A) The policy has been prepared in accordance with the Government guidance: 10 steps to Cyber Security Guidance:
B) Amongst other quality assurance measures we engage third party testing of vulnerabilities and strengths of our Platforms. This establishes independent and authoritative verification that the Platforms are:
C) We strive to maintain the most secure service for our users and to ensure that our performance is rugged, dependable and that it incorporates the essential precautions to protect our infrastructure and users’ data.
D) Cyber Essentials Plus Certificate
We are in the process of achieving the Government’s independently assessed Cyber Essentials Plus certificate.
This process includes independent testing of whether the controls implemented collectively defeat threats from hacking and phishing. The testing also covers all internet gateway, all servers providing services directly to unauthenticated internet based users.
More information about this certificate may be found here:
Our Quality Assurance policy requires the following approaches and exercises to be undertaken.
The third party assessment incorporates tests to identify:
When we speak about testing in this Policy we describe the assessment by various means of the Platforms owned and maintained by DisputesEfiling.com Limited which deliver our customers’ services.
The service manager has overall responsibility for maintaining the quality of a service. However, because quality relates to every part of a service, the service manager is required to make sure all members of the team know how to:
Because we cannot know how resilient our product is until it is tested we arrange for simulations of both normal and unusual conditions; for example, when our service has lots of visitors or is attacked.
Testing for quality helps us:
As part of using agile methods, we test in a way that confirms the following as quickly as a possible:
When we test the Platforms we seek to automate as much of it as possible. For example, using a continuous integration system (where our tests form part of our codebase) means we have our code tested automatically every time we make a change.
We seek user feedback shortly after making changes which means we can respond quickly and make changes when needed. We can also spot bugs before they develop into bigger issues that may be more complicated and expensive to fix.
We run different types of test to examine all aspects of the Platform’s performance and integrity, for example:
This is the expression used to cover any compromises we make on quality to develop something quickly in the short-term. The extra effort (or interest) required to improve what we have built is something we have to make (or pay) in future.
As our technical debt grows, we recognise that our code will become more difficult to work with. This means adding new features will get harder, take longer and introduce more bugs. If we compromise on quality to deliver something quickly, we will understand and provide for the means to pay the interest and technical debt in the near, medium or longer term.