SES understands that the vast majority of organisations are heavily reliant on third party software owners to develop and maintain their critical business applications and business process tools.
SES provides Basic Code Validation Testing as standard on all deposits. This entry level testing ensures that the source code held under the Escrow agreement is accessible and virus free so that in the event of release, the end user can access the source code files. Although the basic service provides access to the source code, the entry level testing does not enable SES to provide tangible assurance as to the complete or accurate nature of the source code, or the integrity of any build documentation that the software owner may choose to deposit.
However, SES has developed a series of Source Code Validation Testing options designed to provide independent build documentation and evidence that the source code and other material held under each Escrow agreement comprises a useable and complete deposit.
The specific product knowledge and skills required to maintain and deploy your software most commonly resides with your software owner, or often more specifically with a key developer within the owner’s organisation. SES has the technical expertise necessary to work with these key software owners to conduct a range of audio and visual knowledge capture exercises designed around the needs of our clients. On completion of each exercise a detailed independent report, often referred to by our clients as a “build manual”, is compiled and placed into Escrow along with the validated code deposit.
"Capture the unique knowledge you would need to maintain your critical applications using our code validation testing"
Basic Validation Testing
As standard with each agreement SES offers Basic Validation Testing. This provides information relating to the code and/or data comprising each deposit.
The following checks are carried out as part of the Basic Validation Testing:
- Check that deposited material is apparent on the Media.
- If any files on the media are compressed, ensure they can be de-compressed and note the method or utility used.
- Assess whether any files on the media are encrypted. If encryption is detected, it will be ensured that the files can be decrypted and the method or utility will be noted.
- Check that any passwords used are valid.
- Scan supplied media for viruses.
- Where possible, check that files can be retrieved. A sample number of files shall be viewed to ensure that they can be retrieved.
- A summary/copy of the directory listing of first level de-compressed files is included within the body of the report.
If any of the above checks fail, the Licensor will be notified and asked to provide a replacement deposit which will be retested.
Once completed SES will compile a report (this document) which will be forwarded to all parties concerned under the Escrow agreements confirming all checks have been made. SES will ask the Licensor to submit the most up to date material at least once per annum (or at a frequency agreed) as specified within the terms and conditions set out in the Agreement.
Complete Code Validation Testing
"Software testing - ensure you can use the source code held in escrow"
SES’s Software Testing and Complete Code Validation service ensures that the source code we will ultimately hold in our vaults is complete, accurate and can be built into a working application. This is achieved by witnessing and recording the software owner’s development team executing a complete build of the software in their environment.
Added to this and perhaps the most important deliverable aspect of this exercise, is the detailed report including an audio and visual recording created by the SES consultant which contains vital information that any programmer would need in order to quickly and effectively deploy the software.
SES strongly recommends a Complete Code Validation as the minimum level of protection for any software application that is of a critical nature to the end user, or is a revenue generating application.
Key Benefits of Complete Code Validation:
- Proves that the source code held under the Escrow agreement is complete, accurate, and contains all the source code and build files, the build having been witnessed by our consultant
- Random functionality testing carried out on the built application at the end of the validation exercise to confirm the application functions correctly
- Independent report compiled and deposited in Escrow along with the complete code deposit. Report includes unique details of any third party tools, build environment and build processes executed by the developer
- Increased DR capability as the Escrow agreement with the source code validation option provides a greater degree of certainty that the code held in Escrow can be used effectively
- Added protection against the loss of key development staff involved in developing/building the application
- Peace of mind for the user that all necessary build documentation is held in escrow for the purpose of a rapid deployment of the software in the event of a release of source code
- Assurance that even the most complex applications can be rebuilt based on the SES independent validation report
- Secure transportation of the validated source code by an SES consultant
To find out more about our Code Validation Testing options, please contact one of our specialists on:
0161 488 1400 or email: email@example.com