Tuesday, June 12, 2012

Quality is a risky business


In former posts I referred to something called the Quality Risk Assessment or QRA.

Before elaborating further, I have to cite this as the work of another author – Rex Black who is a luminary in the world of testing.

You can read about the QRA (and more besides) in Rex’s own words here*. Equally, you can buy this book.

I include a link here to a copy I’ve tucked away for safe keeping just in case – but hopefully the link above remains sound.

My interest in the QRA approach arose from the following observations

1.    I needed a systematic way of apportioning test resources to a potentially infinite task
2.    I’d made efforts with Failure Mode Effect Analysis (FMEA) but it was too resource intensive for my purposes
3.    I needed an additional offering for stakeholders so that they could see their concerns were being prioritised and addressed
4.    I wanted to maximise resources in the areas of greatest concern
5.    I wanted to do as much work up front to de-risk implementation and release activities.

It was while reading generally around the subject of testing that I came across the quality risk assessment and realised this was the tool for the job.

I include a screen shot here and a link to a specimen spread sheet here which you can help yourself to. I’ve hastily entered some specimen data for illustrative purposes.



The screen shot here only goes so far. I’ve got a few formulas to prioritise the risk categories, some charting (not sure it adds anything but certainly looks nice). The work sheet can undoubtedly be taken further and if anyone has any bright ideas, please make yourselves known. (Bubble chart of risks or a top 10 list of highest RPNs anyone?).

I’ve used data validation to constrain the severity, priority and likelihood fields to values of 1-5. I use the following definitions, but you can use what works for you.


Severity
Priority
Likelihood
1
Loss of data
Urgent
Very likely
2
Loss of functionality
Essential
Likely
3
Loss of functionality (with work around)
Valuable
Possible
4
Partial loss of functionality
Desirable
Unlikely
5
Cosmetic error
Discretionary
Very likely

Looking back at the conceptual model I proposed a while back, we can see that we’ve covered quite a bit of ground on requirements gathering (with plenty more to go), this post with the additional links should give you a solid insight into the application and use of a quality risk assessment.

I recommend having the QRA up your sleeve. If you need a tool which is widely applicable, prioritises resources and is comprehensible to a range of stakeholders, I contend there are few better tools.

No comments:

Post a Comment