CTFL Syllabus

5.5. Defect Management

3 min read

5.5. Defect Management

Since one of the major test objectives is to find defects, an established defect management process is essential. Although we refer to “defects” here, the reported anomalies may turn out to be real defects or something else (e.g., false-positive result, change request) - this is resolved during the process of dealing with the defect reports. Anomalies may be reported during any phase of the SDLC and the form depends on the SDLC. At a minimum, the defect management process includes a workflow for handling individual defects or anomalies for their discovery to their closure and rules for their classification. The workflow typically comprises activities to log the reported anomalies, analyze and classify them, decide on a suitable response such as to fix or keep it as it is and finally to close the defect report. The process must be followed by all involved stakeholders. It is advisable to handle defects from static testing (especially static analysis) in a similar way.

Typical defect reports have the following objectives:

  • Provide those responsible for handling and resolving reported defects with sufficient information to resolve the issue
  • Provide a means of tracking the quality of the work product
  • Provide ideas for improvement of the development and test process

A defect report logged during dynamic testing typically includes:

  • Unique identifier
  • Title with a short summary of the anomaly being reported
  • Date when the anomaly was observed, issuing organization, and author, including their role
  • Identification of the test object and test environment
  • Context of the defect (e.g., test case being run, test activity being performed, SDLC phase, and other relevant information such as the test technique, checklist or test data being used)
  • Description of the failure to enable reproduction and resolution including the test steps that detected the anomaly, and any relevant test logs, database dumps, screenshots, or recordings
  • Expected results and actual results
  • Severity of the defect (degree of impact) on the interests of stakeholders or requirements
  • Priority to fix
  • Status of the defect (e.g., open, deferred, duplicate, waiting to be fixed, awaiting confirmation testing, re-opened, closed, rejected)
  • References (e.g., to the test case)

Some of this data may be automatically included when using defect management tools (e.g., identifier, date, author and initial status). Document templates for a defect report and example Defect Report can be found in the IEEE 29119-3 standard, which refers to defect reports and incident reports.

<< Previous Section | Next Chapter >>

Graph View

Backlinks