In the projects that LimePoint works on, we always consider ‘RISK’. It is important we place strong emphasis on managing risk, to know when there are gaps in QA or testing, and to recognise when the TestSuite does not give a good indication of business risk.
Risk metrics don’t get discussed as much as they should be in DevOps circles. However, the savvier outfits measure ‘Risk’ significantly more frequently than the others.
I recently read a report stating 80% of firms believe they deliver within acceptable business risk, but fewer than 25% state that their QA and testing processes completely cover business risk. The significant disconnect here is that people assume that more tests means more business risk coverage, which is not the case.
The other issue I see is that most test results focus on pass/fail status. This doesn’t provide the required insight into whether the release has an acceptable level of risk. As companies move towards continuous delivery and automated releases, real-time insight into business risk is critical for rapid releases.
In closing, my question to you is … how well are you closing your risk gaps?