Essay Example on Software-intensive systems are never built Overnight

Any software moreover a complex software intensive systems such as AML ones are never built overnight It usually takes a lot of planning interactions with the financial institutions and testing to be able to come up with even an initial version of the application Developers software quality assurance QA if implemented should follows comprehensive standards in ensuring that the application built satisfies the requirements Once the software products are delivered to the market the internal QA function completes its purpose and it is up to the customers to assess and evaluate the attributes of the software that satisfies their requirements When the business purchases COTS in reality they acquire a black box of functionalities which in theory satisfy certain requirements the buyer has no access to source code Consequently the risk for defects not discovered or fully addressed during the development as well as the validation the correctness and fitness for using the software product based on real world cases and environments as opposed to documented specifications becomes a sole responsibility of the business that purchases that product This transfer of responsibilities for such high risk and compliant driver environment like AML represents a high inherent risk 

We understand that a common quality model and evaluation criteria for COTS will serve as interrelated term and conjoint criteria among the lines of defense and empower each AML each function Internal Audit Risk Management Compliance and Controls Testing Monitoring Solutions into a strategic asset to drive business performance The Federal Deposit Insurance Corporation FDIC as examining and supervising financial institutions body had issued direction FIL 121 2004 for the bankers on performing proper due diligence when selecting a software package or service provider including ensuring that the software package is compliant with applicable laws In addition to that the FDIC directs the banks on exercising a due diligence and developing programs for assessing the quality and the effectiveness of the COTS and the software provided as a service However at the same time a quality and effectiveness are very general terms for measurement and they need to be narrowed and defined specifically in the context of their use for the AML market We used scholar search engines Google search databases ScienceDirect Ebsco Emerald Fulltext and Management Reviews IEEE Computer Society Digital Library to for researching and finding the industry standards for quality models for software We utilized these scientific sources also to explore and examine the software AML vendors and the availability of the data related to their criteria for software quality criteria and compliance metrics Before we explore and discuss the prevailing industry quality models and put them into AML context we introduce the basis of software measures According to IEEE 24765 2017 E commercial off the shelf COTS is software defined by a market driven need commercially available and whose fitness for use has been demonstrated by a broad spectrum of commercial users p 59 

 The former usually stipulate a strict set of quality characteristics or metrics whereas the latter use methods to guide the experts in the descent of customized matrices One of the most commonly used customizable QMs is ISO 9126 which was replaced in 2011 with ISO IEC 25010 2011 The standard has eight product quality characteristics depicted in figure Identifying quality attributes for AML software According to Research and M 0001 February the leading players in the global for AML COTS are ACI Worldwide AML Partners Accuity BAE Systems Company Overview Experian PLC FICO Fiserv Inc Global Radar Inetco Systems Limited Infrasoft Technologies Ltd LexisNexis NICE Actimize Targens The study offers a comprehensive analysis of this market is also presented by deployment models on premises and cloud based and geography the Americas Asia Pacific and Europe the Middle East and Africa We performed analysis of the fundamental features of the software offered by these vendors to derive to key characteristics of the and summarized Gain a clear consolidated view of your organization's risk exposure