What is risk-based testing? Identify, assess, mitigate and manage risk

Tram Ho

  • Risk can be defined as the likelihood of adverse or undesirable outcomes. If stakeholders, users, or customer opinions about the quality of the project or the successful completion of the project can be reduced by a problem, then the risk is said to exist.
  • If the main impact of risk is product quality, then the problem is called product risk, quality risk or product quality risk. If the main impact of the problem is the success of the project, then the problem is called project risk or project risk.
  • A common challenge in test management lies in precisely selecting a limited set of test conditions from a nearly unlimited test set, then allocating resources, competencies and prioritizing test cases effectively.
  • After the test conditions are selected, the team must allocate the resources needed to create test cases, then decide a series for the test cases so that the overall test effectiveness and efficiency is optimized. .

1. What is risk-based testing?

  • In risk-based testing, the selection of test conditions is guided by the risks identified for product quality. These product quality risks are also used to determine the allocation of effort for testing test conditions and the priority of the generated test cases.
  • Many types of testing techniques – depending on the documentation and level of formality – are available to perform risk-based testing.
  • The main purpose of risk-based testing is to minimize the quality risk to an acceptable level. Achieving zero quality risk is almost impossible.
  • During a risk-based, product or quality-based inspection, it is discovered and reviewed during product quality risk analysis with stakeholders.
  • After analyzing risks, the testing team implements the test design, test execution and test execution activities with the aim of reducing risks.
  • Here, quality refers to all features, characteristics and behaviors of products that are likely to affect the satisfaction of users, customers and other stakeholders. When defects are identified prior to product release, testing reduces quality risks by identifying defects and providing methods to handle them.
  • Here are some examples of quality risks:
  1. Delay responses to user actions: Non-functional risks associated with performance
  2. Reports with false results or incorrect calculations: Functional risks associated with accuracy
  3. Complex UI and input fields: Non-functional risks related to system usability and application
  • If no errors are found after testing, the test has reduced the quality risk by confirming that the system works correctly in the state it is being tested for. Risk-based testing has a number of techniques to perform that vary at the document level, document type, and form level.
  • There are four main steps in risk-based testing:
  1. Identify risks
  2. Risk assessment
  3. Risk reduction
  4. Risk management

2. How to identify risks?

  • Stakeholders can use any of the methods given below to identify risks:
  1. Expert interview
  2. Independent evaluation
  3. Existing risk patterns
  4. Improved meeting in projects
  5. Conducting a risk workshop
  6. Impact the mindset with all stakeholders
  7. Create and use checklists
  8. Review previous experiences
  • The role of stakeholders in risk-based testing is quite important. The risk identification process also has other results, ie they identify issues that are not really risky for product quality. For example: general product concerns, document-related issues such as required specifications, etc.It is important that project risk management for overall testing should not be limited to testing. risk-based experience.

3. How to assess risk?

  • After the risk has been determined, a risk assessment can begin. Risk assessment is the analysis and identification of identified risks. Risk assessment is usually related to these activities:
  1. Classify each risk
  2. Determine the probability of each risk occurring
  3. Impact of each risk
  4. Identify or specify risk attributes such as risk owners
  • Risks are classified on the basis of different parameters such as performance, function, reliability, etc. To find the level of risk of risk, you need to determine the probability that such risk occurs and impacts. its action when it happens. The probability of the occurrence of a risk implies the probability of a problem remaining in the application while it is being tested.
  • Issues that affect this ability or probability include:
  1. Technology is being used and groups are working
  2. Professional level of business analysis, project management, design and developers
  3. Degree of disagreement among group members
  4. Teams do not work in the same place (eg design in Danang, developers in Hanoi)
  5. The old method compared to modern
  6. Test tools and techniques
  7. The power of leadership – technical & managerial
  8. No previous quality assurance reports are available
  9. High rate of change: change spec, design
  10. High error rate
  11. Problems in communication
  • The impact of risk when it happens is its impact on all stakeholders such as users and consumers.
  • Some factors affecting the product as well as project risk include:
  1. The rate of using the risk feature
  2. Important feature how to achieve business goals
  3. Disreputable
  4. Damage to the business
  5. There may be a loss or financial liability or social pressure
  6. Probability of criminal or civil sanctions
  7. Revoke the license
  8. Safety
  9. No workable solutions are available
  10. Negative disclosure because product failure is prominent

4. How to minimize risks?

  • The first step is to analyze quality risks ie to identify and then assess risks to product quality. All testing plans are based on this quality risk analysis.
  • Test design, test execution is carried out to minimize risks according to the test plan. The effort allocated to develop, execute and then execute the test is proportional to the level of risk.
  • The level of risk will also affect these decisions:
  1. Should test documents be considered?
  2. How should testers test independently?
  3. Experienced level of testers
  4. How many times should re-test be done?
  5. How many regression test should be done?
  • While the project is developing, some additional information may change the quality risk that the tester team is performing or the extent of the impact. The test team must always be alert to such information and adjust the testing as needed. Adjustments such as new risk detection, reassessment of risk level, evaluation of the effectiveness of completed risk mitigation tasks, etc. must be made at the project milestones.
  • For example, if the risk detection and evaluation session is held on the basis of a specification in the request stage, then the risks should be re-verified after completing the design specification.

5. Project risk management

  • Planning for project testing should also include the potential risks associated with a project. Such risk identification process is explained above in the risk identification section. The detected risks must be reported to the project manager so he / she takes steps to minimize them as much as possible.
  • The testing team may not be able to minimize all risks but these may be noticeable:
  1. Are your lips ready for the test environment?
  2. Are your lips ready for testing tools?
  3. There are always good qualified testers
  4. No standards, techniques and test rules are available
  • Project risk management includes:
  1. Organization of inspection
  2. Test test environments before they are actually used
  3. Testing the preliminary product version
  4. Use strict input conditions
  5. Strict compliance with inspection requirements
  6. Consider yourself part of the evaluation team for preliminary project work products
  7. Manage changes to the project based on error detection
  8. Review the project progress and product quality
  • After identifying and analyzing risks, here are four ways to manage risks:
  1. Take precautions to reduce the occurrence or impact of risks
  2. Create emergency plans to handle risks if they actually occur
  3. Transfer risk management responsibilities to third parties
  4. Ignore or take risks
  • Some factors that need to be considered while choosing the best possible option among these four include:
  1. Pros and cons of an option
  2. The cost of making a selection
  3. Additional risks involve selecting an option

Conclude

The above article is about sharing on risk-based testing, how to identify, assess, mitigate and manage risks that we have learned that we hope to help everyone.

Reference source: http://tryqa.com/what-is-risk-based-testing-identifying-assessing-minimizing-managing-risks/

Share the news now

Source : Viblo