What is the process of assessing identified risks to estimate their impact and probability of occurrence called?

The process of assessing identified risks to estimate their impact and probability of occurrence is referred to as risk analysis. This critical phase involves evaluating the significance of each risk concerning its potential effects on project objectives and likelihood of happening. By analyzing risks, testers and project managers can prioritize them based on their severity and probability, enabling a more effective approach to addressing potential issues.

Risk analysis typically includes techniques such as qualitative analysis, where risks are prioritized based on subjective judgment regarding their likelihood and impact, and quantitative analysis, which involves more statistical methods to measure the extent of risks. This understanding is vital for making informed decisions on which risks require immediate attention and resources, ultimately aiding in risk management efforts.

In contrast, risk management encompasses the overall process of identifying, assessing, and addressing risks, which includes risk analysis as one of its components. Risk identification focuses solely on uncovering potential risks without evaluating their likelihood or impact. Risk mitigation specifically refers to the strategies and actions implemented to reduce or eliminate the risks identified through the risk management cycle. Therefore, risk analysis specifically zeroes in on understanding how significant identified risks may be, making it the correct answer in this context.