Guidewire Cloud Standards for Developers

Oct 14, 2021 | Standard

What are Guidewire Cloud Standards?

Guidewire Cloud Standards are the foundation for a fast, secure, and predictable implementation path. Standards are aligned with the latest product capabilities and are critical for enabling Guidewire Cloud updates and embedding quality into implementations. With a focus on project implementations of Guidewire solutions, our standards cover many areas including testing, security, solutions (approaches to implementation), integrations, coding, business processes, operating procedures, and aspects of methodology that are deemed mandatory.

Where can I find published Guidewire Cloud Standards?

Standards and supporting enablement videos are published monthly on the Guidewire Documentation site.

Current Guidewire Cloud Standards

Standard ID Standard Title Summary
PC-APD-1002 Modifying APD and APD Artifacts Defines requirements for developers using Advanced Product Designer (APD) to reduce the likelihood of implementation-specific changes being incompatible when upgrading to a more recent release of APD.
GW-CMP-1178 Education and Certification Standards Competency in Guidewire Cloud Projects Defines education and certification requirements for Guidewire Cloud implementation projects.
GW-CUP-1003 Cloud Updates: Consuming and Scheduling Defines and describes the schedule and resources consumed by Guidewire Cloud updates
GW-DMI-1137 Data Segmentation, Consolidation, and Low Downtime Cloud Upgrade Describes Guidewire’s required approach to moving data from self-managed Guidewire InsuranceSuite instances to Guidewire Cloud in various scenarios.
IS-DMI-1140 High-Level Cloud Transition Approaches Guidewire Cloud Standard Provides an overview of available options for Guidewire Cloud transition.
BC-DMI-1141 Guidewire BillingCenter Data Migration Approach Specifies the standard data flow from a legacy system to Guidewire BillingCenter on Guidewire Cloud
CC-DMI-1142 Guidewire ClaimCenter Data Migration Approach Specifies the standard data flow from a legacy system to Guidewire ClaimCenter on Guidewire Cloud.
CM-DMI-1143 Guidewire ContactManager Data Migration Approach Specifies the standard data flow from a legacy system to Guidewire ContactManager on Guidewire Cloud.
PC-DMI-1144 Guidewire PolicyCenter Cloud Data Migration Specifies the standard data flow from a legacy system to Guidewire PolicyCenter on Guidewire Cloud.
PC-DMI-1159 In-Force Policy Cloud Data Migration Specifies the standard data flow for an in-force policy from a legacy system to Guideiwre PolicyCenter Cloud.
DH-DMI-1218 High-Level Cloud Transition Approaches for Guidewire DataHub and Guidewire InfoCenter Defines the approaches to migrate self-managed instances of Guidewire DataHub and Guidewire InfoCenter to Guidewire Cloud.
DH-DPL-1273 Guidewire DataHub and Guidewire InfoCenter Coding Standards for SAP Data Services Defines an approach for naming and organizing SAP Data Services code extensions to make it easier to maintain and upgrade the codebase while keeping the original code intact.
PC-FNC-1121 Product Model Viewer Defines standards for implementing a UI-driven feature in Guidewire PolicyCenter to view and compare the product model for different criteria sets.
PC-FNC-1122 Automated Rate Book Loading Defines standards for implementing automated rate book loading in Guidewire PolicyCenter.
BC-FNC-1126 Guidewire BillingCenter History Event Management Defines a standard for how to properly implement a suite of history event generation rules in Guidewire BillingCenter.
IS-IMP-1017 Logging Defines the correct usage of logging on Guidewire Cloud.
GW-IMP-1224 Prohibit Use of the env Environment Variable in GWCP Prohibits the use of the env variable and defines the steps to properly set the runtime environment configuration parameters.
IS-INT-1088 Global Messaging Protocols Defines the supported messaging paradigms that can be employed to integrate Guidewire applications with external applications using messaging.
IS-INT-1091 Credentials Management Defines the process for securely storing and accessing authentication credentials and other sensitive properties.
PC-INT-1093 Quoting Infrastructure for Handling High Volume Quoting Requests Specifies the details of implementing a high-volume quoting architecture leveraging the resilient scaling capabilities of AWS.
IS-INT-1111 Number Generation Defines the standards for implementing the built-in plugins to generate new numbers for entities such as accounts, policies, claims, and jobs.
IS-INT-1115 Document Management with Hyland OnBase Defines the standards for implementing document management integration with Hyland OnBase.
IS-INT-1116 REST Client APIs Framework Outlines the standard for tools to make REST service calls from Guidewire InsuranceSuite.
IS-INT-1134 Integration Detailed Designs Specifies the information that must be included in the integration detailed designs for Guidewire Cloud.
IS-INT-1135 Amazon S3 Usage in the Guidewire Cloud Platform Defines the standards and conventions for using Amazon S3 in Guidewire Cloud Platform for the implementation team
IS-INT-1136 Archiving This standard outlines the capability to archive and restore claim and policy information using Amazon S3, and establishes its usage as the only archival solution on Guidewire Cloud.
IS-INT-1145 REST Web Service Authentication Defines the required authentication and authorization steps to access Guidewire InsuranceSuite applications, services, and data via REST web services.
IS-INT-1171 SOAP Web Service Authentication Defines the required authentication and authorization steps to access Guidewire InsuranceSuite applications, services, and data via SOAP web services.
IS-INT-1177 Local Development for Guidewire Cloud Defines the process for supporting local development against AWS and other cloud-native resources.
DH-INT-1215 DataHub Outbound Integrations in Guidewire Cloud Defines the supported methods for externally accessing Guidewire Cloud data.
DH-INT-1216 DataHub Inbound Integrations in Guidewire Cloud Defines the supported patterns for accessing external data from Guidewire Cloud.
DH-INT-1217 Inbound Integrations from Legacy Data Sources to Guidewire DataHub Defines the minimum requirements self-managed legacy systems must satisfy before they can be integrated with DataHub and InfoCenter on Guidewire Cloud.
IS-INT-1227 REST APIs For Event Messaging Defines the approach to incorporate integration views into REST APIs for use in messaging.
IS-INT-1229 Developing REST APIs Details the use of the InsuranceSuite Cloud API to build integrations with Guidewire InsuranceSuite.
IS-INT-1260 Working Locally With Outbound File-Based Integrations This standard describes how developers must use their local file system as temporary storage when working with outbound file-based integrations on a non-Guidewire Cloud Platform environment.
IS-INT-1261 Working Locally With Inbound File-Based Integrations This standard describes how developers must use their local filesystem as temporary storage when working with inbound file-based integrations on a non-Guidewire Cloud Platform environment.
IS-INT-1268 Custom Servlets Prohibits the use of custom servlets on Guidewire Cloud Platform and defines the acceptable approaches to execute functionality inside Guidewire InsuranceSuite.
IS-INT-1274 Batch Schedulers in Guidewire Cloud This standard describes how Guidewire Cloud implementations may configure batch schedules and dependencies between jobs within a scheduled batch window.
IS-INT-1279 Creating Users for Custom Inbound Integrations and Batch Processes This standard describes how inbound integrations and batch processes should align with the principles of least privilege (PoLP).
GW-MTH-1084 Branching Strategy for Guidewire Implementation Projects Defines a branching strategy, built on industry best practices, for managing parallel code changes on Guidewire implementation projects.
GW-MTH-1089 Behavior-Driven Development Describes how behavior-driven development (BDD) must be practiced on Guidewire implementation projects.
IS-MTH-1104 Production Services Handoff Defines a checklist of project information and documentation to be transferred from the implementation team to the Guidewire Production Services team or partner.
GW-OPR-1004 Cloud Updates Articulates where the responsibility lies for updating various components for customers already on Guidewire Cloud.
IS-OPR-1170 Updating Insurer Data During Cloud Update Defines how Guidewire will update insurer data as part of a Guidewire Cloud update.
GW-OPR-1190 Branching Strategy for Cloud Updates Defines the code branching strategy to deliver a cloud update alongside an insurer’s major and maintenance release roadmap, for customers already in production on Guidewire Cloud.
GW-OPR-1235 Scope and Application of Guidewire Cloud Standards This standard establishes the criteria for determining whether a Guidewire implementation must adopt Guidewire Cloud standards and which standards apply.
GW-OPR-1237 Moving Self-Managed Databases to Guidewire Cloud Defines operating procedures to encrypt and export database backups to Guidewire S3 bucket using AWS Direct Connect, and upgrade the data to the latest version of Guidewire applications.
IS-OPR-1266 Database Conversion Environments This standard describes the environments that will be supported for the Aurora Postgres database conversion.
GW-OPR-1292 Training and Enablement for Cloud Projects Defines education, training, and enablement activities required for Guidewire Cloud implementations.
GW-OPR-1297 Database Upgrades From Self-Managed to Guidewire Cloud Defines how Guidewire will perform database upgrades for user-acceptance testing (UAT) and production environments during the transition from a self-managed implementation to Guidewire Cloud.
IS-SEC-1006 Guidewire Security Testing This standard provides information and sets expectations regarding security testing on Guidewire Cloud.
IS-SEC-1007 Payment Card Handling Identifies areas of concern regarding cardholder data protection and outlines guidelines and recommendations for addressing these concerns.
IS-SEC-1008 Personally Identifiable Information (PII) Identifies critical areas of interest regarding personally identifiable information (PII) and outlines guidelines to address these concerns.
IS-SEC-1009 File Sharing and Collaboration Tools Establishes Guidewire’s position on the file sharing and collaboration toolset for Guidewire Cloud implementations.
IS-SEC-1012 Penetration Testing Describes why and and under what circumstances penetration testing must be performed on Guidewire Cloud.
IS-SEC-1016 Open-Source Analysis Details the proper use of third-party jar files, frameworks, and libraries, and provides guidance on remediating libraries that pose a potential risk.
IS-SEC-1018 Data Security Standards in Guidewire Cloud Specifies the minimum acceptance criteria regarding data security and outlines recommendations for addressing these concerns.
IS-SEC-1265 IEncryption Plugin Specifies that the IEncryption plugin is not supported on Guidewire Cloud because of the complexities and dangers associated with key management.
IS-SEC-1289 Gosu Secure Coding Standard Defines rules for secure coding in the Gosu programming language to eliminate insecure coding practices that can lead to exploitable vulnerabilities.
IS-TLS-1022 Deprecated API Usage Addresses the potential risk of using the deprecated API classes in Gosu code and the steps to mitigate this risk.
IS-TLS-1023 Use of New EntityBundleImpl Provides an alternative approach to avoid the risk of instantiating the EntityBundleImpl class to manage Gosu transaction bundles.
IS-TLS-1024 Use of BigDecimal.valueOf Addresses the potential risk of using the static method BigDecimal.valueOf() to instantiate BigDecimal objects within Gosu.
IS-TLS-1025 Variable Type Is Inferred and Can Be Omitted Addresses the potential risk of declaring a variable whose type is inferred and the steps to correct it.
IS-TLS-1026 Use of new Date Inspection Addresses potential risk of using new Date() to instantiate the Date object within Gosu and the steps to mitigate the risk.
IS-TLS-1027 Unqualified Iterator Type in a PCF File Addresses the potential risk of an unqualified iterator type in a PCF file and how to solve it.
IS-TLS-1028 Hardcoded Label in a PCF File Addresses the potential risk of a hard-coded label in a PCF file and how to correct it.
IS-TLS-1029 Multiple Filtering of the Same Collection Addresses the potential risk of filtering the same collection multiple times.
IS-TLS-1030 Use of where(…).count() Details the potential risk of using count, length, or size functions of a collection in a conditional expression.
IS-TLS-1031 Use of “select(…)” with Limiting Functions Addresses the potential risk of using select() with limiting functions to filter query results.
IS-TLS-1032 Use of Query.intersect() or Restriction.intersect() Summarizes the risk of using the Query.intersect() method or Restriction.intersect() method while running database queries from Gosu code and the steps to mitigate the risk.
IS-TLS-1033 Multiple Array Expansion Operators Addresses the potential risk of multiple expansion (“*.”) operators on an array and how to address it.
IS-TLS-1034 Use of DriverManager to Get a JDBC Connection Detects where “DriverManager” is used to get a JDBC connection and the steps to correct it.
IS-TLS-1035 I/O Resource Opened but Not Safely Addresses the potential risk of input/output resources (I/O) that are not properly closed in Gosu code and how to properly close them.
IS-TLS-1036 JDBC Resource Opened but Not Safely Closed Addresses the potential risk of Java Database Connection (JDBC) resources that are not closed properly in Gosu code and how to properly close them.
IS-TLS-1037 TODO Comments Guidewire Studio Inspections Addresses the potential risk of leaving TODO comments in source code.
IS-TLS-1038 Use of LatestBoundPeriod Addresses the potential risk of using the LatestBoundPeriod property of the Policy entity in Guidewire PolicyCenter and the steps to mitigate the risk.
IS-TLS-1039 Use of LatestPeriod Addresses the potential risk of using the LatestPeriod property of the Policy, PolicyPeriod or Job entity in Guidewire PolicyCenter and the steps to mitigate the risk.
IS-TLS-1040 Valid Logger Implementation Explains the importance of using StructuredLogger when implementing loggers.
IS-TLS-1041 Invalid Messaging Destination ID Details the inspection that detects where messaging destination ID is out of range and how to correct it.
IS-TLS-1042 Messaging Destination Has No Registered Events Details the inspection that detects where messaging destinations have no registered events and the steps to correct it.
IS-TLS-1043 Messaging Threads Number Details the inspection that detects where messaging destinations do not use enough threads and how to correct it.
IS-TLS-1045 Wildcard Messaging Events Addresses the potential risk of using wildcard messaging events to listen to all messaging events and how to mitigate the risk.
IS-TLS-1046 Enhancement Method Extension Naming Details the inspection that detects instances of improper enhancement method names.
IS-TLS-1047 Abstract Class Name Addresses the potential risk of not following Gosu naming standards for abstract classes.
IS-TLS-1048 Entity Column Naming Details the inspection that detects instances of improper entity column names.
IS-TLS-1049 Entity Naming Standards Addresses the potential risk of improper entity naming standards and how these risks can be mitigated.
IS-TLS-1051 Gosu File in Incorrect Directory Guidewire Studio Inspections Guidewire Cloud Standard Addresses the potential risk of a Gosu file in an incorrect directory and how to correct it.
IS-TLS-1053 Typecode Naming Addresses the potential risk of improper typecode naming and how to mitigate the risk.
IS-TLS-1054 Typelist Naming Standards Addresses the potential risk of improper typelist naming standards and how to resolve the issue.
IS-TLS-1059 XML File in Incorrect Directory Addresses the potential risk of an XML file in an incorrect directory and how to correct it.
IS-TLS-1060 Hardcoded Value in Page Configuration File (PCF) Addresses the potential risk of hard-coded values in PCFs and how to mitigate these risks.
IS-TLS-1061 Page Configuration File (PCF): Use of Search View in List View Addresses the performance impact of adding searches into a ListView backed by a viewEntity, and ways to mitigate that risk.
IS-TLS-1062 Usage of Query API in a Page Configuation File (PCF) Addresses the potential risks of using the Query API in a PCF and how to mitigate them.
IS-TLS-1063 Check for Uses of StringBuffer Instead of StringBuilder and String Concatenation Addresses the potential issue of using the StringBuffer class in Gosu code.
IS-TLS-1064 Gosu Bundle Uses Hardcoded SU Identifies the need to remove the hard-coded su username in runWithNewBundle code blocks.
IS-TLS-1066 Use of *. Over ArrayLoader Addresses the potential risk of using the array expansion (*. notation) in Gosu code where an ArrayLoader can be used, and the steps to mitigate the risk.
IS-TLS-1067 Access System Properties Details the Guidewire Studio security inspection that detects accessing System Properties.
IS-TLS-1069 Call to Runtime.exec() with Non-Constant String Addresses the potential security risk of executing processes using a non-constant string dynamically at runtime.
IS-TLS-1071 Call to System.loadLibrary() with non-constant string Detects where the System.loadLibrary() method is invoked using a non-constant string and the steps to correct it.
IS-TLS-1078 Insecure Random Number Generator Addresses the potential issue of insecure random number generation.
IS-TLS-1164 Method Naming Standards Detects instances of improper entity extension method names and details how to correct them.
IS-TLS-1191 Hidden Package Reference Addresses the potential risk of referencing hidden packages in Gosu code and how to avoid it.
IS-TLS-1204 Empty Loop Body Addresses the potential risk of including empty loop bodies in Gosu code and how to avoid it.
IS-TLS-1206 Explicit Commit in runWithNewBundle Addresses the potential risk of including an explicit commit in a runWithNewBundle block and how to avoid it.
IS-TLS-1208 PostOnChange Has No Target Addresses the potential risk of using PostOnChange functionality without specifying a target and how to avoid it.
IS-TLS-1238 Use of Java Database Connectivity (JDBC) Details the inspection that detects instances of JDBC class usage and how to correct it.
IS-TLS-1278 PCF Naming Standard Addresses the potential risk of improper PCF naming standards and how to resolve the issue.
IS-TLS-1299 Reading and Writing Files on the Guidewire Cloud Platform Addresses the potential risk of using file-based integrations.
GW-TRN-1005 Go-Live on Latest Version Defines the required Guidewire InsuranceSuite Cloud version based on customer go-live date.
GW-TRN-1082 Network Transmission to and From Guidewire Cloud on Amazon Web Services (AWS) Describes why and how to transmit data to and from Guidewire Cloud on AWS
IS-TRN-1139 Database Consistency Checks This standard defines which database consistency checks must be fixed when transitioning from self-managed to Guidewire Cloud.
GW-TRN-1150 Database Pruning for Cloud Transition Outlines the standard for pruning databases to prepare them for transition to Guidewire Cloud and for ongoing cloud usage.
IS-TSD-1181 InsuranceSuite Test Data Strategy Establishes the requirements for defining and managing data when testing Guidewire InsuranceSuite.
GW-TST-1086 Unit Testing Defines the standard for using automated unit tests on Guidewire Cloud implementation projects.
GW-TST-1087 Test Strategy Defines a standard for developing a test strategy and its required components.
IS-TST-1090 Guidewire InsuranceSuite Behavior Testing Framework Defines standards for using InsuranceSuite Behavior Testing Framework on Guidewire InsuranceSuite implementations.
IS-TST-1099 Testing Designated Functions Details the requirements for effective testing of designated functions.
IS-TST-1101 Performance Testing Describes the requirements and necessary metrics when executing a performance test.
IS-TST-1221 Data Migration Testing Defines the required testing to validate data migration from legacy applications to Guidewire InsuranceSuite.
GW-TST-1241 Cucumber Feature Files Defines how Cucumber feature files must be implemented on a Guidewire implementation project.
GW-TST-1262 Behavior Testing Standards for conducting behavior testing on a Guidewire project, focusing on the testing activities rather than the tools used.
GW-TST-1269 GT: API Defines the standard for writing API unit tests and end-to-end (E2E) behavior tests using GT: API.
GW-TST-1293 GT: UI Defines the standard for using GT: UI when running user-interface tests on Guidewire applications.​