Bj Testing Talks

I received this question in The Test Tribe Community’s discord group “What is your approach to risk management? How often do you assess risks? How often do you communicate? What all do you communicate?”

Discussion regarding this question in the group has triggered more thoughts and suggestions for me regarding risk assessment. Testers need to do a risk assessment and report as soon as possible so that there are no issues in delivering the software to customers.

So, how can you assess risks? Here are some of my suggestions that I thought would be useful to consider

Understand what risk is all about

Risk is nothing but the likelihood of impact that your system or application under test might face. It is ultimately a feeling and has nothing to do with mathematics.

Have conversations with your colleagues

Get to know what happened before you joined the team by having conversations with your team members or seniors. The information you are getting from them might be helpful for you to assess risks. They can share the problems faced by them during their work.

Using Case Studies

Learn different failure case studies that are available related to software failure. It reminds me of the “Software bug stories” book by Ajay Balamurugadas and Saranya Easwaran. Learn about project management failures also. Here is the sample list of failed software projects . Case studies can help us to analyze risks like how business case studies help business people to avoid problems in doing their business.

Learn about common software bugs

Know about common software bugs and use them in your testing work starting from the requirements phase. Books like “Testing computer software” by Cem Kaner, Jack Falk and Hung Q. Nguyen and “Software testing techniques” by Boris Beizer have a list of bugs. Also learn about security bugs. If you know about common software bugs along with known bugs in the software, you will be able to find out risks in the software requirements as well as in the software which can be avoided.

Risk in the automation

Before implementing any tool or framework for automating your software, get the information about the known bugs of the tools or frameworks and their limitations. If the problem has been observed in the test report for automation, it might be due to software or automation framework/tools or programming languages. Remember that even programming languages have bugs.

Using Heuristics

Heuristics risk based software testing by James Bach will be helpful to consider heuristics that may help identify risks in the software.

After the risk assessment, the priority of risks can be decided based on the impact that it makes in the software. There might be more ways to learn and practice risk assessment. But don’t stop exploring it because exploration is the key for software tester as you might end up in finding new risks that might be new and can threaten the value of the software. I hope you find my suggestions helpful and like to know your opinion on this.