How many bugs need to be treated? - briefly
The count of bugs requiring remediation includes every defect classified as «critical» or «high» priority; lower‑severity issues may be deferred. Treatment should focus on all high‑impact bugs to maintain system stability.
How many bugs need to be treated? - in detail
The determination of the required number of defects to be addressed depends on several measurable factors. First, the severity classification defines priority: critical defects demand immediate remediation, high‑severity issues require treatment within a short release cycle, medium‑severity bugs are scheduled for the next planned update, and low‑severity defects may be deferred until capacity permits. Second, the impact scope—whether a defect affects a single user, a segment of the user base, or the entire system—guides allocation of resources. Third, compliance obligations, such as security standards or regulatory requirements, impose mandatory treatment thresholds regardless of severity.
Key steps for calculating the treatment count:
- Identify all open defects in the tracking system.
- Assign each defect a severity level and impact scope.
- Apply organizational policy rules, for example: • All critical defects → mandatory treatment. • High‑severity defects affecting more than 5 % of users → mandatory treatment. • Medium‑severity defects with compliance implications → mandatory treatment.
- Sum the defects that meet the mandatory criteria; the resulting total represents the number that must be treated in the current cycle.
Additional considerations include resource availability, sprint capacity, and risk tolerance. When capacity is limited, a weighted scoring model can rank defects, ensuring that the highest‑scored items are selected for treatment. The final count may be adjusted downward only after documented justification and stakeholder approval.