Upstream B2+ Test
Piperion Giles
Code has been validating its own parameters since the dawn of bugs, but an ETL process is like a million parameters per second that all need validating because upstream changes can and will affect you at some point.
So this really depends on your data, each pipeline is different but what I like to do is to break the ETL process into a set of rules. You will have one or more input sources, and each will have one or more attribute and one or more records. You will also have one or more destination, which will have one or more attribute and one or more record. That is the only crucial thing for an ETL (or ELT whatever) process is how and where does your data come in and then, how and where does the data go out. The middle bit matters in that we might do some transformation but ultimately what do we get in, and what do we get out?
That is it really, make it so it is easy to add and remove tests and it is easy to see what has gone wrong when something has gone wrong - do things to help such as include row numbers where you get a failure or include the actual value that failed when there is a failure.
TestMy.net isn't the average upload speed test. TestMy.net gets smarter the more you use it and makes adjustments specific to your computer for a high level of accuracy. This speed test will generate random data within your browser, upload the data back to TMN, calculate your upload speed and log your speed test results. TMN ensures your Internet connection is tested thoroughly with large upload tests up to 100 MB.
TestMy.net's servers are hosted where the websites you visit are hosted. Your provider may prefer testing within their network but is that realistic? TestMy.net provides a real world scenario not a best case scenario which makes this speed test a more accurate representation of your true bandwidth. This is a true and trusted test of your Internet upload speed.
TestMy.net has a high resolution download test. Unlike other speed tests TestMy.net takes measurements during the test to show you the path of your download speed over the course of the test. It conducts tests within the test. The end result is unparalleled result detail.
Information like minimum speed, average speed, maximum speed and variance from minimum to maximum speed during the test are shown along with a graph plotting the speed over time, percentage and data transferred. This extra information is logged to the database and can be a great aid in troubleshooting. Currently TiP is only available on the linear download speed test.
This connection quickly picked up speed, held it there and actually sped up at the end. All marks of great connection quality. Note: Sometimes little variance in speed can also point to an issue like a bottleneck.
The TestMy.net has been intentionally designed with compatibility in mind. TestMy.net is a server-side application so our bandwidth test works in all popular modern browsers, on all platforms and all connection types. PC, Mac, Linux, Android & iOS users can all use TestMy.net without installing anything. All you have to do is point your computer, iPad, iPod, iPhone, Android or other modern device to TestMy.net.
TMN directly interfaces with your browser, without the need for additional software like Flash, Java or an app. This server-side approach not only makes TMN the most compatible speed test online it also makes for a much higher level of accuracy and enables TMN to passively detect computer issues that other speed tests fail to notice.
Note, your default system web browser is always recommended for testing. Although, TestMy.net is an excellent way to highlight performance differences between different browsers. For many years TMN users have reported that Google Chrome and Mozilla Firefox outperform all other browsers in this benchmark... the fact is, if the browser processes this test information faster then it will process other websites information faster. Simple as that. Some versions of Chrome are faster and sometimes Firefox is on top but usually one of those two browsers will be your best bet for performance. Mac users, Safari also performs very well.
This is a real world speed test. Unlike other speed tests that require third party applications, TestMy.net is PHP and HTML5 driven so it uses only your web browser. This makes TMN's speed test more sensitive to browser misconfiguration and is an excellent way to highlight performance differences between web browsers.
Less between you and the test is a good thing. Our competitors speed tests that run through flash or java have a higher CPU overhead and users report throughput bursting. TestMy.net directly interacts with your browser without any plugins or special software.
There are many different types of testing that are available for completing audit procedures. Specifically for SOC 1 and SOC 2 engagements, our test procedures for each control in the report will include inquiry, inspection (or examination), observation, reperformance, or a computer-assisted audit technique (CAAT).
Some controls that we test will include more than one of these methods of testing. For more information on the types of testing methods, please see our article titled Five Types of Testing Methods Used During Audit Procedures.
One audit objective for physical access testing that is easy to understand is confirming that the right people have the right access. This sounds very basic, but confirming this is a little more involved.
Below we will walk through testing the appropriateness of physical access using downstream testing and upstream testing, which is looking at access from both directions; who has access right now and is it appropriate, who used their physical access during the period, and was that use of access appropriate?
For physical access testing, the first step involves obtaining a list of active key card or badge holders and selecting a sample. Sampling should be based on the sampling guidance noted within the AICPA Audit Sampling Guide (for further information on sampling refer to our article, Audit Sampling in SOC Examinations). The testing will then determine, with the assistance of the client and review of provided documentation, whether the active key card holders were:
The upstream audit procedure requires that the activity log for the period being reviewed is obtained from the key card system that includes all key card or badge activity for all holders. Even the activity for those holders that no longer have an active key card or badge needs to be included for the purposes of this testing.
An unmatched query should be run against the list of active key card or badge holders to determine which activity log entries do not match to a current key card or badge holder. Again, a representative sample of these entries should be made and then the auditor will work with the client to figure out if that access was appropriate at the time it occurred. The activity could be for a previous employee not on the current key card or badge holder list, or there could be a number of other explanations.
There are many other aspects to physical access testing not covered in this blog post, such as termination testing (e.g., employee, contractor, client, vendor), an inspection of key card stock, accounting for assigned key cards, and last accessed date analytics. Suffice it to say that audit testing is multi-faceted and more complex than the simply stated objective of the right people having the right access.
Not every control tested requires downstream and upstream testing. Some controls can be tested using inspection or examination and reasonable assurance can be reached easily through that method and no further testing is required.
As controls are being identified and testing methods are being determined, it is important to consider if the control can be and should be tested using downstream and upstream testing. Just like the physical access example above, this method can also be applied when looking at logical access.
At Linford & Company, for all of our engagements, we strive to ensure that we are performing the appropriate testing procedures for all controls we are testing, as well as complying with the guidance set forth by the AICPA. If you would like additional information about testing methods or any of our services, please contact us or click on the following links: SOC 1, SOC 2, HIPAA audits, HITRUST, Royalty Audits, FedRAMP.
Nicole Hemmer started her career in 2000. She is the co-founder of Linford & Co., LLP. Prior to Linford & Co., Nicole worked for Ernst & Young in Indianapolis, Chicago, and Denver. She specializes in SOC examinations and royalty audits and loves the travel and challenge that comes with clients across all industries. Nicole loves working with her clients to help them through examinations for the first time and then working together closely after that to have successful audits.
Maintainers of Custom Upstreams bear the responsibility of pulling in core updates from Pantheon. Regardless of update type, always test changes before you distribute them to your sites. We recommend using the workflow example below to test and update core.
Failure to run the most up-to-date version of core based on upstreams maintained by Pantheon (WordPress and Drupal may cause incompatibilities with the platform (for example, the clear cache button, launch checks, cron, and more).
Create content on your test site and use the standard Pantheon workflow to push up to your Test and Live environments, and fully test core updates. Checkout our guide for an example of generating content from the command line.
We suggest picking a few sample sites with varying functionality and design to test updates on a Multidev environment or agencies that manage large portfolios. Release the update when things look good on these sites.
It's important to use feature branches when applying and testing updates. Updates applied on the master branch and pushed to the remote repository on GitHub or Bitbucket become available to individual sites downstream. Using a feature branch gives you a chance to reveal issues before distributing updates.
c80f0f1006