The third step in the risk management is risk mitigation or risk control. After assessing the risk in your project you must control them. In order to control the risks you can use following options.
- Mitigation: In mitigation we take preventive measures to reduce the likelihood of the risk or to reduce the impact of the risk in case it occurs.
- Contingency: In case if the risk becomes an outcome the we have contingency plan to reduce the impact of the risk.
- Transferring to another party: In this case we transfer the risk to third party who will accept the consequences of risk if it occurs.
- Lastly, you can also have a plan to accept the risk and the consequences in case the risk occurs.
Certain project risks which you should be concerned about are:
- Test tools and environment availability
- Skills of test team
- Availability of resources (Software, hardware)
- Availability of testing staff
- Lack of standards and techniques for testing
You should try to mitigate risk before your test execution starts. For this you can prepare test environments well in advance, start testing of early versions of the product, having tough entry criteria for testing, participating in review discussions etc.
Quality risk control should be addressed throughout the software development life cycle, like reviewing requirement and design documents to find issues with non feasible requirements and buggy design.
During test execution you mitigate quality risks of product. When you find defects you reduce risks by providing awareness of defect and how to handle it well in advance before the release dates.
So. finally we can conclude that risk control is the activity which is carried out throughout the software development life cycle and not limited to any specific phase of testing.