SlideShare a Scribd company logo

Risk based testing a new case study

Bassam Al-Khatib
Bassam Al-Khatib

This document provides an overview of risk-based testing (RBT) including the process, examples, and benefits. It discusses how to identify risks, analyze them by considering likelihood and impact, and then mitigate risks through testing. The key aspects of RBT covered include building a risk matrix, prioritizing testing based on risk level, and applying RBT at different scales from large changes to small quick tasks. Overall, RBT is presented as a systematic approach to make testing more efficient and ensure the most critical risks are addressed.

Software
1 of 35
Download to read offline
Risk Based Testing Matrix, Process & Examples Bassam Al-Khatib ISTQB Full CTAL Advanced Level & Certified Ethical Hacker A new idea toward technical software testing
Ground Rules 2  Silent Mobile phones  Questions are allowed at all times  Join Sessions on time  One meeting No sub-meetings
Area & Tools Expectation? Parking Lot 3
Session Description  This training will help Software Test Engineers globally to Perform Risk Based Testing (RBT) during design, plan and implement testing using a systematic approach and applicable techniques  Trainer: Bassam Al-Khatib  Duration: 3 hours and 30 minutes  Prerequisites: Elementary certificates (Beginners level) in software testing certificate 4
Instructional Methods  Following are instructional methods  Lectures  Group Discussions  Individual/group assignments 5
Session Objectives Build Culture How to use? When to use? Outline activities of risk-based approach for planning and executing technical testing 6
What's in it for me?  This session is a chance for one more deep study for Risk Based Testing (RBT), by analyzing approach, building risk matrixes, building RBT activities to form a complete process and showing some examples accordingly. 7
Agenda  Preface  How to start with Risk Based testing?  Risk Management  Risk identification  Risk Analysis  Risk Mitigation  RBT in the Large & Small  RBT Benefits  Conclusion 8
Preface The possibility of negative results, that would occur and decrease customer perception of a product quality or project success. •What Risk Means? 9
Preface  Enhancing the definitions:  Risk  Risk Type  Product Risk  Project Risk  Risk Based Testing 10
Preface 11  How do we define RBT?
Preface  RBT is not Bug hunting  RBT is not exploratory or experience based testing  RBT is not a requirement based testing  If you cant calculate risk results then its not RBT 12
Preface In testing software we are concerned with two types of risks : • Example: A defect that could cause a product crash during normal operation Product Risk • Example: A possible staffing shortage that could delay completion of a project Project Risk 13 - Potential that patch or fix will not fit for purpose - System crash during normal operation(software stability) - Commitment to customers or management - Staffing shortage - Poor productivity
Preface  The difference between two types of risks that you can run a test against the product (software) to define if there any system crashes.  But project risks are not testable . You cant test for staffing shortage  In this session our concern is controlling Product (Software) Risks. 14
Preface  Classifying level of risk, the simplest is to look at two factors:  The likelihood of the problem occurring; i.e., being present in the product when it is delivered for testing  The impact of the problem should it occur; i.e., being present in the product when it is delivered to customers or users after testing During Testing Delivery Risk = Likelihood X Impact 15
How to Start with RBT? 16  When ?  Risk-based testing applied to the project at very initial level on any project  Risk Management how to start…  Applying a set of procedures and practices to identify, analyze, prioritize and controlling risk.
Risk Management  Risk Management activities:  Risk identification  Risk analysis  Risk mitigation Identification (1) Analysis (2) Mitigation (3) 17
Risk Identification  Identifying risks using the following techniques:  Expert interviews  Independent assessments  Use of risk templates  Project retrospectives  Risk workshops 18
Risk Identification  Identifying risks using the following techniques:  Brainstorming ( Effective Test Planning Meetings)  Checklists  Calling on past experience  Review requirements specifications (FRS, URS) 19
Risk Identification – By Example  Let us apply some of the mentioned techniques to the following Example.  Lets go back to the printed example you have to discuss.  The output of this group assignment is to record the identified risks.  Build your FEMA Template [Failure Mode and Effect Analysis] 20
Risk Analysis – By Example  Using the same FEMA template add “Likelihood” and “Impact” to calculate “Expected Risks”  You can then graph the Total loss of functionality according to Likelihood & Impacts 21
Risk Analysis – By Example  Build your risk matrix … 22 Likelihood Level Description Rare 1 Existing / New feature is not affected by changed code Unlikely 2 Existing / New feature is affected Likely/Possible 4 Existing / New feature is modifying current behavior Certain 8 Existing / New feature is impacted by code change(broken behavior after the change) Impact Level Description Insignificant 1 No need to desing or execute tests Minor 2 Test should cover Straight foreword scenarios only Moderate 3 Test should cover Staright foreword and some related features Major 4 Test should cover ALL Risk Level Description Color Code Low 1 to 3 No need to test Medium 4 to 16 Testing during development phase is enough High 24-32 Should be tested again during final testing
Risk Analysis – By Example  Likelihood vs Impact 23 1 4 1 8 4 4 2 4 1 2 3 4 5 6 7 8 9 10 Likelihood VS Impact Series1 Series2
Risk Mitigation  Is the last step after risks being identified and analyzed  It is the responsibility of Software Test Engineer to mitigate quality risks via testing like:  Applying new test types (Security , Performance)  Use Extra test design techniques throughout the entire lifecycle  New test cases to be added/removed  Apply extra regression test for selected areas of functionality 24
Risk Mitigation  It is the responsibility of the Test Manager to use the following techniques to mitigate Project / Product risks:  Test environment and tools readiness  Check staff availability and qualification  Prevent low quality of inputs to testing  Prevent overly high rates of change for work products delivered to testing  Reduce lack of standards, rules, and techniques for the testing effort. 25
Risk Mitigation  Proactively It is the responsibility of the Technical Test Analyst to use the following techniques to mitigate Project / Product risks:  Choose an appropriate test design technique(s)  Reviews and inspections  Reviews of test design  The use of the most experienced people for complex tasks  The strategies chosen for confirmation testing (retesting) and regression testing 26
Risk Mitigation  Helpful questions to Answer:  Were requirements written well?  Shall we institute reviews to improve their quality?  Does the designed test demonstrates operation under certain conditions and does not constitute a proof of correctness under all possible conditions?  Can we prioritize test according to level of risk?  Do we need to reduce test execution time? Are the residual risk is acceptable? 27
Risk based in the Large & Small  You should decide which approach to go with; which depends on code change size.  The presented methodology was for medium to large size changes  Meanwhile, you still can do the same practice in the small roughly for quick & small tasks.. See next slide 28
Risk based in the Large & Small 29 Who will do the test ? What is your coverage/scope? Why you are testing? What are the risks? What testing type do you need? How will you decide about exit criteria? RBTinthesmall Select&prioritizetests Wheretovisitfirst?
Risk based in the Large & Small Pros & Cons 30 RBT in the Large RBT in the Small Much detailed Short and brief Time cost Quick Low residual risks Unexpected residual risks
RBT Benefits RBT will not leave you blind; The higher the test coverage in an area, the lower the residual risk. The fewer bugs we’ve found in an area, the lower the residual risk. Allocating test effort based on risk is the most efficient way to minimize the residual quality risk upon release (“pick the right tests out of the infinite cloud of possible tests”) Measuring test results based on risk allows the organization to know the residual level of quality risk during test execution and to make smart release decisions 31
RBT Benefits 32 Testing efforts are effectively organized, and level of priority of each risk item is rated Discovery of business-critical areas that were missed No infeasible testing
Conclusion  RBT is a culture that needs to be shared  RBT makes it easier to decide about product risks  Can help to control both testing as well as risks  RBT will lead to more feasible testing  RBT can be applied always as per size of change/fix 33
References Advanced Software Testing V3 ISTQB CTAL – TTA Syllabus 34
Thank You! 35

Recommended

[HCMC STC Jan 2015] Risk-Based Software Testing Approaches
[HCMC STC Jan 2015] Risk-Based Software Testing Approaches[HCMC STC Jan 2015] Risk-Based Software Testing Approaches
[HCMC STC Jan 2015] Risk-Based Software Testing ApproachesHo Chi Minh City Software Testing Club
 
Fundamentals of Risk-based Testing
Fundamentals of Risk-based TestingFundamentals of Risk-based Testing
Fundamentals of Risk-based TestingTechWell
 
Software Testing Life Cycle
Software Testing Life CycleSoftware Testing Life Cycle
Software Testing Life Cyclegueste730d5
 
E commerce Testing
E commerce TestingE commerce Testing
E commerce TestingAtul Pant
 
Latest Manual Testing Interview Questions and Answers 2015 - H2kinfosys
Latest Manual Testing Interview Questions and Answers 2015 - H2kinfosys Latest Manual Testing Interview Questions and Answers 2015 - H2kinfosys
Latest Manual Testing Interview Questions and Answers 2015 - H2kinfosys Computer Trainings Online
 
Regression Testing - An Overview
Regression Testing - An OverviewRegression Testing - An Overview
Regression Testing - An OverviewBugRaptors
 
Software Testing Life Cycle
Software Testing Life CycleSoftware Testing Life Cycle
Software Testing Life CycleUdayakumar Sree
 
Software testing
Software testingSoftware testing
Software testingOmar Al-Bokari
 

Recommended

[HCMC STC Jan 2015] Risk-Based Software Testing Approaches
[HCMC STC Jan 2015] Risk-Based Software Testing Approaches[HCMC STC Jan 2015] Risk-Based Software Testing Approaches
[HCMC STC Jan 2015] Risk-Based Software Testing ApproachesHo Chi Minh City Software Testing Club
 
Fundamentals of Risk-based Testing
Fundamentals of Risk-based TestingFundamentals of Risk-based Testing
Fundamentals of Risk-based TestingTechWell
 
Software Testing Life Cycle
Software Testing Life CycleSoftware Testing Life Cycle
Software Testing Life Cyclegueste730d5
 
E commerce Testing
E commerce TestingE commerce Testing
E commerce TestingAtul Pant
 
Latest Manual Testing Interview Questions and Answers 2015 - H2kinfosys
Latest Manual Testing Interview Questions and Answers 2015 - H2kinfosys Latest Manual Testing Interview Questions and Answers 2015 - H2kinfosys
Latest Manual Testing Interview Questions and Answers 2015 - H2kinfosys Computer Trainings Online
 
Regression Testing - An Overview
Regression Testing - An OverviewRegression Testing - An Overview
Regression Testing - An OverviewBugRaptors
 
Software Testing Life Cycle
Software Testing Life CycleSoftware Testing Life Cycle
Software Testing Life CycleUdayakumar Sree
 
Software testing
Software testingSoftware testing
Software testingOmar Al-Bokari
 
Fundamentals OF UAT
Fundamentals OF UATFundamentals OF UAT
Fundamentals OF UATICHOFU VICTOR
 
Exploratory testing using heuristics
Exploratory testing using heuristicsExploratory testing using heuristics
Exploratory testing using heuristicsMichelle Lagare, CSM
 
Risk-based Testing
Risk-based TestingRisk-based Testing
Risk-based TestingJohan Hoberg
 
Testing techniques
Testing techniquesTesting techniques
Testing techniquesRaginiRohatgi
 
SonarQube
SonarQubeSonarQube
SonarQubeGnanaseelan Jeb
 
What is Test Plan? Edureka
What is Test Plan? EdurekaWhat is Test Plan? Edureka
What is Test Plan? EdurekaEdureka!
 
stlc
stlcstlc
stlcnoman1413
 
Manual Testing
Manual TestingManual Testing
Manual TestingG.C Reddy
 
Software development life cycle (sdlc) phases.pdf
Software development life cycle (sdlc) phases.pdfSoftware development life cycle (sdlc) phases.pdf
Software development life cycle (sdlc) phases.pdfPrayas Gokhale
 
SonarQube Presentation.pptx
SonarQube Presentation.pptxSonarQube Presentation.pptx
SonarQube Presentation.pptxSatwik Bhupathi Raju
 
Bug life cycle
Bug life cycleBug life cycle
Bug life cycleBugRaptors
 
Why testing is important ?
Why testing is important ?Why testing is important ?
Why testing is important ?TestCenter
 
Difference between functional testing and non functional testing
Difference between functional testing and non functional testingDifference between functional testing and non functional testing
Difference between functional testing and non functional testingpooja deshmukh
 
Security Testing
Security TestingSecurity Testing
Security TestingKiran Kumar
 
Software Quality Assurance
Software Quality AssuranceSoftware Quality Assurance
Software Quality AssuranceSaqib Raza
 
Software Testing
Software TestingSoftware Testing
Software TestingDhanasekaran Nagarajan
 
Agile QA presentation
Agile QA presentationAgile QA presentation
Agile QA presentationCarl Bruiners
 
Manual testing interview questions and answers
Manual testing interview questions and answersManual testing interview questions and answers
Manual testing interview questions and answersTestbytes
 
Software development o & c
Software development o & cSoftware development o & c
Software development o & cAmit Patil
 
Softwaretesting
SoftwaretestingSoftwaretesting
Softwaretestingnazeer pasha
 
CTFL chapter 05
CTFL chapter 05CTFL chapter 05
CTFL chapter 05Davis Thomas
 
Free-ebook-rex-black advanced-software-testing
Free-ebook-rex-black advanced-software-testingFree-ebook-rex-black advanced-software-testing
Free-ebook-rex-black advanced-software-testingQualister
 

More Related Content

What's hot

Exploratory testing using heuristics
Exploratory testing using heuristicsExploratory testing using heuristics
Exploratory testing using heuristicsMichelle Lagare, CSM
 
Risk-based Testing
Risk-based TestingRisk-based Testing
Risk-based TestingJohan Hoberg
 
What is Test Plan? Edureka
What is Test Plan? EdurekaWhat is Test Plan? Edureka
What is Test Plan? EdurekaEdureka!
 
Manual Testing
Manual TestingManual Testing
Manual TestingG.C Reddy
 
Software development life cycle (sdlc) phases.pdf
Software development life cycle (sdlc) phases.pdfSoftware development life cycle (sdlc) phases.pdf
Software development life cycle (sdlc) phases.pdfPrayas Gokhale
 
Bug life cycle
Bug life cycleBug life cycle
Bug life cycleBugRaptors
 
Why testing is important ?
Why testing is important ?Why testing is important ?
Why testing is important ?TestCenter
 
Difference between functional testing and non functional testing
Difference between functional testing and non functional testingDifference between functional testing and non functional testing
Difference between functional testing and non functional testingpooja deshmukh
 
Security Testing
Security TestingSecurity Testing
Security TestingKiran Kumar
 
Software Quality Assurance
Software Quality AssuranceSoftware Quality Assurance
Software Quality AssuranceSaqib Raza
 
Agile QA presentation
Agile QA presentationAgile QA presentation
Agile QA presentationCarl Bruiners
 
Manual testing interview questions and answers
Manual testing interview questions and answersManual testing interview questions and answers
Manual testing interview questions and answersTestbytes
 
Software development o & c
Software development o & cSoftware development o & c
Software development o & cAmit Patil
 

What's hot (20)

Fundamentals OF UAT
Fundamentals OF UATFundamentals OF UAT
Fundamentals OF UAT
 
Exploratory testing using heuristics
Exploratory testing using heuristicsExploratory testing using heuristics
Exploratory testing using heuristics
 
Risk-based Testing
Risk-based TestingRisk-based Testing
Risk-based Testing
 
Testing techniques
Testing techniquesTesting techniques
Testing techniques
 
SonarQube
SonarQubeSonarQube
SonarQube
 
What is Test Plan? Edureka
What is Test Plan? EdurekaWhat is Test Plan? Edureka
What is Test Plan? Edureka
 
stlc
stlcstlc
stlc
 
Manual Testing
Manual TestingManual Testing
Manual Testing
 
Software development life cycle (sdlc) phases.pdf
Software development life cycle (sdlc) phases.pdfSoftware development life cycle (sdlc) phases.pdf
Software development life cycle (sdlc) phases.pdf
 
SonarQube Presentation.pptx
SonarQube Presentation.pptxSonarQube Presentation.pptx
SonarQube Presentation.pptx
 
Bug life cycle
Bug life cycleBug life cycle
Bug life cycle
 
Why testing is important ?
Why testing is important ?Why testing is important ?
Why testing is important ?
 
Difference between functional testing and non functional testing
Difference between functional testing and non functional testingDifference between functional testing and non functional testing
Difference between functional testing and non functional testing
 
Security Testing
Security TestingSecurity Testing
Security Testing
 
Software Quality Assurance
Software Quality AssuranceSoftware Quality Assurance
Software Quality Assurance
 
Software Testing
Software TestingSoftware Testing
Software Testing
 
Agile QA presentation
Agile QA presentationAgile QA presentation
Agile QA presentation
 
Manual testing interview questions and answers
Manual testing interview questions and answersManual testing interview questions and answers
Manual testing interview questions and answers
 
Software development o & c
Software development o & cSoftware development o & c
Software development o & c
 
Softwaretesting
SoftwaretestingSoftwaretesting
Softwaretesting
 

Similar to Risk based testing a new case study

Free-ebook-rex-black advanced-software-testing
Free-ebook-rex-black advanced-software-testingFree-ebook-rex-black advanced-software-testing
Free-ebook-rex-black advanced-software-testingQualister
 
Fundamentals of Software Testing
Fundamentals of Software TestingFundamentals of Software Testing
Fundamentals of Software TestingSagar Joshi
 
Risk Based Testing: Deferring the Right Bugs
Risk Based Testing: Deferring the Right BugsRisk Based Testing: Deferring the Right Bugs
Risk Based Testing: Deferring the Right Bugsindus329
 
Practical Application Of Risk Based Testing Methods
Practical Application Of Risk Based Testing MethodsPractical Application Of Risk Based Testing Methods
Practical Application Of Risk Based Testing MethodsReuben Korngold
 
Whitepaper Test Case Design and Testing Techniques- Factors to Consider
Whitepaper Test Case Design and Testing Techniques- Factors to ConsiderWhitepaper Test Case Design and Testing Techniques- Factors to Consider
Whitepaper Test Case Design and Testing Techniques- Factors to ConsiderRapidValue
 
Software testing
Software testingSoftware testing
Software testingthaneofife
 
A Research Study on importance of Testing and Quality Assurance in Software D...
A Research Study on importance of Testing and Quality Assurance in Software D...A Research Study on importance of Testing and Quality Assurance in Software D...
A Research Study on importance of Testing and Quality Assurance in Software D...Sehrish Asif
 
Risk Driven Testing
Risk Driven TestingRisk Driven Testing
Risk Driven TestingJorge Boria
 
Aim (A).pptx
Aim (A).pptxAim (A).pptx
Aim (A).pptx14941
 
Manual Testing Interview Questions & Answers.docx
Manual Testing Interview Questions & Answers.docxManual Testing Interview Questions & Answers.docx
Manual Testing Interview Questions & Answers.docxssuser305f65
 
Q Labs Webinar on Testcase Prioritization [Feb 20, 2009]
Q Labs Webinar on Testcase Prioritization [Feb 20, 2009]Q Labs Webinar on Testcase Prioritization [Feb 20, 2009]
Q Labs Webinar on Testcase Prioritization [Feb 20, 2009]Vipul Gupta
 
MIT521 software testing (2012) v2
MIT521 software testing (2012) v2MIT521 software testing (2012) v2
MIT521 software testing (2012) v2Yudep Apoi
 

Similar to Risk based testing a new case study (20)

CTFL chapter 05
CTFL chapter 05CTFL chapter 05
CTFL chapter 05
 
Free-ebook-rex-black advanced-software-testing
Free-ebook-rex-black advanced-software-testingFree-ebook-rex-black advanced-software-testing
Free-ebook-rex-black advanced-software-testing
 
Analytical Risk-based and Specification-based Testing - Bui Duy Tam
Analytical Risk-based and Specification-based Testing - Bui Duy TamAnalytical Risk-based and Specification-based Testing - Bui Duy Tam
Analytical Risk-based and Specification-based Testing - Bui Duy Tam
 
Fundamentals of Software Testing
Fundamentals of Software TestingFundamentals of Software Testing
Fundamentals of Software Testing
 
t map brief
t map brieft map brief
t map brief
 
Risk Based Testing: Deferring the Right Bugs
Risk Based Testing: Deferring the Right BugsRisk Based Testing: Deferring the Right Bugs
Risk Based Testing: Deferring the Right Bugs
 
Practical Application Of Risk Based Testing Methods
Practical Application Of Risk Based Testing MethodsPractical Application Of Risk Based Testing Methods
Practical Application Of Risk Based Testing Methods
 
Whitepaper Test Case Design and Testing Techniques- Factors to Consider
Whitepaper Test Case Design and Testing Techniques- Factors to ConsiderWhitepaper Test Case Design and Testing Techniques- Factors to Consider
Whitepaper Test Case Design and Testing Techniques- Factors to Consider
 
Black-Box
Black-BoxBlack-Box
Black-Box
 
Software testing
Software testingSoftware testing
Software testing
 
A Research Study on importance of Testing and Quality Assurance in Software D...
A Research Study on importance of Testing and Quality Assurance in Software D...A Research Study on importance of Testing and Quality Assurance in Software D...
A Research Study on importance of Testing and Quality Assurance in Software D...
 
Check upload1
Check upload1Check upload1
Check upload1
 
Risk Driven Testing
Risk Driven TestingRisk Driven Testing
Risk Driven Testing
 
Aim (A).pptx
Aim (A).pptxAim (A).pptx
Aim (A).pptx
 
Check upload1
Check upload1Check upload1
Check upload1
 
Prvt file test
Prvt file testPrvt file test
Prvt file test
 
Manual Testing Interview Questions & Answers.docx
Manual Testing Interview Questions & Answers.docxManual Testing Interview Questions & Answers.docx
Manual Testing Interview Questions & Answers.docx
 
Q Labs Webinar on Testcase Prioritization [Feb 20, 2009]
Q Labs Webinar on Testcase Prioritization [Feb 20, 2009]Q Labs Webinar on Testcase Prioritization [Feb 20, 2009]
Q Labs Webinar on Testcase Prioritization [Feb 20, 2009]
 
CTFL Module 01
CTFL Module 01CTFL Module 01
CTFL Module 01
 
MIT521 software testing (2012) v2
MIT521 software testing (2012) v2MIT521 software testing (2012) v2
MIT521 software testing (2012) v2
 

More from Bassam Al-Khatib

التقييم الوظيفي
التقييم الوظيفيالتقييم الوظيفي
التقييم الوظيفيBassam Al-Khatib
 
Technical practices to share
Technical practices to shareTechnical practices to share
Technical practices to shareBassam Al-Khatib
 
Top tips to enhance business writing
Top tips to enhance business writingTop tips to enhance business writing
Top tips to enhance business writingBassam Al-Khatib
 
How to think as a technical tester
How to think as a technical testerHow to think as a technical tester
How to think as a technical testerBassam Al-Khatib
 
Web applications security conference slides
Web applications security conference slidesWeb applications security conference slides
Web applications security conference slidesBassam Al-Khatib
 
ايقظ قدراتك واصنع نجاحك
ايقظ قدراتك واصنع نجاحكايقظ قدراتك واصنع نجاحك
ايقظ قدراتك واصنع نجاحكBassam Al-Khatib
 

More from Bassam Al-Khatib (7)

التقييم الوظيفي
التقييم الوظيفيالتقييم الوظيفي
التقييم الوظيفي
 
Advanced quality control
Advanced quality controlAdvanced quality control
Advanced quality control
 
Technical practices to share
Technical practices to shareTechnical practices to share
Technical practices to share
 
Top tips to enhance business writing
Top tips to enhance business writingTop tips to enhance business writing
Top tips to enhance business writing
 
How to think as a technical tester
How to think as a technical testerHow to think as a technical tester
How to think as a technical tester
 
Web applications security conference slides
Web applications security conference slidesWeb applications security conference slides
Web applications security conference slides
 
ايقظ قدراتك واصنع نجاحك
ايقظ قدراتك واصنع نجاحكايقظ قدراتك واصنع نجاحك
ايقظ قدراتك واصنع نجاحك
 

Recently uploaded

Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...aditisharan08
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyFrank van der Linden
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
cybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningcybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningVitsRangannavar
 
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝soniya singh
 

Recently uploaded (20)

Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The Ugly
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
cybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningcybersecurity notes for mca students for learning
cybersecurity notes for mca students for learning
 
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
 

Risk based testing a new case study

  • 1. Risk Based Testing Matrix, Process & Examples Bassam Al-Khatib ISTQB Full CTAL Advanced Level & Certified Ethical Hacker A new idea toward technical software testing
  • 2. Ground Rules 2  Silent Mobile phones  Questions are allowed at all times  Join Sessions on time  One meeting No sub-meetings
  • 4. Session Description  This training will help Software Test Engineers globally to Perform Risk Based Testing (RBT) during design, plan and implement testing using a systematic approach and applicable techniques  Trainer: Bassam Al-Khatib  Duration: 3 hours and 30 minutes  Prerequisites: Elementary certificates (Beginners level) in software testing certificate 4
  • 5. Instructional Methods  Following are instructional methods  Lectures  Group Discussions  Individual/group assignments 5
  • 6. Session Objectives Build Culture How to use? When to use? Outline activities of risk-based approach for planning and executing technical testing 6
  • 7. What's in it for me?  This session is a chance for one more deep study for Risk Based Testing (RBT), by analyzing approach, building risk matrixes, building RBT activities to form a complete process and showing some examples accordingly. 7
  • 8. Agenda  Preface  How to start with Risk Based testing?  Risk Management  Risk identification  Risk Analysis  Risk Mitigation  RBT in the Large & Small  RBT Benefits  Conclusion 8
  • 9. Preface The possibility of negative results, that would occur and decrease customer perception of a product quality or project success. •What Risk Means? 9
  • 10. Preface  Enhancing the definitions:  Risk  Risk Type  Product Risk  Project Risk  Risk Based Testing 10
  • 11. Preface 11  How do we define RBT?
  • 12. Preface  RBT is not Bug hunting  RBT is not exploratory or experience based testing  RBT is not a requirement based testing  If you cant calculate risk results then its not RBT 12
  • 13. Preface In testing software we are concerned with two types of risks : • Example: A defect that could cause a product crash during normal operation Product Risk • Example: A possible staffing shortage that could delay completion of a project Project Risk 13 - Potential that patch or fix will not fit for purpose - System crash during normal operation(software stability) - Commitment to customers or management - Staffing shortage - Poor productivity
  • 14. Preface  The difference between two types of risks that you can run a test against the product (software) to define if there any system crashes.  But project risks are not testable . You cant test for staffing shortage  In this session our concern is controlling Product (Software) Risks. 14
  • 15. Preface  Classifying level of risk, the simplest is to look at two factors:  The likelihood of the problem occurring; i.e., being present in the product when it is delivered for testing  The impact of the problem should it occur; i.e., being present in the product when it is delivered to customers or users after testing During Testing Delivery Risk = Likelihood X Impact 15
  • 16. How to Start with RBT? 16  When ?  Risk-based testing applied to the project at very initial level on any project  Risk Management how to start…  Applying a set of procedures and practices to identify, analyze, prioritize and controlling risk.
  • 17. Risk Management  Risk Management activities:  Risk identification  Risk analysis  Risk mitigation Identification (1) Analysis (2) Mitigation (3) 17
  • 18. Risk Identification  Identifying risks using the following techniques:  Expert interviews  Independent assessments  Use of risk templates  Project retrospectives  Risk workshops 18
  • 19. Risk Identification  Identifying risks using the following techniques:  Brainstorming ( Effective Test Planning Meetings)  Checklists  Calling on past experience  Review requirements specifications (FRS, URS) 19
  • 20. Risk Identification – By Example  Let us apply some of the mentioned techniques to the following Example.  Lets go back to the printed example you have to discuss.  The output of this group assignment is to record the identified risks.  Build your FEMA Template [Failure Mode and Effect Analysis] 20
  • 21. Risk Analysis – By Example  Using the same FEMA template add “Likelihood” and “Impact” to calculate “Expected Risks”  You can then graph the Total loss of functionality according to Likelihood & Impacts 21
  • 22. Risk Analysis – By Example  Build your risk matrix … 22 Likelihood Level Description Rare 1 Existing / New feature is not affected by changed code Unlikely 2 Existing / New feature is affected Likely/Possible 4 Existing / New feature is modifying current behavior Certain 8 Existing / New feature is impacted by code change(broken behavior after the change) Impact Level Description Insignificant 1 No need to desing or execute tests Minor 2 Test should cover Straight foreword scenarios only Moderate 3 Test should cover Staright foreword and some related features Major 4 Test should cover ALL Risk Level Description Color Code Low 1 to 3 No need to test Medium 4 to 16 Testing during development phase is enough High 24-32 Should be tested again during final testing
  • 23. Risk Analysis – By Example  Likelihood vs Impact 23 1 4 1 8 4 4 2 4 1 2 3 4 5 6 7 8 9 10 Likelihood VS Impact Series1 Series2
  • 24. Risk Mitigation  Is the last step after risks being identified and analyzed  It is the responsibility of Software Test Engineer to mitigate quality risks via testing like:  Applying new test types (Security , Performance)  Use Extra test design techniques throughout the entire lifecycle  New test cases to be added/removed  Apply extra regression test for selected areas of functionality 24
  • 25. Risk Mitigation  It is the responsibility of the Test Manager to use the following techniques to mitigate Project / Product risks:  Test environment and tools readiness  Check staff availability and qualification  Prevent low quality of inputs to testing  Prevent overly high rates of change for work products delivered to testing  Reduce lack of standards, rules, and techniques for the testing effort. 25
  • 26. Risk Mitigation  Proactively It is the responsibility of the Technical Test Analyst to use the following techniques to mitigate Project / Product risks:  Choose an appropriate test design technique(s)  Reviews and inspections  Reviews of test design  The use of the most experienced people for complex tasks  The strategies chosen for confirmation testing (retesting) and regression testing 26
  • 27. Risk Mitigation  Helpful questions to Answer:  Were requirements written well?  Shall we institute reviews to improve their quality?  Does the designed test demonstrates operation under certain conditions and does not constitute a proof of correctness under all possible conditions?  Can we prioritize test according to level of risk?  Do we need to reduce test execution time? Are the residual risk is acceptable? 27
  • 28. Risk based in the Large & Small  You should decide which approach to go with; which depends on code change size.  The presented methodology was for medium to large size changes  Meanwhile, you still can do the same practice in the small roughly for quick & small tasks.. See next slide 28
  • 29. Risk based in the Large & Small 29 Who will do the test ? What is your coverage/scope? Why you are testing? What are the risks? What testing type do you need? How will you decide about exit criteria? RBTinthesmall Select&prioritizetests Wheretovisitfirst?
  • 30. Risk based in the Large & Small Pros & Cons 30 RBT in the Large RBT in the Small Much detailed Short and brief Time cost Quick Low residual risks Unexpected residual risks
  • 31. RBT Benefits RBT will not leave you blind; The higher the test coverage in an area, the lower the residual risk. The fewer bugs we’ve found in an area, the lower the residual risk. Allocating test effort based on risk is the most efficient way to minimize the residual quality risk upon release (“pick the right tests out of the infinite cloud of possible tests”) Measuring test results based on risk allows the organization to know the residual level of quality risk during test execution and to make smart release decisions 31
  • 32. RBT Benefits 32 Testing efforts are effectively organized, and level of priority of each risk item is rated Discovery of business-critical areas that were missed No infeasible testing
  • 33. Conclusion  RBT is a culture that needs to be shared  RBT makes it easier to decide about product risks  Can help to control both testing as well as risks  RBT will lead to more feasible testing  RBT can be applied always as per size of change/fix 33
  • 34. References Advanced Software Testing V3 ISTQB CTAL – TTA Syllabus 34