This question is from the perspective of a customer installing a COTS application from a vendor who has added new features to their product based on my organization's system requirements.
Background: The vendor will be performing internal functional testing as part of their company's SDLC process. The application won't be delivered to my organization until all requirements are implemented and all known defects are fixed or documented. Upon receipt of the software, from a risk management perspective it is safe to assume all functional testing has been sucessfully completed by the vendor.
Issue: Members of the management team insist we need to perform a full round of functional testing before the User Acceptance Test. My contention is that the software has already passed the vendor's functional testing and any functional software defects should have already been discovered. Instead of another round of functional testing, the application is ready for System and then User Acceptance Testing. During UAT, if any functional software defects slipped through the cracks then a thorough UAT will detect them.
In my opinion, conducting a complete round of functional testing upon receipt of the COTS application is redundant and adds unnecessary labor costs and length to the project. Is that a reasonable position?
If your organization is going to be the face(primary access point for all questions) of the customer(I understood cutsomer as an end customer/prospect of your application.)then you better conduct one round of quick testing.
To me Functional testing and system testing are nearly same. If you have a ful-fledged system test suite already developed, then that testing would be enough to make sure that the application is built as expected.
If your management wants to conduct another explicit round of functional testing inaddition to the test types, that are part of your Test-Strategy, you may consider following ideas.. a) Reduce number of test cycles b) Run only the high priority test cases based off your BA's suggestion c) Concentrate on the Critical Business requirements, Heavy hitters, Weakly implemented areas etc..
This way you can validate your vendor's effort with more levels of testing.