Unified Compliance Testing for HTML Applications with AvePoint Compliance Guardian

By Robert B. Y.

AvePoint is always looking for ways to improve not only the company’s customer-facing products, but also the internal processes used in design, development, and quality assurance as required to bring products to market. The guidance that we provide to our Compliance Guardian customers to help manage their Governance, Risk and Compliance (GRC) programs is that “it’s critically important to both be transparent and accountable”. As such, our GRC technology allows our customers to say what they do, do what they say, and prove it! To that end, I wanted to share one of the innovative practices we are implementing at AvePoint in testing our own Compliance Guardian Platform products – with Compliance Guardian itself!
Our Compliance Guardian Quality Assurance teams are utilizing a methodology that we call Unified Compliance Testing (UCT) for our HTML-based applications and services. Since I have just coined this phrase, let me define it. Unified Compliance Testing of HTML applications is mainly related to the following:
- standards-based testing;
- privacy, accessibility, or usability guidelines;
- papers and standards, including those for web applications on mobile platforms and numerous W3C Standards and guidelines; and
- application security and privacy best practices pertaining to the collection of personal or sensitive information, the use of tracking technologies, and/or compliance with privacy policies and notices supported by the application.
- The system finds a table, but the table needs a specialist to determine if it is accessible.
- The system identifies a data collection method, such as an HTML form that needs review, to assure it matches company policies. This may be required so a Policy person can complete Security or Privacy Questionnaires – as in APIA.
-
- Recording, playback, and editing of Application Functional Tests (Scripts)
- These test scripts can be used to specify pages to then test for aforementioned standards
- No coding experience necessary
- Mobile: http://www.w3.org/2014/04/mobile-web-app-state/
- Accessibility: http://www.w3.org/standards/webdesign/accessibility
- Privacy: http://www.w3.org/Privacy/
- Usability: http://www.usability.gov/