TESTING ASSESSMENT TOOL

A Overview
The Testing Assessment Tool must be completed by a member of the testing team.

CETM is scaled based on the impact, size, complexity and risk involved in testing a technology change.

This workbook has been designed to :

1-Sort the Work Types request ( project,program,maintenance works or U4)

2-Assess if Regression ONLY is required or Full Testing is required
3-Assess the Risk and Scalability level
4-Determine if Risk Based Testing is recommended
5-Determine if End to End Testing is required
6-Assess if Production Acceptance Testing is required

Based on the assessment, the tool will make recommendations. QA Dept Head is allowed to overide the tools recom
and shall provide sufficient explanation to justify the decision.

B Work Types
Work Types that are in scope
are : Used as an overall "container" for work
consisting of multiple aligned and
interdependent projects that are grouped to
achieve a strategic business benefit or objective.
These related projects are:
initiated and completed during the program’s
1 - Program lifecycle,
managed in a coordinated fashion, and
reported together to show the collective
achievement of the strategic mission.

A single project involving technology work

2 - Project aimed at achieving a strategic business benefit
or objective. A project may be part of a
program or may stand on its own.

3- Maintenance Work
A type of work to update an existing system,
process, or technology in a short lifecycle, with
minimal business or technological impact. These
may happen on a regular or infrequent basis.
Maintenance work can also be made up of
single or multiple releases.

Expedited Changes
4- U4 / Expedite Changes
• U4 Changes – Urgent Fixes that are not
project deployments

C Path Assessment
Only 2 testing Paths are possible under CETM : LIGHT and STANDARD.
-A Scalability Assessment score between 1-8 will qualify for LIGHT and 9-11 for STANDARD.
-The Scalability Assessment score is a combination of scores from the Risk Assessment (Q1-Q10)and the Scalability
Assessment(Q11-14).

(i) Testing Risk Assessment

The Initial Testing Risk Assessment determines the "high-level" Risk Factors that could Impact a Testing Project or Ch
consists of 10 questions (Q1- Q10) which identify the potential risks that could impact testing activities. A score base
criteria in the table below is then assigned.

Risk Assessment Score

If more than 70% of the responses get an Impact Score of 2 or more

If 30-70% of the responses get an Impact Score of 2 or more

If less than 30% of the questions get an Impact Score of 2 or more

D Test Strategy
Test Strategy is required when the following conditions applies:

A : The recommended Testing Path is STANDARD, and

B: The answer to question 12 (How many testing groups will be involved in testing this change) is " Cordination and
Involvement of 3 groups" or more.

When cordination is required between 2 testing groups only, the respective QA Dept Heads can decide whether a te
will be of any benefit even though the TAT recommends NOT REQUIRED.

E Work Products
Depending on the path, the tool will recommend the following work products:
A : STANDARD - TEST PLAN, TEST CASE MATRIX & TEST EXIT REPORT
B: LIGHT - LIGHT TESTING WORKBOOK
F End to End Testing
End to End Testing recommendation is based on the number of impacted LOBs. End to End testing will be recomme
the following conditions applies:

A : The recommended Testing Path is STANDARD, and

B: The answer to question 2 is " 2 LOBs" or more.

G Production Acceptance Testing

The recommendation for PAT is directly related to question # 14 (Are there non-functional requirements that need a f
Production Acceptance Test stage?)

When the answer is YES, PAT will be recommended.

H Risk Based Testing

A - Risk Based Testing (RBT) is a technique used to prioritize tests of software features and functions, and to allocate
effort based on the risk of failure.
B - Risk Based Testing involves testing the functionality which has the highest impact and probability of failure.

Questions 4,10, & 15-24 are designed to assess Risk Based Testing suitability. Based on the results, the tool will indi
whether RBT is recommended or not. The scoring calculation are detailed below:

Scoring Calculation
Total Risk Score Recommendation
8- 26 Risk Based Testing is Recommended

26.1 - 36 Risk Based Testing in NOT recommended

I Approval Section
All approvals should be captured under the approval section. A copy of the completed and signed-off Testing Asses
workbook must be provided to the PM and stored in the Project Repository.

Notes:
• Scalability refers to the amount of test planning and formalization required. All in scope requirements must
still be validated regardless of the scalability level.
• This assessment must take the perspective of the overall project / program into perspective. All risks,
constraints, dependencies, and downstream teams must be considered.
• This tool makes 6 recommendations and in case any approver disagrees with any of the recommendations, this sho
captured and embedded under the email approval column. Proper justification should be provided.
• The QA Dept. Head reserves the right to overide any of the recommendations, and shall provide justifications the r
used. Any decision that will involve taking more risk than what the tool is recommended should be performed with d
and communicated with all the project/work request stakeholders.
 TOOL

ting team.

testing a technology change.

U4)

Head is allowed to overide the tools recommendation

t

11 for STANDARD.
k Assessment (Q1-Q10)and the Scalability

rs that could Impact a Testing Project or Change. It

could impact testing activities. A score based on the

ore
3

n testing this change) is " Cordination and

ve QA Dept Heads can decide whether a test strategy

ducts:
RT
ng
d LOBs. End to End testing will be recommended when

Testing
re non-functional requirements that need a formal

ng
ware features and functions, and to allocate testing

hest impact and probability of failure.

bility. Based on the results, the tool will indicate

below:

Next Steps
Use the Test Scenarios prioritisation tool
to prioritise Test Scenarios.
Follow existing CETM Test Planning
processes.
n
he completed and signed-off Testing Assessment
ory.

red. All in scope requirements must

am into perspective. All risks,

s with any of the recommendations, this should be

cation should be provided.
ations, and shall provide justifications the reasoning
recommended should be performed with due care
 TESTING ASSESSMENT TOOL

Project Name/Phase Deposit Bonus Program Prepared by Harsha Karukonda

Application DCO Date 25/08/2023

Direct Investing & Advice | CIBC Capital Markets

Technology Unit Document Version 0.1
Technology - ISI

Work Category Selection

Project or Program Maintenance Works U4 /Expedite- Fixes

Change Impact
Is Regression Only Required?
YES – Regression
NO – Full Testing is Required Only is Required

TESTING RISK ASSESSMENT Questions to displ

Comments
Nº Questions Options Scores (This is a place to share your thinking on how you answered the question. This can help clarify for
reviewers.)

How many users will this change be VISIBLE to, if successfully implemented?
Consider CIBC clients, staff, and third parties.

1 [Note: If this is a "behind the scenes" change that the users will not see, Between 20-100 1 Treasury folks and client would be able view the interest transactions
answer this question that no users will be impacted. Also, this question is
NOT meant to consider if the change fails as that is covered by other
questions in the assessment]
 How many CIBC Lines of Business will :
-the change be VISIBLE to, or
-be impacted, if successfully implemented? 1 LOB
2 0 IE
[See Note for question 1.0 above]
[If more than 2 LOBs are impacted, End to End testing may be applicable.]

Is there a regulatory or compliance driver for this change? or This offer will run peridically(90) in the year 2023, to attaract CIBC clents to
3 No 0
Is there a critical implementation date driving this change? open brokerage accounts

What is the business criticality of the project?If the change is unreliable,

unavailable or unstable, consider
-the negative impact be to our clients
(internal/external)? or
-the negative financial impact be to the bank? or
- the potiental harm to the bank's reputation?
4 Medium 2 Reputational impact and also fines may be imposed as this is regulatory.
[Consider if this change could impact books of record, affect SOX 404
compliance, or generate a severity 1.x, or 2]

Does this change require:

customization of a vendor product? or
5 configuration of remote systems? or No 0 Y
complex interfaces and/or dependencies? or
functions that will be turned on over time?

Does this change affect existing:

6 business processes? or No 0 Y
the application user interfaces?
 Minor Configuration
Change
What type of change is involved?
Offers only apply to specifica account types and only to the targetted clients
7 1
[Note: If the change involves integration of a new vendor-built application who do not have brokerage accounts
for CIBC, answer this question that a new application/service is involved]

Could this change:

increase the load on a machine or service? or
increase network traffic? or
increase transaction volumes? or
8 impact existing security features? or No 0 Y
impact current batch processing job streams or schedules? or
impact user response times? or
involve complex and time consuming backout and recovery
processes?

Proven -
9 What is the experience with this type of change activity? Implemented 0 Y
before, no incidents

How stable is the Test Source Document.

10 Very Stable 1 Y

TESTING SCALABILITY ASSESSMENT

 What is the estimated duration of Test Planning + Test Execution for the
11
test phase/s under consideration?
Between 2-7 weeks 1 Y

How many testing groups will be involved in validating this change?

Testing groups can be within or outside the LOB. Coordination &
12 involvement of 2 1 Testing needs coordiantion between Manual and Automation testing teams
[Consider LOBs, vendors, service providers, government agencies, and other groups
third parties.]

What is the complexity of the testing effort?

Change to 1
13
[Consider number of CIBC applications or components, databases, component
0 Y
interfaces, middleware, calculations, etc.]

Are there non-functional requirements that need a formal Production

Acceptance Test stage? Consider performance requirements, SLA
requirements, concurrency of users, data availability, reliability and
stability.
14
Important Notes:
No 0 Y
• Non-functional requirements can be covered in SIT/UAT rather than a
formal PAT test stage depending on the nature of the requirements.
However, performance, load and volume requirements often require a
separate PAT environment.

Risk Assessment Score from Questions 1-10 1

 Scalability Assessment Score 4

Risk Based Testing Questions

15 What is the estimated percentage of test scope with links to financial

transactions? N/A 0

16 Is the project introducing new functionality?

No 1

17 What is the defect's history detected in previous releases/projects?

Low Number 1

18 Does the project involve data warehouse or data migration? 1

No Y

19 Is the project introducing new infrastructure? 1

No Y

20 What percentage of test scope requires complex calculations or logic? 0

N/A Y

21 What percentage of test scope requires multiple system validations? 3

More than 30% Y

22 Is the project introducing new applications? 1

No Y

23 Is the QA team knowledgeable of the applications? 1

Yes

24 Is there a projected impact on existing system performance? 1

No Y

RECOMMENDATION
 RECOMMENDATION

CETM PATH LIGHT

TEST STRATEGY IS NOT REQUIRED

REQUIRED WORKPRODUCTS LIGHT TESTING WORKBOOK

END to END TESTING IS NOT REQUIRED

PRODUCTION ACCEPTANCE TESTING (PAT) IS NOT REQUIRED

RISK BASED TESTING IS NOT APPLICABLE

COMMENTS
( Insert any comments based on the tool's recommendation)

End to END TESTING will be performed as part of program though the recommendation is "Not required".

APPROVALS

EDF ROLES NAMES EMAIL APPROVALS

TEST MANAGER (SIT) where applicable N/A

TEST MANAGER (UAT)where applicable Jacob Jakubski

TEST MANAGER (PAT)where applicable N/A

BUSINESS LEAD Nancy Jamorski

WORK PACKAGE LEAD - DEVELOPMENT Wael Salo