Analyze Requirement Risks

8/3/2019 Analyze Requirement Risks

http://slidepdf.com/reader/full/analyze-requirement-risks 1/16

NCR Confidential1

Analyze Requirement Risks Analyze Requirement Risks

Presented by Hima Bindu



NCR Confidential2

Agenda

Add Traceability links between requirements

Perform risk analysis for requirements



NCR Confidential3

An Introduction to Traceability

After creating requirements in the requirement tree, you can establish

traceability between requirements. Requirements traceability is a QC

feature that enables you to define a link between multiple requirements.

While analyzing the impact of a change imposed in a specific requirement,

the traceability link enables you to identify other requirement that the

change might effect

You use the REQUIREMENT DET AILS view to add traceability links to and

from a requirement. In the right pane of the REQUIREMENT DET AILS view,

click the REQUIREMENTS TR ACE ABILITY tab



NCR Confidential4

Requirement Relationships

You use the REL ATIONSHIPS tab to view traceability links that existsbetween requirements. In addition, the REL ATIONSHIPS tab enables you

to add and remove traceability links between requirements. The

REL ATIONSHIPS tab provides the TR ACE FROM and TR ACE TO grids for

working with traceability links

TR ACE FROM : This grid displays requirements that affect the requirementselected in the requirement tree.

For e.g. The above fig shows that the P AYMENT METHODS requirement is

affected by any changes to the C ANCEL RESERV ATIONS requirement



NCR Confidential5

Continuation«.

The TR ACE TO grid displays requirement that are affected by a change to

the requirement selected in the requirement tree

For e.g. The figure shows that any change to the P AYMENT

METHODS requirement affects the AIRLINE COMP ANIES requirement

After establishing traceability relationships in the REL ATIONSHIP tab, you

use the IMP ACT AN ALYSIS tab to analyze the impact of requirement

changes by reviewing the relationships

The IMP ACT AN ALYSIS tab displays requirements in a hierarchical

structure. Each requirement in the requirement tree displays an icon. You

use these icons to understand the associations and dependencies that exist

between requirements



NCR Confidential6

Continuation«.

For e.g. In the above fig, in the TR ACE FROM tree, the icon displayed with theBOOKING SYSTEM requirement symbolizes that P AYMENT METHODS istraced from BOOKING SYSTEM, which is a parent requirement. This

means that any changes to BOOKING SYSTEM or its child requirementsaffect P AYMENT METHODS

Similarly, in the TR ACE TO tree, the icon displayed with the AIRLINE COMP ANIES requirement symbolizes that P AYMENT METHODSis traced to AIRLINE COMP ANIES, which is a child requirement. Thismeans that any changes to the P AYMENT METHODS requirement affects AIRLINE COMP ANIES and its child requirements.



NCR Confidential7

Risk Based Testing Process

While planning tests for your requirements, you often face challenges, such

as inadequate resources, which force you to compromise and only partially

test some requirements. You identify requirements that have a low criticality

or have only a minor risk associated with them

After identifying the criticality and risk associated with requirements, you

use the risk based testing feature in QC to calculate the level at which each

requirement must be tested. The four testing levels defined in QC areFULL,P ART AIL,B ASIC AND NONE

Risk-based testing uses the requirement type and resource availability to

calculate the testing level.

For e.g. A requirement of type FOLDER is at a high level in the

requirement tree and has child requirements. You access the risk

associated with all child requirements and based on this assessment,analyze the risks associated with the parent requirement. The parent

requirement is the analysis requirement and the child requirements are the

assessment requirements



NCR Confidential8

Identifying Analysis and Assessment requirements

For e.g. the below figure shows the Requirement Folder, which is the

parent of Login, Link Accounts, and Print Account Summary

requirements. Any risk that impacts Login, Link Accounts, and Print

Account Summary, also impacts Requirements. You assess the risks

associated with Login, Link Accounts, and Print Account Summary

and use this risk assessment to analyze the risks associated with

Requirements. Therefore Login, Link Accounts, and Print Account

Summary are assessment requirements and Requirements is an

analysis requirement



NCR Confidential9

To perform risk- based testing you:

Establish Business criticality : You determine how critical a requirement is

for your business. For E.g. Online banking application requires that user must able to access for at least 23 hrs for a day, if not it gives negative

impact on your business

How to perform Risk Based Testing Process



NCR Confidential10

Continuation«

Establish Failure Probability : You determine the likelihood of failure of atest associated with a requirement. Determine failure probability enables

you to devise mitigation strategies well in advance. For E.g. if the online

applications is being inaccessible is high, you can deploy a backup server

for load sharing

Perform risk analysis : Based on the business criticality and failureprobability of a requirement, you allocate testing time for the requirement.

Based on the testing time, QC calculates the testing level for the

requirement and you use this testing level to determine whether a

requirement should be tested fully or partially

View Analysis results : After performing risk analysis, you view the analysisresults using graphs



NCR Confidential11

How to Establish Business Criticality?

To establish business criticality for a requirement :

In the REQUIREMENTS DET AIL view, from the requirements tree, select a

requirement and in the right pane ,click the RISK tab

On the RISK page, click the BUSINES CRITIC ALITY tab. The BUSINESS

CRITIC ALITY page displays a list of criteria used to determine the business

criticality of the selected requirement

Assign Value to a criterion, and Description of the selected criterion

After you assign a value to each criterion ,QC calculates the business criticality of the

requirement and displays it in the C ALCUL ATED BUSINESS CRITIC ALITY field



NCR Confidential12

How to Establish Failure Probability?

After Defining the risk category for each requirement, you determine how much time

each requirement need to be tested. To establish the failure probability of a requirement :

On the RISK page, click the F AILURE PROB ABILITY tab. The F AILURE

PROB ABILITY page displays a list of criteria used to determine the business

criticality of the selected requirement Assign Value to a criterion, and Description of the selected criterion

After you assign a value to each criterion ,QC calculates the failure of the

requirement and displays it in the C ALCUL ATED ASSESSMENT V ALUE field



NCR Confidential13

Performing Risk Analysis

After establishing the failure probability for assessment requirements, you

perform risk analysis by allocating testing time to the analysis requirement

To perform risk analysis:

In the REQUIREMENTS DET AILS view, from the requirements tree, select theanalysis requirement you want to analyze

In the right pane, click the RISK tab

Under RISK AN ALYSIS, in the TOT AL ALLOC ATED TESTING TIME field ,typethe time available to test the requirement and its children

CLICK PERFORM RISK AN ALYSIS.QC calculates the testing time and testinglevel of each assessment requirement



NCR Confidential14

Drilling Down into Results

To view the requirements included in each risk category, click a segment in the

requirements per risk graph. The drill down results window appears with a list of

requirements in the risk category

After viewing the results compare the total calculated testing time with the number of

available resources. If the number of available resources is not sufficient to test the

requirement ,you should reduce the testing level of the assessment requirements or reduce the testing time assigned to each testing level

After reducing the testing level and time, perform the risk analysis again. After you

are satisfied with the results, click S AVE AND APPLY TO CHILDREN to apply

changes to all assessment requirements



NCR Confidential15

Generating a Risk Report

After finalizing the testing policy for your requirements, you can generate a risk report

that details your testing strategy for the analysis requirement

To generate a risk report :

On the RISK page, click GENE ART REPORT. The GENE ART REPORT dialog boxappears

In that box type the default location field, name and location of the file to which you

want the data to be exported

Click GENE ARTE,QC generates and saves a report in the specified location



NCR Confidential16

Review Questions

A) What is the purpose of adding traceability links between requirements

To identify the impact of change

B) During which step of the risk-based testing process do you determine

the time needed for testing a requirement? After finding Business Criticality and Failure Probability

i.e., Under Perform Risk Analysis

Documents

Analyze Requirement Risks