Tester are always asked to think about which risks they see in there test work. Risks which can have impact on the customers. Risks which can have impact on the credibility of the product. All kind of investigations ‘are needed’ to determine what you as a tester have to do to give ‘a statement’ about risks. The activities you have to do as a tester to mitigate the risks you have identified and analyzed. Sometimes it looks a bit overwhelming and you have difficulties where to start. With prioritization of the risks based on the feedback from stakeholders you can start with the most important risks which need to be mitigated.
As a tester, I think you can make it much more easier for yourself. The feature you are going to test has been build by somebody. This person is most of the time nearby and easy to reach, especially when you are part of an agile development team. It is the developer of the feature. He or she knows all about the feature and its software and can help you. So, go to the developer(s) of the feature you are going to test and ask him/her the question:
Which part of the software is new or did you change?
With this question you know which part of the software has been impacted and how this reflect on the feature you are going to test. You know now that the probability is high and that you can find bugs in this part of the software. Impact …. Probability …. That sounds like “Risk”. So, what else do you need to start your risk assessment. Nothing. It is the best and only starting point to assess the risks. From here, the tidlewave of questions will pop up in you mind. Questions which need to be answered to you. These answers will help you asses the risks and help you make a strategy to mitigate those risks.
Why do you make it yourself difficult, while the solution is nearby. Go to the developer. Go ask this question. Everything will become much easier to deal with.