Risk Based Testing. -Why we need RBT? -Types of risks -Managing risks -Methods of evaluation & risk analysis -Costs and benefits

Similar documents
INF 3121 Software Testing - Lecture 05. Test Management

BASICS OF SOFTWARE TESTING AND QUALITY ASSURANCE. Yvonne Enselman, CTAL

Advantages and Disadvantages of. Independent Tests. Advantages. Disadvantages

Test Management: Part II. Software Testing: INF3121 / INF4121

ELEMENTS OF A HIGH PERFORMING SAFETY PROGRAM

Introducing Risk Based Testing to Organizations

Chapter 5 Part Test progress monitoring and control. 4. Configuration management. 5. Risk and testing. 6. Incident management

Clarifying Risk Based Thinking (RBT) In ISO 9001:2015

Risk-Based Testing for Agile Projects

ExamsLabs. Latest Study Materials, Valid Dumps - ExamsLabs

Software Project & Risk Management Courses Offered by The Westfall Team

REQUIREMENT DRIVEN TESTING. Test Strategy for. Project name. Prepared by <author name> [Pick the date]

RISK MANAGEMENT STEPS Lecture 2

A system is a group of elements organized and arranged so that the. elements can act as a whole toward achieving a common goal; is a collection of

2. What is a phase? A phase is a collection of related activities or tasks that produce a deliverable or work product.

Project Risk Management. A Practical Implementation Approach. Michael M. Bissonette

IT Certification Exams Provider! Weofferfreeupdateserviceforoneyear! h ps://

ISTQB Sample Question Paper Dump #11

0 Introduction Test strategy A Test Strategy for single high-level test B Combined testing strategy for high-level tests...

T Software Testing and Quality Assurance Test Planning

Chapter 6-1: Failure Modes Effect Analysis (FMCEA)

The Explicit Relationship Between CMMI and Project Risks

Risk Management Tools and Techniques

Erik van Veenendaal.

Syllabus. REQB Certified Professional for Requirements Engineering. Advanced Level Requirements Manager

PRINCE2 - Quality Management Strategy

For a leader to be effective in today s uncertain world, they have to. understand the nature of complexity and adapt their leadership role in a

Requirements Analysis and Design Definition. Chapter Study Group Learning Materials

Risk-Based Testing: Analysis and Strategy. Presented at Quality Assurance Institute QUEST Conference Chicago, Ill., 2009

BABOK v2.0 Snapshots

Software Quality Engineering Courses Offered by The Westfall Team

Managing Risk IGMA Winter Conference Tucson, Arizona Feb 1, 2018

Software Quality. Unit 6: System Quality Requirements

Requirements Engineering

JDI Quality Assurance Guideline

Software Quality Engineering Courses Offered by The Westfall Team

Simplifying the Risk & Compliance THE PREMISE

International Diploma in Project Management. (Level 4) Course Structure & Contents

Automated System Validation By: Daniel P. Olivier & Curtis M. Egan

! To solve problems. ! To take up new opportunities. ! Requirements - descriptions of. " Behavior. " Data. " Constraints (eg. cost and schedule)

Solution Evaluation. Chapter Study Group Learning Materials

PROJECT QUALITY MANAGEMENT. 1 Powered by POeT Solvers LImited

Project Management. Agenda - What will you learn today? Theory Lecture Plan. A Software Life-cycle Model Which part will we talk about today?

Understanding the Management Process

9100 revision Changes presentation clause-by-clause. IAQG 9100 Team November 2016

ISO 14001:2015. EMS Manual.

ISO 9001:2015. Quality Manual Template.

Planning the Work How to Create a Manageable Enterprise GIS Project Plan

Integration Knowledge Area

Continuous Improvement Toolkit. Risk Analysis. Continuous Improvement Toolkit.

2009 Software Business Analyst: Seven Best Practices

Initiation Group Process. Planning Group Process

Test Management: Part I. Software Testing: INF3121 / INF4121

ISO 9001:2015 and Risk Based Thinking

CRM System Tester. Location London Department Supporter and Community Partnerships. CRM Project Manager Salary Band C

Risk Management Using Spiral Model for Information Technology

arxiv: v1 [cs.se] 4 Apr 2017

PART THREE: Work Plan and IV&V Methodology (RFP 5.3.3)

Information Technology Independent Verification and Validation

2. Which techniques are used to validate requirements?

Model-Based Design Maturity: Benchmarking the Automotive Industry Vinod Reddy Manager, Consulting Services

Seven Deadly Sins of Testing Pitfalls on the Path to Software Quality

Gleim CIA Review Updates to Part Edition, 1st Printing June 2018

JOB DESCRIPTION. The Subject Position has no responsibility for ongoing and sustained supervision of other staff.

CONTEMPORARY APPROACHES TO PROJECT RISK MANAGEMENT: ASSESSMENT & RECOMMENDATIONS

WORK PLAN AND IV&V METHODOLOGY Information Technology - Independent Verification and Validation RFP No IVV-B

Risk Management Tools and Techniques

Managing the Testing Process E-learning Course Outline

Software Testing Level Part 2. Adam Hendra Brata

PMI EXAM - PMI-001. Project Management Professional v5. Buy Full Product.

Software Development Life Cycle (SDLC) Tata Consultancy Services ltd. 12 October

Testing 2. Testing: Agenda. for Systems Validation. Testing for Systems Validation CONCEPT HEIDELBERG

Project Planning & Management. Lecture 11 Project Risk Management

How To Evolve a Context-Driven Test Plan

Work Plan and IV&V Methodology

Project Management Framework

ISTQB CTFL BH0-010 Exam Practice Question Paper

How well does your procurement measure up?

Strategy Analysis. Chapter Study Group Learning Materials

Successful Project Management. Overview Houston Community College Fall, 2017

Review of the management of data quality in the My Government of Canada Human Resources system. Office of Audit and Evaluation

Risk Based Testing Pragmatic Risk Analysis and Management

SEPG Using the Mission Diagnostic: Lessons Learned. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213

Comparison Matrix ISO 9001:2015 vs ISO 9001:2008

DRIVING EFFICIENCIES: 6 STEPS TO IMPROVING ASSET PERFORMANCE IN MANUFACTURING

Unit 381 IT Project Management Level 3. Credit value 10. Rationale

Index. NOTE: Boldface numbers indicate illustrations or code listing; t indicates a table.

Planning and the Software Lifecycle. CSCE Lecture 2-08/26/2015

COMPARISON OF PROCESS HAZARD ANALYSIS (PHA) METHODS

COSBEDMO19 - SQA Unit Code FM75 04 Manage project completion and handover in built environment design management

A NEW ASSET MANAGEMENT APPROACH TO ACHIEVING LONG TERM RELIABILITY AND RISK REDUCTION IN GAS DISTRIBUTION PIPELINES

Implementing Physical Inventory for Telecommunications Operational Support Systems.

I Have Had My CMMI Appraisal What Do I Do Now? How to Establish a Process Improvement WBS

'Good' Organizational Reasons for 'Bad' Software Testing: An Ethnographic Study of Testing in a Small Software Company.

Glossary. Chartered Institute of Internal Auditors. 26 July Add value. Adequate control. Assurance services. Board. Charter

Support Services Review Template

Work Plan and IV&V Methodology

ISEB ISTQB Sample Paper

Agile at Mid-Scale. Al Shalloway. Introducing FLow for Enterprise Transformations (FLEX)

Getting Started with Risk in ISO 9001:2015

Transcription:

Risk Based Testing -Why we need RBT? -Types of risks -Managing risks -Methods of evaluation & risk analysis -Costs and benefits Ladislau Szilagyi www.euroqst.ro

Definitions (ISTQB glossary) Risk = a factor that could result in future negative consequences; usually expressed as impact and likelihood. Risk based testing = a testing strategy intended to reduce the level of product risks and inform the stakeholders of their status, starting in the initial stages of a project. It involves the identification of product risks and the use of risk levels to guide the test process. Safety = the capability of the software product to achieve acceptable levels of risk of harm to people, business, software, property or environment in a specified context of use.

Risk outcome Risk = negative outcome? not always Positive risks are opportunities, desired by both the Project Manager and the stakeholders, and may positively affect the project ( such as increasing the ROI or finishing the project ahead of time ). But, positive risk may generate negative risks ( finishing a part of the project way before schedule will create a lot of slack, as other resources are not scheduled to work on the project until much later ).

Risk types Product risk Functional Non-functional Project risk External Organizational Technical

Project risk categories Risk types External: service provider related issues; client related issues;

Risk types Organizational: skill and staff shortages; personal and training issues; political issues, such as: problems with testers communicating their needs and test results; failure to follow up on information found in testing and reviews (e.g. not improving development and testing practices). improper attitude toward or expectations of testing (e.g. not appreciating the value of finding defects during testing).

Risk types Technical: problems in defining the right requirements; the extent that requirements can be met given existing constraints; the quality of the design, code and tests.

Risk dimensions Likelihood = the estimated probability that a risk will become an actual outcome or event Impact = the damage that will be caused if the risk become an actual outcome or event

Risk dimensions Risk dimensions are depending on the context: Automotive: Exposure (the relative expected frequency of the operational conditions in which the damage can possibly happen) Control (the relative likelihood that the user can act to prevent the damage) Severity of the damage Avionics: Threat Vulnerability Consequences

Risk factors Technical Complexity of technology and teams Personnel and training issues among the business analysts, designers, and programmers Conflict within the team Contractual problems with suppliers Geographical distribution of the development organization Legacy versus new approaches

Risk factors Tools and technology Bad managerial or technical leadership Time, resource and management pressure Lack of earlier quality assurance High change rates High earlier defect rates Interfacing and integration issues

Risk factors Business Frequency of use of the affected feature Damage to image Loss of business Potential financial, ecological or social losses or liability Civil or criminal legal sanctions Loss of license Lack of reasonable workarounds Visibility of failure leading to negative publicity

Risk options Ignore Assume Delegate Mitigate Contingency planning

Establish the context Risk identification Risk analysis Risk assessment Risks sorting Risk mitigation Risk contingency Risk reporting RBT activities

Establishing the context Study the business domain Identify the stakeholders Define a framework Planning of the remaining activities

Product Risk Identification Risk statement Something may fail in some way due to some circumstances Something The component or feature where the problem could occur Fail in some way What potential failure Some circumstances The reasons or vulnerabilities, why we are concerned

Product Risk Identification techniques Expert interviews Project matrix Independent assessment Use of risk templates Lessons learned Risk workshops Brainstorming Checklists

Probability Product Risk Analysis techniques Informal fast, cheap, but not accurate Pragmatic Risk Analysis and Management (PRAM) Systematic Software Testing (SST) Product Risk Management (PRisMa) High 1 2 4 3 Low Low Consequence High

Product Risk Analysis techniques Formal accurate, but takes time, expensive Cost-of-exposure Quality function deployment Fault tree analysis Hazard analysis Failure Mode Effect Analysis

FMEA - Example of formal Risk Analysis technique Failure Mode Effect Analysis Define the System Identify Potential Failure Modes & Their Causes Evaluate the Effects on the System of Each Failure Mode Identify Failure Detection Methods Identify Corrective Measures for Failure Modes 3 factors: Severity = The criticality of the effects of bugs in this failure mode, should any exist, from 1 (most damaging) to 5 (least damaging), Likelihood = The probability of and extent of impact associated with bugs included in this failure mode, from 1 (most probable) to 5 (least probable). Priority = The importance of fixing bugs in this failure mode, should any exist, based primarily on the ability of the delivered system to meet customer needs, though also on logistical project issues, regulatory or standards compliance, or other business considerations, from 1 (most important to fix) to 5 (least important to fix).

Product Risk Analysis techniques

Product Risk Mitigation techniques Non-testing related Testing related Choosing an appropriate test design technique Reviews & inspection Reviews of test design Level of independence Most experienced person The way re-testing is performed Regression testing

RBT activities

Project Risk Mitigation techniques Non-testing related Testing related Early preparation of test ware Pre-testing test equipment Pre-testing earlier versions of the product Tougher entry criteria Requirements for testability Participation in reviews of earlier project results Participation in problem and change management Monitoring of the testing progress and quality

Questions?

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback