SES: Software Escrow Solutions
Sales & Support Line: 0161 440 2700, Monday - Friday, 9am-5:30pm
Code Validation Options
“Capture the unique knowledge you would need to maintain your critical applications”
The vast majority of organisations are heavily reliant on third party software providers to develop and maintain their critical business applications and business process tools. A Software Escrow Agreement will of course allow the organisation to access the all important source code required to run and maintain each application. However a base level escrow agreement does not enable your escrow agent to provide tangible assurance as to the complete or accurate nature of the code, or the integrity of any build documentation that the vendor may choose to deposit.
SES in response to significant and detailed customer feedback have developed a series of source code validation options designed to provide independent build documentation and evidence that the code held under each agreement is a useable and complete deposit.
The specific product knowledge and skills required to maintain and deploy your software most commonly resides with your software vendor, or more specifically a key developer within the vendor’s organisation. SES has the technical expertise necessary to work with these key developers to conduct a range of knowledge capture exercises designed around the needs of our clients. On completion of each exercise a detailed independent report, often referred to by our clients as a “build manual”, is compiled and placed into escrow along with the validated code deposit.
“Code Validation is an essential part of any effective Disaster Recovery plan”
The worst case scenario for a software user is of course the sudden demise of their third party software supplier. By participating in a code validation exercise, SES are able to collate the knowledge that would simply not be available to a software licensee and ensure that the code and supporting documentation held in escrow could be used effectively to maintain or redeploy the software as quickly as possible.
The following options are available to all SES clients:
The portfolio of testing solutions offered by SES is based on many years experience in the software escrow arena. However, we appreciate that each client may have unique needs that require a unique code validation solution. We at SES have significant experience in formulating bespoke validation solutions so, if the range of options available do not meet your specific needs, we would be happy to discuss individual requirements directly.
Full Code Validation
This exercise was designed to provide our clients with the assurance that the code provided by the developer and held in our vaults is complete and accurate, and that it has been built into a working application on the developer’s site prior to extraction for the escrow deposit.
SES consultants work on-site with the developer to record and document the entire build process, including build environment, third party tools required and any specific build scripts that the developer observes. The deliverable from this exercise is not only a code deposit that we know can be built into a recognisable application, but equally as important is the detailed report compiled at length by our consultant on completion of the on-site phase of the exercise.
SES off-site Validation
This option is recommended where a third party with little or no prior knowledge of the software application would be required to maintain the software following a release of source code on behalf of the escrow beneficiary. We designed this option to ensure that we are able to replicate the process and the environment required to build the software from scratch. This option also allows SES to provide valuable information surrounding the cost of the build environment, key skills required to perform the build and of course the time required to complete a build in an independent location.
SES recommends this option in addition to the standard Full Code Validation so as to verify the report and build notes created by our own consultants. We can also undertake this validation independently of the Full Code Validation subject to any hardware or software restrictions and the quality of build documentation provided by the developers
Complete Validation
This option has been devised specifically for clients who would prefer to experience a build of the software on their own site in addition to the knowledge capture exercise covered by the Full Code Validation.
This two-phase exercise consists of the Full Code Validation as described previously, followed by a build of the source code at the end users own site using the code removed from the developer during phase one, and also by following the “build instructions” created by our consultant as a direct deliverable of the phase one exercise.
Independent Validation
SES provide independent testing services for customers who may not require Escrow Agreements, but do need to receive independent assurance/evidence of the complete and accurate nature of source code and a detailed manual of the unique build process. This range of testing services can cover a multitude of different scenarios based on the development or implementation of software and third party solutions using our proven and established testing methodology to capture the bespoke knowledge involved in the creation, development and subsequent building of the software.
For more information please contact our Validation Specialists on 0161 440 2700 or email enquires@s-e-suk.co.uk.
“Would you know what to with the source code in the event of a release?”
