5. Define
Risk
Any anticipated unfavorable event or circumstances
that occur while the project is underway.
If the risk become true
• It can hamper the successful and timely
completion of a project.
Therefore, it is necessary to anticipate and identify
different risks.
Risk management
Reducing the impact of all kinds of risks that might
affect a project.
6. Importance of Software Risk
Addresses Complex Software Systems
Focuses Projects on Critical Risk Items
Provides Techniques for Handling Risk Items
Reduces Software Costs by Reducing Rework
Usually 40-50% of software costs
Making informed decisions involves the evaluation of
risk improvement
Costs, benefits, and risks
The evaluation of the impact of current decisions on future
options
7. Risks within a system Context
This process of risk management embodies
8. Process of Risk Management
This process of risk management embodies the
identification, analysis, planning, tracking, controlling, and
communication of risk.
A continuous set of activities to identify,
confront, and resolve technical risk
10. Risk assessment
The objectives of risk assessment is to rank the risks in terms of
their damage causing potential.
For risk assessment, each risk should first be rated in two ways:
• The likelihood of a risk coming true (r)
• The severity of damage caused due to the risk (s)
• Based on these factors
– The priority of each risk can be computed as
– p=r s
11. Risk identification
The project manager needs to anticipate the risks in the
project as early as possible so that the impact of the risk can
be minimized by making effective risk management plans.
In order to be able to systematically identify the important
risks, it is necessary to categorize risks into different classes.
Main categories of risks
• Project risks
• Technical risks
• Business risks
12. Main categories of risks
Project risks
• Concern various forms of
– Budgetary, Schedule, Personnel, Resource and Customer-Related Problems.
– e.g. schedule slippage
» Software is intangible, it is very difficult to monitor and control software
projects.
Technical risks
• Concern
– Potential design, implementation, interfacing, testing, and maintenance
problems.
– E.g. incomplete specification, changing specification, etc.
Business risks
• Includes
– An excellent product that no one wants, losing budgetary, etc.
13. Risk Containment
After all the identified risks are assessed, plans must be made to control the
most damaging and the most likely risks.
Strategies used for risk
containment:
• Avoid the risk
– Discuss with customer to
reduce the scope of the
work
– Giving incentives to
engineers to avoid the risk of
manpower turnover, etc.
• Transfer the risk
– Getting the risky components
developed by a third party
– Buying insurance cover, etc.
• Risk reduction
– Planning ways to control the
damage due to a risk
– If there is risk that some key
personnel might leave, new
recruitment may be planned.
Techniques for Handling Risks
14. To choose between the different strategies of
handling a risk, the project manager must
consider the cost of handling the risk and the
corresponding reduction in risk.
Risk exposure before reduction – risk exposure after reduction
Risk leverage =
Risk reduction of cost
15. Methodological Dimension
Design to Improve overall software development
process to integrate knowledge into the software
acquisition process that enable manageress to make
timely decision.
Samples of questions for methodological
I know that improving the process will improve my software. How
do I choose the improvement method that will have the most
effect for my current state? How do I secure against major
disasters? What cost will I face?
16. Software Risk management Methodology
Framework for Software Risk management
1. Software Risk Evaluation (SRE)
2. Continuous Risk Management (CRM)
3. Team Risk Management (TRM)
Developed software risk methodologies
1. Risk prevention
2. Risk mitigation and correction
3. Ensuring safe system failure
17. SRM methodological addresses the two functions of
software acquisition and development.
The functions are managed is composed
Software Acquisition-Capability Maturity Model
• Determine current process maturity identify few critical
issues critical to software quality & process improvement
• Framework used Quality principles have been design by
Quality management Team
– Developed the direction Watts Humphrey at IBM
Software - Capability Maturity Model
• The key process areas define requirements that must be
satisfied in order to accomplish that level of development
19. Seven risk management principles
Shared product vision
• Sharing product vision based upon common purpose, shared
ownership, and collective commitment
• Focusing on results
Teamwork
• Working Cooperatively To Achieve A Common Goal
• Pooling Talent, Skills, And Knowledge
Forward-looking view
• Thinking Toward Tomorrow, Identifying Uncertainties,
Anticipating Potential Outcomes
• Managing Project Resources And Activities While Anticipating
Uncertainties
20. Global perspective
Viewing software development within the context of the larger
system (3D) Definition, Design, and Development
Open communication
Encouraging the free flow of information between all levels
Bringing unique knowledge to identifying and managing risk
Integrated management
Making risk management an integral part of project
management
Adapting risk management methods and tools to a project’s
infrastructure and culture
Continuous process
Maintaining constant vigilance
Identifying and managing risks routinely throughout all phases
of the project’s life cycle
24. 3. Risk Clinic
Workshop that takes the CRM and TRM and adapts in
integrates it with a client’s communication channels,
infrastructure, existing practices, project management, risk
management (if any), and technical problem management
26. Team Risk Management (TRM)
Initiate: Team:
•Recognize the needs •Based on risks, priorities,
•Commit to create the team metrics & action plans
culture
Team Activity
28. CRM is a principle-based practice for managing project risks and
opportunities throughout the lifetime of the project.
When followed, these principles provide an effective approach to
managing risk regardless of the specific methods and tools used.
2 are composed of three groups: core, sustaining, and defining.