This thread is to carry on and collate the conversations from Twitter.
If someone said something you want to save so others can read it, post it here!
If someone recommended a resource, list it here!
If you want to answer the questions here instead, here they are, fire away!
Look up #TestingChat on Twitter to follow the chat!
What techniques do you use to identify risks? (Information shared by participants of #testingchat on 1st June ’ 17)
TestSpere (Blue Deck)
Oblique Testing
Thinking of the worst possible headline for your product/service and reverse engineer it to see if you could make it happen
Heuristics
Analysis
Communication
Early Exploratory Testing
Bug taxonomies – Classes of typical bugs happening in a type of software. A collection of all-time bugs sorted by categories.
Do a pre-mortem standup and talk to stakeholders. Add the risks they see to a list, calculate an RPN (Risk Priority Number), and monitor.
Failure case studies.
Failure Mode Effect Analysis (FMEA)
Flowcharts and Models used to spot gaps and follow user journeys to find risks before development (It is useful to build up a Library of different user types for this sort of work.)
Cheatsheets of common project/product risks.
Drawing maps on a board whilst people talk through an idea to highlight risk due to areas not considered
Story points as estimates. Abstract out time - if there’s no agreement on relative scale then there’s likely assumptions & risk
More Techniques along with documents to refer:
a) https://www.owasp.org/index.php/Threat_Risk_Modeling
b) https://www.owasp.org/images/1/19/OTGv4.pdf
c) https://en.m.wikipedia.org/wiki/STRIDE_(security)
d) https://msdn.microsoft.com/en-us/library/ee823878(v=cs.20).aspx
Collaboratively identifying and mitigating release risks - http://katrinatester.blogspot.co.uk/2016/10/risk-based-release-testing.html
The Risk Questionnaire - http://www.a-sisyphean-task.com/2016/09/the-risk-questionnaire.html
Heuristic Risk-Based Testing - http://www.satisfice.com/articles/hrbt.pdf
Exploring uncertainties to understand them as risks. - https://www.ministryoftesting.com/2015/03/not-sure-about-uncertainty/
By asking as many relevant “what if”-questions as possible to raise awareness of possible risks.
a) http://enjoytesting.blogspot.co.uk/2011/10/release-of-my-ebook-what-if.html?m=1
b) http://enjoytesting.blogspot.co.uk/p/books.html
Challenge use of watchwords such as “just”, “only”, “quick”, “simply” as they normally indicate assumptions and therefore risk
Miscommunication risks -
http://bookviewcafe.com/blog/2010/09/02/lullaby-language-putting-your-readers-to-sleep/
Brainstorming session with developers by utilising ‘Me - We - Us’ facilitation technique.
http://aleksistulonen.com/2016/12/02/brainstorming-test-ideas-with-developers/
Generic Testing heuristics for risk assessment
