Risk Based E-Business Testing (Artech House Computer Library,)

This book is written for the software tester and/or test manager, but not just those professionals who test eBusiness Web sites. Rather, there is something in here for any software tester, or IT manager who has responsible for software quality. In some ways this book is actually 4 books in one - the first part of the book focuses on using Risk to drive the test strategy for a product being evaluated, an approach that works as well for testing embedded software in aircraft engines, as for testing a Web site used for eCommerce. For example, in Chapter 3 Paul & Neil pose age-old software testing questions such as; "how good was your testing?" and "when can we stop testing". Later providing answers based on a systematic ( & defensible) approach, as opposed to good old fashioned "gut feel". Part II provides a high-level overview of some of the more common risks that a Web site might face, and then applies the risk based testing strategy discussed in part 1 to this particular problem domain. In effect, providing a high-level generic case study for risk based testing. Part III is the largest section in the book, and is a series of 9 Chapters that go into the details of how to test Web sites. The last chapter in this section focusing on tools that can be used to automate many of these tests. The last part of this book; looks at some of the common challenges a testing team might face when trying to implement any new approach to software testing (i.e. many of these aspects being applicable to any testing environment, not just eCommence Web sites).For example; how to handle incident management, staff retention, and Beta testing. In summary; this book has something for anyone involved in software testing (whether it is as a test executioner or in a test management capacity). Please do not let the title lead you into believing that this book is only appropriate for testing Web app's; there is plenty that is applicable for any software testing effort - especially the concepts of applying a risk based approach to determining what to test, and when to test it. Note, additional details on this book can be found at [...] Also, in the vain of "full disclosure", you should know that I've known Paul for many years, and consequently I cannot be considered a completely impartial reviewer.

This is a relevant text now. And even when e-business ceases to be a buzz word, this book will still have enough material, on the broader needs for risk-based testing in an organization, to remain relevant.Each of the 20 chapters reads like an individual essay allowing you to dip in and out for reference purposes and, given that some of the sections have a lot of useful information buried in them, I suspect that you will want to do this.The approach to risk based testing presented in chapters 2 and 4 is a useful one for helping the reader plan and approach test planning. From an identified risk, the tester builds a test objective. These are used as high-level test conditions which, hopefully, help determine if the risk has been mitigated or not. The later technique chapters provide examples of the risk->test objective translation and that is obviously a useful thinking technique.<p>Chapter 4 in particular 'Risk-Based Test Strategy' will be a popular reference source for many testing projects.<p>The web testing coverage is pragmatic, introduced in good order and provides a good overview of the technicalities of web testing. There is an interesting section in the Appendix which demonstrates how effective simple homegrown automation can be for web testing.<p>More important for this text though, than the drilling down to extreme testing of web technicalities, is the extended coverage of web testing over the life of the project and understanding how the traditional phases of the testing life cycle apply to e-business projects.<p>In summary then, a good book for management, and for testers that want to look beyond their collection of test scripts and concern themselves with the needs of the business.

The title of this book need not deter you. Yes, it is aimed at both Test Managers (the risk elements) and at web testers (the E-Business content). However, if, like me, you fall into neither category, it is still a very worthwhile addition to your reading list and workplace library.The authors use very practical examples from real life testing to illustrate points. A continuous analogy of an individual E-Business being like a shop, with potential walk-in customers, works very well. Some rather startling facts emerge too; the average visit to the Systeme Evolutif web-site (of which Paul Gerrard is the web-master) is less than two minutes. I am sure that is true of a lot of sites, including those that are payment-now, real business sites.Everyone in testing seems to promote 'risk'. Here is a strategy for answering the inevitable questions on ready-for-live issues based on whether risks have been addressed. "When enough tests have been prepared, executed and passed to convince the risk-owners that the risk has been addressed, enough testing has been done".I have dabbled in web testing, both formally and informally (the latter probably every time I use the internet). The techniques for addressing real and perceived E-Business risks have a large carry over into other (i.e. non E-Business) test forms. The sections on performance, usability and Large Scale Integration rung some bells with me, and the use of tools is both encouraged, and discouraged. Strange as it may seem, the way of doing this did not seem to be contradictory. The sections on why the concept of E-Business is different only seeks to place MORE emphasis on why a coherent risk strategy is necessary. With web applications, not only is the time-to-market critical, but the price of failure can be so much more disastrous.Use of American spelling and currency (everything is quoted in dollars) jars for the British reader, and look out for the words "we", "us", and "our". These are sometimes used a little ambiguously. (Ask who "us" refers to). However, expect to be challenged, and encouraged on to the land of better testing. There is a wealth of source material provided, especially on tools, and toll providers. There are lots of web-based references; additionally, a significant number of articles and books referenced are from 2001 or 2002.The preface gives one of the reasons for the book being the ordering of the vast quantities of information that there is around. What was set out as an aim has been achieved, and both Paul and Neil have brought their experience, knowledge and communications skills to benefit us all. One of the dedications says: "To all those testers who do the best they can, but always think they should do more". I for one appreciate that the book was written for me. Thanks.

Although the focus is on e_business testing this book has changed my views about the realities of risk-based testing for any environment. First, the authors give a dose of reality regarding the differences between 'best practices' provided in the testing body of knowledge that is growing into hundreds of books (less than two years ago there were only a few dozen books on software testing, so this is a positive trend for the profession as a whole). Second, the fallacies in conventional risk-based testing are exposed. Here the authors propose that testing be exclusively focused on product risk, instead of trying to encompass the wider scope that includes project and process risk. This, in my opinion, is sage advice and keeps testing focused on areas where it can contribute to a project's success.Among the strong points of this book are it's clear writing, which is full of examples, and the logical sequence in which the material is presented. In addition, the clear definitions of general risk management and associated processes and procedures, and how it all ties together are among the most succinct I've read. However, the best aspect of this book is the way the chapters build upon each other, and the complete coverage of risk-based testing. Specifics include a general chapters on risk-based e-business testing and types of web site failures that lay the foundation for the technical aspects of the book. These are followed by chapters that show how to develop an e-business test strategy, how to fit risk analysis to a test process, and a comprehensive treatment of test techniques and tools. The latter is especially valuable because it covers the full range of testing techniques that are tailored to e-business testing, which includes static, web page integration, functional, service and usability testing. This part of the book also includes security testing and large scale integration testing - both of which make this one of the most complete collections of test techniques for e-business as well as general testing.The remainder of the book covers the context of e-business testing (including brief advice on how it fits within Extreme Programming and the Unified Process), E-business test organization, planning and specifications (a wealth of information for the test manager), and E-business test execution (which also addresses important topics such as incident management and testing in a live environment). The two appendices, Essential Web Technologies for Testers and Web Testing Using Home Brew Tools are also valuable.I highly recommend this book to anyone who is involved in E-business testing, and also recommend that it be used in conjunction with Systematic Software Testing by Rick D. Craig by Stefan P. Jaskiel (ISBN 1580535089), which nicely augments this book.