Tuesday, December 06, 2016

Ten Ways to Build Your Software Testing Skills

As a software testing and QA consultant over the past 27 years, I have worked with hundreds of organizations and tens of thousands of testers. Over that time, I have observed two types of people – those that see software testing as a job and those that see software testing as a career.

Those that see testing as a career typically advance in their jobs and have a higher level of self-esteem. Those that see testing as only as a job, often get bored and complain about the lack of opportunities. The “job only” perspective also indicates that someone is only in the testing role for a limited time. Therefore, there is little incentive to invest in personal improvement.

Of course, not everyone is cut out for software testing. The role can be frustrating at times, especially when the tester is blamed for the defects they report. I jokingly say that software testing conferences are like mass group therapy for software testers and test managers. It is interesting to see the realization of people when they see that they are not the only ones with unrealistic project managers, difficult end-users, technologies that are difficult to test, and oh, that automation stuff looks so easy but it can be so difficult to implement.

I know that I am around professional testers when vigorous (not vicious) debate breaks out over seemingly minor differences in test philosophies, approaches and techniques. It shows that people have thought a lot about the ideas they are defending or opposing.

If you see software testing as a profession instead of a job, then it’s up to you to grow. The greatest mistake you can make is to stop learning and growing. For those that see software testing and QA (yes, there is a difference) as a professional career choice, here are some ways to grow your career.

1. Set growth goals for the coming year. These don’t have to be huge goals, but without these goals it’s easy to lose focus. Goals also paint the target. You know when you have hit them. Here are some examples:

Learn how to apply a test technique that is unfamiliar to you
Develop a specialty area of security testing
Learn how to use a particular test tool
Read three books about testing or some related (or even unrelated) topic
Obtain a certification in testing or a related field
Speak at a conference
Write an article

2. Read one or more books on software testing or related topics. It is amazing to me how few people read books that relate to the testing and software development professions. You have more choices than ever before with hundreds of testing books on the market. Perhaps the greater challenge is to find the books that are worthy of your time. By the way, some of the best books are also the oldest books that are available for $5 - $10 from online used booksellers such as www.abebooks.com. Two of my top recommendations are “The Art of Software Testing, 1st Ed.” By Glenford Myers and “Software Testing Techniques, 2nd Ed.” by Boris Beizer. These are foundational books in software testing, written over 30 years. However, don’t dismiss them due to age. These books are good for any tester to read. The Beizer book has a technical focus that would serve any tester well in today’s world of testing.

3. Take a training course that aligns with your goals. Even an online course is an easy reach in terms of time and cost. It is amazing what a little training can do. While good training typically will cost money, there are free and inexpensive online courses available. I have over twenty-three e-Learning courses at www.mysofwaretesting.com.

4. Create content. If you really want to learn and grow, then develop a small course, write a major article or start a blog. This not only stretches your abilities, but provides exposure as well. I never thought back in 1989 when I wrote my first testing course (unit testing) that one day I would be able to say I’ve personally written over 70 courses! I never thought I would write two books (and working on five others). And… I’m not saying that is where you will arrive. But the thing I can say is that I learn ten times more creating a class than attending a class. As the saying goes, “The best way to learn is to teach.”

5. Find a coach or mentor. Then, meet with them often enough to glean their wisdom. I know it’s hard sometimes to find the right person to mentor you, but they are out there. Look for people with lots of experience in what you want to do. Ask questions and listen. The trick on this one is that you must take the initiative to seek out the mentoring relationship.

6. Coach or mentor someone yourself. This is where you get to repay your coach or mentor. You learn by listening to the person you are mentoring. I have mentored many people and I learn by dealing with the tough questions they bring me. Admittedly, some people are difficult and are not worthy of your time. However, I have found it to be rare that a mentoring relationship has not been beneficial, both to me, and the person I am mentoring.

7. Test something totally different than you have ever tested before. Yes, this is on your own time and at your own effort, but you can learn a lot and come away with a new marketable skill. Interested in mobile testing? Find a mobile app you find interesting and challenging and test it. A way to make this profitable is to become a crowd tester. I can recommend www.mycrowd.com as a place to learn more about getting started as a crowdtester.

8. Read or watch something totally unrelated to software testing and find lessons in it for testing. Once you start looking for analogies of testing, they are everywhere. One of my favorite TV shows for testing lessons is Mythbusters, but I have also learned from Kitchen Nightmares, Hotel Impossible, Undercover Boss and many others. Novels such as Jurassic Park have some great testing lessons in them. Take notes, then write about what you learn.

9. Speak at a conference. The trends are in your favor. Smaller conferences are becoming more popular, as is finding speakers who are not well-known names in the field. Get a great topic, a case study and develop it into a conference presentation. No takers on your idea? Fine. Create a YouTube video and you will have more views in a few weeks than you would have at a physical conference! The skill you develop in speaking is that of oral communication - a skill that can really propel your success in any field.

10. Contribute to forum discussions. I’m not talking about short, one-sentence responses, but respectful, well-reasoned responses to people’s questions and/or opinions. LinkedIn groups are a great place to start. The growth comes in the articulation and sharing of your feedback and ideas. Especially on LinkedIn, group contributors gain a stronger profile and presence.

You will notice that most of the items I list are active in nature. You grow by doing.

Consider the idea that each of the above actions might have a 5% or more increase in your value to your team, your career or to your company. The combined effect of doing all of these would be phenomenal. The combined effect is not an addition function, but a multiplier function. Doing all ten items would not be a 50% value addition, but more like a 200% or more addition of value to your career and to your role in your company. I can attest to this in my own career.

This is important because in today’s marketplace, you are paid for the value you bring to a project. Low-value activities are often the first to go when companies decide to cut-back. The same holds true for people. The people that are more likely to be retained are those that add value to a project and to a company.

It’s better to build skills today for tomorrow than to realize one day you need skills that will take time to acquire and build.

Friday, November 04, 2016

Online Study Group Forming for the ISTQB Advanced Security Tester Certification

I am forming an online virtual study group for people who wish to prepare for and take the new ISTQB Advanced Security Tester Certification. The exam has been in place since March of 2016, but the missing piece has been training courses.

I am working hard to finish my course in both live and e-learning formats. My plan is to have a beta version of the e-Learning course available in mid-November. This beta version will not be accredited because that process takes several weeks. However, the official release version will be accredited.

I know there are people that would like to start studying for this certification now. For that reason, I am forming this online virtual study group that also includes access to the e-Learning content as it is completed.

The cost of the exam ($200) is not included in the price of the course.

Also, please note there are two pre-requisites to sit for the exam:

1. You must hold the CTFL or equivalent
2. You must have 3 or greater years experience in software testing or a related field.

Security testing experience is not required.

Here’s How it Works:

We will meet weekly for one hour in a web meeting format. I will lead the meeting, but the purpose is to answer your questions and provide additional insights to the topics. We will cover sample exam questions. The exact day and time of the meetings may vary, but my plan is to hold the meetings on Wednesday around noon, Central time. There may be times when I either must reschedule or have a fill-in facilitator.

There are 11 sessions, including the kick-off session. Tentative start date is Thursday, Nov. 17th, with a goal end date of January 25th. That may sound like a long time, but with e-Learning courses, most people take several months to complete the advanced courses.

If you can’t attend a meeting, that’s fine. We will record each meeting so you will be able to watch and listen later if you like. You can also send me your questions and feedback by e-mail and I will be happy to respond. You also have phone access to me to ask questions.

If you join after the official start date, that’s fine too. Each chapter of the syllabus stands on its own. While it is optimal to start at Chapter 1, you can either catch-up with the recorded modules, or “wrap around” in the next study group (provided there is enough interest in a second group.)

You will have access to all the e-Learning content I have produced to date. This includes narrated slide shows, course notes, exercises and solutions, as well as the ISTQB sample exam questions.

As I continue to add new content, you will have first access to it. However, I expect that all the content will be in place by the second week of the study group.

Each week, we will focus on a chapter in the syllabus. In two chapters, there will be two weeks each, due to the amount of materials. The time required to view the pre-recorded lessons will be about 2 hours per week. The exercises will require another 1.5 to 2 hours.

You will have access to other attendees to get their thoughts as well. The group and course are housed in my e-Learning Management System with forums so you can freely post ideas and questions.

You will get personal attention and mentoring from me. I expect this group will be 12 – 15 people or fewer people in size.

After the group ends, you still have access to the e-Learning course. This is helpful for review before you sit for the exam.

You have direct access to the person who chaired the development of the syllabus. I can provide context and input that is not in the syllabus or the course. And I can answer your “why” questions.

At any time you feel the group is too much for you to handle time-wise, you always have the option to continue on your own through the e-Learning modules. You still have access to me to ask any questions. In fact, you can still attend the weekly sessions. However, without doing with weekly preparation, you may feel a little disconnected.

Financial Details

The price for the full 11-week study group is $795. The cost of the exam ($200) is not included in the price of the study group.

Payment is in advance and can be made by major credit cards (Visa, MasterCard, Amex and Discover). We also accept PayPal and company checks.

How to Get Started
br /> You can register and pay at https://www.mysoftwaretesting.com/ISTQB_Advanced_Security_Tester_Study_Group_p/advsecgrp.htm

Access instructions will be sent in advance of the first session.

le="font-family: "arial" , "helvetica" , sans-serif;">Questions?

Just contact me here
Tentative Schedule and Topics

1. Thursday, Nov. 17, 12:00 p.m. - 1:00 CST - Kick-off
2. Wednesday, Nov. 23, 12:00 p.m. - 1:00 CST - Review and Discussion of Module 1 (Basis of Security Testing)
3. Thursday, Dec 1, 12:00 p.m. - 1:00 CST - Review and Discussion of Module 2 (Security Testing Purposes, Goals and Strategies)
4. Thursday, Dec 8, 12:00 p.m. - 1:00 CST - Review and Discussion of Module 3 (Security Testing Processes)
5. Thursday, Dec 15, 12:00 p.m. - 1:00 CST - Review and Discussion of Module 4 (Security Testing Through the Lifecycle, Part 1)
6. Thursday, Dec 22, 12:00 p.m. - 1:00 CST - Review and Discussion of Module 4 (Security Testing Through the Lifecycle, Part 2)
7. Thursday, Dec 29, 12:00 p.m. - 1:00 CST - Review and Discussion of Module 5 (Testing Security Mechanisms, Part 1)
8. Wednesday, Jan 4, 12:00 p.m. - 1:00 CST - Review and Discussion of Module 5 (Testing Security Mechanisms, Part 2)
9. Thursday, Jan 12, 12:00 p.m. - 1:00 CST - Review and Discussion of Module 6 (Human Factors in Security Testing)
10. Thursday, Jan 19, 12:00 p.m. - 1:00 CST - Review and Discussion of Modules 7 and 8 (Security Test Reporting, Security Test Tools)
11. Thursday, Dec 26, 12:00 p.m. - 1:00 CST - Review and Discussion of Module 9 (Standards and Industry Trends), Summary and Final Exam Tips

Thursday, November 03, 2016

ISTQB Advanced Security Tester Course Coming Soon!

A question I am asked often by people interested in the new ISTQB Advanced Security Tester certification is "When will courses be ready?"

I am excited to announce my course will be available soon in beta format - both live in-house and e-learning formats. I do not have an exact date at this time for the beta release, but I am looking at mid-November.

Since this is a beta version, the course will not be accredited initially. The plans are to have accreditation by the end of 2016. However, as chair of the ISTQB Advanced Security Tester Syllabus working party, I think I have a pretty good grip on the material.

The live course is 4 days in length and is a 50/50 mix of presentation and exercises. The e-learning course has the same content and exercises as the live course.

Here is the link to the course description: http://www.riceconsulting.com/home/index.php/Security-Testing/istqb-advanced-security-tester-course.html

If you are interested in the course or have any questions, either as an individual or as a company, please contact me through the contact form on my website: http://www.riceconsulting.com/home/index.php/component/com_formmaker/Itemid,453/id,1/view,formmaker/

I am taking course bookings for December and forward into 2017. I expect this to be a popular course, so act early to get your spot on my calendar. I will be the main instructor for the course.

Thursday, September 01, 2016

Happy Labor Day and The Software Quality Perspective

I hope you are having a great week. Me? I'm looking forward to a weekend Labor Day holiday with family and friends. To kick it off, I'm getting a cavity filled tomorrow!

For those of us in the USA, the Labor Day holiday is to commemorate the contributions of working people and labor unions. Since I have worked in IT most of my working years, I have never belonged to a union, so I'll just speak briefly here to the work ethic in software quality. However, I think much of this could apply to other fields as well.

Like you, perhaps, I have been on projects that required extreme effort and commitment to complete. Even then, some of the projects failed.

Over my 25+ years in software testing consulting, I have heard people complain about how difficult some tasks can become. My reply is something along the lines of, "Yes, that why we call it work."

I have also worked for managers that were totally clueless when it came to how to treat people. These managers expected 100% availability, no allowance for sickness or family emergencies, provided no training or encouragement to the team, and generally created a work environment that was de-motivating in nature. That is the dark side of work, in my opinion.

If I had to capsulize what a person should bring to a project, they would include:
  • Motivation - Passion for the job
  • Skills - Knowing how to do the job, and continuously learning new skills
  • Creativity - Being able to do things differently and better
  • Problem solving - So that the team lead doesn't have to do everything
  • Integrity - Doing the right thing when no one is looking
  • Caring - For the quality of work performed, and for the welfare of others
  • Vision - To see the big picture of what they are doing
  • Calling - To know why they are doing what they are doing
  • Respect - For others, for other people's ideas, for leaders

You might have other things that would fit well on the list. By the way, my two favorite books on this topic are "Peopleware" by DeMarco and Lister, and "The Mythical Man-Month" by Fred Brooks.

So, relax this weekend and enjoy the fruit of your labor. Ironically, some people will not be able to do that. They will be working. This normally includes law enforcement, military, medical professionals, broadcasters, and people working tech support, food service and retail. I salute those fine people and wish them safety in what they do.

Thursday, August 11, 2016

Recording and Slides From Today's Webinar on Decision Tables

Thanks to everyone that attended today's webinar on decision tables. For those that could not get in
due to capacity limits, I apologize.

However, here are the slides:

And here is the recording:

I am happy to answer any questions by e-mail, phone or Skype. If you want to arrange a session, my contact info is on the final slide.

Thanks again,


Wednesday, July 06, 2016

Lessons Learned in Test Automation Through Sudoku

For many years, I have recommended Sudoku as a mind training game for testers. I think Sudoku requires some of the same thinking skills that testers need, such as the ability to eliminate invalid possibilities, deduce correct answers and so forth.

Much like an application that may lack documentation, Sudoku only gives you a partial solution and you have to fill in the rest. Unlike software, however, guessing actually prevents you from solving the puzzle - mainly because you don't see the impact of an incorrect guess until it is too late to change it.

My friend, Frank Rowland, developed an Excel spreadsheet some time ago, that he used to help solve Sudoku puzzles by adding macros to identify cells that had only one possible correct value. At the time, I thought that was pretty cool. Of course, you still had to enter one value at a time manually. But I thought it was a good example of using a degree of automation to solve a problem.

Fast forward to last week. I was having lunch with Frank and he whips out his notebook PC and shows me the newest version of the spreadsheet. After listening to a math lecture from The Great Courses, he learned some new approaches for solving Sudoku.

Armed with this new information, Frank was successful in practically automating the solution of a Sudoku puzzle. I say "practically" because at times, some human intervention is required.

Now, I think the spreadsheet is very cool and I think that the approach used to solve the puzzle can also be applied to test automation. The twist is that the automation is not pre-determined as far as the numeric values are concerned. The numbers are derived totally dynamically.

Contrast this with traditional test automation. In the traditional approach to test automation (even keyword-driven), you would be able to place numbers in the cells, but only in a repeatable way - not a dynamic way.

In Franks's approach, the actions are determined based on the previous actions and outcomes. For example, when a block of nine cells are filled, that drives the possible values in related cells. The macros in this case know how to deduce the other possibilities and also can eliminate the invalid possibilities. In this case of "Man vs. Machine", the machine wins big time.

I don't have all the answers and I know that work has been done by others to create this type of dynamic test automation. I just want to present the example and would love to hear your experiences in similar efforts.

I think the traditional view of test automation is limited and fragile. It has helped in establishing repeatable tests for some applications, but the problem is that most applications are too dynamic. This causes the automation to fail. At that point, people often get frustrated and give up.

I've been working with test automation since 1989, so I have seen a lot of ideas come down the pike. I really like the possibilities of test automation with AI.

I hope to get a video posted soon to show more about how this works. Once again, I would also love to hear your feedback.  

Friday, July 01, 2016

ASTQB Mobile Tester Certification - Live Virtual Classes in August and September, 2016

According to a very recent survey published by Techwell, only 25% of respondents felt they had the knowledge/skills and tools needed for testing mobile applications!

That needs to change and I have just the way to do it.

I am launching a new schedule of live virtual training courses for this new certification from the ASTQB, starting August 9 – 11. 

I have been holding off offering this course as a live virtual course until I was 100% positive you would feel fully engaged while taking the course. I have developed a technique that I feel will keep you engaged in the material and prepare you for the exam. (By the way, the exam is not included in the cost of this course but you can add the $150 exam to your registration.)

Also, let me encourage you to keep building new skills in testing. Mobile testing is a great specialty area and it is also a great skill set to have in your career. The time to learn mobile testing is NOW. Don't wait until your employer is looking to build that special team...or (and I hope this never happens in bad way, but...) if you are looking for employment.

I will be the instructor for all presentations of this course. I am a co-author of the ASTQB Mobile Tester syllabus and author of this course. This course is fully accredited by the ASTQB. And...I have been teaching mobile testing since 2001!  You get personal access to me throughout the course and after the course to ask any questions.

This course covers all aspects of mobile testing. More about the live virtual classes can be found here:

and the course brochure is here:

In the most recent ASTQB newsletter that was published on Tuesday, I have an offer of 15% off any ASTQB Mobile Testing course – live or e-learning. Just use promo code “MOBILE15” when paying for your registration. This offer is only good through August 15. For more details on this course or to register, please visit http://www.riceconsulting.com/home/index.php/Mobile-Testing/astqb-certified-mobile-tester-live-virtual-course.html

If you want to learn more about the ASTQB Mobile Tester certification, just go to:

I hope to see you there!


Friday, May 06, 2016

ISTQB Advanced Level Security Tester Certification Officially Available!

I am very excited to announce that the ISTQB Advanced Security Tester certification is officially available. I am the chair of the effort to write the syllabus for this certification. It took us over 5 years to complete this project. We had input from security testers worldwide.

The syllabus is not yet posted on the ASTQB web site, but it will be available there very soon. It will take training providers such as myself a while to create courses and get them accredited, but they will also be out in the marketplace in the coming weeks and months.

Cybersecurity is a very important concern for every person and organization. However, only a small percentage of companies perform continuous security testing to make sure security measures are working as designed. This certification prepares people to work at an advanced level in cybersecurity as security testers. This is a great specialty area for testers looking to branch out into a new field - or to show their knowledge as security testers.

Below is a diagram showing the topics in the certification (click to enlarge):

Thursday, February 25, 2016

Coming to Dallas/Ft. Worth - Testing Mobile Applications - ASTQB Certification Course - April 19 - 20, 2016

I hope you can join me for this special course presentation for the new Certified Mobile Tester (CMT) designation from the American Software Testing Qualifications Board.

We will be in the DFW area (Irving, TX) on the dates of Tuesday, April 19 and Wednesday, April 20 at the Holiday Inn Express - 4235 West Airport Freeway, Irving, TX 75062

Seating is limited, so I recommend registering as soon as possible to get your place. (This class size is limited to 15 people.)

To register: https://www.mysoftwaretesting.com/ProductDetails.asp?ProductCode=CMTDFW

About the Course and Certification

In the fall of 2015, the ASTQB (of which I am on the board of directors) felt there was a compelling need for testers to have a robust and meaningful certification focused on testing mobile applications. So, we set about writing a syllabus and exam for that certification. I was honored to contribute as a co-author of the syllabus. At the present, this is a certification only offered by the ASTQB.

To learn more about the certification, see the syllabus and sample exam, just go to:

To see the course outline, go to:

There are no pre-requisites for this certification! While we reference concepts from the ISTQB Foundation Level, everything you need to know is taught in this course.

We have exercises to reinforce key concepts and sample exams after each module to give you a taste of what to expect on the actual exam. You can also bring your own mobile device as a way to perform the exercises, although this is not required.

Costs and Logistics

Cost: $1,500 USD per person, plus exam ($150).

You can attend the course without taking the exam. However, we will be offering a live exam at the end of the 2nd day.

There will also be the option to take the exam later electronically, if you desire. However, we need to know your preference 2 weeks in advance.

This class will be streamed live, so if you want to attend virtually, that is possible. There is a $100 discount for virtual attendees. Virtual attendees in the USA will receive a course notebook in advance of the training and will also have access to the e-learning course at no extra cost.

For teams of 3 or more, there is a 10% discount of the course registration fee. The exams are not discounted.

We will not have breakfast items, however, we will have a light lunch (pizza, sandwiches, etc.) brought in each day. Please let us know if you have any dietary needs or requests.

Important Notice for Those Who Plan to Travel to DFW to Attend

Please do not book any non-refundable travel (air fare, hotel, etc.) until we confirm the class. We make every attempt to not cancel a class, but sometimes this is unavoidable. We make the call about 2 - 3 weeks in advance of the class, or earlier, if possible.

We located this class to be close to the DFW airport for the convenience of those who may be traveling in for the class. The hotel runs a free airport shuttle.

You are responsible for making your own hotel reservations.

If you plan to take the exam on Day 2, the exam will take place from 3:30 p.m. to 4:30 p.m.  Please allow adequate time to catch your flight. The hotel is 6.4 miles from the DFW airport.

Other Questions?

Feel free to call our office with any questions or special needs - 405-691-8075.

Monday, January 25, 2016

Survey Results for the Tester to Developer Ratio - January 2016

For the past month, I have been collecting surveys to see which tester to developer ratios are in use in various organizations. In addition, I asked some other questions about management attitudes toward dealing with testing workloads. I'll publish those results a little later.

This was a small survey of 22 companies worldwide, 19 of which were able to provide accurate information about their tester to developer ratio.

This survey is part of ongoing research I have been conducting since 2000.

Thanks to everyone who has contributed to date.

Before I get into the findings, I want to refer to two articles I have written on this topic. These articles explain why I feel that the data show there is no single ratio that works better than others. Getting the right workload balance is a matter of tuning processes and scope, which includes optimizing testing to get the most efficiency with the resources you have.

You can read these articles at:

The recent findings are:
  • The range of ratios are much tighter. The range was 1 tester to 1 developer on the richer end of the scale, to 1 tester to 7 developers on the leaner end. I feel that some of this is due to the small sample size.
  • The majority of responses (16) indicated just three ratios: 1 tester to 1 developer on the low side to 1 tester to 3 developers on the high side.
  • The most common ratio was 1 tester to 2 developers
  • The average was also 1 tester to 2 developers 
  • People reported poor, workable and good test effectiveness at all ratios. The variation was wide. There were no noticeable indications that a particular ratio of testers to developers worked any better than another, simply due to the ratio.

This survey showed much richer ratios than any other survey I’ve taken. This could be due to the impact of agile methods. Most of these companies (13) reported they do not anticipate hiring more testers in 2016. I plan to continue this survey to get a more significant sample size.

If you have not contributed to this survey yet, you can still add your responses at:

All responses are anonymous.