Risk-Based Testing

<default_to_action> When planning tests or allocating testing resources:

1. IDENTIFY risks: What can go wrong? What's the impact? What's the likelihood?
2. CALCULATE risk: Risk = Probability × Impact (use 1-5 scale for each)
3. PRIORITIZE: Critical (20+) → High (12-19) → Medium (6-11) → Low (1-5)
4. ALLOCATE effort: 60% critical, 25% high, 10% medium, 5% low
5. REASSESS continuously: New info, changes, production incidents

Quick Risk Assessment:

• Probability factors: Complexity, change frequency, developer experience, technical debt
• Impact factors: User count, revenue, safety, reputation, regulatory
• Dynamic adjustment: Production bugs increase risk; stable code decreases

Critical Success Factors:

• Test where bugs hurt most, not everywhere equally
• Risk is dynamic - reassess with new information
• Production data informs risk (shift-right feeds shift-left)