Risks based Software Testing

What does risk mean ? Put simply, risk is something that could result in negative consequences in the future. Risk is viewed in terms of its impact and likelihood of occurrence. Risks in software testing may be broadly classified as product risks and project risks. Product risks relate directly to the software being tested, while project risks relate to the test project's management and control.

Product risks are also called quality risks and are those risks that mainly effect the product's quality. Example: a defect in the software that can cause it to corrupt data.

Project risks are also called planning risks and are those risks that mainly effect the successful completion of the project. Example: Lack of resources that could affect the completion of the project on time.

The importance of a risk is dependent on two main factors, viz. the impact of the risk if it occurs and the likelihood of the risk occurring. Likelihood of risk occurrence generally depends on technical factors pertaining to the product, such as the technologies used to develop and run the software. Example: network bandwidth, product architecture and design, technological limitations, etc. Impact of risk generally arises due to business aspects such as the financial implications should a risk occur, the loss of credibility, security or legal implications and so on.

Testing based on evaluation of risks, involves identifying the risks as part of an analysis exercise and then understanding the importance of each risk identified based on its likelihood and impact to guide the test efforts.