SmartBear Connect Session Recap: Maximize Test Automation Initiatives With a Risk-Based Approach
  January 08, 2019

At SmartBear Connect 2018, Carson Underwood, QA Automation Supervisor at O’Reilly Auto Parts, shared how he has implemented a Risk-Based Approach to his team’s test automation initiatives. Benefits of adopting this strategy include improved application quality, improved productivity, and reduced test redundancy. Interested in learning more about what Carson had to say? Read on to find out more.

What is a Risk-Based Approach?

A risk-based approach aims to identify the various product and project risks that can harm the timely and quality delivery of an application. In turn, these risks can guide your testing strategy by highlighting which areas of your application might require additional attention or resources.

A product risk is anything that might threaten your product, such as bad builds that are prone to failure, poor software characteristics, poor data integrity and quality, and software that does not meet requirements. All of these have the potential to harm an organization legally, as well as the incurrence of costs related to the downtime of the application.

On the other hand, project risks put the project deadline in jeopardy, preventing you from completing the project on time. Examples include organizational risks, technical risks, third-party risks, and integration/interoperability risks.

Benefits of a Risk-Based Approach

By adopting a risk-based approach, you can improve productivity and quality to reduce redundancy of tests. In identifying the biggest risks to your application, you know where to focus your testing efforts. Moreover, knowing the biggest risks and focusing your attention to these areas allows you to catch bugs earlier in the SDLC, saving your organization resources and time.

Additionally, by knowing where to shift your testing efforts you’re able to stay on top of upcoming releases for faster release cycles. The designation of different risk levels might also highlight redundant tests that have appeared as the application has evolved over time.

Implementing a Risk-Based Approach

To implement a risk-based approach, you can assign risk levels to your tests based on the severity of the impact. Carson and his team have implemented a risk scale from 1 to 5; level 1 risks are minor and level 5 risks would equate to a severe app crash that impacts usability. Level 5 risks should be addressed first, and the tests should be automated because of the impact it has on the business.

Quality gates are another important aspect of implementing a risk-based approach, which ensure the code is meeting standards that your team has decided upon. Each quality gate is designed to act as a checkpoint – if the code passes the test, it moves onto the next quality gate. If the code doesn’t pass the test, it lets the team know that it hasn’t met minimum standards that your team has agreed upon.

To help explain the risk-based approach, Carson shared how his team undertook the project of updating O’Reilly’s POS system. This was a high-risk area of the website to be overhauling, and the failure of the POS would greatly impact the operations of the business, as well as customer experience. By having previously identified risk levels for current operations and identifying the risk for the upcoming project, the team was able to understand the scope of changes that needed to be made. From there, they were able to appropriately update the tests, of course automating those that correspond to areas with a large business impact.

Watch Carson’s full presentation to learn more examples of how test automation reduces risk, as well as different quality gates you can implement in your own testing strategy.

Check out more resources from SmartBear Connect here. There are more presentations for you to explore!