I've been asked to investigate "Risk Based Testing" by my boss. I have a decent understanding of what it is - analysing the risk of not doing a specific test - but are there any industry standards for RBT?
You need to consider the following while doing risk based testing
"Make sure the main functionalities that could be critical for the business of your customer are tested , i.e when designing the test case make sure that the critical functionality(based on the business of the client) are designed and executed before delivery to the client."
[ QUOTE ]
And the following book is very good: "Systematic Software Testing" by Rick Craig & Stefan Jaskiel.
[/ QUOTE ]
Excellent book. Doing a proper risk assessment can sometimes be a pain if you want to do it right.
1. First step is to determine the risk value for existing tests. You really do need input from other groups to verify that what QA considers important is actually what the customer thinks is important.
Managers should really ask the right question.
Manager speak: "Can you investigate risk based testing?"
Manager (What they mean): How can I cut your test time or budget without my getting pooched?
Risk analysis is something QA should always do. Schedules are always going to get tight. It really makes you look good if you can say: "These tests are low risk because there are no deltas and the feature areas are not critical to the customer base. I think we can skip them."
I'd do a risk analysis anyway but be sure to ask why your manager is asking you to do this. You want to make sure the work you do is going to fix what he really wants fixed.
Testing is not an art (that is unless your definition of art includes breaking other "art").