10 Things Testers Wish CIOs & CTOs Knew About Testing: The Goal of Testing is Risk Mitigation, Not Perfect Software

Posted Nov 9th, 2021

In my 18 years of working in quality engineering and the testing community, I’ve developed some best practices to help organizations create and manage their overall test strategies. This is the second in a 10-week series on what testers wish their CIOs and CTOs knew about testing. Each week, I’ll share my experience to help educate tech leaders on key priorities their testing teams need them to understand. This week, we discuss the difference between perfect software and risk mitigation.

In a perfect world, our dev teams would write flawless code and never make a single mistake (though I suppose I might be out of a job then.) The truth of the matter is software never is perfect. Mistakes, like Thanos, are inevitable. Moreover, testers shouldn’t be attempting to make the software perfect, just mitigate risk by protecting revenue and the customer experience.

When we consider the overall customer experience this becomes easier to understand. A tester shouldn’t spend all of their time just searching for defects. A typographical error might be unpleasant, but it’s certainly not as important as a security flaw. You need a risk-based approach toward protecting the brand that covers the most important parts of the software.

Here’s more on what you should test and how to prioritize the customer experience above all else.


Look for part 3 next week, where I’ll cover the human element of testing.


Written by

Marcus Merrell