business analysis class, enterprise business analysis

Developing Risk Based Testing Plans

Duration: 2 days Categories: , Tag: N/A


Product Description

The reality of many projects is that software testers seldom have sufficient time to test everything that needs to be tested.  Often, systems testers and quality assurance staff have to choose a limited test suite, and as a result, perhaps only test a moderate portion of the solution to be implemented. This may or may not be successful in ensuring the reliability, predictability, accuracy, and performance of the system.

This approach is often not based on any formal assessment, but rather, the intuition of the individual testers.  As a result, key components may be missed, while non-critical components are rigorously tested.  This can have a disastrous effect when the new system is placed into the production environment.

This course presents a methodical approach to assessing, categorizing, and planning a system test based upon risk assessment.  In other words, where in the new system is it likely that defects exist that can seriously damage or undermine the accuracy and reliability of the new/changed system?


  • A powerful technique for identifying and categorizing risks – how to identify areas that must be tested to ensure the integrity of the new/changed system.
  • Prioritization and planning – how to coordinate testing with the developers to ensure that high risk areas can receive their maximum test windows
  • How to use the V-model of testing to ensure that all levels of testing for high risk areas are planned, performed, and evaluated
  • How to define completion criteria to determine when sufficient testing has been completed.
  • How to work with the entire project team in the risk assessment process.

This practical, hands-on course will provide a flexible requirements development approach customized to your environment and the skills needed to successfully discover, analyze, communicate, and evaluate requirements.


Whether you are a business analyst, software engineer, developer, test engineer, user, stakeholder, or a member of the QA staff responsible for gathering, analyzing, documenting, confirming, and maintaining testing activities, this course is for you.

Perquisites: None



  1. Welcome and Overview
  • Instructor and Student Introduction
  • Course Overview and Agenda
  1. Overview of Essential Testing Principles
  • Definitions
  • Goals of Testing
  • The V-Model of Testing
  • Defects and “Bugs”
  • Test Metrics
  • The Testing Life Cycle
  • Testing Deliverables
  • Challenges and Impediments to Effective Testing
  • Strategies for Testing Success: Risk-based Testing
  1. Software Risk Management Principles
  • Risk Defined

o   Components and Characteristics o   The Nature of Risk o   Risk Exposures and Impacts

  • Risk Management

o   Objectives o   Management Perspective o   End User Perspective o   Project Team Perspective o   Tester Perspective

  • Risk Management Process

o   Objectives o   Management Approach o   Integrating with Project Management Activities

  1. Risk Identification Techniques
  • Typical Types of Risks

o   Cost o   Schedule o   Requirements o   End User/Client Satisfaction o   Legal and Regulatory o   Performance o   Integrity and Accuracy o   Security o   Business Failure

  • Developing a Risk Assessment and Management Process

o   Identifying Risk Areas o   Involving the Project Team and End Users o   Creating a Risk Identification Template o   Creating an Ongoing Process

  1. Case Study Workshop: Identifying Project Risks
  1. Risk Assessment Techniques
  • Scope of Risk: Global vs. Local
  • Impact of Risk

o   End User o   Customer o   Financial o   Regulatory o   Liability

  • Developing a Risk Checklist
  • Risk Strategies

o   Avoidance o   Acceptance o   Control o   Contingency o   Transfer o   Limitation

  • Using Interviews and Questionnaires

o   Finding Subject Matter Experts (SMEs) o   Obtaining Objective Impact Assessments o   Using “GroupThink” Techniques o   Using Root Cause Analysis o   Finding the “Unfindable” Risks

  • Developing a Risk Assessment Matrix

o   Categorization and Classification Schemes

  • Establishing a Risk Watch List
  • Obtaining Concurrence and Approvals
  1. Case Study Workshop: Assessing and Ranking Risks
  1. Connecting Testing Activities to Risk Areas
  • Assessing Testing Needs

o   Assessing Business Case o   Assessing User Requirements o   Assessing Usability Requirements o   Assessing System Performance Needs o   Assessing and Categorizing Functional Designs o   Reviewing Development Specifications o   Reviewing Technical Designs

  • Determining Testing Focus Areas

o   Unit Testing o   Integration Testing o   System Testing o   Performance Testing o   Security Testing o   Production Readiness Testing o   User Acceptance Testing o   Specialty Testing

  • Creating a Testing Matrix

o   Testing Approach o   Intensity and Scope o   Completion Criteria

  • Obtaining Concurrence and Approvals
  1. Case Study Workshop: Creating a Testing Matrix
  1. Developing a Risk-based Testing Plan
  • Develop the Testing Plan

o   Document the Strategy o   Define the Measurements o   Identify Project Life Cycle Initiators (Connectors) o   Develop the Testing Schedule o   Define the Test Suites/Map to Risk Matrix o   Define Test Cycles o   Define Test Cases o   Define Anticipated Results o   Develop Test Script Library o   Identify Test Data Source/Development Requirements o   Define Defect Reporting and Tracking Processes

  • Obtaining Concurrence and Approvals
  1. Case Study Workshop: Drafting a Risk-based Testing Plan
  1. Course Wrap-Up
  • Course Summary
  • Review of Outstanding Questions/Action Items
  • Student Course Survey
  1. Appendices
  • Typical Risk Checklist
  • Structured Walkthroughs
  • Review of IEEE Standard 1540 and 1540-2001
  • Review of SEI CMM™ Recommended Practices
  • Matrix Templates
  • Glossary


There are no reviews yet.

Be the first to review “Developing Risk Based Testing Plans”