In the field of software engineering, risk may be defined as the potential susceptibilities or vulnerabilities associated with a software product, which may likely to affect the software product quality at a later stage during and after the development process.
These risks may be classified into following categories:
In the field of software engineering, risk analysis may be seen as a part of the risk management activity to analyse and assess the degree of impact, possessed by each identified risk. It is used to find out, how much risk is associated with the software product.
Basically, risk analysis is done to classify the risks, identified in the software project under multiple categories so as to manage, prioritize & test them, accordingly.
A risk may be evaluated from three different views as given below:
Risks may be measured on the scale of 1 to 10 or may be classified as 'High', 'Medium' or 'Low'. However, the latter technique is better and preferred for categorizing the risks as the problem associated with the scale of 1 to 10 is that a developer or a tester may not able to differentiate between the risks, rated as 6 & 7 and may wrongly assume both of them in the same or a different category.
High risks are put in the basket of top priority whereas low risks are set to bottom most priority, for the test i.e. risks in the 'high' category needs to be tested thoroughly and on immediate basis whereas those assigned to the 'low' category may be tested at a later stage.
There are several methods, formal or informal to execute the task of risk analysis such as
However, a risk analysis process generally involves three stages of working as stated below.
Overall, it may be stated that risk analysis is a significant activity to estimate the efforts required in dealing with the risks and accordingly, preparing strategies and plan to manage it.