What Is Risk And Mitigation In Software Testing Life Cycle (STLC)? - News4u95 - A Part of Your Everyday Life


Wednesday, May 25, 2022

What Is Risk And Mitigation In Software Testing Life Cycle (STLC)?

What Is Risk And Mitigation In Software Testing Life Cycle (STLC)?

What Is Risk Analysis in Software Testing Life Cycle (STLC)?

Risk Analysis is very essential for software testing.

Risk analysis in software testing is the process of identifying risks in applications and prioritizing them to test.

Risk Analysis attempts to identify all the risks and then quantify the severity of the risks.

Risk identification and management are the main concerns in every software project. Effective analysis of software risks will help to effective planning and assignments of work.

What Is Risk And Mitigation In Software Testing Life Cycle (STLC)?
 What Is Risk And Mitigation In Software Testing Life Cycle (STLC)?

Some of the risks could be:

  1. New Hardware.
  2. New Technology.
  3. New Automation Tool.
  4. Sequence of code delivery.
  5. Availability of application test resources.
  6. Tight timelines
  7. Undefined project scope
  8. Insufficient resources
  9. Continuously changing requirements
  10. Natural disasters

Risk can appear at any time. QA testers must consequently be able to handle risk in an efficient and timely manner. Tight development schedules not only demand quick attention to risk, but also require timely risk management that ensures effectively-executed solutions to unanticipated issues, preventing a dethroned or delayed project.

In Software Testing some unavoidable risk might takes place like:

  • Change in requirements or incomplete requirements.
  • Time allocation for testing.
  • Developers delaying to deliver the build for testing.
  • Urgency from client for delivery.
  • Defect Leakage due to application size or complexity.
  • A high number of test builds,
  • Insufficient regression time
  • Unavailable prerequisites
  • Incomplete validation


Categories of Risks/Risk Identification/Risk Specify/Risk Identify

1) Schedule Risk: Project schedule get slip when project tasks and schedule release risks are not addressed properly.

Schedule risks mainly affect a project and finally on company economy and may lead to project failure.

Schedules often slip due to the following reasons:

     Wrong time estimation

      Resources are not tracked properly. All resources like staff, systems, skills of individuals, etc.

      Failure to identify complex functionalities and time required to develop those functionalities.

      Unexpected project scope expansions.

2) Budget Risk: Required investment is inaccurately anticipated, including:

      Wrong budget estimation-Certain required items excluded from the estimation of costs

      Cost overruns-Unanticipated expenses, or inaccurate estimation, have cause unanticipated expenses

      Project scope expansion- The project scope is expanded

3) Operational Risks: Risks of loss due to improper process implementation failed system or some external events risks. Causes of Operational Risks:

      Failure to address priority conflicts

      Failure to resolve the responsibilities

      Insufficient resources

      No proper subject training

      No resource planning

      No communication in the team.

4) Technical Risks: Technical risks generally lead to failure of functionality and performance.

Causes of Technical Risks are:

      Continuous changing requirements

      The product is complex to implement.

      Difficult project modules integration.

5) Programmatic Risks: These are the external risks beyond the operational limits.

These are all uncertain risks are outside the control of the program. These external events can be:

       Running out of the fund.

       Market development

       Changing customer product strategy and priority

       Government rule changes.

The Risk Management process occurs twice, during:

1.      Test Planning

2.      Test Case Design(end) or sometimes in the Test Execution phase

Risk Management
Risk Management

Test execution is one of the most important phases of any project, the results from this phase determines the quality and enables decision for the management for go-nogo.

The objective of risk management is to reduce different risks.


Risk Management Process

The generic process for Risk Management involves 3 important stages:

1.      Risk Identification

2.      Risk Impact Analysis

3.      Risk Mitigation

Mitigate risk through planning/Risk management process diagram


Risk management process diagram
Risk management process diagram



Risk Identification

As it is said, the first step to solving a problem is identifying it.

This stage involves making a list of everything that might potentially come up and disrupt the normal flow of events.

The main outcome of this step is a list of risks.

This risk-based testing step is commonly led by the QA lead/Manager/representative. However, the lead alone will not be able to come up with the entire list- the entire QA team’s input makes a huge impact.

We can say this is a collective activity led by the QA lead.

Also, the risks that are identified during the Test planning phase are more ‘managerial’ in orientation- meaning, we are going to look at anything that might impact the QA project’s schedule, effort, budget, infrastructure changes, etc.

The focus here is not the AUT, but the way the QA phase will go on.


Risk Assessment/Risk Impact Analysis

Risk Analysis in Software Testing: All the risks are quantified and prioritized in this step. Every risk’s probability (the chance of occurrence) and impact (amount of loss that it would cause when this risk materializes) are determined systematically.

Impact is defined by High-medium-low, values are assigned to both the probability and impact of each risk.

The risks with “high” probability and “High” impact are taken care of first and then the order follows.

Risk impact analysis table: example


Risk impact analysis table: example

Risk impact analysis table: example


Risk Mitigation Techniques:

Process is to find solutions to plan how to handle each one of these risk.

These plans/risk can differ from company to company, project to project and even person

Here as per the Risk identification and Impact, now we can minimize/control/mitigate the risk as shown below:


Risk Mitigation Techniques

Risk Mitigation Techniques

Read More Articles: What Is Test Strategy In Software Testing Life Cycle (STLC)?

No comments:

Post a Comment