SAPM
Chapter 6 – Foundations for system Design
Integrity controls – reject invalid data inputs, prevent unauthorized data outputs, protect data and programs against accidental or malicious tampering.
Input controls – controls that prevent invalid or erroneous data from entering the system
Value limit controls – Controls that check numeric data input to ensure that the value is reasonable
Output controls – Controls that ensure that output arrives at the proper destination and is accurate, current, and complete.
Factors affecting fraud risk
- separtation of duties, records & audit trails,monitoring, asset control and reconciliation, security
Security controls
Multifactor authentication
(MFA) – the process of using multiple authentication methods for increased security and reliability
Authentication – the process of identifying users who request access to sensitive resources
Authorization – the process of allowing or restricting a specific authenticated user’s access to a specific resource based on an access control list
Access control list – a list attached to a specific resource that describes users or user groups and the nature of permitted access
Chapter 7 – System Architecture
Interoperability - the ability of a component or system to interact with other components or systems
Internet backbone network – a high capacity and high-speed computer network that carries large amounts of internet traffic across regions, countries, and continents
Local Area Network (LAN) – small computer network typically spanning a single home, small office
WWW – Interconnected set of resources accessed via the internet
Architecture
Technology architecture – a set of computing hardware, network hardware, topology, and system software usedApplication architecture – the set of software
application components
Three-layer architecture:- View layer (user interface). Business logic layer (also called domain layer – contains business rules). Data layer (layer that
interacts with the data)
Protocol – a set of languages, rules, and procedures that ensure accurate and efficient data exchange and coordination among hardware and software components
VPN
Web protocols (html, xml, http, https)
Application architecture
Software as a service (SaaS) – application software is accessed via the internet without locally installed programs
Infrastructure as a service (IaaS) – a set of raw IT resources offered to the user by the cloud service provider
Platform as a service (PaaS) – It is essentially a SaaS solution + you can build applications and software
Architecture diagrams
•
Location Diagrams
•
Network Diagrams
•
Deployment Diagrams
Chapter -8
- Designing the user interface
User Interface - UI should be considered as a conversation between a user and the system, usability is the objective, called user centered design
UX – All aspects of a person’s interactions with a software application, including actions, responses, perception, and feelings
UI – Set of inputs and outputs that the user interacts with to invoke the functions of a software
Unser centered design - A design technique that embodies the view that UI appears to be the entire system, Usability – the degree to which a system is easy to learn
and use
Metaphor - Analogies between features of the User Interface and aspects of physical reality with which the users are familiar. Direct manipulation metaphor, desktop
metaphor, document metaphor, dialog metaphor
User interface design must consider the entire user experience, thus communicating effectively with the user.
Good user interfaces are based on good design principles – visibility, affordance, feedback, etc.
Poorly designed user interface can make the information system unusable
Story boards are a powerful tool for UI design
Principles of User-Interface Design
Human-Interface Objects
=>Affordance – the appearance of the object suggests its function => Visible with Feedback => Both visible on the display and provides a
response to a user action (feedback) =>Good examples – radio buttons and check boxes
Consistency
– across platforms, within a suite of application, within a particular appln
Continuity
– consistency across releases over time
Discoverability
– discover hidden features, active discovery, visual diag to guide users
Readability and Navigation , Usability and Efficiency , Closure
Chapter 14 - Deploying the new system
Unit test , integration testing–
implementation
System & stress testing, user acceptance testing –
deployment
Test Case
- A formal description of a starting state, one or more events to which the software must respond, and the expected response or ending state
What is test data?
-A set of starting states and events used to test a module, group of modules or entire system
Unit Tests
-
Test of an
individual method, class, or component
before it is integrated with other software
Driver & stub:
Driver – A method or class used in unit testing that simulates the behavior of a class that calls and sends parameters to the unit being tested
Stub – A method or class used in unit testing that receives and displays the output from the unit being tested
Integration testing
- Test of the functional behavior of a group of classes or components when they are
combined together
Example – Test the function in eLearning portal student grade view
System performance & stress testing
- A comprehensive integration test of an entire system or independent subsystems
Response time
– Desired or max. allowable time limit for the software response to a query or update
Throughput
– Desired or minimum number of queries and transactions that must be processed per minute or hour or given time
UAT
-A system test is performed to determine whether the system fulfills user requirements and can support all business and user scenarios
