The IT Law Wiki


Functional testing is

(1) [t]esting that ignores the internal mechanism or structure of a system or component and focuses on the outputs generated in response to selected inputs and execution conditions. (2) Testing conducted to evaluate the compliance of a system or component with specified functional requirements and corresponding predicted results.[1]
[a] test designed to validate that a business process or activity accomplishes expected results.[2]
[t]he segment of security testing in which the advertised security mechanisms of the system are tested, under operational conditions, for correct operation.[3]
[t]he application of test data derived from the specified functional requirements without regard to the final program structure.[4]
[v]erifying that an app's user interface, content, and features perform and display as designed.[5]
[t]esting that verifies that an implementation of some function operates correctly.[6]


The purpose of functional or "black box" testing is to verify that the system correctly performs specified functions. As such, the test team's ability to design the functional tests is limited by the completeness and precision of the functional specifications. Starting with these specified functions, the test team develops test cases using a range of valid input conditions and options as well as invalid or unexpected inputs. The test team compares the test outputs to expected outputs.


  1. U.S. Food and Drug Administration, Glossary of Computerized System and Software Development Technology 32 (Aug. 1995) (full-text).
  2. FFIEC IT Examination Handbook, Business Continuity Planning, Appendix B: Glossary (full-text).
  3. Department of Defense, National Computer Security Center, Glossary of Computer Security Terms (NCSC-TG-004, Ver. 1) (Oct. 21, 1988).
  4. Auditing and Financial Management: Glossary of EDP Terminology, at 8.
  5. NIST Special Publication 163, Glossary, at 32.
  6. NIST Special Publication 800-152, at 130.