How to prioritize bugs?

Question

In my current company there isn\'t clear understanding between the test and development teams as to how severe a bug should be? There are arguments which go back and forth to re

Answer 1

"Been there done that".

I've had this discussion over and over again, on different projects. We've tried to combine priority with severity, but the lesson I've learned: do not combine severity with priority !

We've had a lot of brainstorms and meetings which ended with the words "this is it". Multiple guideline-documents have been created and spread between the different "parties", but after a while we discovered that it didn't work at the end. Different "parties" think different about bugs: our helpdesk has another understanding of priority than the development team or the sales has.

Having both a severity and a priority level will very quickly become very confusion because:

• when using numbers (between 1 to 5) one will not know what each number means
• what if an issue has the highest possible priority, but the lowest possible severity - and I'm sure that this will happen!
• what if someone reduces a severity, does he need to reduce the priority also?

"So what should you do then?":

• Only use one kind of indicator for the 'level' of an issue: Doesn't matter how you call it.

• Use numbers (eg 1 - 5, but could be more or less depending on your needs) to clearly indicate the importance but combine it with a keyword so that it's clear what it means (eg. 'nice to have', 'show stopper'). For some people prio 1 means the most import, for others 5 does -> therefore a keyword to indicate what a number means is necessary.

• Make a distinction between a 'normal issue' or a 'red alert'. In our case a 'Red Alert' must be solved immediately and put in production immediately. A normal issue will follow the normal development-test-deployment-flow. The priority/severity/however-how-you-call-it should only be set for normal issues and will be ignored for 'red alerts'. *> In practice, a 'Red Alert' can become a

  'Normal Issue': the support team discovered a major bug and created a 'Red Alert'. But after some investigation we discovered that data had become 'corrupt' in the database since it was inserted there directly and not via the application.*

• Choose a good tool that allows you to customize the flow; but most tools do.