Many board-level committees began this year with an important, if unoriginal resolution: "This year we must reduce the level of IT project failure", and how right they were to do so!
Research conducted by Computer Weekly and KPMG last year, identified that nearly two-thirds of organisations suffered IT project failures, at an average cost of £8m.
While there are many factors involved in this, the pressure placed on IT departments to deliver completed IT projects faster, is a key problem that led to the many high profile failures that we have all heard about. The dilemma for many of the project managers I meet, how do they deliver faster without making quality and reliability sacrifices?
If we look at software development projects, then one answer to such problems could be a risk-based testing approach.
Risk-based testing requires an organisation to identify and prioritise the areas of an application that are most critical to the business. For example, if you consider an e-commerce website, the payment system is critical, whereas the function to bring up in-depth technical information would probably be a much lower priority.
Project teams need to look at the parts of the application that deliver significant savings to the business and weigh them accordingly for risk. Take those areas of the application that process large volumes of data, or attract high numbers of users, they need to be considered carefully and given a high risk weighting if they are critical to the functioning of an organisation.
The advantage of taking a risk-based testing approach is that project teams can respond to pressure from senior managers and to go live with applications by quantifying the risk of that application failing when deployed.
Essentially, by applying a weighting of the risk of failure to the business (to the various components of the application), project teams can easily highlight those areas where they feel the risk of failure is too high. The management team can then be presented with a project plan, coupled with a detailed risk analysis, which clearly justifies the amount of time and effort required to test the application, thereby mitigating the risk of failure to the business.
The management team can then make a call on the level of risk that they feel is acceptable and adjust schedules and budgets accordingly.
This risk-based testing approach enables the IT department and the business to work much more closely to ensure that the most critical parts of the application are delivered quickly without a compromise on quality.
The unlikely scenario of the board taking some responsibility for IT project failure could be a reality if organisations take a risk-based testing approach, resulting in many more IT projects succeeding.
What do you think?
Has risk-based testing worked for you? Tell us in an e-mail >> CW360.com reserves the right to edit and publish answers on the Web site. Please state if your answer is not for publication.
Sarah Saltzman, technology manager for automated software quality, Compuware UK
This was first published in February 2003