论软件质量保证及其应用
软件质量保证(Software Quality Assurance, SQA)是指为保证软件系统或软件产品充分满足用户要求的质量而进行的有计划、有组织的活动,这些活动贯穿于软件生产的整个生命周期。质量保证人员负责质量保证的计划、监督、记录、分析及报告工作,辅助软件开发人员得到高质量的最终产品。
请围绕“软件质量保证及其应用”论题,依次从以下三个方面进行论述。
概要叙述你参与管理和开发的软件项目以及你在其中所担任的主要工作。
详细论述软件质量保证中常见的活动有哪些?阐述每个活动的主要内容。
结合你具体参与管理和开发的实际项目,说明是如何实施软件质量保证的各项活动,说明其实施过程及应用效果。
正确答案及解析
正确答案
解析
一、应结合自己参与的信息系统项目,说明在其中所承担的工作。
二、问题2涉及到一些知识性内容,需要的素材如下:
质量保证是指定期评估项目总体绩效,建立项目能达到相关质量标准的信心。质量保证对项目的最终结果负责,而且还要对整个项目过程承担质量责任;质量控制是指监测项目的总体结果,判断它们是否符合相关质量标准,并找出如何消除不合格绩效的方法。
软件质量保证(Software Quality Assurance, SQA)是指为保证软件系统或软件产品充分满足用户要求的质量而进行的有计划、有组织的活动,这些活动贯穿于软件生产的各个阶段即整个生命周期。SQA由各项任务构成,这些任务的参与者有两种人,分别是软件开发人员和质量保证人员。前者负责技术工作,后者负责质量保证的计划、监督、记录、分析及报告工作。软件开发人员通过采用可靠的技术、方法和措施,进行正式的技术评审,执行软件测试来保证软件产品的质量。质量保证人员则辅助软件开发人员得到高质量的最终产品。
美国卡耐基 梅隆大学软件工程研究所推荐了一组有关质量保证的计划、监督、记录、分析及报告的SQA活动,这些活动由一个独立的SQA小组执行。
(1)制订SQA计划。SQA计划在制订项目计划时制订,由相关部门审定。它规定了软件开发小组和质量保证小组需要执行的质量保证活动。有关该计划的详细内容,请阅读《系统分析师教程》20.7.2节。
(2)参与开发该软件项目的软件过程描述。软件开发小组为将要开展的工作选择软件过程,SQA小组则要评审过程说明,以保证该过程与企业政策、内部的软件标准、外界所制订的标准以及项目开发计划的其他部分相符。
(3)评审。评审各项软件工程活动,核实其是否符合已定义的软件过程。SQA小组识别、记录和跟踪所有偏离过程的偏差,核实其是否已经改正。
(4)审计。审计指定的软件工作产品,核实其是否符合已定义的软件过程中的相应部分。SQA小组对选出的产品进行评审,识别、记录和跟踪出现的偏差,核实其是否已经改正,定期向项目负责人报告工作结果。
(5)记录并处理偏差。确保软件工作及工作产品中的偏差已被记录在案,并根据预定规程进行处理。偏差可能出现在项目计划、过程描述、采用的标准或技术工作产品中。
(6)报告。记录所有不符合部分,并向上级管理部门报告。跟踪不符合的部分直到问题得到解决。
除了进行上述活动外,SQA小组还需要协调变更的控制与管理,并帮助收集和分析软件度量的信息。
三、结合具体参与的项目,从上面写到的几个方面来展开论述说明自己是如何进行质量保证工作的。最后总结效果,并指出不足,给出改进意见。
包含此试题的试卷
你可能感兴趣的试题
Data security is the practice of protecting digital information from ( )access,corruption,or theft throughout its entire lifecycle. It is a concept that encompasses every aspect of information security from the ( )security of hardware and storage devices to administrative and access controls,as well as the logical security of software applications. It also includes organizational ( )and procedures.Data security involves deploying tools and technologies that enhance the organization's visibility into where its critical data resides and how it is used. These tools and technologies should ( )the growing challenges inherent in securing today's complex distributed,hybrid,and/or multicloud computing environments.Ideally,these tools should be able to apply protections like (作答此空),data masking,and redaction of sensitive files, and should automate reporting to streamline audits and adhering to regulatory requirements.
-
- A.compression
- B.encryption
- C.decryption
- D.translation
- 查看答案
Data security is the practice of protecting digital information from ( )access,corruption,or theft throughout its entire lifecycle. It is a concept that encompasses every aspect of information security from the ( )security of hardware and storage devices to administrative and access controls,as well as the logical security of software applications. It also includes organizational ( )and procedures.Data security involves deploying tools and technologies that enhance the organization's visibility into where its critical data resides and how it is used. These tools and technologies should (作答此空)the growing challenges inherent in securing today's complex distributed,hybrid,and/or multicloud computing environments.Ideally,these tools should be able to apply protections like ( ),data masking,and redaction of sensitive files, and should automate reporting to streamline audits and adhering to regulatory requirements.
-
- A.address
- B.define
- C.ignore
- D.pose
- 查看答案
Data security is the practice of protecting digital information from ( )access,corruption,or theft throughout its entire lifecycle. It is a concept that encompasses every aspect of information security from the ( )security of hardware and storage devices to administrative and access controls,as well as the logical security of software applications. It also includes organizational (作答此空)and procedures.Data security involves deploying tools and technologies that enhance the organization's visibility into where its critical data resides and how it is used. These tools and technologies should ( )the growing challenges inherent in securing today's complex distributed,hybrid,and/or multicloud computing environments.Ideally,these tools should be able to apply protections like ( ),data masking,and redaction of sensitive files, and should automate reporting to streamline audits and adhering to regulatory requirements.
-
- A.behaviors
- B.cultures
- C.policies
- D.structures
- 查看答案
Data security is the practice of protecting digital information from ( )access,corruption,or theft throughout its entire lifecycle. It is a concept that encompasses every aspect of information security from the (作答此空)security of hardware and storage devices to administrative and access controls,as well as the logical security of software applications. It also includes organizational ( )and procedures.Data security involves deploying tools and technologies that enhance the organization's visibility into where its critical data resides and how it is used. These tools and technologies should ( )the growing challenges inherent in securing today's complex distributed,hybrid,and/or multicloud computing environments.Ideally,these tools should be able to apply protections like ( ),data masking,and redaction of sensitive files, and should automate reporting to streamline audits and adhering to regulatory requirements.
-
- A.logical
- B.physical
- C.network
- D.Information
- 查看答案
Data security is the practice of protecting digital information from (作答此空)access,corruption,or theft throughout its entire lifecycle. It is a concept that encompasses every aspect of information security from the ( )security of hardware and storage devices to administrative and access controls,as well as the logical security of software applications. It also includes organizational ( )and procedures.Data security involves deploying tools and technologies that enhance the organization's visibility into where its critical data resides and how it is used. These tools and technologies should ( )the growing challenges inherent in securing today's complex distributed,hybrid,and/or multicloud computing environments.Ideally,these tools should be able to apply protections like ( ),data masking,and redaction of sensitive files, and should automate reporting to streamline audits and adhering to regulatory requirements.
-
- A.unauthorizeD
- B.authorizeD
- C.normal
- D.frequent
- 查看答案