Testing of an information system should be based on the business risks for the organisation in using that information system. In practice, the test manager often takes the steps to go from risks to test coverage in an intuitive way. In this presentation, the steps to define a testing strategy are made explicit.
The risk assessment requires the involvement of users and managers of the client organisation and of project members like developers, testers, QA personnel and project manager. Discussing risks and testing in the above way proves in practice to be real eye-openers for all parties concerned. This also enables negotiating about testing depth by letting the customer choose what should be tested how thoroughly.
The stepwise defining of the test strategy can be used for any test and also for an overall strategy, including even inspections.