BDTM Product Risk Analysis

Determining the risk class

A project never has unlimited time and money for testing purposes. Such constraints in terms of time and money represent constraints on the test result to be achieved and therefore reduced coverage of the product risks. As such, it is important to make well considered choices in relation to the optimum division of the available time and money across the object parts of the product that require testing. In the BDTM approach, the result of the product risk analysis provides the justification for making such choices.

Based on the insight resulting from the product risk analysis, high risk object parts can be tested more intensively than those representing a lower risk.

The product risk analysis involves analysing the product to be tested with the aim of achieving a joint view, for the test manager and other stakeholders, of the properties of the product to be tested that represent higher and lower risk levels, such that the thoroughness of testing can be related to this view.

Prior to a product risk analysis, it is important to ensure that all stakeholders have a shared framework of reference.

A product risk is the chance that the product will fail in relation to the expected damage if it does.
Product risk = Chance of failure * Damage
where Chance of failure = Chance of faults * Use frequency

The chance of failure is the chance that a product (component) will fail during operational use because it contains a fault. The presence of a fault in the product, however, does not mean that this fault will actually manifest as a failure in production. The chance that the product will fail increases with the frequency of its use.

‘Damage’ relates to the negative impact resulting from the failure of the product. Product failure may result in damage for multiple stakeholders.



Let us imagine the damage resulting from the failure of a network server. The ICT organisation suffers direct damage because it must free up employees to replace the server and pay for a new server. The client organisation suffers direct damage because employees cannot do their work (loss of time) due to the fact that the application they work in is unavailable, and as a result they cannot process customer orders (loss of revenue).

A network server failure also results in indirect damage: Another project is delayed because the ICT department must free up people to replace the server. The company’s reputation also suffers because the press publishes a negative article on the bad service.

This section describes how product risks are determined and managed. It also discusses how incomplete information should be handled and describes an alternative work method. The structure is as follows: