nus-se-script
commented
2 months ago Team's Response
No details provided by team.
Items for the Tester to Verify
:question: Issue response
Team chose [response.NotInScope]
- [x] I disagree
Reason for disagreement: This mentions NFRs like use of a DB, which is not allowed in this project. Furthermore, they do mention adhering to industry standard encryption, which I believe was not done and is probably unreasonable in the first place. This should actually be escalated to a severity.Low
Some NFRs they state that might not be reasonable achievable:
industry-standard encryption, RBAC
Some out of scope NFRs are:
disaster recovery measures in event of server failure (i believe this is an offline app)
also talks about managing database queries which is out of scope