All IT systems at some point in their lifecycle need to consider non-functional requirements and their testing. For some projects these requirements warrant extensive work and for other project domains a quick check through may be sufficient. As a minimum, the following list can be a helpful reminder to ensure you have covered the basics. Based on your own project characteristics, I would recommend the topics are converted into SMART (Specific, Measurable, Attainable, Realisable, Timeboxed / Traceable) requirements with the detail and rigour appropriate to your project.
The list is also available at the bottom of the article as a one-page PDF document. While it is easy to make the list longer by adding more items, I would really like to hear how to make the list better while keeping it on one page (and readable) to share with other visitors here.
• Login requirements - access levels, CRUD levels
• Password requirements - length, special characters, expiry, recycling policies
• Inactivity timeouts – durations, actions
• Audited elements – what business elements will be audited?
• Audited fields – which data fields will be audited?
• Audit file characteristics - before image, after image, user and time stamp, etc