Because I am a dumb army guy I do it the army way. I first attempt to eliminate as much risk as possible with end to end test automation and process documentation. Then I look at what’s left versus what I want to achieve. I separate the high risk efforts into separate calls for action. High risk is the result of severity versus frequency. Normally the highest risk things are large refactors which are helped by interface types and test automation.
As a former corporate JS guy nobody does risk analysis in the real world. Most people, have no idea what it is. The answer to everything is: frameworks. When you attempt to suggest some amount of common sense it is met with some combination of confusion and ridicule. I am no longer a corporate JS guy.
I came from the world of medical device and helped design a software system for creating and generating risk management files for products. I wrote an article on the subject a few years ago:
Because I am a dumb army guy I do it the army way. I first attempt to eliminate as much risk as possible with end to end test automation and process documentation. Then I look at what’s left versus what I want to achieve. I separate the high risk efforts into separate calls for action. High risk is the result of severity versus frequency. Normally the highest risk things are large refactors which are helped by interface types and test automation.
As a former corporate JS guy nobody does risk analysis in the real world. Most people, have no idea what it is. The answer to everything is: frameworks. When you attempt to suggest some amount of common sense it is met with some combination of confusion and ridicule. I am no longer a corporate JS guy.