A 20 second intro to risk based testing..

What – Identify and rank features according to risks, and focus on high risk areas

Why – Instead of buck-shot approach, try a targeted approach to testing

Two approaches – Inside out risk analysis & outside in risk analysis

Inside-out risk analysis: Brainstorm internal working of a component, walk through the design and understand the vulnerabilities, threats & victims

Outside in risk analysis: Explore a functionality from the outside, use different type of ‘risk checklists’ like risks from past experiences, ‘ilties’ list, domain / industry specific check list

Best to create risk matrices giving an overview of different features, their risk level and associated heuristics to use