-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
1/58
HIPAA+ Solutions Suite131, Elden Street, Herndon VA - 20170
HIPAA+ Assessor Dashboard NACHRI Release
Internal Test Plan
Version: 1.5Last Modified: Aug10, 2011
Document Number: HIPAA-PLUS-2011-0001Contract Number:
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
2/58
TABLE OF CONTENTS
1. INTRODUCTION ...................................................................................................... 1
2. REFERENCED DOCUMENTS ................................................................................. 2
3. TESTING APPROACH/STRATEGY ........................................................................ 3
4. PLANNED TESTS .................................................................................................... 14.1.SYSTEMS INTEGRATION TESTING........................................................................... 1
4.1.1.SYSTEM TESTING.............................................................................................. 1
4.1.2.REGRESSION TESTING....................................................................................... 1
4.1.3.INTEGRATION TESTING....................................................................................... 1
5. TEST PROGRESSION ............................................................................................. 1
6. FEATURES TO BE TESTED ................................................................................... 2
7. TEST ENVIRONMENT .............................................................................................. 45
7.1.HARDWARE........................................................................................................ 457.2.SOFTWARE........................................................................................................ 45
7.3.TEST DATA........................................................................................................ 45
8. TEST DELIVERABLE ............................................................................................... 468.1.INTERNAL TEST REPORT..................................................................................... 46
9. TEST ROLES AND RESPONSIBILITIES ................................................................. 46
10. ASSUMPTIONS ...................................................................................................... 47
11. RISKS AND ISSUES .............................................................................................. 48
12. GLOSSARY ............................................................................................................ 49
APPENDICES ............................................................................................................... 51
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
3/58
HIPAA+ Solution Suite
HIPAA+ Assessor DashboardNACHRI ReleaseTest Plan Version 1.5
LIST OF TABLES
Table 1: Referenced Documents .................................................................................... 2Table 1Features to be Tested ..................................................................................... 2
Table 3Software ........................................................................................................ 45
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
4/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor DashboardNACHRI ReleaseTest Plan Version 1.5Page 1 of 28
1. INTRODUCTION
The HIPAA+ Assessor Dashboard is the one place the Assessor would go to do theAssessment for an end client. In the module, the Assessor would be able to view the
responses/answers input by the client user, Add and update findings, set Date by whichhe believes the Client needs to complete the Assessment survey, views the documentsuploaded by the client and other TBD functions.
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
5/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor DashboardNACHRI ReleaseTest Plan Version 1.5Page 2 of 28
2. REFERENCED DOCUMENTS
Table 1: Referenced Documents
Document Name Issuance Date
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
6/58
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
7/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor DashboardNACHRI ReleaseTest Plan Version 1.5Page 1 of 28
4. PLANNED TESTS
The following types or levels of testing will be performed as a part of the testing lifecycle. Test bed data preparation and seeding will occur at each test level.
4.1. Systems Integration Testing
4.1.1. System Testing
System testing for the HIPAA+ Assessor Module will perform according to therequirements when the user is logged in as an Assessor.
4.1.2. Regression Testing
QSSI shall develop test scenarios and test procedures for conducting regressiontesting. Regression testing includes but is not limited to:
a. Ensuring that coding changes to specific programs do not change the existingfunctionality of the system in a manner not specified by the requirements of thesolution.
b. Creating a test bed that shall be utilized for each release. The test bed shallinclude test cases that address, at a minimum, the critical path to assure basicfunctionality has not been affected.
The regression test scenarios have been identified for the regression suite and are
intended to execute based on the test priority.
4.1.3. Integration Testing
Integration testing is the phase of software testing in which individual software modulesare combined and tested as a group. The purpose of integration testing is to verifyfunctional, performance and reliability requirements placed on major design items.
4.1.4 Performance Testing
Testing the performance of the application how much time its taking to open individual
Page.
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
8/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor DashboardNACHRI ReleaseTest Plan Version 1.5Page 1 of 28
5. TEST PROGRESSION
No dependencies that affect testing have been identified. Therefore, there is no planned
sequence of the prescribed tests.
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
9/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 2 of 28
6. FEATURES TO BE TESTED
Table 2 Features to be tested
6.1 HIPAA+ Assessor Module Test Cases
6.1.1 Assessor user Functional Test cases
TestCase ID
BusinessRequirements ID
Test Description Testing Method Inputs ExpectedResults
Exception
AFT 1 Assessor UserRegistration
Click on Register on theupper right hand cornerof the page
NA Assessorshould see auserregistrationpage
AFT 2 Assessor UserRegistration
Scroll down & click onAssessor Registration
User shouldbe navigatedto AssessorRegistrationpage
AFT 3 Assessor UserRegistration
Enter Inputs Enter All Fieldsmarked with a red* and click onsubmit
Assessorshould see apopup with amessagestating that theAssessor hasbeensuccessfullyregistered
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
10/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 3 of 28
AFT 4 Assessor UserRegistration
Check whether Assessoruser receives an emailstating that user hasbeen successfullyregistered but user isNOT activated
NA AssessorShouldreceive anemail statingthat they havebeensuccessfullyregistered butnot activated
ADT 1 Admin Login Enter Admin logincredentials & click onLogin
Admin/qssi!@#786 User shouldbe able tologinsuccessfully
ADT 2 Admin Login On the top right side,under MyAccount, Clickon Activate User
User shouldbe navigatedto ActivateUser(childwindow) withrows with 4columnnames(Active,UserName,Email, Delete)
with Activate &Cancel(buttons)
ADT 3 Admin Select the desiredcheckbox underActive(Column name) forwhich the user wants toactivate the account &
The usernameactivated byadmin usershould NOTbe displayed
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
11/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 4 of 28
click on Activate(button) in the row &user shouldgetconfirmationmessageActivation ofuser(s)successful
ADT 4 Assessor UserRegistration
After the assessor isactivated, check whetherAssessor receives emailstating Account isactivated & user can nowlogin into system
NA Once the userhas beenactivated bythe Admin, theAssessorshould receivean emailstating thatthey havebeen activatedand can loginto thesystem
AFT 1 Assessor User
Login
In the Login window,Enter Username &
Password
UserIDenterAssessor
UsernamePassword enterAssessorpasswordClick on Loginbutton
User shouldbe navigated
to HIPAA+AssessorHome page
AFT 2 Assessor
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
12/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 5 of 28
Assessor, Click onAssessor Dashboard
to HIPAA+AssessorDashboard
AFT 3. Selecting ClientUser
Select desired client fromClient Listbox
Client ListboxSelect FGHC
User shouldbe able toselect thedesired clientfrom Clientlistbox
AFT 4.Set Date
From top of the menu,Click on Set Date
Set Date User shouldhave an optionto set thedesired date
AFT 5 Click on X mark in thecurrent browser(HIPAAASSESSOR browser titlename)
Currentbrowsershould beclosed
AFT 6 In home page, under topright side(MyAccount),Click on Logout
User shouldbe logged out
AFT 7.Log out
From top of the menu,Click on Log out
ClickLog out User shouldbe logged out
AFT 8. Pre-condition:After Client Usersubmits theAssessmentSurveyLogin
In the Login window,Enter Username &Password
UserIDenterAssessorUsernamePassword enterAssessorpasswordClick on Loginbutton
User shouldbe navigatedto HIPAA+AssessorHome page
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
13/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 6 of 28
AFT 9. Assessor
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
14/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 7 of 28
Survey
AFT 13. Reviewdocumentattached
Check whether Assessorcan receive thedocuments attached foreach question underAssessment Surveyquestionnaire
Assessorshould receivethe documentswhich areattached foreach questionunderAssessmentSurveyquestionnaire
AFT 14. Input OnsiteSurvey
Check whether Assessorhas a option to inputOnsite Survey data intothe system
Onsite Surveydata
Assessorshould havean option toinput OnsiteSurvey datainto thesystem
AFT 15. Steps for OnsiteSurvey
Check whether Assessorhas all steps to be donein onsite survey listed ordocumented with process
N/A Assessorshould all thesteps to bedone in onsitesurvey listedordocumentedwith process
AFT 16. BR-5 Input Findings todatabase
Check whether Assessorcan add Findings in thedatabase
Adding Finding Assessorshould be ableto add theFindings in thedatabase
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
15/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 8 of 28
AFT 17. BR-15 EnterRecommendation for Findings
Check whether Assessorhas option to enter 1 ormore Recommendationsfor each Findings
EnterRecommendation
Assessorshould havean option toenter 1 ormoreRecommendations for eachFindings
AFT 18. Assign Criticallevel for Finding
Check whether Assessorhas an option to assignthe desired criticality levelfor each Finding
Assign criticalitylevel
Assessorshould havean option toassign thedesiredcriticality level
CFT 1Client UserRegistration
Click on Register on theupper right hand corner of thepage
No Additional Inputsrequired
Client usershould see a userregistration page
CFT 2Client UserRegistration
Enter Inputs Enter All Fieldsmarked with a red *and click on submit
Client usershould see apopup with amessage statingthat the user hasbeen successfully
registeredCFT 3 Client User
RegistrationReceive Email No Additional Inputs
requiredClient userShould receivean email statingthat they havebeen successfullyregistered but notactivated
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
16/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 9 of 28
ADT 5 Admin Login Enter Admin logincredentials & click onLogin
Admin/qssi!@#786 User shouldbe able tologinsuccessfully
ADT 6 Admin Login On the top right side,under MyAccount, Clickon Activate User
User shouldbe navigatedto ActivateUser(childwindow) withrows with 4columnnames(Active,UserName,Email, Delete)with Activate &Cancel(buttons)
ADT 7 Admin Select the desiredcheckbox underActive(Column name) forwhich the user wants toactivate the account &click on Activate(button)
The usernameactivated byadmin usershould NOTbe displayedin the row &
user shouldgetconfirmationmessageActivation ofuser(s)successful
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
17/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 10 of 28
Client UserRegistration
Check whether Client userreceives an email stating thatclient user has been activated& now user can login
No Additional Inputsrequired
Once the userhas beenactivated by the
Admin, the Clientuser shouldreceive an emailstating that theyhave beenactivated and canlog into the
system
CFT 4 Client User LoginIn the Login window,Enter Username &Password
UserIDenterClient UsernamePassword enterClient passwordClick on Loginbutton
User shouldbe navigatedto HIPAA+Client UserHome page
CFT 5 ClientUser
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
18/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 11 of 28
(x=No. of daysset byAssessor)
CFT 7 Check whether on the topright side, user is able toview Client User Name& Client Logo
On the topright side ofthedashboard,
user should beable to viewClient UserName &Client Logo
CFT 8 ProfileManagement
Check whether ClientUser has an option tochange his accountdetails
Ex: change name User shouldhave an optionto change hisaccountdetails
CFT 9 CR-610& 723
AssessmentSurvey
From top of the menu,Click on AssessmentSurvey
User shouldbe navigatedtoInstructions(
page) with thetext:Dear(HIPAA+User),
Pleasecomplete theassessment
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
19/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 12 of 28
questions onthe Security,Privacy,BusinessAssociateAgreements,and ITOperationstabs of theHIPAA+Assessor system.
1. Questionsmay beskipped andreturned at alater time byplacing theselecting thehold response.2. If thequestion is notapplicable to
the entity,select N/A asthe answer.3. Upload alldocumentsthat supportyour answer. Ifyou do not
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
20/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 13 of 28
have adocument youmay proceedto nextquestion4. If you like toprovide anyadditionalinformation,please use the"AdditionalComments"box.5. The surveywill not beconsideredcomplete untilall questionshave beenresponded towith either ayes, no, or n/aresponse.
6. Answersmay bechanged upuntil thesurvey asbeensubmitted ascomplete.
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
21/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 14 of 28
Thank you foryour efforts incompletion ofthe HIPAA+assessmentsurvey.
CFT 10 CR-764 AssessmentSurvey Check whether user isable to view the
CFT 11 CR-629 AssessmentSurvey
Under AssessmentSurvey>Security>Administrative Safeguards, on topright side, check whetheruser is able to viewbuttons
User shouldbe able toview buttons on thetop right side
CFT 12 CR-629 AssessmentSurvey
Under AssessmentSurvey>Security>Administrative Safeguards, on thebottom right side, check
whether user is able toview as Last
UnderAssessmentSurvey>Security>Administrati
veSafeguards,on the bottomright side, usershould be ableto view buttonnames labeledas
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
22/58
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
23/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 16 of 28
questions able to answerthe desiredquestions
CFT 17 AssessmentSurvey
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
24/58
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
25/58
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
26/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 19 of 28
ColumnNames
CFT 28 Check whether user hasoption to add multipleagreements
User shouldhave option toadd Multipleagreements
CFT 29 Check whether user hasoption to delete thedesired agreements
User shouldhave option todelete thedesiredagreements
CFT 30 Under AssessmentSurvey, Click on ITOperations(sub menuitem)
User shouldbe navigatedto ITOperations(sub menu item)page
CFT 31 Under AssessmentSurvey>IT Operations,above the applet, checkwhether user is able to
view the text as Pleaseupload documents thatsupport the governanceof the entity's IToperations. Documentsmay include the following:Enterprise ArchitectureDiagrams, CIO Roles and
UnderAssessmentSurvey>ITOperations,
above theapplet, usershould be ableto view thetext asPleaseuploaddocuments
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
27/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 20 of 28
Responsibilities, and ITGovernance Structure.Note: these documentswill not be used tocalculate your dashboardcompliance levels
that supportthegovernance ofthe entity's IToperations.Documentsmay includethe following:EnterpriseArchitectureDiagrams,CIO Roles andResponsibilities, and ITGovernanceStructure.Note: thesedocuments willnot be used tocalculate yourdashboardcompliancelevels
CFT 32 CR-645 AssessmentSurvey>Submit
Click on Submit forAssessment
User shouldbe able toview an alertSurveyCompletedsuccessfully
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
28/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 21 of 28
CFT 33 BR-15 Dashboard
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
29/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 22 of 28
on Findings
CFT 37 Compliance
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
30/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 23 of 28
with ValidLogincredentials
AFT 20 Check whether user isable to view the topmodules as below:(A) Dashboard(B) Assessment Survey
(C) ExecutiveQuestionnaire(D) Set Date(E) Help
User shouldbe able toview topmodules asbelow:
(A) Dashboard(B)AssessmentSurvey(C) ExecutiveQuestionnaire(D) Set Date(E) Help
AFT 21 Check whether user isable to view theDashboard sub modulesas below:(A) Home(B) Findings
(C) Control Repository(D) Compliance(E) Reports
User shouldbe able toview theDashboardsub modulesas below:
(A) Home(B) Findings(C) ControlRepository(D)Compliance(E) Reports
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
31/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 24 of 28
AFT 22 Check whether user hasthe below categories:1) Policy2) Procedure3) Implementation4) Enforcement
User shouldbe able toview the belowcategories:
1) Policy2) Proced
ure3) Implem
entation4) Enforce
ment
AFT 23 Check whether Assessorhas option to search theFindings based onCategory
Assessorshould haveoption tosearchFindingsbased onCategory
AFT 24 Check whether bydefault, Home ishighlighted where usercan view SummaryDetails-Findings records
with column names(ID,Description,Recommendation)
By default,user should beable to viewthat Home ishighlighted
where usercan viewSummaryDetails-Findingsrecords withcolumnnames(ID,
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
32/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 25 of 28
Description,Recommendation)
AFT 25 Check whether belowSummary Details-Findings records, user isable to view ComplianceDashboard graph with
percentage mentioned
BelowSummaryDetails-Findingsrecords, user
should be ableto viewComplianceDashboardgraph withpercentagementioned
AFT 26 On the top left side,below Home checkwhether user is able toview Location(heading)with dropdown boxes asbelow:(A) State
(B) City(C) Facility(D) Dept.
On the top leftside, belowHome usershould be ableto viewLocation(heading) with
dropdownboxes asbelow:(A) State(B) City(C) Facility(D) Dept.
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
33/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 26 of 28
AFT 27 Check whether on the topright side, user is able toview Client usernames(listbox)
On the topright side, usershould be ableto view Clientusernames(listbox)
AFT 28 Pre-condition: After theClient Login user submitsthe Assessment SurveyQuestionnaireCheck whether user isable to view a alert scrolltext from right to leftreminding ie,Assessment SurveyQuestionnaire iscompleted for QSSI.Document review can bestarted
User shouldbe able toview a alertscroll text fromright to leftreminding ie,AssessmentSurveyQuestionnaireis completedfor QSSI.Documentreview can bestarted
AFT 29 Check whether on the topleft side, user is able toview HIPAA & on the
top right side, whetheruser is able to viewMyPHRSC
On the top left
side, user
should be ableto view
HIPAA & on
the top right
side, user
should be able
to view
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
34/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 27 of 28
MyPHRSC
AFT 30 Keep the cursor on thedesired ID underID(column name)
User shouldbe able toview a handicon indicatingits a link
AFT 31 Click on the desired IDunder ID(column name)
A childwindow shouldopen withwhere usercan viewFindingsdetails withsubheadings(Category,Compliance,Risk) withSubmit &Cancel(button
s)AFT 32 Click on Cancel button Finding
Details(childwindow)should beclosed
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
35/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 28 of 28
AFT 33 Click on the desired IDunder ID(column name)
A childwindow shouldopen withwhere usercan viewFindingsdetails withsubheadings(Category,Compliance,Risk) withSubmit &Cancel(buttons)
AFT 34 Enter/Select the desireddata & click on Submit
FindingDetails(childwindow)should beclosed
AFT 35 In Summary Details-Findings(page),click on
the same ID underID(column name)
User shouldbe able to
view thenew/changeddata which theuserentered/selected recently
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
36/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 29 of 28
AFT 36 Check whether user isable to view QSSI logo
User shouldNOT be ableto view QSSIlogo
AFT 37 Check whether user isable to view HIPAA+ logo& project specific logolike MyPHRSC
User shouldbe able toview HIPAA+& projectspecific logo
AFT 38 Check whether user isable to viewRecommendations inDashboard
User shouldbe able toviewRecommendations in theDashboardinstead ofCorrectiveAction Plan
AFT 39 Check whether user isable to viewRecommendations inIndividual Findings page
User shouldbe able toviewRecommenda
tions in theIndividualFindings pageinstead ofCorrectiveAction Plan
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
37/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 30 of 28
AFT 40 In Findings table, checkwhether width of ID &Findings(columns) areconsistent with eachother
Width of ID &Findings(columns) shouldbe consistentwith eachother
AFT 41 In ComplianceDashboard(page), checkwhether user is able toview value percentage inthe format of number &then %
User shouldbe able toview valuepercentage inthe format ofnumber & then%(percentagesymbol) Ex:99%
AFT 42 In Assessor Login, Clickon Dashboard
On the top ofthe menu,user should beable to view
SetDate(tab)
AFT 43 Click on the desiredquestionnaire (tab)
User shouldbe able toview thecorrespondingquestionnairedetails
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
38/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 31 of 28
AFT 44 Change/Edit the desireddetails
User shouldbe able tochange/editthe desireddetails
AFT 45 Click on Clear(button) The dataselected/entered should becleared
AFT 46 Click on Next button User shouldbe directed tothe next page
AFT 47 Now, Click on Prev User shouldbe directed toprevious page
AFT 48 Check whether the datais cleared from the
questionnaire
Data shouldNOT be
cleared fromthequestionaree
AFT 49 Select/enter/change thedesired data
User shouldbe able toselect/enter/change thedesired data
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
39/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 32 of 28
AFT 50 Click on Next User should
be directed to
the next
questionaree
AFT 51 In Assessor Login, Checkwhether user is able toview Set Date(tab) on thetop menu bar
NA User shouldbe able toview SetDate(tab) onthe top of themenu bar
AFT 52 Click on Set Date(tab) User shouldbe navigatedto SetDate(page)where usercan set thedesired date
AFT 53 Pre-condition: Assumecurrent date as 1 June,2011Select the date which isprevious(before) than thecurrent date
31 May 2011 User shouldNOT be ableto select thedate which isprevious(before) than thecurrent date
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
40/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 33 of 28
AFT 54 Pre-condition: Assumecurrent date as 1 June,2011 Selectthe date which is sameas current date
1 June 2011 User shouldNOT be ableto select thedate which isthe same ascurrent date
AFT 55 Pre-condition: Date set isafter 90 daysFrom Set thedate(Calender), Selectthe date ie, after/next to90 days from thecurrent/present date
29 Aug 2011 User shouldbe able to setthe date whichis after/next to90 days fromthe presentdate
RFT 1 Restricted UserRegistration
Click on Register on theupper right hand cornerof the page
No AdditionalInputs required
Restricteduser shouldsee a userregistrationpage
RFT 2 1)FromUserType(dropdownbox), select RestrictedUser2)Enter All Fields markedwith a red * and click onsubmit
Restricteduser shouldsee a popupwith amessagestating that theuser has beensuccessfullyregistered
RFT 3 Receive Email No AdditionalInputs required
Restricteduser Shouldreceive anemail stating
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
41/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 34 of 28
that they havebeensuccessfullyregistered butnot activated
ADT 8 Admin Login Enter Admin logincredentials & click onLogin
Admin/qssi!@#786 User shouldbe able tologinsuccessfully
ADT 9 Admin Login On the top right side,under MyAccount, Clickon Activate User
User shouldbe navigatedto ActivateUser(childwindow) withrows with 4columnnames(Active,UserName,Email, Delete)with Activate &Cancel(buttons)
ADT 10 Admin Select the desiredcheckbox underActive(Column name) forwhich the user wants toactivate the account &click on Activate(button)
The usernameactivated byadmin usershould NOTbe displayedin the row &user shouldgetconfirmation
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
42/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 35 of 28
messageActivation ofuser(s)successful
RFT 4 Restricted UserRegistration
Check whether Restricteduser receives an emailstating that client userhas been activated & now
user can login
No AdditionalInputs required
Once the userhas beenactivated bythe Admin, the
Restricteduser shouldreceive anemail statingthat they havebeen activatedand can loginto thesystem
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
43/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 36 of 28
6.1.2 Internal Reviewer Functional test cases
TestScenarioID
TestDescription
Testing Method Inputs Expected Results Verification method
6.1.3 Admin Functional Test Cases
TestScenarioID
TestDescription
Testing Method Inputs Expected Results Verification method
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
44/58
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
45/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 38 of 28
6.4 Performance Test Cases
TestScenarioID
TestDescription Testingmethod Inputs ExpectedResults Verificationmethod
APT 1Verify theperformanceof home page
Enter valid url http://wwwv.healthitplus.com/HIPAA-PLUS/form.aspx
Check howmuch time itstaking to openthe homepage.
APT 2 Verify theperformanceof sign inpage
Enter validusercredentialsand click onlogin and itsnavigate tothedashboardscreen
User: hakandukuri111.Passd:qssi!@#786
Check howmuch time itstaking fromsign in pageto Home pagescreen.
APT 3. Verify theperformanceof registerpage
Click onRegister linkits navigate totheregistrationpage
Click on link Check howmuch time itstaking fromhome page toregistrationpage.
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
46/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 39 of 28
APT 4. Verify theperformanceof registerpage.
Give validdata click onsubmit buttonits navigate tothe homepage.
Enter valid data Check howmuch time itstaking fromregister pageto homepage.
APT 5. Verify theperformanceof AssessorRegistration
Click onAssessorRegister linkits navigate tothe Assessorregistrationpage
Click on link Check howmuch time itstaking fromregistrationpage toAssessorRegistrationpage.
APT 6. Verify theperformanceof Assessorregistrationpage.
Give validdata click onsubmit buttonits navigate tothe homepage.
Enter valid data Check howmuch time itstaking fromregistrationpage to homepage.
APT 7. Verify theperformanceof AssessorDash boardlink in homepage
Enter validsing in detailsclick onAssessorDash boardlink in homepage
Give client user credentials.hakandukuri111.Passd:qssi!@#786
Check howmuch time itstaking fromHome page toAssessorDash boardscreen.
APT 8. Verify theperformanceof theassessment
Click onassessmentsurvey tab itsnavigate to
Click on assessment survey tab Check howmuch time itstaking to openassessment
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
47/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 40 of 28
survey tab. the concernpage.
surveyscreen.
APT 9. Verify theperformanceof the securitytab.
Click onsecurity tabits navigate tothe concernpage.
Click on security tab. Check howmuch time itstaking to openSecurityscreen
APT 10. Verify the
performanceof the Privacytab.
Click on
Privacy tab itsnavigate tothe concernpage.
Click on Privacy tab. Check how
much time itstaking to openPrivacyscreen
APT 11. Verify theperformanceof theAgreementstab.
Click onAgreementstab itsnavigate tothe concernpage.
Click on Agreements tab. Check howmuch time itstaking to openAgreementsscreen
APT 12. Verify theperformanceof the ITOperationstab.
Click on ITOperationstab itsnavigate tothe concernpage.
Click on IT Operations tab. Check howmuch time itstaking to openIT Operationsscreen
APT 13. Verify theperformanceof theAdministrativeSafe guardtab.
Click onAdministrativeSafe guardtab itsnavigate tothe concernpage.
Click on Administrative Safe guard Check howmuch time itstaking to openAdministrativeSafe guardscreen
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
48/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 41 of 28
APT 14. Verify theperformanceof theAdministrativeSafe guardtab.
Enter validanswer andgive 20 MBdocumentupload.
Click on questions Yes and indocument Yes upload document
Check howmuch time itstaking tonavigate thenext page.
APT 15. Verify theperformanceof theAdministrativeSafe guardtab.
Enter validanswer anddont uploadthedocument.
Click on questions Yes and indocument NO upload document
Check howmuch time itstaking tonavigate thenext page.
APT 16. Verify theperformanceof thePhysicalSafeguardtab.
Click onPhysicalSafeguard tabits navigate tothe concernpage.
Click on Physical Safeguard Check howmuch time itstaking to openPhysicalSafeguardscreen
APT 17 Verify theperformanceof thePhysicalSafeguardtab.
Enter validanswer andgive 20 MBdocumentupload.
Click on questions Yes and indocument Yes upload document
Check howmuch time itstaking tonavigate thenext page.
APT 18Verify theperformanceof thePhysical Safeguard tab.
Enter validanswer anddont uploadthedocument.
Click on questions Yes and indocument NO upload document
Check howmuch time itstaking tonavigate thenext page.
APT 19 Verify theperformance
Click onTechnical
Click on Technical Safeguard Check howmuch time its
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
49/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 42 of 28
of theTechnicalSafeguardtab.
Safeguard tabits navigate tothe concernpage.
taking to openTechnicalSafeguardscreen
APT 20 Verify theperformanceof theTechnicalSafeguardtab.
Enter validanswer andgive 20 MBdocumentupload.
Click on questions Yes and indocument Yes upload document
Check howmuch time itstaking tonavigate thenext page.
APT 21 Verify theperformanceof theTechnicalSafeguardtab.
Enter validanswer anddont uploadthedocument.
Click on questions Yes and indocument NO upload document
Check howmuch time itstaking tonavigate thenext page.
APT 22 Verify thePerformanceof the submitforassessmentbutton
Enter validdata in allfields click onsubmit getsuccessfulmessage
Check howmuch time itstaking to getconfirmationsuccessfulmessage.
APT 23 Verify theperformanceof the setdate tab inassessorlogin
Click on setdate tab itsnavigate toconcernpage.
Enter assessor login credentialsUser name:assessor111Pssd: qssi!@#786
Check howmuch time itstaking to getset datepage.
APT 24 Verify theperformanceof Document
Click onDocumentReview
Click on the button Check howmuch time itstaking to get
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
50/58
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
51/58
HIPAA+ Solution Suite
_____________________________________________________________________________________________
HIPAA+ Assessor Dashboard NACHRI ReleaseTest Plan Version 1.5Page 44 of 28
6.5 Security Test Cases
6.5.1 HIPAA+ Test cases
Test Scenario ID Test Description Testing method Inputs Expected Results Verification
6.5.2 HIPAA+ ASSESSOR security test cases
Test Scenario ID Test Description Testing method Inputs ExpectedResults
Verificationmethod
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
52/58
_____________________________________________________________________________________________
Page 45 of 28
7. TEST ENVIRONMENT
QSSI has an internal test environment that mimics the production environment inHIPAA+. Regression Test
7.1. Hardware
The QSSI Test Team will conduct testing using standard IBM compatible Desktopworkstations.
7.2. Software
The following table contains software used throughout testing.
Table 2
SoftwareItem no Software Version Licenses
OwnerPurpose
1 MicrosoftWindows
7 HIPAA+ For end user laptops and desktops
2 MicrosoftWindowsServer
2008 HIPAA+ For hosting application services
3 MicrosoftSQL
2005 HIPAA+ For databasesHIPAA+ Website.
4 Apache
Tomcat
6.0 HIPAA+ For Hosting the Assessor Module
5 IIS HIPAA+ For Hosting the HIPAA+ Website
6 MySQL 5.2 HIPAA+ For databaseAssessor Module
7.3. Test Data
Test data will be developed according to specifications in the Interface ControlDocuments (ICD).
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
53/58
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
54/58
_____________________________________________________________________________________________
Page 47 of 28
10. ASSUMPTIONS
N/A
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
55/58
_____________________________________________________________________________________________
Page 48 of 28
11. RISKS AND ISSUES
N/A
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
56/58
_____________________________________________________________________________________________
Page 49 of 28
12. GLOSSARY
Test Summary ReportThis report summarizes what testing activities took place, including theversions/releases of the software, environment, etc. It includes information onvariances and incidents, and documents resolutions including:
a. Summary of the test including the test cases, dates tested, and pass/fail.b. Any variances from the Test Plan/Test Case Specification.
Results include problems/incidents and their resolution as well as unresolvedproblems/incidents and plans of action for resolution.
Software Verification vs. ValidationSoftware testing is used in association with verification and validation:
Verification: Process based, ensure the software is built right i.e. matching therequirement specifications.
Validation: Product based, ensure the software is built right that the customer wants.
Static vs. Dynamic testingThere are many approaches to software testing. Reviews, walkthroughs or inspectionsare considered as static testing, whereas actually executing programmed code with agiven set of test procedures is referred to as dynamic testing.
Validation Readiness Review(formally the TRR):ESD-M contractor, QSSI shall participate in the VRR which is conducted by NG afterstring testing and prior to formal systems testing. The VRR is conducted to affirm finalagreement from all stakeholders regarding the readiness of the system to begin formaltesting. The purpose of the VRR is to ensure that all prerequisites leading up to formaltesting have been met.
Implementation Readiness Review(formally the PRR):ESD-M contractor, QSSI shall participate in an IRR conducted by NG. The purpose ofthe IRR is to ensure that the release is ready for implementation activities, such that therequired system hardware, networking and telecommunications equipment, software,and databases can be installed and configured in the OTHER production environments.
A separate IRR is required for each release. Persons with technical knowledge of thesoftware products to be reviewed shall attend this review. The OTHER GTL mustapprove the release prior to implementation.
Operational Readiness Review:
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
57/58
_____________________________________________________________________________________________
Page 50 of 28
ESD-M contractor, QSSI shall participate in an ORR conducted by NG. The purpose ofthe ORR is to ensure that the release is ready for implementation activities, such thatthe required system hardware, networking and telecommunications equipment,software, and databases can be installed and configured in the OTHER productionenvironments. A separate ORR is required for each release. Persons with technical
knowledge of the software products to be reviewed shall attend this review. TheOTHER GTL must approve the release prior to implementation. The ORR is the finalstage where the maintainer moves the code to actual production.
Performance testingchecks to see if the software can handle large quantities of dataor users. This is generally referred to as software scalability.
Unit testingtests the minimal software component, or module. Each unit (basiccomponent) of the software is tested to verify that the detailed design for the unit hasbeen correctly implemented. In an object-oriented environment, this is usually at theclass level, and the minimal unit tests include the constructors and destructors.
Integration testingexposes defects in the interfaces and interaction betweenintegrated components (modules). Progressively larger groups of tested softwarecomponents corresponding to elements of the architectural design are integrated andtested until the software works as a system.
System testingtests a completely integrated system to verify that it meets itsrequirements.
System integration testingverifies that a system is integrated to any external or thirdparty systems defined in the system requirements.
Regression testing after modifying software, either for a change in functionality or to fixdefects, a regression test re-runs previously passing tests on the modified software toensure that the modifications haven't unintentionally caused a regression of previousfunctionality. Regression testing can be performed at any or all of the above test levels.These regression tests are often automated. More specific forms of regression testingare known as sanity testing.
-
8/12/2019 System Level Test Cases HIPAA_PLUS_ASSESSOR Version 1.6
58/58
APPENDICES
N/A