3 Mar, 2026
Static Testing: What to Review and Why It Matters
Static Testing , , , , , , , , ,

When people think about testing, they usually imagine executing test cases against a running system.

But in reality, many critical defects can be identified long before code is executed.

Static testing focuses on examining work products — the artifacts created during the software development lifecycle — without executing the software.

Understanding which work products can be reviewed is essential both for ISTQB Foundation Level and for building strong QA practices.

Let’s explore them in detail.

What Is a Work Product?

A work product is any deliverable produced during the software development process.

These include:

  • Requirements documents
  • User stories
  • Architecture and design diagrams
  • Code
  • Test cases
  • Test plans
  • Configuration files
  • User documentation

Each of these can contain defects — even before implementation begins.

1️⃣ Requirements

Requirements are among the most critical work products in any project.

They define what the system should do.

Defects commonly found during requirement reviews include:

  • Ambiguity
  • Missing information
  • Inconsistencies
  • Contradictions
  • Non-testable statements

Example

Requirement:

“The system should handle high traffic.”

Questions raised during review:

  • What does “high traffic” mean?
  • How many users?
  • Under what conditions?
  • What performance metrics apply?

Static testing helps clarify expectations early.

2️⃣ User Stories and Acceptance Criteria

In Agile environments, user stories replace formal requirement documents.

Static testing can examine:

  • Clarity of the story
  • Completeness of acceptance criteria
  • Testability
  • Alignment with business goals

Example:

User story:

“As a user, I want to reset my password.”

If acceptance criteria are missing edge cases, that defect can be found before development starts.

3️⃣ Architecture and Design Documents

Design artifacts include:

  • System architecture diagrams
  • Database schemas
  • API specifications
  • Interface definitions

Reviewing these helps identify:

  • Logical inconsistencies
  • Missing integrations
  • Scalability risks
  • Security concerns

Catching architectural issues early prevents costly refactoring later.

4️⃣ Code

Code can be examined without executing it through:

  • Code reviews
  • Pair programming
  • Static analysis tools

Static code reviews detect:

  • Logical errors
  • Violations of coding standards
  • Security vulnerabilities
  • Maintainability issues

Static analysis tools automatically detect issues such as:

  • Unused variables
  • Dead code
  • Potential null pointer exceptions

5️⃣ Test Artifacts

Even test documentation can contain defects.

Test artifacts include:

  • Test plans
  • Test cases
  • Test scripts
  • Test data

Reviewing test cases may reveal:

  • Missing scenarios
  • Incorrect expected results
  • Redundant tests
  • Unclear preconditions

Strong QA teams review test cases before execution.

6️⃣ Configuration and Infrastructure Documentation

Configuration settings, deployment instructions, and environment documentation can also be reviewed.

Issues may include:

  • Incorrect parameters
  • Security misconfigurations
  • Missing dependencies

Static examination reduces deployment risks.

Why Reviewing Work Products Is So Important

Defects found in work products:

  • Are cheaper to fix
  • Reduce rework
  • Improve shared understanding
  • Prevent misunderstandings
  • Increase overall quality

A requirement defect detected before coding saves significantly more effort than a defect detected in production.

What Static Testing Cannot Do

It cannot:

  • Validate runtime behavior
  • Detect performance under real load
  • Identify dynamic execution errors

That is why static and dynamic testing complement each other.

ISTQB Exam Perspective

For ISTQB Foundation Level, remember:

Static testing can examine:

  • Requirements
  • User stories
  • Design documents
  • Code
  • Test artifacts

The key point:

Static testing applies to many types of work products, not just code.

Exam questions may test whether you understand that static testing is broader than code review.

Practical Advice for Testers

If you want to improve as a QA professional:

  • Ask to review requirements before development starts.
  • Participate in design discussions.
  • Review test cases within the team.
  • Encourage code reviews.

Quality begins with the work products.

Testing does not start with execution.

It starts with examination.

Final Thoughts

Static testing shifts quality upstream.

By examining work products early, teams prevent defects rather than reacting to them later.

The strongest QA professionals understand that every artifact in the SDLC can — and should — be critically reviewed.

That mindset reduces risk long before software is deployed.