I recently posted a template for a risk management plan. The plan discusses, among other things, how to identify risk. I thought I would spend some space talking about identifying risk from a testing perspective.

But first let me ask a question about why we do risk identification. Is it possible to release a defect-free product? I suppose it depends on your point of view, but speaking practically, the answer is no. In the real-world we have constraints - limited testers, limited schedule, not enough tools, etc… So it is with this realization - no software can be perfect - that risk identification becomes so critical.
Continue Reading »