Tuesday, November 18, 2014

Who "owns" the defects?

Today has been an interesting day at work, where we've explored a couple of questions on "ownership" on our project.

We talk a lot about ownership, but sometimes I get a little tingle in my brain that makes me wonder if we're all using the same definition.  It's very easy for a term to be used so much that different people end up feeling that the word means different things to them, and sometimes I have to admit, I'm the one who's getting it wrong!

It wasn't the first time, and it won't be the last that that I've gone into a dictionary sanity check my definitions.  This is something I encourage everyone to do once in a while!

This was a little tricky as we were talking about ownership in the context of processes initially.  It helped looking through several definitions, and not just choosing the definition you personally prefer, to make sure there's a consensus.  I found the Wikipedia one was the best to talk around,

The process owner is responsible for designing the processes necessary to achieve the objectives of the business plans that are created by the Business Leaders. The process owner is responsible for the creation, update and approval of documents to support the process.

I'm currently overhauling our defect management process on a project trying to keep a balance of (a) reflecting the reality of what we do, and (b) to keep it as simple and straightforward as possible, whilst also giving it a level of flexibility it might need when issues don't fit comfortably.

The question came out "who owns the defect management process?".  I don't just write the process and then go "that's that", and I don't really want to be the "defect management police" either.  The process needs approvals from both the customer, and superiors within my company, but with the definition, "approval" does not equal "ownership".  If the defect management process isn't working, if it fundamentally breaks down or needs nips and tucks, the person who needs to revisit it and work with parties suggesting alternatives isn't the approvers, it's me.  And hence we all agreed that any reference to "the owner of the defect management process" refers to me.

Then came the second question, "who owns the defects?".  In my many years of software testing, I've never heard the question phrased like that, and particularly with the prior discussion defining ownership, I found myself faced with a question which although seemed initially simple, I felt philosophically deserved some exploration.

My first emotional reaction was, who owns the defects - the test manager.  Oops ... the test manager is responsible for the process used to report and even track bugs, fair enough.  But are they responsible for "achieving the objectives" regarding defect resolution?  I've almost put my foot in a common trap, that "testers are responsible for the bugs they find".  Or in other words "you found them ... it's your fault ... why aren't they fixed".  Oh dear.

My second thought sounded a bit too much like agile dogma, who owns the defects - the whole team.  I like this one a lot.  The whole team, from developers to testers are responsible for finding defects, and prioritising work so that the key important defects are fixed before any release to production.  Certainly the whole team in that sense are responsible for working together to achieve the objectives.

Even so there are holes in that idea - in my definition there I talk about "key important defects".  But who decides which ones are key?  As test professionals we can use our experience to suggest which ones we think are more important than others.

But this is bordering on a key mistake many testers can make.  Notice the important use of the word "suggest" there.  We may like to think we make decisions about when a piece of software can go live, and I have read some test exit reports which have said so.

However in truth, all we can do is recommend.  In the end the defects we have represent risks, and we don't wear the risks when we walk away from the project.  This leads me to my third answer, who owns the defects - the customer.  The customer is paying for the software you're delivering, and the defects are part of that system.  Hence it could be said if they are owners of the software, they're also owners of the defects within.  And hence as they own the risk, they should get an important say in the level of the risk they're prepared for - as long as we as testers have done our best to inform them what that risk may look like.  There may be delivery or schedule deadlines which means it's better to release something now and update later if really required (especially if you want to be first to market).  Likewise there might be a desire to "just get everything right first time", even if it means delays.

In the end I've answered the question with three answers.  But it's a good question to explore, particularly with our relationships within the team and customer relationship with respect to defects.  They're commonly associated with us as testers, but they impact the whole team in different respects,

  • As testers we're responsible for finding and reporting defects
  • As a whole team we use our experience to prioritise defect issues from our experience, but should seek customer involvement in this.  As much as possible encouraging them to participate and have a voice in this
  • As a whole team we're responsible for using our time and resources to investigate address and retest the most important of these
  • The customer is ultimately the boss, but we have a responsibility to advise, whilst understanding that ultimately it's not our decision to make


  1. You Made some interesting points and it is a question we discussed a few times. I tend to go with the test-team answer. Who, in your opinion, owns the test cases and how Do you Deal with customers changing defects of test cases?

  2. In the past I've found that in more traditional development organisations that the test team owning and managing defects has definitely been the case. Not only for raising them, but ensuring that they get traction in the development teams I've worked with, and tracking them through to release to production.

    Often the challenge here was to convince the developers that a bug was worthwhile fixing, that it needed prioritising over new development. Then there was the usual difficulty in trying to manage defects through teams where blame cultures had developed...always a toxic and nerve bending situation.

    Thankfully, I don't work in that kind of environment any longer. So, you might call this the usual Agile 'dogma' but the whole team owning both defect management, fixing and release is not an unreasonable proposition. Sure, it should be done with tenacity, diplomacy and tact. Also, there should probably be a core group that triage bugs, especially in large development organisations. Someone has to be the champion for the customer as you quite rightly say, for without that we lose focus on what is important, rather than tester/developer ego...something that needs challenging in all quarters.

  3. Goldclub Slot The site is open for gambling with stability and fun.

    Royal1688 Betting on online casino games nowadays is the easiest way to gamble with us because we are willing to make every bet possible. The gambler will find and experience the service is a novelty and choose to join us easily is a channel with a system of services designed to. The full range of gamblers' choices is a great way to make the most of your fun and secure financial services and open systems. Long live the gambler's favorite gambler, we guarantee that you will be happy and successful with the selection. I have come to bet on all kinds of casino games and choose to gamble on all types of gambling games, whether it is a real casino bet, we are ready to make every gamble possible. The best service is friendly with a team of experienced gamblers assure every time they come to bet with online casinos. Goldclub Slot