Guidewire Cloud Standards for Developers

Nov 9, 2020 | Standard

What are Guidewire Cloud Standards?

Guidewire Cloud Standards are proven principles and practices that are necessary to enable a successful Guidewire Cloud implementation journey. For self-managed implementations, standards are considered best practices that facilitate transition to Guidewire Cloud. Our standards ensure quality, predictability, and security for Guidewire Cloud projects, regardless of the engagement model, through solutions, tools, and automation. You can see and search all standards in the Guidewire Cloud Standards Master Index below. The index is used by Cloud Delivery Strategy to assign, track, and manage Guidewire Cloud Standards. Each standard line item includes categories of unique metadata that identifies each standard and makes it easy to search all standards.

Where can I download published standard documents?

Standards are published monthly for customers and partners on the Guidewire Documentation site.

Guidewire Cloud Standards Master Index

 

Standard ID Standard Title Summary Version Date
IS-OPR-1001 Developer Management This document explains the CI/CD environment as it applies to InsuranceSuite Cloud, and to Digital and Data Management applications that are deployed with InsuranceSuite Cloud. 201911
PC-APD-1002 Modifying APD and APD Artifacts  Advanced Product Designer is an Extension Pack that captures business requirements as a model of an insurance product and generates insurance product artifacts for PolicyCenter as a part of a product introduction. No changes to the extension pack are supported and initial guidance is provided on extending the product artifacts 202004
GW-CUP-1003 Cloud Updates: Consuming and Scheduling This document defines and describes Guidewire Cloud updates. 201912
GW-OPR-1004 Cloud Updates – Defining the Work This document defines the separation of work between Guidewire and customers for Cloud Updates. 201912
GW-TRN-1005 Cloud Updates – Go Live on Latest Version This document defines the requisite version of Guidewire products that must be met prior to deploying into production on the Guidewire Cloud Platform. 202002
IS-SEC-1006 Guidewire Security Testing The objective of this standard is to inform, and to level-set expectations for penetration testing on Guidewire Cloud. 201912
IS-SEC-1007 Payment Card Industry Security This document identifies some of the areas of concern regarding cardholder data protection and outlines guidelines and recommendations for addressing these concerns. 201912
IS-SEC-1009 Document Collaboration File sharing and collaboration toolset for Guidewire Cloud. 202002
IS-SEC-1016 Open-Source Analysis  Proper use of third-party jar files, frameworks, and libraries, and remediating libraries that pose a potential risk. 202008
IS-SEC-1018 Data Security This document specifies the minimum acceptance criteria regarding data security and outlines recommendations for addressing these concerns. 201912
IS-TLS-1022 Deprecated Usage Inspection GS-001 – Deprecated API Usage Addresses the potential risk of using the deprecated API classes in Gosu code and the steps to mitigate this risk. 202003
IS-TLS-1023 Deprecated Usage Inspection XT-032 – Use of New Entity Bundleimpl Addresses the potential issue of instantiating the EntityBundleImpl class to manage Gosu transaction bundles and provides a better alternative. 202003
IS-TLS-1024 Deprecated Usage Inspection XT-038 – Use of Big Decimal.valueOf Addresses the potential issue of using the static method BigDecimal.valueOf() to instantiate BigDecimal objects within Gosu. 202003
IS-TLS-1025 Variable Type Is Inferred and Can Be Omitted Addresses the potential risk of declaring a variable type where it’s inferred and the steps to correct it. 202002
IS-TLS-1026 Gosu Language Inspection XT-026 – Use of New Date Addresses potential risk of using “new Date()” to instantiate the Date object within Gosu and the steps to mitigate the risk. 202003
IS-TLS-1028 PCF Inspection XT-039 – Hardcoded Label in a PCF File Addresses the potential risk of a hardcoded label in a PCF file and how to correct this issue. 202002
IS-TLS-1029 Performance Inspection XT-027 – Multiple Filtering of the Same Collection Addresses the potential risk of filtering the same collection multiple times. 202002
IS-TLS-1030 Performance Inspection XT-028 – Use of where(…).count() Details the Guidewire Studio security inspection that detects count, length, or size functions of a collection as part of a conditional expression. 202002
IS-TLS-1031 Performance Inspection XT-029 – Use of Select(…) with Limiting Functions Detects where select is used with limiting functions. 202002
IS-TLS-1032 Performance Inspection XT-030 – Use of Query.intersect() of Restriction.intersect() Summarizes the risk of using the Query.intersect() method or Restriction.intersect() method while running database queries from Gosu code and the steps to mitigate the risk. 202002
IS-TLS-1033 Performance Inspection XT-036 – Multiple *. operators Addresses the potential risk of multiple expansion (“*.”) operators on an array and the steps to address the problem. 202002
IS-TLS-1034 Resource Management Inspection XT-046 – Use of DriverManager to get JDBC connection Detects where DriverManager is used to get a JDBC connection, and the steps to correct it. 202003
IS-TLS-1035 Resource Management Inspection XT-047 – I/O resource opened but not safely closed Addresses the potential risk of input and output resources (I/O) that are not closed properly in Gosu code and the steps to ensure these resources are properly closed. 202002
IS-TLS-1036 Resource Management Inspection XT-048 – JDBC resource opened but not safely closed Addresses the potential risk of leaving TODO Comments in source code. 202002
IS-TLS-1037 General TODO comment Inspection Addresses the potential risk of leaving TODO Comments in source code. 202002
IS-TLS-1038 Gosu Language Inspection – Latest Bound Period Inspection Addresses the potential risk of using the LatestBoundPeriod property of the Policy entity in Guidewire PolicyCenter and the steps to mitigate the risk. 202002
IS-TLS-1039 Gosu Language Inspection – Usage of LatestPeriod Addresses the potential risk of using the LatestPeriod property of the Policy, PolicyPeriod or Job entity in Guidewire PolicyCenter and the steps to mitigate the risk. 202002
IS-TLS-1040 Validate Logger Implementaion Explains the importance of using StructuredLogger when implementing loggers. 202006
IS-TLS-1041 Messaging Inspection – Invalid messaging destination Id Details the inspection that detects where messaging destination id is out of range and the steps to correct it. 202003
IS-TLS-1042 Messaging Inspection – Messaging destination with no registered events Details the inspection that detects where messaging destinations have no registered events and the steps to correct it. 202003
IS-TLS-1043 Messaging Inspection – Messaging Threads Number Details the inspection that detects where messaging destinations do not use enough threads. 202003
IS-TLS-1045 Messaging Inspection – Wildcard Messaging Events Using wildcard messaging events to listen to all messaging events and the steps to mitigate the risk. 202003
IS-TLS-1047 Method Metrics Inspection – Abstract Class Name Addresses the potential issue of not following Gosu naming standards for abstract classes. 202003
IS-TLS-1048 Naming Conventions Inspection – Entity column naming standards Detect instances of improper entity column names. 202002
IS-TLS-1049 Naming Conventions Inspection – Entity Naming Standards Improper entity naming standards introduce avoidable risks for upgrade estimating and implementations.  This is ideally addressed during the project development phase, and an issue to be aware of for systems already in production. 202002
IS-TLS-1051 Naming Conventions Inspection – Gosu File in incorrect Directory Addresses the potential risk of a Gosu file in an incorrect directory and how to correct it. 202002
IS-TLS-1053 Naming Conventions Inspection – Typecode Naming Standards Addresses the potential risk of improper typecode naming and how to mitigate the risk. 202003
IS-TLS-1054 Naming Conventions Inspection – Typelist Naming Standards Addresses the potential risk of improper typelist naming standards and how to address the issue. 202004
IS-TLS-1059 Naming Conventions Inspection – XML File in Incorrect Directory Addresses the potential risk of an XML file in an incorrect directory and how to correct it. 202003
IS-TLS-1060 PCF Inspection – Hard Coded Value in PCF Addresses the potential risk of hard coded values in PCFs. 202002
IS-TLS-1061 PCF Inspection – PCF: Use of search view in list View Addresses the potential risk of using a search view in list view in a PCF file and how to resolve it. 202003
IS-TLS-1062 PCF Inspection – Usage of Query API in PCF Addresses the potential risks of using the Query API in a PCF and how to mitigate those risks. 202003
IS-TLS-1063 Performance Inspection – Check for Uses of StringBuffer instead of StringBuilder Addresses the potential issue of using the StringBuffer class in Gosu code. 202003
IS-TLS-1064 Performance Inspection – Gosu bundle Uses SU The gw.transaction.Transaction class provides a signature of the runWithNewBundle method to associate a specific user with a new bundle. 202002
IS-TLS-1066 Performance Inspection – Use of *.over ArrayLoader Addresses the potential risk of using the array expansion (*. notation) in Gosu code where an ArrayLoader can be used, and the steps to mitigate the risk. 202003
IS-TLS-1067 Access System Properties Details the Guidewire Studio security inspection that detects accessing System Properties. 202006
IS-TLS-1071 Security Inspection – Call to ‘System.loadLibrary()’ with Non-Constant String Detects where the System.loadLibrary() method is invoked using a non-constant string, and the steps to correct it. 202002
IS-TLS-1078 Insecure Random Number Generation  Addresses the potential issue of insecure random number generation. 202006
GW-TST-1086 Unit Testing This standard describes how unit tests must be written for Guidewire Cloud implementation projects 202002
IS-INT-1088 Global Messaging Protocols Defines the supported messaging paradigms that can be employed to integrate Guidewire applications with external applications using messaging. 202004
IS-INT-1091 Credentials Management This document defines the process for securely storing and accessing authentication credentials. 201912
PC-INT-1093 High Volume Quoting The PolicyCenter Configuration Guide describes the architecture and process for supporting High Volume Quoting. The implementation of High Volume Quoting in Guidewire Cloud includes some minor adjustments to this architecture that take advantage of some of the unique capabilities of AWS 201912
IS-TST-1099 Testing Designated Functions Standard for testing designated functions 202002
IS-MTH-1104 Production Services Handoff A checklist of project in-formation and documentation to be transferred from the implementation team to the Guidewire Production Services team or partner. 202006
IS-TST-1105 Performance Testing Designated Functions This standard describes how designated functions must be performance tested 202002
IS-INT-1111 Number Generation This document describes the reference implementation of built-in plugins for number generation in Guidewire Cloud. 202006
IS-INT-1112 Check Printing This document defines the implementation of Check Printing integration for Guidewire Cloud customers. 202006
IS-INT-1113 General Ledger This document defines the implementation of General Ledger integration for Guidewire Cloud customers. 202006
IS-INT-1114 Document Production with Smart Communications This document defines the implementation of Document Production integration with Smart Communications for Guidewire Cloud customers. 201912
IS-INT-1115 Document Management with Hyland OnBase This document defines the implementation of Document Managementintegration with Hyland OnBasefor Guidewire Cloud customers. 201912
IS-INT-1116 REST Client APIs Framework Outlines the standard for tools to make REST service calls from InsuranceSuite. 202004
PC-FNC-1121 Implementing Product Model Viewer Capability in the PolicyCenter UI Define a standard for how to implement a UI-driven feature that allows for an end user to view the product model for a set of criteria and compare it with another set. 201912
PC-FNC-1122 Implementing Automated Rate Book Loading in PolicyCenter Define a standard for how to implement an automated rate book loading feature in
PolicyCenter.
201912
BC-FNC-1126 Implementing Full Coverage for History Events in BillingCenter Define a standard for how to properly implement a suite of history event generation rules in Guidewire BillingCenter. 202002
IS-INT-1134 Integration Detailed Designs Specifies the information that must be included in integration Detailed Designs for Guidewire Cloud. 202004
IS-INT-1136 Standard for Archiving The standard architecture for Archiving in Guidewire Cloud, and an interim plan for delivering this pending product adoption. 202002
GW-DMI-1137 Data Segmentation Outlines Guidewire’s approach on how we recommend customers segment their data for moving it to the cloud. 202003
IS-DMI-1138 Migration Testing Environment Provisioning Outlines environment provisioning for various migration approaches. 202006
IS-TRN-1139 Database Consistency Checks Defines which database consistency check types must be addressed either prior to the start of or during the Guidewire Cloud project 202002
BC-DMI-1141 Guidewire BillingCenter Data Migration Approach Outlines how to migrate data into BillingCenter 202002
CC-DMI-1142 Guidewire ClaimCenter Data Migration Approach Outlines how to migrate data into ClaimCenter 202002
CM-DMI-1143 Guidewire ContactManager Data Migration Approach Outlines how to migrate data into ContactManager 202002
IS-INT-1145 Standard for REST Web Service authentication InsuranceSuite provides the ability to expose REST web services that can be consumed by internal and external clients. All authentication and authorization for InsuranceSuite REST services must be managed by Guidewire Identity Federation Hub. 202004
GW-TRN-1150 Large Database Pruning Outlinesthe standard for reducing the size of the database for transmission to Guidewire Cloud. 202003
IS-TST-1161 Unit Testing File-Based IntegrationsIntegrations This standard describes how unit tests must be written for integrations on Guidewire Cloud implementation projects 202002
GW-TRN-1118 Data Validation and Orchestration This update contains the mapping to the CAA questions for the use in Cloud Assurance Assessments. 202001
IS-TST-1098 Feature Files Updated standard to include additional tagging to support working with X-Ray, as well as to address comments after the previous version was published. 202002
PC-DMI-1144 Guidewire PolicyCenter Cloud Data Migration This approach outlines how Policy data should be loaded into PolicyCenter in the Cloud 202004
IS-TLS-1164 Method naming standards Inspect all function declarations and ensure they match the requirement. Method names must start with lower case and contains only letters and digits 202003
IS-TST-1168 Unit Testing Web Service Integrations This standard describes how unit tests must be written for web service integrations on Guidewire Cloud implementation projects 202004
IS-INT-1171 SOAP Web Service Authentication All access to Guidewire InsuranceSuite applications, services, and data must be authenticated and authorized. InsuranceSuite provides the ability to expose SOAP web services that can be consumed by internal and external clients. All authentication and authorization for InsuranceSuite SOAP services must be managed by Guidewire Identity Federation Hub. 202005
IS-INT-1177 AWS Local Development Historically, most InsuranceSuite configuration and integration development has been done on local development workstations, often the consultants laptop. The typical development pattern includes local development and unit testing, followed by a push to a shared development environment and testing in this shared environment. This scenario results in a relatively quick turnaround time, since problems can be found and fixed locally using the much quicker Jetty environment. In Guidewire Cloud, this process is complicated by the need to access AWS resources locally, including S3, Secrets Manager, DynamoDB, and others. This Guidewire Cloud standard defines the process for supporting local development against AWS resources. 202004
GW-CMP-1178 Education and Certification Standards Document that oulines Guidewire Cloud Competency Assurance standards, including expected education, certifications and ratio of certifications by track and role for the project.  Guidewire Cloud Competency standards would be recommendations for Self Managed Projects 202005
IS-TSD-1181 Test Data Strategy This standard defines the categories of test data, and how these data categories are managed within specific use cases 202004
IS-DMI-1182 GWCP Migration Process for Partners This standard outlines the process and tools partners need to follow when performing GWCP migrations. 202005
GW-TST-1087 Test Strategy Updated test strategy standard with additional items that Guidewire expects in a test strategy, including automated testing and tegression testing, as well as an example defect workflow 202004
GW-MTH-1089 Behavior-Driven Development Update BDD Standard to add sections on Defect Management and Change Management, as well as an exception for BDD for Technical Upgrade projects 202004
IS-TST-1090 InsuranceSuite Behavior Testing Framework Updated ISBTF standard to measure feature coverage manually using the provided “Feature Coverage Calculator”, and added a section for technical upgrade projects to document what’s required (with exemptions on feature coverage) during the upgrade and when more investment is required 202004
IS-TST-1132 InsuranceSuite Behavior Testing Framework (ISBTF) Glue Code Update the existing Glue code standard to fix some mistakes and include more details on how to handle custom step methods, context interfaces, context implementations, and page model enhancements. 202004
GW-OPR-1190 Branching Strategy for Cloud Updates Code-branching strategy patterns employed to deliver a cloud update alongside insurer’s major and maintenance release roadmap 202006
IS-TLS-1191 Invalid reference Inspection – ST-004: Hidden package reference Addresses the potential risk of referencing hidden packages in Gosu code and how to solve it. 202006
IS-DMI-1140 High Level Cloud Transition Approaches Updates to the the Cloud Transition approach to reflect all of the new information. 202010
DH-INT-1215 Standard for outbound integration patterns from DataHub in Guidewire Cloud to self-managed DataHub and InfoCenter in Guidewire Cloud can support on-prem integration needs for downstream data distribution or EDW reporting. This standard defines the supported methods for accessing data from outside Guidewire Cloud. 202007
DH-INT-1217 Standard for DataHub integration patterns for legacy policy and claim data in Guidewire Cloud Legacy data as an inbound integration to DataHub requires specific extraction and staging patterns. This standrad defines the approach to integrating legacy data into DataHub for Guidewire Cloud. 202007
DH-DMI-1218 High-Level Cloud Transition Approaches DataHub and InfoCenter Many customers are considering the move to Guidewire Cloud that includes a self-managed DataHub and InfoCenter transition. This standard defines the methodology and tooling used to transition a customer from self-managed to Guidewire cloud infrastructure and the associated CRW, CTA and CAA processes. 202007
IS-TST-1221 Data Migration Testing Standard for testing data migrations, including reconciliation, performance test of the migration (load/volume/times), and masking vs unmasked data 202006
IS-INT-1227 REST APIsFor Event Messaging Standard for the design of a solution based on a schema-first approach that leverages Integration Views when calling external REST APIs. The solution will identifies the necessary tools for the implementation and testing of the end-to-end framework. 202008
IS-TST-1101 Performance Testing Updated Performance Testing standard to define the capabilities that a customer-chosen performance testing tool must support. Will not mandate a specific tool. 202006
GW-OPR-1235 Scope and Application of Guidewire Cloud Standards This standard defines when a project is required to adopt Guidewire Cloud Standards, and the criteria to determine which standards apply. 202008
IS-INT-1092 User Authentication and SSO Update the standard for user authentication and SSO in Guidewire Cloud to specify that usernames for internal users of InsuranceSuite applications must be in the form of an email address to comply with the the requirements of the Guidewire Authentication Service 202007
GW-OPR-1237 Moving Self-Managed Databases to Guidewire Cloud Operating procedures for moving insurer’s self-managed database(s) to Guidewire Cloud via Guidewire’s S3 bucket nad Direct Connect 202008
IS-TLS-1238 Use of JDBC Standard This Guidewire Cloud standard details the inspection that detects instances of JDBC classes. 202009
IS-IMP-1017 Logging Standard Update the existing logging standard to include the requirements for Common Logging Format and observability in GWCP so that log messages are in JSON format 202007
IS-SEC-1008 Personally Identifiable Information (PII) Updated the standard to specify account numbers, policy numbers, and claim mumbers as PII 202003
GW-TRN-1082 Network Transmission to and from Guidewire Cloud on Amazon Web Services (AWS) Update the standard to mandate the use of AWS Direct Connect to move customers’ self-managed databases onto Guidewire Cloud. 202009
GW-MTH-1084 Branching Strategy for Guidewire Implementation Projects A branching strategy for managing parallel code changes on Guidewire implementation projects that is built on industry best practices. 202010