Blog to understand automation concepts in QTP, Selenium Webdriver and Manual Testing concepts

First Step in Risk Analysis – Techniques for Identifying Risks

The first phase in risk Analysis is identifying risks and categorization of risks. There are three categories of risks associated with software systems, Internal Risks, External Risks and Technical risks. Risk can be broadly classified into these categories. Categorization of risk into categories is known as Risk breakdown structure (RBS).

In this topic, we will discuss mainly on different risk identification techniques. In the next articles, we will discuss on what are the different types of risks.

Risk Identification Techniques:

The first step for a successful risk analysis is to identify all risks in the system during the planning stage. It is important for whole group to provide inputs in risk as individuals on specific stream are in better position to provide on the possible risks and collating all information in a RBS or specific template as used by Organisation for risk analysis. Every possible risk should be identified during the initial phase irrespective of its impact. Risk can be collected from team in following ways:



  • Brainstorming – In this process, the group comprising of team members collects in a room and discusses on every possible risk in the presence of a facilitator who knows the risk processes. Users can discuss on different approaches, interviewing team members of group, including as much stakeholders as possible, discussing on lesson learnt and risks found in similar project in the past projects.
  •  Delphi Technique – In this process, same questionnaire is sent to multiple experts by the facilitator asking for their opinions on the probable risks in the project. Once inputs are received from the expert, the facilitator shares the information back to the experts asking for their opinions again on the risks. Facilitator shares the rationale provided by different experts to the same risk with the same group. The process is continued for 2-3 rounds, and usually experts come on similar page provided based on collective rationale provided by team. For success of Delphi technique, anonymity of experts is a must and should be kept even after risk identification process completion.
  • Root Cause Analysis – Once we have the identified risk, we need to know what is the condition that will cause the risk to happen. This also provides the insight on condition that may trigger a risk and it is very much possible that root cause of multiple risks be one. Using fishbone or Ishikawa technique can be used to generate risk information and extract useful information diagrammatically from the risk.
  • Interview the stakeholder – Together with internal team, client can also be interview what are the different risk they feel on the project. Interviewing different stakeholders bring different perspective on the same issue.
  •  Assumptions– For improper information in the project, we do make assumptions. Each of the assumption you make is a risk to the Project and we should have sign off as early as possible on the assumption we have made from client Perspective.
  • Checklist Analysis – Analysis checklist of risk and discussing on the risk in checklist if the risk has been discussed, and a decision has been made. This ensures each of the risk in the system is analyzed, discussed and work upon.
  • Lesson Learnt and documentation from past project – Risk identified should be documented in a document as previous documents and lesson learnt acts as an important sources of risk applicable in current work.
  • Using SWOT – Creating a SWOT helps to identify the strength, weakness, Opportunities and Threats. Understanding Weaknesses and threats are an important source of risk identification

Understanding Risk Analysis flow

Risk is the potential loss to an organization. Projects usually have weaknesses or environment that may present threat to the project. The weaknesses can be called as vulnerabilities. Risk identified during planning phase needs to have some corrective actions called as controls which will come into action, if some risk is triggered. The controls are expected to reduce the risk or remove the risk as much as possible. Although controls and risk analysis can reduce the risk, but we can act as much as possible to reduce risk using the process.

 The risk is turned into a loss by threat. A threat is the trigger that causes the risk to become a loss. While it is difficult to deal with risks, one can deal very specifically with threats. Threats are reduced or eliminated by controls. Thus, control can be identified as anything that tends to cause the reduction of risk. If our controls are inadequate to reduce the risk, we have vulnerability. Vulnerability, therefore, can be defined as a flaw in the system of control that will enable a threat to be exploited. Risk Analysis is the process of evaluating risks, threats, controls, and vulnerabilities 


Scenarios that can happen based on how risk was handled during planning.


Case 1: Risk identified in Risk Analysis and proper control identified in case such scenario arise in future. Loss will be minimized or risk will be avoided in this case. Even in case of loss to Organisation, Stakeholder would be satisfied as the risk was expected to happen and with control in Place, the impact of the loss was reduced considerably




Case 2: Risk was identified during planning phase but proper control were not provided during analysis, thus loss was reduced but still the scenario could have been done in a better manner.



Case 3: In case no risk Analysis is in Place, in case a threat is triggered, It sends out panic within the team, though some action will be taken by stakeholder, but chances of loss to organisation are very high and it is highly possible that it is too late to correct the mistake and the loss has already done to the project. Thus impacting team, confidence with client, client business and relationship and own business also.


Once a risk happen, we have to take either of the control action which are described below:

  • Avoid the Risk – We should try to avoid the risk to convert into planning control activities to avoid risk.
  • Mitigate the Risk – In case a risk becomes an event and control were defined during planning to reduce the risk. We should have mitigation controls in place already defined during planning that would reduce impact of the risk.
  • Transfer the Risk – Insuring the project or transfer of work to specialized external team is a good way to transfer the risk in case avoiding the risk or mitigating the risk are not feasible .

  • Accept the Risk – There may be risk that does not have any solution and are not able to be channelized using either of above control action. An example could be change in regulations for a regulatory work. Such risk although should be analyzed during risk Analysis Phase


risk analysis


Risk Analysis should be done at different levels, and not only at leadership skill. Even risk Analysis should be done in everyday life periodically to identify if we are on right track or not.
In this series, in next article we will discuss on Risk templates, common risks in Quality, types of risk and how risk analysis happens



Identifying Elements in Selenium – Using By

In the previous article, we discuss on the concept and difference between FindElement and FindElements. While FindElement returns the first  webElement matching the condition, FindElements return a list of Web Elements.

We can identify a web Element using the class Name, Id, css Selector, link Text, name, partial link Text, tag Name, or Xpath property. Let us discuss now what these properties are and how to extract these in an HTML Page. We can identify the DOM structure of the objects in page. In Firefox browser, we can install the firebug add-on to identify the properties of element.


In Internet explorer, Chrome, or Firefox, Press F12 which will open the developer toolbar. Installing Firebug or similar add-on in browser helps to identify the object’s property in a better way, so is recommended to install firebug add-on in Firefox to extract object information to be used to identify object properties in a better way.


Let us take a simple example of link for Gmail in the Google Page, to understand how we can use properties in selenium to uniquely identify the element in the Page.
Consider code as shown in below image. We are focusing on element link for Gmail.



For the element gmail in the Page, we have following information from the firebug. It is a link, so tagName of the object is “a”, classname of the object is “gb_g”, Id is “gma3”, href is https://mail.google.com/mail/?tab=wm. nad name is "tna";

Now to identify this element in the Page in Selenium using different by method is explained below: 

Using Id - Iattribute can be used to uniquely identify web element in the Page. Since Id is unique for a web element in the Page. If Id is provided for an object, we should use Id to identify the object uniquely.


So suppose we use Id to uniquely identify the web element, the syntax will be:

WebElement usr= driver.findElement(By.id("gma3"));

Using TagName – We usually use tagName to find list of elements in the Page. A common example includes finding number of link in the Page.


List<WebElement> logi = driver.findElements(By.tagName("a"));
System.out.println(logi.size());

      Using ClassName - The class attribute specifies the class of element defined. Several objects in the Page can have same class and is usually useful  o get a list of objects. 


E.g: there are five edit boxes in a form. Once we click on submit with invalid data in the forms. Five different error messages will be displayed, and is very much possible, all will have same class. Using ClassName and findelements, we can get a list of webelement and extract the error message using getText Method;

WebElement usr= driver.findElement(By.className("gb_g"));

In case of using findElement, first object identified by properties will be selected as webElement.

Name - Finds element /element (s) that match the name attribute supplied.


WebElement usr= driver.findElement(By.name("name"));

      linkText – Find element that matches the exact text of the link, used for element of type link only.

     WebElement usr= driver.findElement(By.linkText("gmail"));

   partialLinkText – Find element that matches the text partially of the link based on text provided, used for element of type link only.

     
     WebElement usr= driver.findElement(By.partiallinkText("gma"));

   cssSelector – As Per Wiki Definition,In CSS, selectors are used to declare which part of the markup a style applies to by matching tags and attributes in the markup itself. Based on location of objects, its property, e.g : Id or className or relative location in the Page, we can identify the element. We will discuss various scenario and syntax to identify the element using css.


In the current example, we can identify link Gmail using css in following ways.

WebElement usr= driver.findElement(By.cssSelector("a. gb_g")); Or
WebElement usr= driver.findElement(By.cssSelector("a#gma3")); Or
WebElement usr= driver.findElement(By.cssSelector("a#gma3.gb_g")); Or
WebElement usr= driver.findElement(By.cssSelector("a[name=tna"));


      Xpath – Xpath is a query language for selecting nodes from an XML document. XPath is rendered on most HTML Pages


WebElement usr= driver.findElement(By.xpath("//a"));
WebElement usr= driver.findElement((By.xpath("//a[@id='gma3']"));
WebElement usr= driver.findElement((By.xpath("//a[contains(@href, 'https://mail.google.com/mail/?tab=wm')]”));