Test plan template

# Test Plan: {{Feature or Release Name}}

**Version**: {{1.0}}
**Author**: {{Your name, role}}
**Last updated**: {{YYYY-MM-DD}}
**Status**: Draft / In review / Approved

## 1. Scope

### In scope
- {{Feature 1}}
- {{Feature 2}}
- {{Integration X}}

### Out of scope
- {{Explicitly listed exclusions}}

## 2. Approach

- **Test types**: smoke, functional, regression, {{performance / security / accessibility if applicable}}
- **Manual vs automated**: {{e.g. 80% automated regression, exploratory sessions for new features}}
- **Test data strategy**: {{factories, masked prod data, etc.}}
- **Environment**: {{which dev / staging / pre-prod, with version pins}}

## 3. Schedule

| Phase | Start | End | Owner |
|---|---|---|---|
| Test plan sign-off | {{date}} | {{date}} | {{name}} |
| Test case design | {{date}} | {{date}} | {{name}} |
| Test execution (sprint 1) | {{date}} | {{date}} | {{name}} |
| UAT | {{date}} | {{date}} | {{name}} |
| Go-live | {{date}} | {{date}} | {{name}} |

## 4. Entry and exit criteria

### Entry
- Build deployed to test environment
- Smoke pack passes on CI
- {{Any required test data seeded}}

### Exit
- 100% of P0 and P1 test cases pass
- Zero P0 open defects; up to {{N}} P1 with sign-off
- Performance under target {{x ms p95}}
- {{Any compliance / accessibility gate}}

## 5. Risks and mitigations

| # | Risk | Likelihood | Impact | Mitigation |
|---|---|---|---|---|
| 1 | {{e.g. third-party API in sandbox unstable}} | Medium | High | {{contract tests + mocked fallback}} |
| 2 | {{e.g. test data refresh delayed}} | Low | Medium | {{factories, not prod-clone dependency}} |

## 6. Roles and responsibilities

| Role | Name |
|---|---|
| QA lead | {{name}} |
| Automation lead | {{name}} |
| Test environment owner | {{name}} |
| Release manager | {{name}} |
| Product owner sign-off | {{name}} |

## 7. Deliverables

- Test cases (in {{Xray / Zephyr / TestRail / markdown repo}})
- Automation suite repo: {{URL}}
- Defect log: {{Jira filter URL}}
- Test summary report (post-execution)

## 8. References

- Requirements: {{link to PRD / Confluence / Linear ticket}}
- Design: {{Figma URL}}
- API contract: {{Postman / OpenAPI URL}}

Placeholders like {{...}} mark fields you replace. Everything else is structure you keep.

# Test Plan: UPI Collect Request, Phase 2

**Version**: 1.0
**Author**: Pournami T, QA Engineer
**Last updated**: 2026-06-19
**Status**: Approved

## 1. Scope

### In scope
- UPI collect request creation (web + mobile)
- Collect request approval flow with biometric + UPI PIN
- Collect request expiry behaviour (30 min default, 60 min override)
- Webhook notifications to merchant on payment success

### Out of scope
- UPI Lite (separate program)
- AutoPay (covered by mandate testing track)

## 2. Approach

- **Test types**: smoke (5 min, runs on every deploy), functional, regression, performance up to 1000 TPS
- **Manual vs automated**: 100% automated regression. Exploratory sessions on biometric edge cases
- **Test data strategy**: Factory-generated VPAs against UPI sandbox; no prod VPAs
- **Environment**: pre-prod, pinned to NPCI sandbox release 26.04

## 3. Schedule

| Phase | Start | End | Owner |
|---|---|---|---|
| Test plan sign-off | 2026-06-01 | 2026-06-03 | Pournami T |
| Test case design | 2026-06-03 | 2026-06-10 | Pournami T |
| Test execution | 2026-06-10 | 2026-06-24 | QA team |
| UAT | 2026-06-25 | 2026-06-28 | Product + Risk |
| Go-live | 2026-07-01 | 2026-07-01 | Sujith S |

## 4. Entry and exit criteria

### Entry
- Build 26.06.10+ deployed to pre-prod
- Smoke pack passes on CI
- 50 factory-generated VPAs seeded
- NPCI sandbox responsive on healthcheck

### Exit
- 100% of P0 and P1 test cases pass
- Zero P0 open defects; up to 3 P1 with sign-off
- p95 < 250 ms on collect-create at 1000 TPS
- Security review sign-off from infosec

## 5. Risks and mitigations

| # | Risk | Likelihood | Impact | Mitigation |
|---|---|---|---|---|
| 1 | NPCI sandbox throttling during load tests | High | High | Coordinate window with NPCI; have mocked fallback for non-sandbox-dependent tests |
| 2 | Biometric flow inconsistent across Android OEMs | Medium | Medium | Test matrix: Samsung, Xiaomi, OnePlus, Realme stock OS |
| 3 | Webhook delivery flakiness in pre-prod | Medium | Low | Idempotency-Key on every webhook + replay tool |

## 6. Roles and responsibilities

| Role | Name |
|---|---|
| QA lead | Pournami T |
| Automation lead | Sujith Sasidharan |
| Test environment owner | DevOps team |
| Release manager | Aswathi T |
| Product sign-off | Sanjana S |

## 7. Deliverables

- Test cases in Xray under project UPI2
- Automation suite repo: github.com/upcode/upi-qa
- Defect log: jira.upcode.in/issues/?jql=project=UPI2 AND issuetype=Bug
- Test summary report by 2026-06-30

## 8. References

- PRD: confluence.upcode.in/upi-collect-v2
- Figma: figma.com/file/upi-collect-flows
- API contract: postman.com/upcode/upi-collect-v2

Common mistakes

• ›Five pages or fewer. A long test plan is a sign of theatre, not rigour.
• ›Date every section. Six-month-old test plans get cited as current and burn teams.
• ›Use exit criteria as a sign-off, not aspirations. If you cannot enforce them, do not list them.
• ›Risks: list at most five. Anything beyond that, fold into engineering risk register.