Bruce Kovalsky, Capgemini
Wikipedia defines Risk-Based Testing (RBT) as “a type of software testing that prioritizes the tests of features and functions based on the risk of their failure – a function of their importance and likelihood or impact of failure”. For purposes of this paper, risk related to testing can be identified as the probability that an undetected software defect from a test case will have a negative impact on the user of a system.
Testing teams have a finite amount of time (usually time-boxed) to run their tests. When crafting a strategy of how to address testing risk, organizations should test for the biggest risks first and more often, whether it is a business or technical risk. In other words, what is the minimum testing effort that one should invest in order to maximize risk reduction? It is often difficult to make informed decisions on which tests in a large set of tests planned for a test pass should be focused on — or should not be focused on.
This paper will describe an easy-to-use process to gather risk-based information about your tests and how to use straightforward metrics in Excel to help quantitatively identify which specific tests should be run earlier and more often, and which tests should not be.