Skip to content
Search upcoming classes
Course Name
Get $250 OFF select training courses for a limited time with code CPL250.*
*Offer available until 12/31/2020. Some exclusions apply. Not valid for eLearnings, SAFe®, or Scrum Certification courses.

Risk-Based Testing

Testing is far more than finding defects so they can be fixed. Testing can be one of our most potent techniques for managing risk on software projects. While finding and fixing every defect before release is not a reasonable expectation, Risk-Based Testing (RBT) techniques can help us to find the worst defects and ensure that the most critical functionality is high quality.

In addition to being a great strategy for testing, RBT gives us a solid basis for ensuring that we have appropriate time and resources for testing, and for making a strong business case for more when additional allocations are called for.

In this software testing training course, you will walk away with a clear way of communicating the status of testing activities and the readiness of the software for release – one that focuses on the risk and critical functionality that stakeholders care about, rather than numbers of tests run and defects found.

All participants will receive copies of two important white papers on Risk-Based Testing by a leading voice on the topic, James Bach. "Heuristic Risk-Based Testing", and "Troubleshooting Risk-Based Testing (Solutions to Four Common Problems)".

Available formats for this course
Live Online
Corporate Online
1 day/8 hours of instruction
Education Credits
7 PDUs
1 Strategy PDUs
6 Technical PDUs
7 PDUs

Get the full details on this course Download the .PDF Brochure

Part 1: Understanding Risk

We begin by leveling the playing field. We ensure that all class participants have an accurate understanding of risk and its constituent parts. This will be the foundation upon which we build the rest of the course.

  1. Definition of Risk
  2. Anatomy of a Risk
  3. Software Risks
  4. Testing and Software Risks

Exercise: Understanding Software Risks – We will discuss several risks that are common in software and apply the concepts of this chapter to fully explore and understand them.

Part 2: Risk-Based Testing Overview

There are four steps in fully implemented Risk-Based Testing. In this overview, we will identify each step and discuss how they are related to each other.

  1. Step 1: Identify & Rank Software Risks
  2. Step 2: Risk-Based Test Planning
  3. Step 3: Risk-Based Test Design
  4. Step 4: Risk-Based Test Management

Part 3: Identify & Rank Software Risks

Before we can use Risk as a driver for software testing, we must identify the software risks that are inherent to the project at hand. Then having identified them, we will determine their relative priorities.

  1. Identify Software Risks

Exercise: Brainstorm Software Risks – For our Case Study project, we will brainstorm possible software risks using the techniques just discussed. For each risk, we will identify the vulnerability that may allow it, the trigger that may cause it, and the effect that it may have on the project or the users of the software product if it occurs.

  1. Evaluate Each Risk

Exercise: Evaluate Each Risk – For each risk we just identified for our Case Study project, we will compute its priority by considering the probability that the vulnerability and trigger will coincide, and the severity of its impact if they do.

  1. Evaluate Each Test Suite

Exercise: Evaluate Each Test Suite – For each Test Suite on our Case Study project, we will determine its importance in terms of Risk, and identify those test suites that should be split up to ensure appropriate testing.

Part 4: Risk-Based Test Planning

Risk-Based Test Planning uses the risks inherent in the project as the basis for focusing testing effort and resources. Higher priority risks will receive more focus, while less risky parts of the product receive correspondingly less attention.

  1. Estimate Test Cases by Risk

Exercise: Estimate Test Cases by Risk – For each Test Suite on our Case Study project, we will determine how many Test Cases must be executed to address the identified risks.

  1. Testing Resources Based on Risk
  2. Negotiate Testing Resources

Exercise: Risk-Based Testing Resources – For each Test Suite on our Case Study project, we will use the estimated number of Test Cases to produce ROM (Rough-Order of Magnitude) estimates of effort (e.g. person-days) and calendar time to address the identified risks. We will also identify any special resources (people, equipment, etc) that are required.

  1. Risk-Based Test Activity Planning

Exercise: Risk-Based Test Plan – We will use the principle of testing high-risk items first and our ROMs (from the prior exercise) to prepare a Risk-Based testing activity plan. Then we will compare that plan to the over-all project schedule and identify points to be negotiated.

Part 5: Risk-Based Test Design

Merely focusing appropriate effort on risky Test Suites does not go far enough. That time must be spent doing the right things. In this section, we will use our Risk analysis as the basis for designing the right Test Cases for each Test Suite.

  1. Traditional (Requirements-Based) Test Design
  2. Designing Tests for Risks

Exercise: Risks-Based Test Design – For one of our riskier Test Suites, we will identify every Test Case that must be included to appropriately address all of the identified software risks. Then we will evaluate the entire Test Suite to ensure that it has indeed remained focused on the identified Software Risks.

Part 6: Risk-Based Test Management

Risks are moving targets. Planning our testing based on the risks that can be identified at the beginning of the project is an important first step. But that plan must stay focused on risks, even as those risks evolve. And the evolution of those software risks gives us important insights into the readiness of the software product for release.

  1. Risks Evolve
  2. Risk-Based Testing Must Evolve
  3. Track Known Software Risks
  4. Brainstorm New Software Risks
  5. Adjust Risk-Based Test Plans
  6. Rework Risk-Based Test Designs
  7. Report of Software Risk Changes

Exercise: Risk-Based Test Management – We will use our initial risk assessment to compute the software product's Risk Index. (This Risk Index can be used to track the evolution of software risks throughout the project.)

Part 7: Achieving Success with Risk-Based Testing

Gaining the biggest benefits of Risk-Based Testing requires that testers not only embrace these principles in their own work, but also that they work with the rest of the software development organization to integrate risk-based principles into the way software projects are conceived and managed.

Discussion: Risk Based Testing – Each participant will identify the actions that need to be taken within their organization to take the greatest advantage of Risk-Based Testing.

This course is designed for participants who plan, manage and perform software testing. It would be beneficial for:

  • Managers of Software Development organizations
  • Software Project Managers and Team Leads
  • Testing Managers and Team Leads
  • Software testing professionals
  • Business Analysts

Risk-Based Testing Schedule

There are currently no scheduled classes for this course. Please contact us if you would like more information or to schedule this course for you or your company.

Learn more about corporate team training