Process Security Testing

1.0 Testing for mandatory password reset for first time login.

Step ID

Description

Precondition

Expected Results

Actual Results

Pass or Fail

Notes

1

Connect to the OSCAR main page

1. OSCAR Software Test Version 15, system and DB up and running. 2. OSCAR user is setup and have the correct credentials to login

Oscar Opens

   

2

Login

Oscar welcome page prompts user to Enter credentials (User Name/ Password)

 

1. By entering right credentials user is getting system verification acceptance.

2.Once logged in, user is required to reset password

 

   

3

Check for unused accounts

OSCAR System in production

1. Verified that no unused accounts are in the system and all accounts have their properly assigned roles.

2. Very limited users has Admin rights.

   

 

1.1 Testing for remote login restrictions

Step ID

Description

Precondition

Expected Results

Actual Results

Pass or Fail

Notes

1

Connect to the OSCAR main page

1. OSCAR Software Test Version 15, system and DB up and running. 2. OSCAR user is registered and have the correct credentials to login

Oscar Opens

   

2

Login

1.Oscar welcome page prompts user to Enter credentials (User Name/ Password/Second level password)

2.User remotely logs in with only inputs username and password.


 

1.Unsuccessful login. Remote login require second level authentication.

2.System audits and logs all logins, successful and failed accessing the Clinical Management System Serve

   

 

1.2 Testing for encryption of back up files

 

Step ID

Description

Precondition

Expected Results

Actual Results

Pass or Fail

Notes

1

Encrypt back up files.

All files are set up and backed up.

All back up files are encrypted

   

2

Secure connection for back up files

Encrypted files should be copied using a secure connection

1.Secure Shell (SSH) is being used.

 

2.Data is to be stored in a secure location on server.

   

3

Copy encrypted files

Encrypted  files require a secure location

1.Copy encrypted files to an external media device. 2.Verify external media device should also be encrypted.

3.Store copies in two different locations.