Project Risk Analysis & Solutions in Test Management

Details

What is Risk Analysis?

Risk is the probability of occurrence of an undesirable event.

Risk analysis is the process of analyzing the risks associated with your Testing Project.

For the success of your project, Risk should be identified and corresponding solutions should be determined before the start of the project.

In this tutorial, we will discover the first step in Test Management process: Risk Analysis and Solution with the help of a case study.

In this topic, we will discover the first step in Test Management process: Risk Analysis and Solution with the help of a case study.

The application under test is demo.gtupapers.com, you can refer the Software Requirement Specification here.

The gtupapers Bank will have two roles

Following features/modules will be available to these two different roles Here is a little tour of the website

After reading the requirements documents, you may have realized that the website has too many functional and complex scenarios.

Here is the situation -

  1. The gtupapers banking website has already finished the development phase. Now it starts the Testing phase. Sadly, you were not involved early during the requirements phase
  2. Your boss needs you finish the testing in one month only with a limited budget, but expects great quality.
  3. A team member who is an experienced engineer, tells you
If you choose the action B, here are the results after one month
  • The project is a mess and took all of your resources and time. The employee’s workload increased drastically & they feel stressed and overloaded
    • The above example illustrates the importance of Risk analysis in Test Management.

    Risk management helps you in –

    The risk, which was mentioned in above example, is just one of many potential risks that may occur in your project. You should identify them and make the decision to deal with them ASAP!!!  So, the correct action in that example is action A.

    Hence, Risk analysis is important

    How to Perform Risk ANALYSIS?

    It’s a 3-Step process

    1. Identify the Risks
    2. Analyze Impact of each Identified Risk
    3. Take counter measures for the identified & Analyzed risk

    Step 1) Identify Risk

    Risk can be identified and classified into 2 types in software product Project risk can be defined as an uncertain event or activity that can impact the project's progress. The impact has a positive or negative effect on the prospects of achieving project objectives.

    There are primarily 3 categories of Project Risks It is a risk related to your human resource or your Testing team. For example, in your project, lack of technically skilled members is a risk. Not having enough manpower to complete the project on time is another risk.

    Your project doesn't have any organization risk
    Create stronger team and foster an environment of co-operation

2. Does each team member has the skill to do his/her job??

A) Yes

B) No

Your project doesn't have any organization risk
Build the training course to skill up members

3. Compare to project size and schedule, do we have enough human resource to finish this project at the deadline?

A) Yes

B) No

Your project doesn't have any organization risk
Ask the project board to get more human resource

If you answer all the above questions, you will easily identify the potential risks, which may affect to your project.

Technical Risk is the probability of loss incurred during the execution of a technical process such as untested engineering, wrong testing procedure…etc. Here is an example of technical risk

The risk involves an external entity. It is the risk which may come from your company, your customer but not from your project.

The following picture shows you an example of business risk. In such case, the Test Manager has to find out the solutions to deal with the risk such as:

Product Risk

Product risk is the possibility that the system or software might fail to satisfy or fulfill the expectation of the customer, user, or stakeholder. This risk is related to the functionality of the product such as Performance Issues, Security Issues, Crash Scenarios, etc.

Following are examples of a few product risks -

Now back to your project, is there any product risk in the Guru 99 Bank website? To answer this question, you should follow the following steps

 

Incorrect

Correct

2. Is the website usable for customer?
A) Yes

B) No

Correct

Incorrect

3. Which other functions, website should have?
A) Secure Fund transfer

B) User can register new account

C) No need more functions

Incorrect
Correct

Step 2) Analyze the impact of the risk occurring

In the previous topic, we already identified the risks which may hamper your project. Here is the list of risks identified:

Next, you should analyze these risks.

Each risk should be classified on the basis of following two parameters

Using the matrix below, you can categorize the risk into four categories as High, Medium, and Low or values 3,2, 1

50% chance to occur

Low (1)

Low probability of occurrence

 

High (3)

Cannot continue with project activity if it is not solved immediately

Medium (2)

Cannot continue the project activity if it is not solved

Low (1)

Need to solve it but it is possible to take alternative solution for a while

Consider the following Risks

Risk

Probability

Impact

Priority = Probability* Impact

Project deadline not met

3

3

9

Electricity Failure

1

2

2

Based on the above priority you can take the counter measures mentioned in below table

 

Priority

High Take mitigation action immediately and monitor the risk every day until its status is closed.

Middle

Monitor the risk every week at internal progress meeting

Low

Correct.
Incorrect.
  1. The testing environment may not be setup properly like real business environment
Correct.
Incorrect
  1. Your project budget may cut by half because of business situation
Correct.
Incorrect
  1. This website may lack security features
Correct.
Incorrect.

Step 3) Take COUNTERMEASURES to mitigate the risk

This activity is divided into 3 parts The project manager needs to choose strategies that will reduce the risk to minimal. Project managers can choose between the following four risk response strategies

A. You may not have enough human resource to finish the project at the dead line
This risk cannot be avoided because of company’s situation; you cannot request more human resource for the project. In such case, you can reduce the impact of risks by choosing some options below B. The testing environment may not be setup properly like real business environment
This risk could be avoided if you do the following activities C. Your project may cut by half because of business situation
This risk is a critical; it may prevent the whole project from proceeding. In that case, you should do D. This website may lack security features
This risk is considered as Medium priority, because it doesn’t affect to the whole project and could be avoided. You can request the development team to check and add these functions to the website.

Register Risk

All the risk must be recorded, documented and acknowledged by project managers, stakeholder and the project member. The risk register should be freely accessible to all the members of the project team.

There’re some useful to register risk such as Redmine, MITRE... etc.

Monitor and Control Risk

Risks can be monitored on a continuous basis to check if any changes are made. New risk can be identified through the constant monitoring and assessing mechanisms.

For better risk management, you can refer Risk Management template include in this article

 

YOU MIGHT LIKE: