Leading Enterprise GRC Client

leverages Compunnel’s Testing

Services to enhance its Core
Business capabilities to the Next
Level

Our tailored End-to-End QA Testing Strategy empowers our customer to transform its
operations while gaining a competitive edge.

www.compunnel.com
 Compunnel Case Study | Functional & Non-Functional QA Engineering

Application Performance Challenges

Overview:

Our client, is a renowned name and leader in Enterprise GRC and Operational Risk Solutions, having it
presence in more than 150 countries in the world. It serves several fortune 500 companies as its
esteemed client.

Application Performance Challenges:

The US-based enterprise GRC company was at risk of compromising its capabilities and hence was losing its
edge to the competitors, mainly due to the below challenges.

Intermittent Application Outages Application Efficiency Inadequate Resource Management

Client applications faced higher
production issues that resulted due to the
performance defects lead to frequent
application outages.
Scalability Issues
Client faced scalability issues due to
inaccurate hardware sizing and
inefficient capacity planning thus
resulting in poor scalability issues.
©2024 Compunnel, Inc.
Client applications were facing
increased production downtime and
reduced application efficiency due to
underperforming code.
Application Integration
Issues
Client applications used outdated
technology stack that resulted as a risk
of accuracy and inconsistency of
data.
Client team faced inadequate resource
management due to poor utilization of
resources such as CPU, memory, and
disk space.
Inefficient resource allocation, lack of
monitoring and inadequate capacity
planning as a major challenge for the
performance of the application.
02
 Compunnel Case Study | Functional & Non-Functional QA Engineering

Our Performance Testing

Solution
After a comprehensive analysis of the company's operations, our Performance specialists identified several core
tasks for Application Performance Optimization. A dedicated team implemented the below strategies to boost the
overall efficiency of the organization.

NFR Gathering & Analysis Disaster Recovery (DR) Testing

Various client systems were analyzed for their peak
usage time periods and the concurrency of users
during high usage duration. The workload production
models that the systems are currently expected to
handle were derived by our performance experts.
In DR testing we assessed the client organization's
readiness to respond to major disasters or catastrophic
events in production and reduce downtime. They
simulated major disruptions (e.g., data center failures) and
evaluate the effectiveness of disaster recovery plans and
capacity planning.

Cloud Performance Testing Failover and Redundancy Testing

We designed the performance tests based on the
above derived workload models for the entire system
to uncover the bottlenecks and the scalability issues
using the Performance Testing Tools like JMeter,
LoadRunner and APM Tools like Perfmon,
Dynatrace, etc.
In this phase the client system's ability to handle failures
and maintain availability was validated by the team of
experts. They were able to simulate failures, such as
server crashes or network interruptions, and verify that
failover mechanisms and redundant systems are
functioning as expected.

Source Code Profiling & Tuning

We worked with the client development

teams to uncover the code that are the
hotspots for the poor performance and
scalability issues and help them fixing the
same.

©2024 Compunnel, Inc. 02

 Compunnel Case Study | Functional & Non-Functional QA Engineering

Key
Results
Compunnel's tailored Performance Testing & Engineering solution empowered the client to
achieve multiple gains across operational efficiency, customer satisfaction, and more.

60%
Decrease in system
downtime, system
failures, and
70% emergency fixes in
production due to
30%
Improvement in Performance Improvement in
Response Time issues/defects. overall Stability
Metrics as the 90th Metrics and improved

30%
& 95th percentile resource utilization
30% response times
across transactions
due to better Capacity
planning.
Improvement in Reduced overall Testing
improved.
Concurrency Metrics Time due to reduced
due to better Peak Error Rate Metrics as
and Average
Concurrent users. 40% the overall error rate
was maintained below
Improvement in overall 0.05%.
Scalability Metrices
due to improvement in
Scalability Index.

03

©2024 Compunnel, Inc.

 Compunnel Case Study | Functional & Non-Functional QA Engineering

Application Security Challenges

Overview:

Our client, is a renowned name and leader in Investment Banking Solutions, Investment banking,
securities, wealth management, and investment management services. It is one of the largest investment
banks in the world and is known for its expertise in mergers and acquisitions, capital markets, and wealth
management.

Application Security Challenges:

The US-based Investment Bank was at risk of compromising its capabilities and hence was losing its edge to the
competitors, mainly due to the below challenges.

Compliance and Regulatory

Vulnerabilities in Software
Client systems were prone to Software
vulnerabilities, such as buffer
overflows, injection flaws etc. that
might be exploited by attackers to
compromise systems.
Cyber Threats and Attacks
Client system were at the risk of
cyber threats, including malware,
ransomware, phishing, and social
engineering attacks, that posed
significant challenges to client
©2024 Compunnel, Inc.
application’s software security.
Data Breaches
Client systems were susceptible to
Data breaches, where sensitive
information could be accessed or
stolen by unauthorized parties.
Privacy Concerns
Client teams were facing
challenges in Protecting data
privacy and complying with
regulations such as GDPR and
CCPA.
Requirements
Client faced major challenge in
meeting compliance standards and
regulatory requirements, such as
PCI DSS, HIPAA, and SOX, adds
complexity to software security
efforts.
04
 Compunnel Case Study | Functional & Non-Functional QA Engineering

Our Security Testing

Solutions
After a comprehensive analysis of the company's operations, our Security Architects identified several
core tasks for Security optimization. A dedicated team implemented the below strategies to boost the
overall efficiency of the organization.

Static Application Security Testing (SAST) : Software Composition Analysis (SCA)

The Client organization’s resources were accessed
SAST tools like SonarQube & HP Fortify were
with SCA tools. These tools scanned software
used to analyze the source code. These tools
components, libraries, and dependencies to identify
identified security vulnerabilities, such as
known security vulnerabilities and licensing issues.
injection flaws, insecure authentication, and
These tools helped the client to manage the risks
access control issues, by scanning the code for
associated with third-party software and open-source
known patterns and coding errors.
components.
Dynamic Application Security Testing (DAST) Penetration Testing (Pen
Testing)
DAST tools like OWASP ZAP were leveraged to
The Client organization’s ability to withstand
assess the security of running applications by
Penetration testing was validated in this stage. This
simulating real-world attacks. With this technique involved simulating real-world attacks to identify
we identified vulnerabilities, and test for common
security weaknesses in the client applications. Our
security issues, such as SQL injection, cross-site
Penetration testers, attempted to exploit vulnerabilities
scripting (XSS), and broken authentication. and assess the effectiveness of security controls.
Interactive Application Security Testing (IAST)

IAST that has the combination of both SAST and DAST

approaches tools were used in this phase. These tools
instrumented the application during runtime to monitor
and analyze its behavior for security vulnerabilities

©2024 Compunnel, Inc. 05

 Compunnel Case Study | Functional & Non-Functional QA Engineering

Key
Results
Compunnel's tailored Security Testing & Engineering solutions empowered the client to achieve
multiple gains across operational efficiency, customer satisfaction, and more.

40%
Reduced system
downtime and
emergency fixes in the
60%
50% production for
security defects.
Reduction in Improvement in
Security Risks like managing the
Database security, security incidents

70%
Application security identification and
etc.. 80% resolution.
Enhanced Trust and
Increased compliance to
Reputation.
Compliance and
Regulatory
30% Requirements

Increased Data
Protection.

©2024 Compunnel, Inc. 06

 Compunnel Case Study | Functional & Non-Functional QA Engineering

Functional Quality Challenges

Overview:

Our client, is a renowned name and leader in Internal Audit, and Advisory Services Solutions, having it
presence in more than 150 countries in the world. The company is headquartered in Amstelveen,
Netherlands, and has a global presence with offices in more than 150 countries and is known for its
expertise in financial reporting, risk management, and regulatory compliance.

Application Functional Quality Challenges:

The US-based company is the leader in audit, tax, and advisory services to clients in various industries,
including financial services, technology, healthcare, and consumer goods. .

Market Data Simulation Regulatory Compliance Cross-Platform Compatibility

Customer faced challenges with testing
of the trading applications as it
required large amount of realistic
market data simulation, which was
challenging to create and maintain.
Order Matching and
Execution
Customer faced challenges w.r.t. the
order matching and execution logic of
trading applications as it required
simulating different scenarios. This
©2024 Compunnel, Inc. was challenging, especially when
dealing with complex order types and
trading rules.
Challenges were faced as the Trading
applications needed to comply with Client’s Trading applications needed to
work across different platforms and
various regulatory compliance. Testing
for regulatory compliance was devices. Testing for cross-platform
compatibility was challenging, especially
challenging, especially when dealing
with complex rules and regulations. when dealing with different operating
Regulatory Reporting systems and browsers.
Our client found Testing for regulatory
reporting challenging, especially when
dealing with complex reporting
requirements as the Trading applications
need to generate accurate and timely 07
regulatory reports.
 Compunnel Case Study | Functional & Non-Functional QA Engineering

Our Automation Testing

Solution
After a comprehensive analysis of the company's operations, our Automation specialists identified several core
tasks for Application Automation Testing. A dedicated team implemented the below strategies to boost the overall
efficiency of the organization.

Compliance Testing & Audit Trails

Various client application were analyzed by the experts
and automation testing of the application was proposed
to ensure that it complies with the relevant regulations
and standards. This included testing for specific
requirements, such as data privacy, security, and
accessibility. This also included testing the accuracy and
completeness of the audit trails as well.
Compliance and regulatory applications often required
audit trails to track changes and actions taken within the
application.
Testing for Regulatory Reporting
Testing Regulatory reporting involved generating
accurate and timely reports that comply with regulatory
requirements. This included testing the accuracy and
completeness of the reports generated by the
application.
Audit Trails
Client organization’s Compliance and regulatory applications
that frequently required the audit trails to track changes and
actions taken within the application were tested. This
included testing the accuracy and completeness of the audit
trails.
Integration & Regression Testing
We used Integration and Regression testing frameworks to
test the integration of trading applications with external
systems, such as exchanges and brokers. Different protocols
and APIs. Were tested with the help of Selenium, SOAPUI
and Postman tool. Also, as Compliance and regulatory
applications often need to integrate with other systems, such
as regulatory reporting systems or external databases. Hence,
this included testing the integration points to ensure that data
is accurately and securely exchanged.

Data Privacy and Security

As Compliance and regulatory applications

often deal with sensitive data, so testing for
data privacy and security was important.
This included testing encryption, access
controls, and data handling procedures.

©2024 Compunnel, Inc. 08

 Compunnel Case Study | Functional & Non-Functional QA Engineering

Key
Results
Compunnel's tailored Automation Testing & Engineering solution empowered the client to achieve
multiple gains across operational efficiency, customer satisfaction, and more.

40%
Increased cost saving
due to Automation of
manual and repetitive
tasks.
50%
70% Improvement in overall
Scalability and
Improvement in the Usability Metrics.
overall productivity

40%
of the development
and the testing teams. 70%
Increased adherence to
Improvement in the
the Compliance and
overall Software
Regulatory norms.
defects/bugs being

50%
leaked in production.

Improvement in overall
accuracy of the test
results.

©2024 Compunnel, Inc. 09

Conclusion
Our strategic approach to End-to-End Quality Engineering
showcased the transformative power of Quality Assurance Testing
for overall Software Quality to our client. Through our
customized solutions, the company achieved matured QA
process, streamlined its end-to-end testing operations, efficient
and matured Quality Assurance, and strengthened its overall
software quality assurance process.

These improvements led to increased productivity and financial

gains, establishing a long-lasting partnership where we
consistently deliver digital solutions to foster growth and
maintain their competitive edge.

©2024 Compunnel, Inc. 10

About Compunnel, Inc.
Compunnel leverages a team of seasoned technologists to harness high-impact technologies and tools to tailor innovations that optimize businesses’ customer experience, user experience, and
internal and external processes. Developing innovations that empower organizations to realize the full potential of the cloud, data, decision intelligence, AI/ML, and more, we have impacted
operations excellence of over 2.5 million users while delivering 1000+ modernized applications.

AWARDS AND
RECOGNITION
BEST ADVANCE IN BUSINESS
STRATEGY AND TECHNOLOGY
INNOVATION

GOLD
2021

INDUSTRY
PARTNERSHIPS

CONNECT WITH
US +1 (609) 606-9010 www.compunnel.com USA (HQ): 103 Morgan Lane, Suite 102, Plainsboro, NJ, 08536
contact@compunnel.com
Global Service Coverage: USA l Canada l India

© Copyright 2023, Compunnel, Inc. All rights reserved. No part of this document may be reproduced, stored in a retrieval system, transmitted in any form, or by any means,electronic, mechanical, photocopying, recording, or otherwise,
without the express written permission from Compunnel Digital. The information contained herein is subject to change without notice. All other trademarks mentioned herein belong to their respective owners.