8-3.3 Testing Restrictions

All information resources must comply with the testing restriction policies below.

The SIT and CAT environments must be representative of the operating landscape, including likely workload stress, operating system, application software, database management systems, and network/computing infrastructure found in the production environment. As the production environment changes, the test environment must also change to stay in synchronization.

The testing must only be conducted within the CAT environment by a test group independent from the development team using clearly defined test instructions (scripts) and interactive testing that adequately address the testing requirements and success criteria defined in the test plan. Errors found during testing must be logged, classified (e.g., minor, significant, and mission critical), and communicated to key stakeholders.

8-3.3.1 Development and Testing in the Production Environment

Development and testing of hardware and software must not be performed in the production environment.

8-3.3.2 Testing With Nonsensitive Production Data

Prior approval in writing is required from the executive sponsor and CIO or designee if nonsensitive production data is to be used in a test environment, regardless of where the testing is conducted. Such approved production data files must be identified as “copies” to prevent them from being re-entered into the production environment.

8-3.3.3 Testing with Sensitive-Enhanced and Sensitive Production Data

Prior approval in writing is required from the CPO, executive sponsor, and CIO or designee if sensitive-enhanced and sensitive information is to be used in a test environment, regardless of where the testing is conducted. Approved data files must be identified as “copies” to prevent them from being re-entered into the production environment.

Prior to usage of production data in a test environment, the test environment must be hardened to production standards.

PII or cardholder data must not be placed in the test environment without being de-identified. The masked/transformed data elements must then be propagated across related tables within the database to preserve the integrity of data relationships, maintain the referential integrity of the test data, and ensure the validity of test results.

8-3.3.4 Testing at Non-Postal Service Facilities with Production Data

Additional approval in writing is required from the manager, CISO, if production data is to be used in a test environment outside of Postal Service facilities. Such approved files must be identified as “copies” to prevent them from being re-entered into the production environment.