Andy made a natural progression from the technical side of the Film Industry to Software programming in 1985. Since this time he has held positions from Business Analyst to Programme Manager, Quality Assurance Manager, Development Manager and Head of Testing Services, predominately in the City in the last 4 years.

Andy has a reputation for strategic vision and delivering global business solutions reporting directly to the Board, liaising on £10M+ programmes since 1995 and has been regularly personally responsible for £5M quality assurance and testing of business and technical solutions, managing teams of between 5 and 60+ people, including external suppliers and offshore parties across three continents.

Andy demonstrates enthusiasm, parallel thinking and team creativity to drive through time to market business solutions whilst maintaining costs.

Andy is a frequent speaker at international conference. He was Chair of the ISEB International Panel in 2003/4, the UK representative to ISTQB in 2003 and founder Chair of the ISEB UK Executive Committee in 2004.

Andy was awarded the EuroSTAR Award for outstanding contribution to the Testing Industry in Europe, in December 2005 following a previous nomination in 2003.

Andy is the interim Group Business Manager for Testing at the Portman Building Society.

Financial organisations were shaken up by the US Sarbanes-Oxley (SOX) act and Basel 2 regulatory requirements and Mifid will soon be upon us. SOX came into being 29 days after accounting irregularities were reported at WorldCom. The SOX is the first major update to US financial law since the 1933 Federal Securities Law. In the US the Act is prescriptive in comparison to the UK FSA which is usually advisory.

Any non-US organisation listed on the NYSE is also expected to comply with aspects of the Act, some of which came into force in August 2004, but the major Foreign issuers did not need to comply with legislation until 31^st July 2005. Mifid is in the consultation stage which will further influence the European financial markets.

The SOX act requires Directors to be accountable for controls for all aspects of process and application to be demonstrable to the external auditors. The act defines the behaviour and compensation of CEO’s and CFO’s and their professional advisors. This in essence describes the corporate governance, the role profiles of senior managers and affects the organisation structure and portfolio of Business projects.

This requires documentation sets to be defined, up-to-date, accurate and testable. Systems and process must be tested functionally and non-functionally, and include security of site and data, back-up and recovery and Disaster Recovery. Testing must prove that financial systems process to specification and that reporting is timely and accurate with exceptions clearly defining the operational risks.

The act also outlines audit and accounting procedures and penalties and fines for transgressors. The act only provides 4 days to disclose major non-compliance. The amount of work required to integrate aspects of legislation into the Systems development life-cycles of financial organisations is extensive. To prove that all appropriate sections of financial acts, significant testing and retention of test material is required to ensure business resilience.

This presentation will

- examine the sections of the SOX act and the lessons learned making reference to Basel 2 and Mifid where appropriate;

- detail areas within the SDLC where changes are required to ensure compliance;

- understanding changes to requirement gathering to ensure compliance;

- suggest testing policy, strategy, process and method to ensure that adequate testing material is defined, executed, analysed and retained as reusable assets for continuous compliance;

- Implications of sections Sox 404 and Sox 409 on the testing culture of an organisation – particularly the provision of 409 real-time reporting systems;

- Testing to mitigate the affects of the act on Operational Risk and measuring conformity to Key performance and key risk indicators;

- Maintaining ‘just enough’ test material to ensure conformance.

has a PhD in Software Testing and is a Senior Lecturer in Software Engineering for Cranfield University.  He has previously worked on the development of high-integrity systems, such as command and control, radar and avionics.  He is currently involved with research on the effectiveness of software testing techniques, high volume automated testing and standardisation.

He is Chair of the BCS SIGIST Committee and the associated Standards Working Party, which was responsible for the development of BS 7925-1 and BS 7925-2.  This working party is now developing a standard on non-functional testing techniques.

Until September 2003, he was Chair of the ISEB Software Testing Certification Board, which is responsible for the Foundation and Practitioner Software Testing qualifications. He has presented papers and tutorials at conferences worldwide. Stuart was awarded the EuroSTAR Testing Excellence Award at Stockholm in 2001.

Test process improvement is used at both organisational and project levels, but there is currently nothing targeted at the level of the individual tester; a surprising omission given the importance of individual tester quality to project success.

This presentation introduces the Personal Test Maturity Matrix (PTMM), which provides a structured framework for testers to develop and manage their personal skillsets.  The PTMM matches specific capabilities with both stages in a tester’s career (their maturity) and their chosen test specialisms, thus providing the individual with guidance on the most effective next steps in their career.  Areas covered by the PTMM include technical, communication and people skills, as well as education, training and certification.

The PTMM helps testers identify their unique set of strengths and weaknesses, to better identify both where they excel and where they can improve most effectively.  This introduces the need for testers to maintain a constant measurement regime, often beyond the demands of their current project.

Although primarily aimed at giving testers a new level of control allowing them to most efficiently add value to their careers, from the organisation’s perspective the PTMM also complements traditional top-down test process improvement as it works from the bottom up.

Key Points:

·          Directed personalised career guidance for individual testers who want to control their careers.

·          A framework matching the most desirable tester skills with various test specialisms.

·          Next step guidance on the career path for testers based on their individual capabilities.

We regret that Dr Reids paper will not be available to view on-line! 

Following Andy and Stuarts presentations, we know that delegates will have been stimulated into thinking about the issues that face them in their own testing projects. Delegates will divide into smaller discussion groups to review the following topics:-

1. Risk Analysis as a Driver of Testing – for those working with Testers to create a testing framework.

2. SOX Specifics (404-409) – for those working specifically on a SOX project

3. Compliance Framework and Testing Strategy – for those interested in General Testing

At the end of the discussion time, the findings, conclusions and interesting discoveries will be presented by each panel to the assembled group!

Continuing the great SoftTest tradition of Round Table Discussions we are delighted to facilitate a "Birds of A Feather" session to allow SoftTest Delegates to discuss the issues raised, to share their own experiences and to learn from each other.