Applying a Risk-Based Approach to Testing Mission-Critical Applications

One of the most under-appreciated aspects of testing is risk. There is never enough time to do all the testing that would be needed for 100% coverage (this is true for automated testing and manual testing). Consequently, there is a tradeoff between spending time on different types of testing and focusing on specific features, modules or requirements. By applying a risk-based approach to testing, you can seek to optimize these trade-offs with a data-driven methodology.

In this talk I will discuss the different types of risk that you should be considering (technical, business, etc.) and how you can use the assessment of risk to create a test plan that gives you the greatest risk coverage in the time available. I will cover prioritization techniques such as business feature importance, technical code stability, test stability, user flow and critical service mapping to determine where the risk lies in each software release and what testing should be done.

The main takeaways will be:

• How a risk-based approach to testing gives better outcomes
• How you can use project metrics to create a risk-adjusted test plan
• Practical examples of tools and techniques you can use to implement the test plan