How CICC’s Continuous Testing Achieved Level‑3 DevOps Certification and Boosted Quality

Background

With the widespread practice of R&D‑operations integration across industries, testing has become a key link for improving the quality of R&D operations. The Ministry of Industry and Information Technology’s "14th Five‑Year Plan for Software and IT Services" emphasizes enhancing software quality management, monitoring, early warning, and evaluation capabilities, and calls for a complete testing certification and evaluation system. Test‑driven development improves efficiency, delivery capability, and quality assurance, making software testing a strategic focus in the national software technology agenda.

Event and Assessment Results

On October 26, 2023, the 21st GOPS Global Operations Conference was held in Shanghai, jointly organized by the Efficient Operations Community and the DevOps Era Community. At this conference, the China Information Communication Research Institute announced the first batch of Continuous Testing (CT) standard assessment results.

CICC’s project "Comprehensive Risk Management System Unified Business Management Platform" successfully passed the CT Level‑3 assessment, indicating that CICC’s capabilities in continuous testing are at a leading domestic level. In the same batch, CICC also passed two DevSecOps assessments.

To date, CICC has passed 10 continuous delivery assessments, 2 DevSecOps assessments, 1 CT assessment, and 1 system‑and‑tool assessment.

Interview Highlights

We interviewed CICC’s Chief Information Officer Cheng Long, IT Department Head Ye Mingdeng, Executive General Manager Luo Chang, Executive General Manager Song Xiang, and Deputy General Manager Xu Meng. Their insights cover the details and stories of the project’s participation in the assessment and the experience of continuous testing practice.

Feeling about passing CT Level‑3

Cheng Long: We are very pleased that our comprehensive risk management platform passed the CT Level‑3 assessment, which means our testing center meets the latest DevOps continuous testing maturity requirements and provides advanced practice experience for internal quality assurance, taking a solid step toward quality improvement across all business lines.

Importance of a continuous testing system

Cheng Long: The national strategy of high‑quality development requires improving quality at every stage of software development—requirements, code, testing, and delivery—while ensuring stable production operation. The CT assessment helped our teams see the direction for further improving R&D quality and efficiency.

Capabilities gained from the assessment

Ye Mingdeng: The assessment helped us achieve deep integration of testing tools, develop self‑built code‑coloring technology for better error feedback, enhance flexibility in addressing technical challenges, and improve team collaboration and communication.

It also deepened our understanding of the financial industry, boosted innovation, and enabled us to continuously improve our testing platform.

Future trends in testing technology

Ye Mingdeng: Automation testing will become the mainstream in the next decade, improving speed, accuracy, and coverage. Security testing will gain more attention due to rising cyber threats, and AI‑driven testing (e.g., LLM‑based methods) will bring breakthroughs in intelligence and efficiency.

Changes brought by the CT assessment

Luochang: For the securities industry, software quality and delivery efficiency are equally important. The CT standard provided a practical guide for building a high‑quality control system, improving tool platforms, agile collaboration, and establishing a continuous improvement mechanism across the software lifecycle.

Successful experience in implementing continuous testing

Song Xiang: Continuous testing is not limited to the testing domain; it spans the entire software lifecycle. We adopt a top‑down approach, tailor the rollout to project specifics, set clear quality goals, and continuously refine processes, creating a sustainable improvement loop.

Challenges and solutions during the assessment

Song Xiang: Challenges included management gaps (unclear roles, lack of standardized processes), low automation, missing security testing, and poor cross‑team collaboration. We addressed them by establishing a management framework, leveraging platform capabilities, and improving coordination across requirements, development, testing, release, and operations.

Industry Participation Overview

The DevOps capability maturity model, jointly developed by the China Information Communication Research Institute, Cloud Computing Open Source Industry Alliance, Efficient Operations Community, and leading internet companies, is the first comprehensive domestic DevOps standard. It has been adopted by many financial, telecom, and internet enterprises and was officially recognized by the ITU‑T in July 2020 as the world’s first international DevOps standard.