There are two key things in defects of the software testing. They are:
1) Severity
2) Priority
What is the difference between Severity and Priority?
1) Severity:
It is the extent to which the defect can affect the software. In other words it defines the impact that a given defect has on the system. For example: If an application or web page crashes when a remote link is clicked, in this case clicking the remote link by an user is rare but the impact of application crashing is severe. So the severity is high but priority is low.
Severity can be of following types:
- Critical: The defect that results in the termination of the complete system or one or more component of the system and causes extensive corruption of the data. The failed function is unusable and there is no acceptable alternative method to achieve the required results then the severity will be stated as critical.
- Major: The defect that results in the termination of the complete system or one or more component of the system and causes extensive corruption of the data. The failed function is unusable but there exists an acceptable alternative method to achieve the required results then the severity will be stated as major.
- Moderate: The defect that does not result in the termination, but causes the system to produce incorrect, incomplete or inconsistent results then the severity will be stated as moderate.
- Minor: The defect that does not result in the termination and does not damage the usability of the system and the desired results can be easily obtained by working around the defects then the severity is stated as minor.
- Cosmetic: The defect that is related to the enhancement of the system where the changes are related to the look and field of the application then the severity is stated as cosmetic.
2) Priority:
Priority defines the order in which we should resolve a defect. Should we fix it now, or can it wait? This priority status is set by the tester to the developer mentioning the time frame to fix the defect. If high priority is mentioned then the developer has to fix it at the earliest. The priority status is set based on the customer requirements. For example: If the company name is misspelled in the home page of the website, then the priority is high and severity is low to fix it.
Priority can be of following types:
- Low: The defect is an irritant which should be repaired, but repair can be deferred until after more serious defect have been fixed.
- Medium: The defect should be resolved in the normal course of development activities. It can wait until a new build or version is created.
- High: The defect must be resolved as soon as possible because the defect is affecting the application or the product severely. The system cannot be used until the repair has been done.
Few very important scenarios related to the severity and priority which are asked during the interview:
High Priority & High Severity: An error which occurs on the basic functionality of the application and will not allow the user to use the system. (Eg. A site maintaining the student details, on saving record if it, doesn’t allow to save the record then this is high priority and high severity bug.)
High Priority & Low Severity: The spelling mistakes that happens on the cover page or heading or title of an application.
High Severity & Low Priority: An error which occurs on the functionality of the application (for which there is no workaround) and will not allow the user to use the system but on click of link which is rarely used by the end user.
Low Priority and Low Severity: Any cosmetic or spelling issues which is within a paragraph or in the report (Not on cover page, heading, title).
Other popular articles:
- What is Defect or bugs or faults in software testing?
- What is Use case testing in software testing?
- What is Software Quality?
- What is Definition of Done? Test Levels in Agile software
- How to write a good incident report in software testing?
Serjio says
There is an error – “The priority status is set based on the customer requirements.”
The priority is based on business requirements and the severity is defined by customer requirements.
One can easily make an experiment – put a wrong logo on their company web page (low severity and high priority) and then see who will fire you, your boss, or the customers 😉
Arsh says
Excellent
Prasad Labade says
For Example 2 wheeler bike e.g. for Self start and kick start, which is a high priority and which is low severity
vijay says
Kick start is high sevirity, self start-low priorty
Ganesh says
Self start is low priority and Kick start is high severity
Teja says
What is example for low priority and low severity
Prasad says
I replied when I had time to your answer your question. One of the example
Malu says
Some spelling mistake in pages like terms and conditions..
mk vedwal says
minor spelling mistakes like in about us page there are minor spelling or grammar mistake, so it is low priority and low severity
Teja says
Wat is example for high priority and High severity
Punit jha says
How you will explain priority and severity to 7 year old boys/girl with example?
Sana Sameer says
If forgot password is not present it can be categorized under which severity?
Kamran Zahid says
As that is the rare case normally, therefore it would be low priority but high severity!
Arsh says
High priority and high severity
Anand says
Under Severity, Critical and Major definitions are matching word to word, how does it differ then?
I feel, your Critical definition is correct, but for Major it need not be data corruption or crashing. Any important functionality is not working as expected, can be considered as Major
zzee19 says
Critical: …there is no acceptable alternative method to achieve…
Major: …but there exists an acceptable alternative method to achieve …
Rohit Thaper says
Severity can be of following types: both seems same
Critical: The defect that results in the termination of the complete system or one or more component of the system and causes extensive corruption of the data. The failed function is unusable and there is no acceptable alternative method to achieve the required results then the severity will be stated as critical.
Major: The defect that results in the termination of the complete system or one or more component of the system and causes extensive corruption of the data. The failed function is unusable but there exists an acceptable alternative method to achieve the required results then the severity will be stated as major.
Jayanth Samala says
convinced with your examples thanks
shruti says
very helpful for me,clearly understand the concept behind severity and priority.
David Cooke says
The assumption from the above piece is that there are 5 Severity values and 3 Priority values. However, the definition of the values are customisable to the client’s requirement. 4 Severity values for example, appear to be common across businesses.
subodh says
Very helpful, also some for the comments with example of banking system
Tony Barber says
I can’t understand this approach. The whole description is based on the defect being in live. We test in environments that are not live, therefore we need to categorize based on two factors. Priority is the impact to testing, what might the defect be blocking, how many scripts are blocked, impact to project timeline etc. Severity is the impact to the business / customer if the defect went live. Severity trumps Priority, but Priority might hide more critical Severity defects so this must always be considered.
Rajesh Ranjan Prasad says
Find some examples based on the Banking:
High Severity & High Priority (No other way to go around on major functionality which will stop business): User is not able to transfer fund from one account to another account.
High Severity & Low Priority (Not one of the major functionality and can be done with other options available): Online banking system having email functionality where user is not able to send emails from his login id. User can raise their concerns through other channel like via call or the dropping email separately.
Low Severity & High Priority (No other way to go around for the functionality but it will not effect the business): Deleting/removing functionality of beneficiary account is not working. As this feature is critical from banking prospective but it will not stop/block user to do there job.
Low Severity & Low Priority (Minor functionality and not affecting business): There is some alignment issue in the user profile.
Mukti says
Hey, you are kidding. You mentioned
2. Priority:-For example: If the company name is misspelled in the home page of the website, then the priority is high and severity is low to fix it.
How can you say like that.
Logo and company name is identity of the company or organisation then how it should be low severity?
ISTQB Guide says
In some ways, you are right. However, if you are on a banking or ecommerce website, a misspelled company name will not stop you from carrying out your transaction, which is the core functionality of the website. This is why fixing spelling mistakes are lower priority than fixing issues in checkout / payment module (for example).
Gangadhar Reddy says
Good explanation
farva says
very helpful.
Atul Jangra says
In simple words, you can understand that Severity is something which affects our application but Priority directly affects the business.
You’re right that Logo and company name is the identity of the company or organization and that’s why It should be fixed on the prior basis BUT a typo don’t cause to crash an application. So its severity will be cosmetic.
Nitin says
what is the best example for high priority and severity for an HTML testing
Feroz says
Its very helpful. Thanks for this.
neelam says
very well defined
Mohit Malhotra says
A very well defined topic with examples.
Priyanka soni says
this is very helpful for me. yhanks
vinoth says
Really it’s good