Asking questions is one of the most effective ways to uncover risks and assumptions in a project. By focusing on the right questions, you can find gaps, clarify vague areas, and uncover details that might otherwise go unnoticed. Letâs practise these skills as a community and see what we find!
In this activity, youâll take on the role of a tester joining the Bling-R-Us e-commerce project. Youâre tasked with reviewing the project background provided and the Bling-R-Us website to uncover risks by focusing on the most critical questions to ask.
Task steps:
1. Review the project background
Read the provided background details about the Bling-R-Us project to understand the goals and context. Take note of anything that stands out as unclear or risky.
2. Explore the Bling-R-Us website
Navigate the site and observe:
Features: Whatâs available, such as the shopping cart, payment options, or product information.
Behaviour: How the site works, including navigation, responsiveness, or error handling.
Gaps or assumptions: Is anything missing, vague, or unexpected? Keep track of anything that seems worth questioning or investigating further.
3. Develop three key questions
Based on your observations, come up with three questions you would ask that would help you gather useful information quickly. Focus on areas like:
Assumptions in the requirements or setup that might not be accurate.
Gaps that could cause risks or confusion later on.
Key areas like user experience, security, or legal compliance (e.g., GDPR).
Consider using a âWhat would happen ifâŠ?â format to help uncover risks.
4. Document your questions and reasoning
For each question, explain:
Why youâre asking it: What potential risk or gap are you trying to uncover?
How it could help the team: How does this question guide the team or improve testing?
5. Share your work to help others
Reply to this post with your three questions and reasoning. Why not include any insights or surprising risks you uncovered during your analysis?
Why take part?
By sharing your questions, youâre helping others see how thoughtful questioning can uncover risks and assumptions in a project. Your examples might spark new ideas or help someone else tackle similar challenges. Itâs also a great way to practise asking meaningful questions and grow your confidence.
Have so many questions! But the three main ones were:
If the end goal is for user to place an order with ease - was UX design/accessibility considered?
Example the Add Message field - there was no character limit, even though the description next to the product says âgenerally 30-35 charactersâ or âNo more than 20 characters per rowâ
Risk that customer puts in more characters than the ring can have engraved, and increased chance of customer complaints
If data handling and GDPR are a priority as per the A/C -this not mentioned on the FAQs or About Us section, e.g. Your rights as a an individual. Usually Privacy policy would be included. Would also be looking to add in Terms and Conditions at the checkout also.
What security is enabled around payments? There is a third party software payment gateway advertised on the site, but not entirely clear if thereâs encryption, other security measures esp credit card security.
A big risk is how weâre joining the project late in the day. As well as modelling the system & focusing on areas that concern us, I think it is also useful to understand what the process has been for development. My opening question (with many follow ups) would be around how weâve been testing already. Have the devs been writing unit or E2E tests? Have they been testing their own work? What areas have better coverage already?
The other two questions that I gave in my portfolio were on data management and deployment/hosting to understand how much of a risk there is there.
I use this framework as a way of focusing my questions - either narrow or wide angle:
Scope - the why and the what? But also âwhy nowâ and â why not laterâ?
Complexity - is it a complex area of the business? Is the technology being used complex. Use the cynefin framework to get a sense of the complexity we are dealing with.
Assumptions - what claims are being made without evidence? What language is being used: could and should?
Risks - what are the risks to the project? What risks will the project/release introduce? Are they techincal or business risks.
Impacts - downstream and upstream. Where does this fit in the process/architecture? Will it affect systems and process downstream? Do upstream systems/processes need to be changed? Is this consistent with what we have done before?
These are sample questions I have provided.
Iâve found that this is an iterative process and not linear. You start off in one area, which triggers questions in another but it can be a way to see the wider picture but also drill down.
