Test Report Template

1 Who reads it and what they care about

A test report is not written for other testers — it is written for people who were not in any of the test sessions. Every word should answer the question they are silently asking: "Is it safe to ship?"

The rule: communicate confidence or lack of confidence, not just pass/fail counts. A report that says "96 passed, 4 failed" is less useful than one that says "all payment flows passed; the 4 failures are in the admin export feature which is out of scope for this release."

PM / Project Manager

Needs: overall verdict and timeline impact

Is the feature ready? If not, how long to fix? What is the risk of shipping anyway? They are managing a schedule and need a clear recommendation, not a spreadsheet of results. They will read the Executive Summary and the Recommendation — often nothing else.

Product Owner

Needs: business risk and open defects

Which defects affect user journeys they care about? Which ones could generate support tickets or complaints? A PO wants the risk in plain language, mapped to features or user stories — not Jira IDs and test case names. They will focus on the Defect Summary and Risk Assessment.

Dev Lead / Engineering Manager

Needs: coverage gaps and blocked tests

What did we actually test vs. plan to test? What was blocked and why? They will use the Test Coverage section to understand what assumptions the pass rate is built on. If 20 tests were not run, a 100% pass rate is meaningless and they need to know that.

Client / External Stakeholder

Needs: confidence statement in non-technical language

External clients rarely read technical detail. They want to know: "Did you test it properly, and would you stand behind it?" Use plain language, avoid jargon, and make the recommendation unmistakably clear. If in doubt, write one summary paragraph in language a non-technical manager could read aloud at a board meeting.

2 The Template

Use this structure for any end-of-sprint or release summary. Adapt the headings to your team's conventions; the sections themselves are non-negotiable.

TEST REPORT Project / Feature: [name] Sprint / Release: [e.g. Sprint 14 / v2.3.0] Test Period: [start date] – [end date] Environment: [UAT / Staging / Production-mirror] Prepared by: [name, role] Date: [date] Status: DRAFT / FINAL ——————————————————————— 1. EXECUTIVE SUMMARY ——————————————————————— [2–3 sentences. State the overall result (pass / conditional / fail), coverage level, and the single most important risk or issue. End with the recommendation. This is the only section many readers will see.] Example: "Testing of the KiwiSaver Employer Portal v2.3 is complete. 96% of planned tests were executed; 94% passed. One Priority 1 defect (employer contribution rounding error) remains open and blocks release. RECOMMENDATION: Do not release to production until DEF-441 is resolved or formally deferred." ——————————————————————— 2. TEST COVERAGE ——————————————————————— Scope in: • [feature / user story / module tested] • [feature / user story / module tested] Scope out (explicitly excluded): • [feature / area not tested and why] • [feature / area not tested and why] Environment / data notes: [e.g. "UAT environment; production data anonymised via Delphix. Email delivery disabled — SMTP mocked."] ——————————————————————— 3. METRICS ——————————————————————— [See visual metrics table below] Tests planned: [n] Tests executed: [n] ([x]%) • Passed: [n] ([x]% of executed) • Failed: [n] • Blocked: [n] • Not run: [n] Defects raised (total): [n] • Open: [n] • Resolved: [n] • Deferred: [n] Automation coverage: [x]% of regression suite passing in CI ——————————————————————— 4. DEFECT SUMMARY (open P1 / P2 only) ——————————————————————— ID | Priority | Summary | Status ————————————————————————————————————————————————— DEF-441 | P1 | Rounding error on contrib. | Open — in sprint DEF-447 | P2 | CSV export drops last row | Open — deferred [List only P1 and P2 open defects here. Link to tracker for full list. Note the agreed disposition of each: fixing, deferring, or accepting.] ——————————————————————— 5. RISK ASSESSMENT ——&mdamp;——————————————————— [What was NOT tested, or tested inadequately? What assumptions were made? What known issues are being accepted? Be specific.] Example risks: • Performance testing was descoped — load behaviour under 50+ concurrent employer logins is unknown. • IE11 compatibility not tested (browser officially unsupported). • DEF-447 (CSV export) deferred — affects ~5% of employers who use bulk upload workflow. ——————————————————————— 6. RECOMMENDATION ——————————————————————— [One of three verdicts — see Section 4 for exact wording.] RECOMMEND RELEASE / RELEASE WITH KNOWN ISSUES / DO NOT RELEASE Conditions (if applicable): • [prerequisite before release] • [prerequisite before release] ——————————————————————— 7. SIGN-OFF ——————————————————————— QA Lead: ___________________ Date: ___________ Product Owner: ___________________ Date: ___________ Dev Lead: ___________________ Date: ___________

3 Visual Metrics Table

Use this HTML table when sending the report via email or embedding in Confluence. The colour coding communicates health at a glance — your reader does not need to do mental arithmetic.

Metric	Count	%	Status
Tests planned	120	—	—
Tests executed	115	96%	On track
Passed	108	94%	Acceptable
Failed	5	4%	Under review
Blocked	2	2%	Blocker
Not run	5	4%	Descoped
Defects
Defects found (total)	12	—	—
Open	3	—	Action needed
Resolved	8	—	Fixed & verified
Deferred	1	—	Accepted risk

Tip: Never report pass % against planned tests — always against executed tests. 108 passed out of 115 executed (94%) is honest. 108 passed out of 120 planned (90%) is misleading because it conflates execution gaps with failures.

4 Recommendation language

Use one of these three verdicts verbatim. Copy the language, fill in the brackets. Consistent wording across projects trains stakeholders to read test reports correctly.

Verdict 1 — Recommend release

RECOMMENDATION: RELEASE Testing is complete. [X] of [Y] planned tests were executed ([Z]% pass rate). No P1 or P2 defects remain open. The outstanding [n] items are low-priority enhancements that have been deferred to [next sprint / backlog] with Product Owner agreement. Quality assurance has no objection to production deployment.

Verdict 2 — Release with known issues

RECOMMENDATION: RELEASE WITH KNOWN ISSUES Testing is substantially complete. [X] of [Y] planned tests passed. The following known issues are accepted for release with Product Owner sign-off: • [DEF-xxx] [brief description] — [workaround / impact note] • [DEF-xxx] [brief description] — [workaround / impact note] These items are scheduled for [next release / hotfix]. Product Owner has reviewed and accepted the residual risk. Quality assurance recommends release subject to this written acceptance.

Verdict 3 — Do not release

RECOMMENDATION: DO NOT RELEASE Testing has identified [n] P1 defect(s) that represent unacceptable risk to production: • [DEF-xxx] [brief description] — [user impact] Release is blocked until the above defect(s) are resolved and re-tested. Estimated additional test effort following fixes: [x] days. Quality assurance will issue an updated report once re-test is complete.

Why these exact three verdicts? They train stakeholders to expect a clear position, not equivocation. "Testing went well with some issues" is not a recommendation — it is noise. Pick a box, own it, justify it.

5 Worked Example — KiwiSaver Employer Portal

A NZ fintech running a KiwiSaver platform has completed testing for Sprint 14 of their Employer Portal. Here is the full test report as it would appear in Confluence.

Worked example — Sprint 14

KiwiSaver Employer Portal — v2.3 Test Report

TEST REPORT Project: KiwiSaver Employer Portal Release: v2.3.0 (Sprint 14) Test Period: 9 June 2026 – 20 June 2026 Environment: UAT — Westpac-hosted staging cluster Prepared by: Aroha Te Awa, Senior QA (Resync Consulting) Date: 23 June 2026 Status: FINAL ————————————————————————————— 1. EXECUTIVE SUMMARY ————————————————————————————— Testing of the KiwiSaver Employer Portal v2.3 is complete. 96% of planned test cases were executed; 94% passed. One Priority 1 defect (employer contribution rounding error on final payday of tax year) remains open and creates a compliance risk under the KiwiSaver Act 2006. RECOMMENDATION: DO NOT RELEASE until DEF-441 is resolved. ————————————————————————————— 2. TEST COVERAGE ————————————————————————————— Scope in: • Employee enrolment (new hire, transfer, opt-out) • Employer contribution calculation (monthly, fortnightly pay) • IRD filing integration (mock — real IRD sandbox unavailable) • Bulk CSV employee import (up to 500 rows) • Admin: user role management, audit log Scope out (explicitly excluded): • Mobile app (separate release — v2.4 scope) • Payment gateway integration (covered by PCI team, separate report) • IE11 browser (officially unsupported per policy agreed Jun 2025) Environment / data notes: UAT environment on Westpac cloud. Production data anonymised via Delphix snapshot from 1 June 2026. SMTP mocked (emails not delivered). IRD filing uses mock endpoint — not live IRD sandbox. ————————————————————————————— 3. METRICS ————————————————————————————— Tests planned: 120 Tests executed: 115 (96%) Passed: 108 (94% of executed) Failed: 5 Blocked: 2 (IRD mock endpoint flaky in CI) Not run: 5 (mobile — out of scope) Defects raised (total): 12 Open: 3 Resolved: 8 Deferred: 1 Automation coverage: 87% of regression suite passing in CI/CD. ————————————————————————————— 4. DEFECT SUMMARY (open P1/P2) ————————————————————————————— DEF-441 P1 Contribution rounding on 31 March payrun Open (in sprint) Employer contributions rounded DOWN to 2dp instead of rounding to nearest cent per IRD spec. Under-remittance on 28% of test payrolls. Compliance risk under KiwiSaver Act s.70. DEF-447 P2 CSV bulk import drops final row Open — deferred When CSV has exactly 100, 200, 300... rows, last row silently omitted. Affects ~5% of employer cohort. Product Owner has accepted deferral to v2.4 with monitoring alert as workaround. DEF-452 P2 Audit log timestamps use NZST not UTC Open (in sprint) All audit events recorded in NZST. During daylight saving, log comparison with external systems will be off by 1 hour. Fix assigned to Sam Park, due 24 June. Full defect list: [link to Jira] ————————————————————————————— 5. RISK ASSESSMENT ————————————————————————————— HIGH: DEF-441 creates under-remittance to IRD — regulatory exposure. MEDIUM: IRD filing integration not tested against live IRD sandbox (mock used). Real-environment behaviour unknown until post-go-live. Recommend smoke test in production immediately after deployment. LOW: DEF-447 (CSV last row) deferred. Monitoring alert scheduled before go-live. Business accepts this risk. LOW: Performance under peak load (e.g., 1 April payrun — tax year start) not tested. Load test descoped from Sprint 14; planned for Sprint 15. Deploy in time to run load test before April peak. ————————————————————————————— 6. RECOMMENDATION ————————————————————————————— RECOMMENDATION: DO NOT RELEASE Testing has identified 1 P1 defect (DEF-441) representing unacceptable compliance risk under the KiwiSaver Act 2006. Release is blocked until DEF-441 is resolved and re-tested. Estimated additional test effort: 0.5 days following fix. QA will issue an updated report once re-test is complete. Note: if DEF-441 and DEF-452 are both resolved by 24 June, the updated report will carry a RELEASE WITH KNOWN ISSUES verdict (accepting deferred DEF-447 with Product Owner sign-off). ————————————————————————————— 7. SIGN-OFF ————————————————————————————— QA Lead: Aroha Te Awa Date: [pending re-test] Product Owner: ___________________ Date: ___________ Dev Lead: ___________________ Date: ___________

Notice what the example does: it translates "DEF-441 fails test TC-088" into "compliance risk under the KiwiSaver Act 2006 s.70." That translation is the QA engineer's job. The dev lead knows what TC-088 is; the PO and client do not, and do not need to.

6 Anti-patterns

These are the five most common ways test reports fail their audience. You will see all of them in real projects.

⚠ All-green vanity metrics

Pattern: 120 tests, 120 passed, 100%. Looks great. Nobody asks questions.
Reality: The team wrote tests that only cover the happy path. Edge cases, error states, and negative flows were never designed. A 100% pass rate against weak tests is worse than a 90% pass rate against thorough ones — it creates false confidence. Fix: Always report coverage scope alongside the pass rate. "100% pass against 40 tests covering new-hire enrolment only" is honest.

⚠ No defect context

Pattern: "5 defects open." That is the entire defect section.
Reality: The reader has no idea if those are typos in a help tooltip or a data-loss bug in payments. Fix: List every open P1 and P2 with a one-line plain-English description of the user impact. P3/P4 can be a link to the tracker.

⚠ No recommendation

Pattern: The report describes everything that happened and ends. No verdict. The PM emails back: "So... can we release?"
Reality: You have the most context of anyone about what was tested and what was not. Refusing to give a recommendation is not neutral — it shifts a decision you are qualified to make onto someone who is not. Fix: Always close with one of the three explicit verdicts. Own your professional opinion.

⚠ Report sent, never read

Pattern: A 15-page Word document attached to an email at 4:55pm Friday. Subject line: "Test report v14 FINAL FINAL."
Reality: It will not be read. The decision will be made based on whatever the PM remembers from a standup. Fix: Keep the report to one page for sprint work; put the Executive Summary and Recommendation at the very top; use Confluence where stakeholders already live. Send a 3-line Slack summary linking the full report.

⚠ Raw Jira export as the report

Pattern: Export all 47 test cases from Jira with status, assignee, component, and priority columns. Paste into email. Done.
Reality: This is a data dump, not a report. It requires the reader to do analysis you should have done. POs and clients cannot interpret it and will not try. Fix: Use the Jira data as your source; write the report as a human synthesis. The report is your interpretation of the data, not the data itself.

7 Copy-Paste Block

Blank template ready to fill in. Copy it into Confluence, Notion, or a Google Doc and replace each bracketed field.

TEST REPORT
Project / Feature: [name]
Sprint / Release:  [e.g. Sprint 14 / v2.3.0]
Test Period:       [start date] – [end date]
Environment:       [UAT / Staging / Production-mirror]
Prepared by:       [name, role]
Date:              [date]
Status:            DRAFT

───────────────────────────────────────────
1. EXECUTIVE SUMMARY
───────────────────────────────────────────
[2–3 sentences. State: overall result, coverage level, key risk.
End with the recommendation.]

───────────────────────────────────────────
2. TEST COVERAGE
───────────────────────────────────────────
Scope in:
  • [feature / user story]
  • [feature / user story]

Scope out:
  • [excluded area and reason]
  • [excluded area and reason]

Environment / data notes:
  [environment, data source, any limitations]

───────────────────────────────────────────
3. METRICS
───────────────────────────────────────────
Tests planned:           [n]
Tests executed:          [n]  ([x]%)
  Passed:                [n]  ([x]% of executed)
  Failed:                [n]
  Blocked:               [n]
  Not run:               [n]

Defects found (total):   [n]
  Open:                  [n]
  Resolved:              [n]
  Deferred:              [n]

Automation coverage:     [x]% of regression suite passing in CI

───────────────────────────────────────────
4. DEFECT SUMMARY (open P1 / P2 only)
───────────────────────────────────────────
ID        | Priority | Summary                       | Status
───────────────────────────────────────────────────────────────
[DEF-xxx] | P1       | [brief description]           | [Open / Deferred]
[DEF-xxx] | P2       | [brief description]           | [Open / Deferred]

Full defect list: [link]

───────────────────────────────────────────
5. RISK ASSESSMENT
───────────────────────────────────────────
HIGH:   [risk and its business impact]
MEDIUM: [risk and its business impact]
LOW:    [risk and its business impact]

───────────────────────────────────────────
6. RECOMMENDATION
───────────────────────────────────────────
[Choose one:]

RECOMMENDATION: RELEASE
Testing is complete. [X] of [Y] tests passed ([Z]%). No P1/P2
defects remain open. Quality assurance recommends production
deployment.

— OR —

RECOMMENDATION: RELEASE WITH KNOWN ISSUES
[X] of [Y] tests passed. The following issues are accepted with
Product Owner sign-off:
  • [DEF-xxx] [description] — [workaround]
Residual risk accepted. Deploy subject to written PO acceptance.

— OR —

RECOMMENDATION: DO NOT RELEASE
[n] P1 defect(s) block release:
  • [DEF-xxx] [description] — [user/compliance impact]
Release blocked pending resolution and re-test.

───────────────────────────────────────────
7. SIGN-OFF
───────────────────────────────────────────
QA Lead:        ___________________  Date: ___________
Product Owner:  ___________________  Date: ___________
Dev Lead:       ___________________  Date: ___________