Chapter 5: risks and testing

Question 1

What is a product risk?

Answer 1

Product risk involves the possibility that a work product (e.g., a specification, component, system, or test) may fail to satisfy the legitimate needs of its users and/or stakeholders

Question 2

What is the level of risk?

Answer 2

The level of risk is that likelihood and impact of the event

Question 3

What is a risk?

Answer 3

Risk involves the possibility of an event in the future which has negative consequences

Question 4

When do quality risks arise?

Answer 4

When the project risks are associated with specific quality characteristics of a product (e.g., functional suitability, reliability, performance efficiency, usability, security, compatibility, maintainability, and portability), product risks are also called quality risks

Question 5

Give examples of product risks

Answer 5

• Software might not perform its intended functions according to the specification
  
  • Software might not perform its intended functions according to user, customer, and/or stakeholder needs
  • A system architecture may not adequately support some non-functional requirement(s)
  • A particular computation may be performed incorrectly in some circumstances
  • A loop control structure may be coded incorrectly
  • Response-times may be inadequate for a high-performance transaction processing system
    User experience (UX) feedback might not meet product expectations

Question 6

What kind of project risk issue is this?
Delays may occur in delivery, task completion, or satisfaction of exit criteria or definition
of done

Answer 6

Project risk

Question 7

What kind of project risk issue is this?
Inaccurate estimates, reallocation of funds to higher priority projects, or general costcutting across the organization may result in inadequate funding

Answer 7

Project risk

Question 8

What kind of project risk issue is this?
Late changes may result in substantial re-work

Answer 8

Project risk

Question 9

What kind of project risk issue is this?
Skills, training, and staff may not be sufficient

Answer 9

Organisational risk

Question 10

What kind of project risk issue is this?
Personnel issues may cause conflict and problems

Answer 10

Organisational risk

Question 11

What kind of project risk issue is this?
Users, business staff, or subject matter experts may not be available due to conflicting
business priorities

Answer 11

Political risk

Question 12

What kind of project risk issue is this?
Testers may not communicate their needs and/or the test results adequately

Answer 12

Political risk

Question 13

What kind of project risk issue is this?
Developers and/or testers may fail to follow up on information found in testing and
reviews (e.g., not improving development and testing practices)

Answer 13

Political risk

Question 14

What kind of project risk issue is this?
There may be an improper attitude toward, or expectations of, testing (e.g., not
appreciating the value of finding defects during testing)

Answer 14

Political risk

Question 15

What kind of project risk issue is this?
Requirements may not be defined well enough

Answer 15

Technical issue

Question 16

What kind of project risk issue is this?
The requirements may not be met, given existing constraints

Answer 16

Technical issue

Question 17

What kind of project risk issue is this?
The test environment may not be ready on time

Answer 17

Technical issue

Question 18

What kind of project risk issue is this?
Data conversion, migration planning, and their tool support may be late

Answer 18

Technical issue

Question 19

What kind of project risk issue is this?
Weaknesses in the development process may impact the consistency or quality of project
work products such as design, code, configuration, test data, and test cases

Answer 19

Technical issue

Question 20

What kind of project risk issue is this?
Poor defect management and similar problems may result in accumulated defects and
other technical debt

Answer 20

Technical issue

Question 21

What kind of project risk issue is this?
A third party may fail to deliver a necessary product or service, or go bankrupt

Answer 21

Supplier issue

Question 22

What kind of project risk issue is this?
Contractual issues may cause problems to the project

Answer 22

Supplier issue

Question 23

Who is responsible for project risks?

Answer 23

Project risks may affect both development activities and test activities. In some cases, project managers
are responsible for handling all project risks, but it is not unusual for test managers to have responsibility
for test-related project risks

Question 24

What might project risks effect?

Answer 24

Project risks may affect both development activities and test activities

Question 25

How is risk used in testing?

Answer 25

• To find where to focus effort durring testing
• where and when to start testing
• find the areas that need more attention

Question 26

Explain a risk based approach to testing

Answer 26

• proactive opportunities to reduce the levels of product risk
• It involves product risk analysis, which includes the identification of product risks and the assessment of each risk’s likelihood and impact.
  -The resulting product risk information is used to guide test planning, the specification, preparation and execution of test cases, and test monitoring and control.
  -Analysing product risks early contributes to the success of a project.
• In addition, testing may identify new risks, help to determine what risks should be mitigated, and lower uncertainty about risks.
  Summary:
  find product risks, their likelihood & impact -> let this guide you in planning, executing and testing monitoring & control -> contribute to success

In addition, testing may identify new risks, help to determine what risks should be mitigated, and lower uncertainty about risks.

Question 27

What are the advantages of testing when it comes to risk?

Answer 27

• A risk based approach to testing means risks can be analysed early which contributes to success
• testing may identify new risks, help to determine what risks should be mitigated, and lower uncertainty about risks.
• Testing is used to reduce the probability of an adverse even occurring or reducing it’s impact
• It is a risk mitigation activity, to provide information about identified risks, as well as providing information on residual (unresolved) risks

Question 28

In risk based testing, what are the results of product risk analysis?

Answer 28

• Determine the test techniques to be employed
• Determine the particular levels and types of testing to be performed (e.g., security testing, accessibility testing)
• Determine the extent of testing to be carried out
• Prioritize testing in an attempt to find the critical defects as early as possible
  -Determine whether any activities in addition to testing could be employed to reduce risk (e.g., providing training to inexperienced designers)

Question 29

Risk management activities provide a disciplined approach to?

Answer 29

• Analyze (and re-evaluate on a regular basis) what can go wrong (risks)
• Determine which risks are important to deal with
• Implement actions to mitigate those risks
• Make contingency plans to deal with the risks should they become actual events