The test manager aims to estimate the product risk for the characteristic/object part combination. He needs input from the participants in the PRA to achieve his goal. In practice, talking about object parts and characteristics is often too technical for the participants. This is why the test goals are used as a starting point for the execution of the PRA. It means that the PRA starts from the perceptions of the client and other stakeholders. Thus, the use of test goals is an essential step allowing the test manager to guide the participants through the next steps.
The step ‘Determining the elements relevant to the product risk analysis’ aims to determine, on the basis of the test goals, which elements from the total collection of damage and chance of failure elements should be included in the product risk analysis.
The advantage of this method is that it makes clear which product requirements are perceived as critical and which are not. The test manager can also check with the participants whether there is a reason that it is difficult or impossible to link test goals to some combinations of characteristic, product requirement and object part. If the participants state that no test goals have been linked for a good reason, the combination is not included in the product risk analysis.
If the participants say that there is no good reason, they must formulate additional test goals. In this case, the client must approve extension of the assignment.
Another possibility is an inability to link test goals with a product requirements. The test manager must ask the client and other stakeholders whether any product requirements are missing. This may result in a request for change.
Relating the test goals to the damage and chance of failure elements
The test goals, the damage and chance of failure elements are interrelated in the table below. It clarifies, for the client and other stakeholders, the contribution of the product risk analysis to achieving the test goals.
|Characteristic||Test goal||Process||Product requirement||Object part|
|Functionality||Demonstrate that the sales process complies with the functional requirements.||Sales||Compliance with the functional requirements||
|Demonstrate that an advice issued is logged in subsystem 1.||Sales/Advice||With an eye to the legal duty of care, the advice given and how the client decides to deviate from the advice must be recorded||Subsystem 1|
|Demonstrate that the premium calculated in the offer is correct.||Sales/offer||The offer must contain the correct premium.||Subsystem 2|
|Sales/Advice||The system must comply with the requirements for socially responsible business||System X|
|Security||Demonstrate that system X complies with the security policy.||Sales||Compliance with the security policy||System X|
|Demonstrate that the security of the web access to system X complies with the security policy.||Sales||Compliance with the security policy||Web access X|
In the example above, the participants have not formulated a test goal for the product requirement relating to socially responsible business. The test manager therefore decides, in consultation with the participants, to eliminate this product requirement from the product risk analysis.
In more detail
The test goals specified by an IT supplier aim to provide an overview of the extent to which the product complies with the specifications. The client wants to use the results of the product risk analysis to focus the test effort on the risks relating to the (partial) non-compliance with the obligations incurred.
The test goals specified by a customer organisation aim to provide an overview of the extent to which the delivered product supports the results for which the organisation aims. The client will use the outcome of the product risk analysis to focus the test effort on the risks relating to the inability or partial ability to achieve the desired results.
The test manager creates a total overview of the test goals and combines both of the interests described above into a well considered product risk analysis.
It is not necessary for the execution of the product risk analysis to continue to show the test goals in the table. The damage is determined on the basis of the combination of characteristic, process and product requirement. The chance of failure is determined on the basis of the combination of characteristic and object part.
After determining the relevant elements of the product risk analysis, the damage and chance of failure can be determined independently of each other.