Testing of an information system should be based on the business risks for the organisation in using that information system. In practice, the test manager often takes the steps to go from risks to test coverage in an intuitive way. In this presentation, the steps to define a testing strategy are made explicit. This gives all parties involved better insight and provides a sound basis for negotiating testing depth.
A good risk assessment is a part of these steps. Very important is that this explicit way of looking at risks clearly shows that a test manager or tester can't do this alone. The involvement of users and managers of the client organisation and of project people like the developers, testers, QA'ers and project manager is necessary. Discussing risks and testing in the above way proves in practice to be real eye-openers for all parties concerned. This also enables negotiating about testing depth by letting the customer choose what should be tested how thoroughly.
The stepwise defining of the test strategy can be used for any test level and also for an overall strategy, including and co-ordinating all test levels and even inspections.
Rob Baarda is an information systems professional for more than 20 years, following the path from programmer to consultant. Since 1986 he specialised in the field of testing. Starting with developing and implementing automated testtools, Rob moved after a few years to the methodology of testing. He is now part-time researching various test subjects in the R&D department of IQUIP, besides working as an international test consultant and teaching TMap« and TPI«. He also presented in QWE'99 about Risk Based Test Strategy.