- Norton Community
- :
- Norton Protection Blog
- :
- Norton Protection Blog
- :
- AMTSO: Reviewing the Reviews
Announcements
AMTSO: Reviewing the Reviews
· Providing a forum for discussions related to the testing of anti-malware and related products;
· Developing and publicizing objective standards and best practices for testing of anti-malware and related products;
· Promoting education and awareness of issues related to the testing of anti-malware and related products;
· Providing tools and resources to aid standards-based testing methodologies; and,
· Providing analysis and review of current and future testing of anti-malware and related products.
Now that the first two official documents for the AMTSO have been adopted and published (http://www.amtso.org/documents/cat_view/13-amtso-p
The two main concerns people have about “reviewing the reviews” are that the process will seem to be AV vendors “whining” about losing a review and that a thorough analysis of a review cannot be done in a timely enough manner to blunt the damage caused by a problematic review. To address the former several specific steps have been outlined. For the second point this process will be explicitly understood not to attempt to prevent any damage from such a review, but rather to help improve future reviews. The general outline of the “Review Analysis” would be as follows.
· Process must be impartial
· Process must be transparent
· Process is analytical only
· Review analysis is not intended nor will it be able to “unring the bell.”
Process must be impartial
Steps should be taken to ensure that first there is a consensus that the review should be analyzed. It is important that an entity not simply request the analysis because they lost, or did not like something that was done. Two specific steps should be included. First, specific examples of violations of the Principles and Guidelines must be identified. Second, multiple entities must agree with those violations. These two steps should help ensure that there is solid ground for the request.
Process must be transparent
The process of analyzing the review must be as open and visible as possible. The entities requesting the analysis as well as their arguments for why should be made public. The entity that conducted the review must have an opportunity to respond. Other interested parties – both supporting and criticizing – must have an opportunity to comment.
Process is analytical only.
The output of this process should be as objective as possible, and should not contain subjective statements (such as “This was a poorly conducted test.”). The output should be specific language regarding where the review in question is and is not in compliance with the AMTSO Principles and Guidelines – and why. It may contain recommendations about specific steps which can be undertaken to gain compliance.
Analysis cannot “unring the bell.”
This analysis will naturally take some time, but the larger goal is to improve future reviews, as opposed to responding quickly enough to give press quotes while a story is “hot.” The committee review should happen in a timely manner, but this process should not be counted on to mitigate damage of a bad review.
So what do you think about our goals for Review Analysis? I’m very interested in your feedback regarding my opinion of what I’d like to see happen, so please leave your comments and questions in the section below.
