I once worked at a place where we would write feature files using Gherkin syntax. Developers would implement those tests at the integration level. Those tests would demonstrate to a regulator that we have good coverage during our development process.
It was a short contract so I never got into the details yet I was always curious about who this regulator was and how they checked our work. I never found out.
It seemed that the feature files were just for the regulator. The good stuff and most of the issues we found were via structured exploratory testing sessions.
I’d like to know, in your lived work experience, how has an industry standard or regulation impacted how you went about testing?
I’ve worked in some VERY REGULATED industries and the secret is….
Industry regulations really only apply because auditors don’t know any different. You have to play by their rules or use their terms to pass an audit and give them what they want to see. Sometimes you’ll get an auditor who’s a bit more chilled out and willing to learn, so they’ll work with your processes and sometimes it’s a big argument that results in you having to use their templates.
And laws too, things like GRPR or Americans with Disabilities impact the types of testing we do. Because we need to ensure we comply with these things and test to check that accordingly.
Exactly! I’ve worked at several companies when they got an audit, everything changes or gets locked out for everyone… and then after the audit they unscrew everything again.
Depending on the regulation, the processes change here. GDPR is the best joke since not many companies are complient.
But if it’s a new law, the processes are often sped up. Does it change anything to the testing process? From my experience not, just a different userstory that gets prio.