Tuesday, February 22, 2011

Risk Analysis for Software testing

Today I like to write about Risk Analysis.

I think Risk Analysis is quite complicated and sophisticated process in any kind of project. We, test engineers, have been exposed to this term projects after projects and I think we already know what it is and what the benefits are.

I would define risk analysis as a process of identifying the risks in the project and prioritize them with severity. So if you work through this priority work items, your project will become less and less risky and even if you are not completely finished the work your project will be less likely to fail. No surprise there.

Now, what's really important questions are "how do you identify all the risks involved with the project?" and "how do you decide which one is riskier than others?"

Here is my practice of risk analysis.

First, I try to find all the risks involves with the project I'm working on into three buckets.

1. Business and entire stack perspective Risks
2. Development Process risk
3. Testing process risk.

For #1, good source for risk assessment would be your PM. Ask her what she think it is the most important and risky part of the feature. And ask what are the impacts when each feature or use case does not work. Then you will find business perspectives of risk.

For #2, good source for risk assessment would be your developer. Ask her to draw how each components and classes interact each other. Ask what part of component in the application has complicated logic or what the dependencies are to find out point of failure. Or just ask her if you were a tester, what would you focus on testing? You will get good feedback from your dev.

For #3, you are a good source for risk assessment. You know your framework and you understands the risk of each business perspective and development perspective. You need to be able to come up with testing process risk.

Now you combine all of your risk analysis data and prioritize them and set some intensity level on each test case.

You can find many different articles about risk analysis. I found these articles very useful.

Heuristic Risk based testing by James Bach
sqa tester.com article
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)