Testing Risk Document
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Testing Risk Document as PDF for free.
More details
- Words: 2,177
- Pages: 15
Controlled copy
Risk Management Plan - TESTING
Prepared By
Reviewed By
Approved By
Name Role Signature Date Project ID: Release ID: QTDM-TESTRSK.xls / 2.0 / 15.11.2004
<SCI.ID.> / Ver: C3: Protected
Page 1 of 15
How to use the Risk Assessment Sheet? This Risk assessment sheet is divided into 5 sections. (a) Client Engagements (b) Program & Project management. (c) Quality & Process (d) Technology & Architecture (e) Project Specific Risks Each section contains a series of multiple choice questions based on risk sources. Based on the choice you select for each of these questions, the risk probability is assessed and displayed in the "Risk probability" cell. Risk impact needs to be given (between 0 to 1) in the next cell. Any additional risks (maximum 25) can be added under "Project specific risk" section, but, for which the risk probability and impact have to be entered. This Risk assessment sheet gives the Risk Exposure Values for each Risk source based on the response for the Risk questionnaire and the degree of Risk impact given in the worksheet. The risk exposure value can be used for Developing the Risk response Plan.
When to use the Risk Assessment sheet in the Project? It needs to be created when the project is started. It needs to be revisited during project status review or atleast when each of the planned phases is complete. This will help keep track of the changing risk perception in the project.
What is Risk Response Plan ? Risk response plan need to be developed for the risk sources given based the Risk scores (as displayed in the Risk assessment report) for the known Risk sources and any other Risk item/source that you have identified for the project/program. Both Mitigation Plan and Contingency Plan are mandatory for High Severity risks; Atleast one of Mitigation Plan and Contingency Plan is mandatory for Medium severity risks; Both Mitigation Plan and Contingency Plan are optional for Low severity risks. This sheet can also be used for tracking your risks (& mitigation activities). Pls add more rows as required.
How to use "Risk Management Menu" in Risk Response Plan? Risk Response plan menu offers three choices (a) Refresh Response Plan - Execution of this menu option, ensure the Risk Response plan sheet to be revised with severity data and ordering based on the Risk exposure value in assessment sheet. (b) Populate Risk in Cost Benefit Analysis Sheet - Execution of this menu option ensures the population of Risk C-B Analysis sheet with risks that have a cost impact. Mitigation Plan, Owner and Severity are copied for the risk from the Response plan. (c) Baseline Risk Measure for Tracking - Execution of this menu option ensures baselining of Risk exposure value which is used for tracking the risk exposure value trend.
When to do Cost befit analysis for Risks? Risk Cost benefit analysis to be performed for the risk, which involves Procurement of hardware/software/any other infrastructure/other services to be acquired like training that have been identified for the project/program. This menu option "Populate Risk in cost benefit analysis sheet" helps to port these risks which have cost impact to "Risk C-B Analysis" sheet.
What is Risk Tracking Sheet? Risk Tracking worksheet provides facilities to baseline the Risk exposure value, whenever the characterization of risks are changed. This baseline value is used in the Risk chart sheet to view the trend.
How to track the Risks, using Risk Tracking Sheet? (a) When you click on "Baseline" Risk Measure get Populated as on that date. (b) Risk Measures are getting populated based on the selections in Risk Assessment Sheet (c) Baseline date can be changed, however it is not recommended. (d) it is recommended to Baseline, whenever you change the selections in Risk assessment sheet, so that you can view the change in trends.
Page 2 of 15
QTDM-TESTRSK - Risk Assessment Form NO:QTDM-TESTRSK.xls / 2.0 / 15.11.2004 Project ID: No.> Last updated by on
Project: <>
C3: Protected
Controlled Copy
<SCI.ID.> / Ver:
Risk Assessment Date: <>
Client Engagement #
Question
Response
Risk Probability
Risk Impact (value between 0 to 1)
Risk Exposure value
1
Are the business objectives well defined and related to the scope of work?
No
1
0.5
0.50
2
Is the scope of work managed formally (documentation, sign-off etc)?
No
1
0.5
0.50
3
Is the project scope well defined (Both in scope and out of scope)?
No
1
0.5
0.50
4
Is the customer experienced in the offsourcing Testing work?
No
1
0.5
0.50
5
Is the System to be Tested extremely complex?
Yes
1
0.5
0.50
6
Is the client environment conducive / congenial?
Entire environment is hostile
1
0.5
0.50
7
Is the business impact of the application clearly stated / documented?
No
1
0.5
0.50
8
Are the stakeholders / point of contact of customers for applications clearly identified?
No
1
0.5
0.50
Risk Probability
Risk Impact (value between 0 to 1)
Risk Exposure value
1
0.5
0.50
Project & Program Management Question
Response
1
Has a good Knowledge Management System been proposed (or in place)?
No
2
Specify the size of the Project Team
> 40
3
Is there a dependency for project execution on other vendors?
Yes (For almost all aspects)
4
How strong is the skill matrix (demand vs supply)?
5 6
1
0.5
0.50
0.8
0.5
0.40
Weak matrix
1
0.5
0.50
Is the schedule / cost / SLA very aggressive for the project?
Extremely aggressive
1
0.5
0.50
Will there be a substantial change in Business process / policies?
Many
1
0.5
0.50
7
Is the Acceptance criteria clearly documented?
No
1
0.5
0.50
8
Will the resource movement during execution affect the SLAs?
Yes
1
0.5
0.50
Risk Probability
Risk Impact (value between 0 to 1)
Risk Exposure value
Quality & Process Question
Response
1
Rate the team's experience in terms of familiarity of process / technology / domain
New to all
1
0.5
0.50
2
Are the standards(Client / Technology / CTS) that need to be followed defined explicitly?
No
1
0.5
0.50
3
Is the Deliverable clearly defined and documented?
No
1
0.5
0.50
Technology & Architecture
Page 3 of 15
Question
Response
Risk Probability
Risk Impact (value between 0 to 1)
Risk Exposure value
1
0.5
0.50
1
Is the Technology / Architecture of the System to be tested extremely complex?
New to Cognizant & Complex
2
Are the Test data requirements complex?
Need to be prepared by us and approved 1 by client
0.5
0.50
3
Are the non-functional requirements to be tested complex?
New to Cognizant & Complex
1
0.5
0.50
4
Rate the complexity of System Interfaces ( in terms of number and complexity)
Many & Complex
1
0.5
0.50
5
Is the System being tested, will be implemented in multiple locations?
Exactly one
0
0.5
0.00
6
Is performance part of non-functional requirements? If yes, are the environment in which to be tested Yes, quantified Not defined and defined? / quantified (including system 1 load factor)
0.5
0.50
7
Is the system to be tested built on …
0.5
0.50
Proprietary Technology but NO documentation 1 available
Project Specific Risk
#
Risk Perceived
Risk Classification
Risk probability (value between 0 to Risk Impact (value between 0 1) to 1)
Risk Exposure value
1
Others
1.00
0.50
0.50
2
Others
1.00
0.50
0.50
3
Others
1.00
0.50
0.50
4
Others
1.00
0.50
0.50
5
Others
1.00
0.50
0.50
6
Others
1.00
0.50
0.50
7
Others
1.00
0.50
0.50
8
Others
1.00
0.50
0.50
9
Others
1.00
0.50
0.50
10
Others
1.00
0.50
0.50
11
Others
1.00
0.50
0.50
12
Others
1.00
0.50
0.50
13
Others
1.00
0.50
0.50
14
Others
1.00
0.50
0.50
15
Others
1.00
0.50
0.50
16
Others
1.00
0.50
0.50
17
Others
1.00
0.50
0.50
18
Others
1.00
0.50
0.50
19
Others
1.00
0.50
0.50
20
Others
1.00
0.50
0.50
Page 4 of 15
21
Others
1.00
0.50
0.50
22
Others
1.00
0.50
0.50
23
Others
1.00
0.50
0.50
24
Others
1.00
0.50
0.50
25
Others
1.00
0.50
0.50
Analysis of calculated % Risk: Low Risk (0-0.3) Medium Risk(>0.3 and <=0.7) High Risk( >0.7)
0.3 0.7 > 0.7
Page 5 of 15
QTDM-TESTRSK - Risk Response Plan Form NO:QTDM-TESTRSK.xls / 2.0 / 15.11.2004 Project ID: Last updated by
Risk Management Menu
C3: Protected
Controlled Copy
<SCI.ID.> / Ver:
> on
Refresh Response PlanGO
Help
Mitigation Plan Risk Classification
Severity (High, Medium, Low)
Risk Source
Client Engagement
Poorly defined Business Objectives
Medium
Client Engagement
Insufficient details about the contract
Medium
Client Engagement
Creeping User Requirements
Medium
Client Engagement
Insufficient operational experience for the customer
Medium
Client Engagement
Complexity of Application / System
Medium
Client Engagement
Non conducive client environment
Medium
Client Engagement
Lack of knowledge of critical-to-business factors
Medium
Client Engagement
Lack of Application ownership by client personnel
Medium
Project & Program ManagementInsufficient Knowledge management Project & Program ManagementDifficulty in status tracking and co-ordination
Medium
Project & Program ManagementUnrealistic SLAs Project & Program ManagementWeak skill matrix
Medium
Project & Program ManagementAggressive Schedules / Cost / SLAs Project & Program ManagementVolatile client business processes
Medium
Project & Program ManagementAcceptance crideria not clear Project & Program ManagementDependency on Resources
Medium
Action item
Planned closure Actual date closure date
Contingency Plan
Action item
Planned closure date
Risk Follow-up Date on which Actual Actual next Follow-up closure Follow-up follow-up details date Date is required
Medium Medium Medium Medium
Quality & Process
Insufficient Process / Technology / Domain knowledge Medium
Quality & Process
Lack of communication
Medium
Quality & Process
Lack of communication with client
Medium
Technology & Architecture
Complex technology/architecture
Medium
Technology & Architecture
Complex System Interfaces
Medium
Technology & Architecture
Performance as a critical-to-quality factor
Medium
Technology & Architecture
Complex Data requirements
Medium
Technology & Architecture
Complex Non-functional requirements (NFR) Technical Skill level of proprietary system
Medium Medium
Technology & Architecture
Risk Owner
Cost impact in Mitigating the Risk (Yes/No)
Technology & ArchitectureEnvironment dependency between LocationsLow
Risk Severity Distribution Low 3.85% High 0.00%
Medium 96.15%
Page 6 of 15
QTDM-TESTRSK - Risk Response Plan Form NO:QTDM-QTDM-TESTRSK.xls / 2.0 / 15.11.2004 Project ID: Last updated by
C3: Protected
Controlled Copy <SCI.ID.>
> on
Using the Risk Cost benefit Analysis Sheet
Risk Cost benefit analysis Sheet need to be developed for the risk sources that you have identified for the project/progra involves Procureme infrastructure/other services to be acquired like training.This sheet helps the PM do a Cost Benefit analysis on the Mitigation cost and the Ris the projects needs .Pls add more rows / columns as required.
Risk Source
Severity (High, Medium, Low)
Risk Owner Mitigation Plan
Mitigation Cost ()
Page 7 of 15
ame/ Program Name>
ed
Controlled Copy <SCI.ID.> / Ver:
project/progra involves Procurement of hardware/software/any other s on the Mitigation cost and the Risk Cost. This sheet can also be tailored as per
Risk Cost ()
Cost Benefit Analysis
Decision
Page 8 of 15
QTDM-TESTRSK - Assessment Report Form NO:QTDM-TESTRSK.xls / 2.0 / 15.11.2004 Project ID: Last updated by on
C3: Protected
Controlled Copy <SCI.ID.> / Ver:
Using the Risk Tracking Sheet:
This Risk Tracking worksheet provides facilities to baseline the Risk exposure value, whenever the characterisation of risks are changed. This baseline value is used in the Risk chart sheet to view the trend. Click "Baseline" to Baseline Risk Exposure value Use the filter option to select the risks for which you would like to see the trend over the life time of the project
Risk Classification
Source of risk
Select
9/17
Baseline
10/2
10/17
11/1
11/16
Page 9 of 15
Page 10 of 15
12/1
12/16
12/31
1/15
1/30
2/14
3/1
3/16
Page 11 of 15
Page 12 of 15
Risk Exposure Value 1.000 0.950 0.900 0.850 0.800 0.750 0.700 0.650 0.600 0.550 0.500 0.450 0.400 0.350 0.300 0.250 0.200 0.150 0.100 0.050 0.000 9/17
Row 8 Row 19 Row 30
10/2
10/17
Row 9 Row 20 Row 31
11/1
Row 10 Row 21 Row 32
11/16
Row 11 Row 22 Row 33
12/1
Row 12 Row 23
12/16
Row 13 Row 24
12/31
Row 14 Row 25
1/15
Row 15 Row 26
1/30
Row 16 Row 27
2/14
Row 17 Row 28
3/1
3/16
Row 18 Row 29
Page 13 of 15
3/1
3/16
Row 18 Row 29
Page 14 of 15
Change Log Please note that this table needs to be maintained even if a Configuration Management tool is used. Version Number Changes made V1.0 V1.1 Page no Changed by Effective date Changes effected
V1.2
Page no Changed by Effective date Changes effected
Page 15 of 15
Prepared By
Reviewed By
Approved By
Name Role Signature Date Project ID:
<SCI.ID.> / Ver:
Page 1 of 15
How to use the Risk Assessment Sheet? This Risk assessment sheet is divided into 5 sections. (a) Client Engagements (b) Program & Project management. (c) Quality & Process (d) Technology & Architecture (e) Project Specific Risks Each section contains a series of multiple choice questions based on risk sources. Based on the choice you select for each of these questions, the risk probability is assessed and displayed in the "Risk probability" cell. Risk impact needs to be given (between 0 to 1) in the next cell. Any additional risks (maximum 25) can be added under "Project specific risk" section, but, for which the risk probability and impact have to be entered. This Risk assessment sheet gives the Risk Exposure Values for each Risk source based on the response for the Risk questionnaire and the degree of Risk impact given in the worksheet. The risk exposure value can be used for Developing the Risk response Plan.
When to use the Risk Assessment sheet in the Project? It needs to be created when the project is started. It needs to be revisited during project status review or atleast when each of the planned phases is complete. This will help keep track of the changing risk perception in the project.
What is Risk Response Plan ? Risk response plan need to be developed for the risk sources given based the Risk scores (as displayed in the Risk assessment report) for the known Risk sources and any other Risk item/source that you have identified for the project/program. Both Mitigation Plan and Contingency Plan are mandatory for High Severity risks; Atleast one of Mitigation Plan and Contingency Plan is mandatory for Medium severity risks; Both Mitigation Plan and Contingency Plan are optional for Low severity risks. This sheet can also be used for tracking your risks (& mitigation activities). Pls add more rows as required.
How to use "Risk Management Menu" in Risk Response Plan? Risk Response plan menu offers three choices (a) Refresh Response Plan - Execution of this menu option, ensure the Risk Response plan sheet to be revised with severity data and ordering based on the Risk exposure value in assessment sheet. (b) Populate Risk in Cost Benefit Analysis Sheet - Execution of this menu option ensures the population of Risk C-B Analysis sheet with risks that have a cost impact. Mitigation Plan, Owner and Severity are copied for the risk from the Response plan. (c) Baseline Risk Measure for Tracking - Execution of this menu option ensures baselining of Risk exposure value which is used for tracking the risk exposure value trend.
When to do Cost befit analysis for Risks? Risk Cost benefit analysis to be performed for the risk, which involves Procurement of hardware/software/any other infrastructure/other services to be acquired like training that have been identified for the project/program. This menu option "Populate Risk in cost benefit analysis sheet" helps to port these risks which have cost impact to "Risk C-B Analysis" sheet.
What is Risk Tracking Sheet? Risk Tracking worksheet provides facilities to baseline the Risk exposure value, whenever the characterization of risks are changed. This baseline value is used in the Risk chart sheet to view the trend.
How to track the Risks, using Risk Tracking Sheet? (a) When you click on "Baseline" Risk Measure get Populated as on that date. (b) Risk Measures are getting populated based on the selections in Risk Assessment Sheet (c) Baseline date can be changed, however it is not recommended. (d) it is recommended to Baseline, whenever you change the selections in Risk assessment sheet, so that you can view the change in trends.
Page 2 of 15
QTDM-TESTRSK - Risk Assessment
Project: <
C3: Protected
Controlled Copy
<SCI.ID.> / Ver:
Risk Assessment Date: <
Client Engagement #
Question
Response
Risk Probability
Risk Impact (value between 0 to 1)
Risk Exposure value
1
Are the business objectives well defined and related to the scope of work?
No
1
0.5
0.50
2
Is the scope of work managed formally (documentation, sign-off etc)?
No
1
0.5
0.50
3
Is the project scope well defined (Both in scope and out of scope)?
No
1
0.5
0.50
4
Is the customer experienced in the offsourcing Testing work?
No
1
0.5
0.50
5
Is the System to be Tested extremely complex?
Yes
1
0.5
0.50
6
Is the client environment conducive / congenial?
Entire environment is hostile
1
0.5
0.50
7
Is the business impact of the application clearly stated / documented?
No
1
0.5
0.50
8
Are the stakeholders / point of contact of customers for applications clearly identified?
No
1
0.5
0.50
Risk Probability
Risk Impact (value between 0 to 1)
Risk Exposure value
1
0.5
0.50
Project & Program Management Question
Response
1
Has a good Knowledge Management System been proposed (or in place)?
No
2
Specify the size of the Project Team
> 40
3
Is there a dependency for project execution on other vendors?
Yes (For almost all aspects)
4
How strong is the skill matrix (demand vs supply)?
5 6
1
0.5
0.50
0.8
0.5
0.40
Weak matrix
1
0.5
0.50
Is the schedule / cost / SLA very aggressive for the project?
Extremely aggressive
1
0.5
0.50
Will there be a substantial change in Business process / policies?
Many
1
0.5
0.50
7
Is the Acceptance criteria clearly documented?
No
1
0.5
0.50
8
Will the resource movement during execution affect the SLAs?
Yes
1
0.5
0.50
Risk Probability
Risk Impact (value between 0 to 1)
Risk Exposure value
Quality & Process Question
Response
1
Rate the team's experience in terms of familiarity of process / technology / domain
New to all
1
0.5
0.50
2
Are the standards(Client / Technology / CTS) that need to be followed defined explicitly?
No
1
0.5
0.50
3
Is the Deliverable clearly defined and documented?
No
1
0.5
0.50
Technology & Architecture
Page 3 of 15
Question
Response
Risk Probability
Risk Impact (value between 0 to 1)
Risk Exposure value
1
0.5
0.50
1
Is the Technology / Architecture of the System to be tested extremely complex?
New to Cognizant & Complex
2
Are the Test data requirements complex?
Need to be prepared by us and approved 1 by client
0.5
0.50
3
Are the non-functional requirements to be tested complex?
New to Cognizant & Complex
1
0.5
0.50
4
Rate the complexity of System Interfaces ( in terms of number and complexity)
Many & Complex
1
0.5
0.50
5
Is the System being tested, will be implemented in multiple locations?
Exactly one
0
0.5
0.00
6
Is performance part of non-functional requirements? If yes, are the environment in which to be tested Yes, quantified Not defined and defined? / quantified (including system 1 load factor)
0.5
0.50
7
Is the system to be tested built on …
0.5
0.50
Proprietary Technology but NO documentation 1 available
Project Specific Risk
#
Risk Perceived
Risk Classification
Risk probability (value between 0 to Risk Impact (value between 0 1) to 1)
Risk Exposure value
1
Others
1.00
0.50
0.50
2
Others
1.00
0.50
0.50
3
Others
1.00
0.50
0.50
4
Others
1.00
0.50
0.50
5
Others
1.00
0.50
0.50
6
Others
1.00
0.50
0.50
7
Others
1.00
0.50
0.50
8
Others
1.00
0.50
0.50
9
Others
1.00
0.50
0.50
10
Others
1.00
0.50
0.50
11
Others
1.00
0.50
0.50
12
Others
1.00
0.50
0.50
13
Others
1.00
0.50
0.50
14
Others
1.00
0.50
0.50
15
Others
1.00
0.50
0.50
16
Others
1.00
0.50
0.50
17
Others
1.00
0.50
0.50
18
Others
1.00
0.50
0.50
19
Others
1.00
0.50
0.50
20
Others
1.00
0.50
0.50
Page 4 of 15
21
Others
1.00
0.50
0.50
22
Others
1.00
0.50
0.50
23
Others
1.00
0.50
0.50
24
Others
1.00
0.50
0.50
25
Others
1.00
0.50
0.50
Analysis of calculated % Risk: Low Risk (0-0.3) Medium Risk(>0.3 and <=0.7) High Risk( >0.7)
0.3 0.7 > 0.7
Page 5 of 15
QTDM-TESTRSK - Risk Response Plan
Risk Management Menu
C3: Protected
Controlled Copy
<SCI.ID.> / Ver:
> on
Refresh Response PlanGO
Help
Mitigation Plan Risk Classification
Severity (High, Medium, Low)
Risk Source
Client Engagement
Poorly defined Business Objectives
Medium
Client Engagement
Insufficient details about the contract
Medium
Client Engagement
Creeping User Requirements
Medium
Client Engagement
Insufficient operational experience for the customer
Medium
Client Engagement
Complexity of Application / System
Medium
Client Engagement
Non conducive client environment
Medium
Client Engagement
Lack of knowledge of critical-to-business factors
Medium
Client Engagement
Lack of Application ownership by client personnel
Medium
Project & Program ManagementInsufficient Knowledge management Project & Program ManagementDifficulty in status tracking and co-ordination
Medium
Project & Program ManagementUnrealistic SLAs Project & Program ManagementWeak skill matrix
Medium
Project & Program ManagementAggressive Schedules / Cost / SLAs Project & Program ManagementVolatile client business processes
Medium
Project & Program ManagementAcceptance crideria not clear Project & Program ManagementDependency on Resources
Medium
Action item
Planned closure Actual date closure date
Contingency Plan
Action item
Planned closure date
Risk Follow-up Date on which Actual Actual next Follow-up closure Follow-up follow-up details date Date is required
Medium Medium Medium Medium
Quality & Process
Insufficient Process / Technology / Domain knowledge Medium
Quality & Process
Lack of communication
Medium
Quality & Process
Lack of communication with client
Medium
Technology & Architecture
Complex technology/architecture
Medium
Technology & Architecture
Complex System Interfaces
Medium
Technology & Architecture
Performance as a critical-to-quality factor
Medium
Technology & Architecture
Complex Data requirements
Medium
Technology & Architecture
Complex Non-functional requirements (NFR) Technical Skill level of proprietary system
Medium Medium
Technology & Architecture
Risk Owner
Cost impact in Mitigating the Risk (Yes/No)
Technology & ArchitectureEnvironment dependency between LocationsLow
Risk Severity Distribution Low 3.85% High 0.00%
Medium 96.15%
Page 6 of 15
QTDM-TESTRSK - Risk Response Plan
C3: Protected
Controlled Copy <SCI.ID.>
> on
Using the Risk Cost benefit Analysis Sheet
Risk Cost benefit analysis Sheet need to be developed for the risk sources that you have identified for the project/progra involves Procureme infrastructure/other services to be acquired like training.This sheet helps the PM do a Cost Benefit analysis on the Mitigation cost and the Ris the projects needs .Pls add more rows / columns as required.
Risk Source
Severity (High, Medium, Low)
Risk Owner Mitigation Plan
Mitigation Cost (
Page 7 of 15
ame/ Program Name>
ed
Controlled Copy <SCI.ID.> / Ver:
project/progra involves Procurement of hardware/software/any other s on the Mitigation cost and the Risk Cost. This sheet can also be tailored as per
Risk Cost (
Cost Benefit Analysis
Decision
Page 8 of 15
QTDM-TESTRSK - Assessment Report
C3: Protected
Controlled Copy <SCI.ID.> / Ver:
Using the Risk Tracking Sheet:
This Risk Tracking worksheet provides facilities to baseline the Risk exposure value, whenever the characterisation of risks are changed. This baseline value is used in the Risk chart sheet to view the trend. Click "Baseline" to Baseline Risk Exposure value Use the filter option to select the risks for which you would like to see the trend over the life time of the project
Risk Classification
Source of risk
Select
9/17
Baseline
10/2
10/17
11/1
11/16
Page 9 of 15
Page 10 of 15
12/1
12/16
12/31
1/15
1/30
2/14
3/1
3/16
Page 11 of 15
Page 12 of 15
Risk Exposure Value 1.000 0.950 0.900 0.850 0.800 0.750 0.700 0.650 0.600 0.550 0.500 0.450 0.400 0.350 0.300 0.250 0.200 0.150 0.100 0.050 0.000 9/17
Row 8 Row 19 Row 30
10/2
10/17
Row 9 Row 20 Row 31
11/1
Row 10 Row 21 Row 32
11/16
Row 11 Row 22 Row 33
12/1
Row 12 Row 23
12/16
Row 13 Row 24
12/31
Row 14 Row 25
1/15
Row 15 Row 26
1/30
Row 16 Row 27
2/14
Row 17 Row 28
3/1
3/16
Row 18 Row 29
Page 13 of 15
3/1
3/16
Row 18 Row 29
Page 14 of 15
Change Log Please note that this table needs to be maintained even if a Configuration Management tool is used. Version Number Changes made V1.0
V1.2
Page 15 of 15
Related Documents
Testing Risk Document
November 2019 8
Testing Document
May 2020 7
Risk Based Testing
May 2020 7
Testing Document 1
November 2019 11
Risk Controls Testing Matrix A. Administrative
June 2020 2