Home   Training   Consulting   Certification   Conferences   The Company   Bug Free Zone  Mailing List  

This tutorial covers area 5 of the Test Management Body of Knowledge (TMBOK) required for the Certified Test Manager (CTM) certification. This tutorial also counts as an elective towards the requirements of the Certified Software Test Professional certification.

For cost and cities where this course might be offered, check our Public Training Schedule.To bring this course to your test team at your location, contact our Education and Professionals Services Group.

Testing is our primary means of reducing risks related to systems and software. All testing is risk-based in that there are more potential tests than we have time and resources to run, so we choose those that address higher risks. The difficulty is adequately identifying the potential risks, for which a number of structured techniques are described. Risk management involves obtaining, directing, and controlling resources for continuously planning, strategizing, identifying, analyzing, prioritizing, preventing, responding to, mitigating, monitoring, controlling, and reporting risk. Key types of risks and identification approaches are distinguished. Powerful Proactive Testing Ô techniques are demonstrated that enhance conventional reactive testing risk analysis to enable testing higher risks not only more but earlier. Exercises aid learning by allowing participants to practice applying practical methods to realistic examples.

  • The elements of risk and risk response, and their relation to software development and testing.
  • Importance of distinguishing business, management, functional, and technical risk causes and effects.
  • Alternative methods for identifying, analyzing, classifying, and prioritizing the several types of risks.
  • Proactive Testing™ methods that enhance conventional reactive testing risk identification, response.
  • Monitoring, evaluating, adjusting, and reporting on risk activities, findings, and results.

  • NATURE AND IMPORTANCE OF RISK
    • Murphy's Law; O'Brien's Law
    • Relation of risk to software and testing
    • Classical risk management
    • Elements of risk and exposure
    • Classical risk-response techniques
    • Costs, ease of detecting, controlling vs. harm
    • Quantifying qualitative risk, tricks and traps
    • Types, classifications of risks
    • Threats, vulnerabilities, triggers
    • Risk identification approaches
    • Business, functional, and operational risks
    • Direct and indirect forms of injury
    • Management and technical risks
    • Window of market opportunity
    • Effects vs. causes risk identification
  • PROJECT MANAGEMENT RISKS
    • Most frequently encountered risks
    • Changing requirements and scope creep
    • Lack of management support, priorities
    • Typically unrecognized interrelationships
    • Features/quality, resources, schedule risks
    • Software risks--or just poor management
    • Implications for software and QA/testing
    • Traditional checklists for project managers
    • Fraud, security breaks, and sabotage
    • Evaluating risk factor checklists usefulness
    • Software risk taxonomy
  • CONVENTIONAL RISK ANALYSIS
    • Testing riskier features, components more
    • System, development practices checklists
    • Security and compliance emphasis
    • Defect categorization, root causes, trends
    • Design analysis vs. prioritizing test cases
    • Why typical risk-based testing is reactive
    • Common subjective risk judgment methods
    • Strengths and weaknesses, what's missed
  • PROACTIVE RISK-BASED TESTING
    • Proactive Testing™ Life Cycle
    • Structured model of test planning
    • Multiple levels, points of risk analysis
    • Prioritization demands knowing the choices
    • Project-level proactive risk analysis
    • Identifying overlooked project-specific risks
    • Refocusing on tests that reduce the key risks
    • Letting testing drive development
    • Gaining user, manager, developer support
    • Identifying and analyzing lower-level risks
    • Differentiating user and technical views
    • Risk analysis in test designs and test cases
    • Risks of not testing some things
    • Metrics to monitor effectiveness, efficiency
    • Anticipating and measuring operational risks
    • Risk management roles and responsibilities
    • Reporting risk status, expected and actual
    • Improving over time


Members Login


This course is also available for on-site training

Click here for details

Read What Other Test Professionals Say About IIST Courses

Course Locations
Click on city name for details and other courses offered in that city

Dallas, TX
Clearwater, Fl
San Antonio,TX

-Dec 7
-Feb 9
-Feb 23

© 2010 International Institute for Software Testing. All rights reserved.
763-546-0072 or 1-877-GET-IIST