RBCS Covid-19 response: Until further notice, all public training classes will be run virtually. Remote proctored certification exams are available (view details).


Our notable partnerships give us access to the best resources and tools for the job.

Get software testing training resources:

Resources for “Quality Risk Analysis”


More and more projects involve more integration of custom developed or commercial-off-the-shelf (COTS) components, rather than in-house development or enhancement of software. In effect, these two approaches constitute direct or indirect outsourcing of some or all of the development work for a system, respectively. While some project managers see such outsourcing of development as reducing the overall risk, each integrated component can bring with it significantly increased risks to system quality. Read this software testing article to learn about the factors that lead to these risks ,and strategies you can use to manage them.

Continue reading →

Since it is not possible to test everything, it is necessary to pick a subset of the overall set of tests to be run. Read this article to discover how quality risks analysis can help one focus the test effort.

Continue reading →

A Case Study in Successful Risk-Based Testing at CA

By Rex Black, Peter Nash and Ken Young

This article presents a case study of a risk-based testing pilot project at CA, the world's leading independent IT management software company. The development team chosen for this pilot is responsible for a widely-used mainframe software product called CA SYSVIEWR Performance Management, an intuitive tool for proactive management and real-time monitoring of z/OS environments.  By analyzing a vast array of performance metrics, CA SYSVIEW can help organizations identify and resolve problems quickly.

CA piloted risk-based testing as part of our larger effort to ensure the quality of the solutions we deliver.  The pilot consisted of six main activities:

  • Training key stakeholders on risk-based testing
  • Holding a quality risk analysis session
  • Analyzing and refining the quality risk analysis
  • Aligning the testing with the quality risks
  • Guiding the testing based on risks
  • Assessing benefits and lessons

This article addresses each of these areas - as well as some of the broader issues associated with risk-based testing.  Click here to read the version of this software testing article as published in Better Software Testing.

Continue reading →

Rex Black’s pioneering Managing the Testing Process was both the first test management book and the first to discuss risk-based testing.  In this software testing article, Rex explains:

  • The benefits of risk-based testing.  
  • Why adding risk analysis to the test team’s responsibilities actually reduces their workload.
  • The importance of stakeholder participation.
  • Common mistakes that can occur in risk-based testing.

Rex illustrates these points, not through hypothetical discussion, but by examining a case study where RBCS helped a client launch risk-based testing.  Read this article to learn how to analyze risks to quality, and use that analysis to be a smarter test professional.

Continue reading →

In the Pragmatic Risk Analysis and Management process described in books such as Managing the Testing Process, Pragmatic Software Testing, and Advanced Software Testing: Volume 2, I define the following extents of testing, in decreasing order of thoroughness:

  • Extensive
  • Broad
  • Cursory
  • Opportunity
  • Report bugs only
  • None

Risk based testing does not prescribe specific test design techniques to mitigate quality risks based on the level of risk, as the selection of test design technique for a given risk item is subject to many factors. These factors include the suspected defects (what Boris Beizer called the “bug hypothesis”), the technology of the system under test, and so forth. However, risk based testing does give guidance in terms of the level of test design, implementation, and execution effort to expend, and that does influence the selection of test design techniques. This sidebar provides heuristic guides to help test managers and engineers select appropriate test techniques based on the extent of testing indicated for a risk item by the quality risk analysis process. These guides apply to testing during system and system integration testing by independent test teams.

Continue reading →

Quality Software

By Rex Black

I suspect that, in the near future, many types of software will become commoditized, just as many types of computer hardware have. The open-source phenomenon is leading the way, with Linux and Apache ascendant on the Internet. Regardless of the motives of the partisans of open-source software, the motives of the important business users of these open-source applications are clear: They want cheap software with the same quality levels as the commercial alternatives. 

Continue reading →

Risk Perception

By Erik Simmon

Risk is a highly studied subject:

  • 249 books found on an Amazingly Large Bookstore’s Website
  • Hundreds of papers, conference proceedings, tutorials, classes, and book chapters

But, few of us understand the human side of risk

Continue reading →

Engineering Quality for Bananas

By Rex Black, Daniel Derr, Michael Tyszkiewicz

[How can dumb monkeys built from free tools help you? Give this article a read to see a case study.  Originally published in Software Testing Professional magazine in 2008, these ideas and techniques are still relevant to SDETs, Technical Test Engineers, and Technical Test Analysts looking to build their own automation solutions using open-source components.]

Arrowhead Electronic Healthcare has been creating eDiarys on handheld devices since 1999. Arrowhead helps pharmaceutical research and marketing organizations document important information about how their products are being used in patients’ homes.

ePRO-LOG is Arrowhead’s third generation eDiary product. The primary design goal of ePRO-LOG is to be able to rapidly deploy diaries used for data collection in clinical trails and disease management programs.

A typical diary may include 100 forms translated in 15 or more languages, and used in several locales. This results in a large number of software builds and configurations.  As a result, we needed an automated test tool to address potential risks and to automate common tasks.

The most important quality risks we wanted to address were:

  • Reliability
  • Translation completeness
  • Functionality of UI
  • Input error checking
  • Verification of requirements

We needed an automated test tool with the following capabilities and features:

  • Address defined risks
  • Produce accurate form-flow diagrams
  • Reduce tedium and opportunity for error in manual testing
  • Save effort associated with manual testing for these risks
  • Improve time-to-market by reducing test cycle duration through 24x7 testing
  • Provide auditable documentation
  • Handle any screen flow or translation without custom test scripts (i.e., be trial-independent)
  • Be easy to implement and cost effective

This is a case study in how we reduced our risks and achieved our test automation objectives in just a few months on a total tools outlay of $0.

Continue reading →


Podcast Episodes

The Most Dangerous Fallacies of Risk-based Testing

Length: 0h 43m 17s

Mark Twain once wrote, “It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so.”  In logic, that thing you know that just ain’t so is called a fallacy.  Fallacies abound in software testing, and risk-based testing especially suffers from a number of misconceptions.  Are you laboring under such delusions?  If so, what damage is that doing to your ability to implement the most effective and efficient way to manage the risk to the quality of your software and systems?  In this free webinar, Rex will identify and dispel these fallacies, and take your questions about risk-based testing fallacies that are affecting you.

Listen now →


There are no training products in this category currently.

Copyright ® 2021 Rex Black Consulting Services.
All Rights Reserved.

PMI is a registered mark of the Project Management Institute, Inc.

View Rex Black Consulting Services Inc. profile on Ariba Discovery