Does it make sense to give signoff authority to testers? Should a test team
- Just test features, issues, etc, and simply report on a pass/fail basis, leaving it up to others to act on those results, or
- Have authority to hold up releases themselves based on those results?
In other words, should testers be required to actually sign off on releases? The testing team I’m working with feels that they do, and we’re having an issue with this because of “testing scope creep” — the refusal to approve releases is sometimes based on issues explicitly not addressed by the release in question.
4
Most places I have worked the QA people do have some sort of sign-off step, but do not have final authority on if the release proceeds or not. Their sign-off represents that they completed the testing expected by the release plan, not that the release is flawless.
Ultimately QA != the business and the business needs to decide if they are OK with deploying the code in the current state or if the benefit outweighs the downside or whatever. This is often done by clients or stakeholders immediately prior to deploy and is often called User Acceptance.
If your QA is also your User Acceptance group then there is the potential that they do have the authority to define your release candidate as unacceptable, but if you are getting this over issues that are out of scope to the bugfix/iteration/sprint/change request/whatever you bucket your time in, then the Project Manager or the business line stakeholders needs to have a come to Jesus meeting with the QA team.
It is fine to report on preexisting defects or unintended outcomes of new requirements, but if it is out of scope and non-disastrous it is generally not acceptable to label it as a blocking issue. It goes in the backlog for the product owner to prioritize like everything else.
6
Someobody needs that authority. Whether it is a tester, the team of testers, the leader of the team of testers, or the leader of the development organization is somewhat irrelevant. Or perhaps more accurately, it depends on the organization.
Ultimately, the choice to release software is a business function. The business has to decide whether the quality is appropriate. Arguably, the director of quality assurance should make that decision, or feed that decision to the appropriate business unit. That all depends on the size of the company, the relative importance of quality, etc.
All that being said, the information used to make the decision starts with the tester. Whether they have the power to stop a release or not, they should feel the responsibility to inform the decision makers when they see something that they think should cause a delay in the release.
Giving sign-off authority (i.e. a veto right) for releases to testers makes as much sense as giving that right to developers: none at all.
Testers and developers are primarily technical people, so they are likely to make their decisions mostly technical grounds.
But, the concerns that need to be weighed when making a release are both technical and business concerns. Obviously, the customer won’t be happy if you deliver a bug-ridden product, but the customer will be equally unhappy if you keep postponing a release because there are still open issues on the product.
Someone needs to find the right balance between a good product and keeping to the schedule that was promised to the customer. To do that, you should not be involved in the project in a purely technical role, but rather in a more business/management oriented role like project manager or product owner and take your input from the testers and the developers.
2
The decision to ‘release’ or ‘not to release’ is at the end of the day a business decision, where a rigorous risk/reward analysis needs to be performed.
It is insane for any organization to ask the test team to take on this responsibility or for the test team to agree to this responsibility.
The role of the test team is to provide an analysis of the quality of the software, its readiness to be released, and any risks identified as an input to the business decision to release or not to release.
As others have noted, _somebody_ (and I believe it is an individual) does need the authority to make the ‘release’ or ‘not to release’ decision. That same person can have delegated that decision under specific conditions (i.e. no P1 or P2 Bugs)
I’ve worked with the same situation of testers over-reaching and inventing ever more creative ways of breaking a system which, when risk assessed, are incredibly unlikely to ever happen in production.
While I understand and commend the test team for not wanting to send out imperfect release, it does require strong product ownership to define what is an “acceptable risk”.
In my experience, the test team should be given a veto on releasing software but this veto should be overridable by the product owner but only after discussion with the lead testers.
Software will never be perfect, if you’re suffering from test creep then you’ll never get anything released until there’s a major production issue (which won’t be tested correctly) and rushed out.
5