Code Review, Test Data, and Code Comparison - PowerPoint PPT Presentation

Loading...

PPT – Code Review, Test Data, and Code Comparison PowerPoint presentation | free to download - id: 54fb8d-NzQwO



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Code Review, Test Data, and Code Comparison

Description:

Chapter 17 Code Review, Test Data, and Code Comparison Audit Evidence Collection and Evaluation What was expected to happen / not happen? What did happen?/not happen? – PowerPoint PPT presentation

Number of Views:74
Avg rating:3.0/5.0
Slides: 28
Provided by: Information1490
Learn more at: http://web.bryant.edu
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Code Review, Test Data, and Code Comparison


1
Chapter 17
  • Code Review, Test Data, and Code Comparison

2
Audit Evidence Collection and Evaluation
  • What was expected to happen / not happen?
  • What did happen?/not happen?
  • What type of evidence do we have?
  • Is the evidence reliable?
  • What is the exposure and of risk

3
Evidence Collection Techniques
  • Program Code Review
  • obtain program source-code listings to evaluate
    the quality of the program code
  • Test Data
  • design a sample of data to be executed by the
    program
  • Code Comparison
  • compare two versions of a programs source or
    object code to determine if attributes are common

4
Where Do Program Defects Occur?
  • Tentative Conclusions
  • a small number of program modules will have a
    large number of faults
  • Requirement specifications and design errors are
    as prominent as coding errors
  • Design errors relate to interface problems with
    users

5
Objectives of Code Review
  • Identify erroneous code
  • Identify unauthorized code
  • Identify ineffective code
  • Identify inefficient code
  • Identify nonstandard code

6
Source-Code Review Methodology
  • 1. Source Code Selection
  • 2. Review Programming Standards
  • 3. Understand the Program Specifications
  • 4. Obtain Source Code
  • 5. Review Programming Language Used
  • 6. Review Source Code
  • 7. Formulate Flaw Hypotheses

7
Review Source Code
8
COBOL Reserved Words
  • Select If
  • Redefines Go To
  • Open/Close Go ToDepending On
  • File Status PerformUntil
  • Invalid Key Search/Search All
  • Accept Inspect
  • Display EvaluateWhen
  • Copy Call

9
Benefits Costs of Code Review
  • Primary Benefit
  • provides a level of detailed knowledge about a
    program that auditors will find difficult to
    acquire using other evidence-collection
    techniques
  • Primary Disadvantage
  • Cost

10
(No Transcript)
11
Black-Box Test-Data Design Methods
  • user interface errors
  • errors in interfacing w/ external systems or
    databases
  • efficiency problems
  • initialization errors
  • termination errors

12
Equivalence Partitioning
  • The objective during test-data design is to
    select a test-data design element that falls
    within the class and one that falls outside the
    class.

13
Decision Tree for Test-Data Design
14
White-Box Test-Data Design Methods
  • Focus is on whether defective execution paths
    exist in a program
  • Primary goal is to identify the control structure
    underlying the code
  • full statement coverage
  • full branch coverage
  • full path coverage

15
(No Transcript)
16
(No Transcript)
17
Fig 17-8
18
(No Transcript)
19
(No Transcript)
20
Loop Testing
  • Tested as part of a basis path testing strategy
  • Types of Loops
  • Simple loops have no other loops embedded within
    their control structure
  • Nested loops have other loops embedded within
    their control structure

21

22
Automated Aids
  • Test data/file generators
  • Test capture/playback tools
  • Test coverage/execution path monitor tools
  • Test drivers/harnesses
  • Test output comparators
  • Static analyzers

23
Benefits Costs of Test Data
  • Major Benefit
  • allows auditors to examine the quality of program
    code directly
  • Major Disadvantage
  • often time-consuming and costly

24
Program Code Comparison
  • Provides some assurance that the correct version
    of software is being audited
  • Provides some assurance that any software used as
    an audit tool is the correct version of the
    software

25
Types of Code Comparison
  • Source-code Comparison
  • software provides meaningful listing of any
    discrepancies between two versions of source code
  • Object-code Comparison
  • software provides listing of any discrepancies
    between two versions of source code (does not
    identify nature and cause of discrepancies)

26
Benefits Costs of Code Comparison
  • Primary Benefit
  • easy was of identifying changes made to programs
  • neither costly to purchase nor to execute
  • Primary Cost
  • does not provide any evidence directly on the
    quality of the code being compared

27
(No Transcript)
About PowerShow.com