

  Software test consultant John Overbaugh gives some helpful advice about regression testing Web-based applications. Overbaugh describes regression testing browser platforms and how to test for backwards compatibility.  Continue Reading

• Software database testing stored procedures

  Database testing can refer to any backend or data-related testing such as data migrations and data integrity. In this expert response, Karen Johnson talks about two practices that she's used for testing stored procedures (SP): code reviews and ...  Continue Reading

• Software retest, regression, smoke and sanity testing: What's the difference?

  Understanding the nuances between different types of test efforts can be a challenge. In this expert response, Karen Johnson explains what is meant by retesting, regression testing, smoke testing and sanity testing. Find out the purpose of these ...  Continue Reading

• How does ALM differ from SDLC?

  In this expert response, Mike Jones explains that SDLC is a subset of ALM with ALM covering the processes for all products in a portfoli. He also gives some specific recommendations of when you might want to use a waterfall SDLC and when it might be...  Continue Reading

• What exactly is an ALM tool?

  Application lifecycle management expert Mike Jones explains the characteristics of tools for ALM. Jones talks about the concept of an ALM framework which is concerned with both the processes and the tools needed in the lifecycle, and clarifies some...  Continue Reading

• Types of software requirements: Business, functional, stakeholder, and 'real'

  Expert Robin Goldsmith explains the different ways that requirements are categorized, explaining the difference between 'whats' and 'hows.' Goldmith recommends what he refers to as 'real' business requirements driven down to detail and are always ...  Continue Reading

• Special considerations for testing applications using Right to Left languages (RTL)

  When testing user interface (UI) components of an application that uses a right to left language (RTL), there are special considerations. Software test expert Karen Johnson explains what to look for in dropdown fields, scrollbars, data entry fields,...  Continue Reading

• How do you determine functionality when there is no documentation?

  Determining the functionality of an existing system when there is no documentation presents a challenge. Requirements expert Sue Burk explores various ways that a business analyst can go about uncovering the system's capabilities. While running ...  Continue Reading

• Using a traceability matrix to map requirements to test cases

  Expert Robin Goldsmith explains the use of a traceability matrix and the importance of level of detail in cross-referencing requirements to test cases. Goldsmith recommends higher level of detail in both requirements and tests in order to attain the...  Continue Reading

• What is the difference between code coverage and test coverage?

  Code coverage and test coverage metrics are both measurements that can be useful to assess the quality of your application code. Code coverage is a term to describe which application code is exercised when the application is running. Test coverage ...  Continue Reading

• Can security testing only happen in the production environment?

  Security test expert Kevin Beaver talks about the advantages and disadvantages of security testing in production environments. If production environments are off-limits, he makes recommendations for testing in staging or disaster recovery ...  Continue Reading

• What key test metrics should be tracked for Agile teams?

  Test metrics are used to help determine whether a project is on track. Agile expert Lisa Crispin gives her thoughts on metrics such as number of tests run and passed, code coverage and defect metrics. She encourages teams to review metrics often to ...  Continue Reading

• Advice for getting started with security testing: Start with OWASP top ten

  Software test expert John Overbaugh gives advice on skills needed to become a strong security tester. He recommends starting with learning how to test for the OWASP top ten exploits. Overbaugh also suggests a solid understanding of TCIP/IP, HTTP, ...  Continue Reading

• How important are SQL skills for a tester?

  Karen Johnson explains the situations in which SQL skills are important for a software tester as well as times when the expertise is not required.  Continue Reading

• How do Agile teams handle changes to requirements?

  While changing requirements may pose a considerable threat with some development methodologies, agile development makes changes more manageable.  Continue Reading

• How to handle requirements creep

  Requirements expert Robin Goldsmith advises against freezing requirements to avoid creep. If proper work is done at gathering business requirements up front, creep should not be an issue.  Continue Reading

• Four tips for gathering requirements for the new Business Analyst

  Requirements expert Robin Goldsmith describes four techniques for the new business analyst to collect and analyze business requirements for your software product.  Continue Reading

• What are the different ways to elicit software requirements?

  There are a number of techniques that can be used to gather software requirements. In this expert response, you'll be pointed to a learning guide that explains the differences, it will teach additional techniques and find out the key to successful ...  Continue Reading

• How to gather security requirements for software projects and what to look for

  There are a many things to focus on when defining security requirements for any software development effort. But the most prominent should be long term ones like input validation, URL manipulation and logic.  Continue Reading

• How to settle conflicting software requirements between users and stakeholders

  Choosing to ignore stakeholder needs during the requirements elicitation phase is a common problem in software development. Knowing how to cater to both stakeholders and users is the first step in delivering dead-on requirements.  Continue Reading

• When to start testing application performance in an Agile development environment

  There are multiple ways performance testing can be handled on an Agile team. An expert describes the benefits of various approaches.  Continue Reading

• Differences in Agile and traditional software project management

  In this expert response, some of the differences between project management in traditional environments and agile environments are explained. One of the biggest differences is the flexibility of scope changes that is welcomed in agile environments.  Continue Reading

• Defining a User Interface (UI) during the requirements phase: A mistake?

  Many teams are using the requirements phase to define the look and feel of the user interface (UI). According to an expert, this is a mistake and can cause the team to digress from its primary task of identifying true business requirements.  Continue Reading

• Top software security concerns and vulnerabilities you should know about

  New software testers will benefit from this expert's wisdom as he explains the top ten security concerns organizations should be aware of based on OWASP documentation.  Continue Reading

• What does "change management" mean in software development and QA?

  Change management, sometimes called configuration management, has a few different meanings in the software development community, from team changes to code changes, explains expert Yvette Francino.  Continue Reading

• Explaining software security responsibilities to the staff, QA department and management

  One of the largest problems in software security is choosing to look the other way. Even with multiple regulation departments, many managers choose to look the other way on security issues, what can be done?  Continue Reading

• Scrum Master or Scrum project management, is there a difference?

  A Scrum Master is commonly mistaken for a project manager who works in a Scrum environment. Learn what distinguishes a Scrum Master in this expert response.  Continue Reading

• Who determines the appropriate severity or priority for a defect?

  There are often differences of opinion on the definition of severity or priority of a defect. The bottom line is determining when and if the defect will be fixed. Factors that need to be considered are customer urgency and time required to fix and ...  Continue Reading

• What are the pros and cons of centralizing a QA or software test team?

  Is it better to centralize a test team or have testers paired organizationally with developers? There can be advantages to either approach. This expert response examines some considerations and an alternative that will allow your quality team to ...  Continue Reading

• How do I create a test case based on requirements documents for user acceptance testing?

  Creating user acceptance tests out of basic software requirements documents can be a daunting task. Expert Mike Kelly points out logical approaches testers could try in this tip.  Continue Reading

• Functional vs non-functional requirements, what is the difference?

  Robin Goldsmith takes another stab at this question of functional vs non-functional requirements in this expert response. According to Goldsmith the difference lies in the applications need and what it is intended for.  Continue Reading

• How to write an SRS document for three different databases

   Continue Reading

• How to write a Software Requirements Specification (SRS) document

  Knowing how to write requirements documentation is crucial when developing and tracking the completion of software. Expert Robin Goldsmith goes over how to write SRS documents and how to distinguish them in this expert response.  Continue Reading

• Put a stop to software espionage by watermarking source code

  Having software code replicated or stolen is a major cause for concern in the industry, fortunately there are measures you can take to protect your software source code.  Continue Reading

• Data warehouse/BI performance testing tool recommendations

  Expert selects preferred performance testing tools for data warehouse/BI software testing needs.  Continue Reading

• Problems caused by skipping analysis stage of SDLC

  A requirements expert explains the possible pitfalls of skipping the analysis phase in the software life cycle development (SDLC).  Continue Reading