The document summarizes the project risk analysis process for NKS Private Limited, a software company. It describes NKS' background and outlines the key steps in risk analysis: risk identification, risk projection including probability and impact assessment, risk refinement, and developing a risk mitigation, monitoring and management plan. An example risk is provided relating to software component reuse. The summary provides an overview of the risk analysis process and examples discussed in the document.
Fostering Friendships - Enhancing Social Bonds in the Classroom
Project risk analysis
1. Project Risk Analysis
of
NKS Private Limited
Presentation By
Naresh Kumar M
Subhasish Mahakud
Rajesh Mondal
Soumya Ranjan Pradhan
2. About NKS Private Limited
• NKS Private Limited is Private incorporated on 18 Sept 2019
• It is classified as Non-govt company and is registered at Registrar of Companies,
Bangalore . Its authorized share capital is Rs. 2,747,500,030 and its paid up capital is Rs.
591,395,010
• It is involved in Software publishing, consultancy and supply [Software publishing
includes production, supply and documentation of ready-made (non-customized)
software, operating systems software, business & other applications software, computer
games software for all platforms
• Consultancy includes providing the best solution in the form of custom software after
analyzing the users needs and problems. Custom software also includes made-to-order
software based on orders from specific users. Also, included are writing of software of
any kind following directives of the users; software maintenance, web-page design].
• CEO of NKS Private Limited is Naresh Kumar M
• Directors of NKS Private Limited Subhasish Mahakud ,Rajesh Mondal and Soumya Ranjan
Pradhan
4. What is Risk?
• Risk are potential problems/uncertainty that might affect the
successful completion of a project
• Risk concern future happenings
• Risk involves change
• Risk involves choice and the uncertainty that choice entails itself
• Risk analysis and management are intended to help understand and
manage uncertainty
• The work product is called a Risk Mitigation, Monitoring and
Management Plan (RMMM)
• Risk can’t be eliminated but can be minimize
5. Types of Risk
• Market Risk
• Firm Risk
a. Business Risk
b. Financial Risk
• Project Specific Risk
• Industry Specific Risk
• Competitive Risk
• International Risk
6. Categories of risk
• Project Risk
• Technical Risk
• Business Risk
• Known Risk
• Predictable Risk
• Unpredictable Risk
• Operational Risks
• Programmatic Risks
7. What is a project risk?
• A situation involving exposure to danger
• Expose (someone or something valued)to danger, harm or loss
• Risk an uncertain event that may have a positive or negative impact
on the project
• May effect: scope, schedule, cost, performance and quality
• Example of Risks
i. Budget Risk
ii. Operational Risks
iii. Technical risks
iv. Programmatic Risks
8. What is Project Risk
Project risk
Unknown
Unexpected
Undesirable
Unpredictable
11. What is Project Risk Management
• A process that assists project managers in setting priorities, allocating
resources and implementing actions that reduce the risk of the
project not achieving its objectives.
Cycle of Project Risk Management
12. Risk Management Process
• Risk identification
• Identify project, product and business risks
• Risk analysis
• Assess the likelihood and consequences of these risks
• Risk planning
• Draw up plans to avoid or minimise the effects of the risk
• Risk monitoring
• Monitor the risks throughout the project
14. The project scheduling process
Estimate resources
for activities
Identify activity
dependencies
Identify
activities
Allocate people
toactivities
Create project
charts
Software
requirements
Activity charts
and bar charts
15. Risk Strategies
• Reactive risk Strategies
Software team does nothing till the risk becomes real
• Proactive Risk Strategies
Risk management begins long before technical work starts. Risk are
identified and prioritized by important. Then team build a plan avoid
risks if they can or minimize their probability of occurrence or establish
pal if risks become real
16. Process of Risk Analysis
• Risk Identification
• Risk Projection
• Risk Refinement
• Risk Mitigation Monitoring And Management
18. Risk Identification
• Systematic attempt to specify threats to the project plan
• Predictable and known risk can be avoided and controlled possibly by
identification
• A project manager attains a feeling of staffing risk by answering the
following set question
i. Are enough people available?
ii. Are the best people available?
iii. Will the project team member be working full time / part time on the project?
iv. Have the staff members received training?
• There are two types of risk for risk each categorized risk
I. Generic risk: potential threat to every software project
II. Product specific risk: can be identified by those with a clear understanding of
technology the people and the environment specific for building the project
20. Risk Projection
Also called Risk Estimation
Attempts to rate each risk in 2 ways
i. Probability that the risk is real
ii. Consequences of the problems associated with the risk
Steps 1 :Prepare a Risk Table
• There are four risk steps intended to consider risks in a manner that leads to
prioritization
i. Estimation a scale that reflects the perceived of a risk
ii. Delineate the consequence of the risks
iii. Estimation the impacts of the risk on the project and products
iv. Asses the overall accuracy of the risk projection
• Impacts of each risk on the 4 components is assessed
21. Risk Projection
• Below are the 4 risk components
i. Performance: if the risk becomes real will the requirements ne met and will the
product be for its intended use?
ii. Cost: if the risk become real will the project budget be maintained?
iii. Support: if the risk becomes real will the resultants software be easy to correct,
adapt and enhance?
iv. Schedule: will the project schedule be maintained and the product will be
delivered on time if the risk becomes real?
• The impact of each risk on the 4 components can be categorized as
i. Catastrophic
ii. Critical
iii. Marginal
iv. Negligible
22. Risk Projection
• Factor affecting impacts of risk
i. Nature: indicates the problems that are likely if it occurs
ii. Scope: combines he severity with overall distribution
iii. Timing: considers when and for how long the impacts will be felt
• The values are averaged to determine an overall impact value
• Next the table is sorted by high probability and high impact
• Project momager defines cut off line implying only risk above the line be
managed
• The column labeled RMMM contained a pointer into a Risk Mitigation
Monitoring and Management Plan( A collection of Risk information sheets
developed for all risk that lie above the cutoff line)
23. Risk Table
• A risk table provide simple technique for risk projection
• Begin by listing all the risk in the table with the help of risk item
checklist
• Each risk is categorized in the second table
• Probability of occurrence of each risk is entered in the next column
• Next, the impact of each risk is assessed
24. Risk Projection
Steps 2 : Assessing the risk impact
• Estimate the cost of each risk in the table
How to estimates the cost of each o risk?
Eg: Assume that the software team defines a project risk in the following manner:
Risk identification: Only 70% of the software components scheduled for reuse will ,In fact
be integrated into the application. The remaining functionality will have to be custom
developed.
Risk Probability: 80% likely)
Risk Impacts: 60 reusable software components were planed. If only 70 percent can be
used , 18 component would have to be developed from scratch ( In addition to other
custom software that has been scheduled for development).Since the average component
is 100 LOC and local data indicate that the software engineering cost for each is $14.00, the
overall cost 9 impact90 to develop the component would be 18*100*14=$25200
26. Risk Projection
• Calculate the risk exposure for each risk in the table
Risk exposure, RE= Prob Of Occurrence * Cost of Risk
=0.80*25200=$20200
• Risk exposure can be computed for each risk, once the estimation of the
cost of the risk is made
• Calculate the total exposure for all risks (above the cutoff line)
The total risk exposure provides a means for adjusting the final cost
estimates for a project
If RE is greater then 50% of the project cost the viability of the project must
be evaluated
• RE can be used to predict the probable increase in staff resource required
at various point during the project schedule
27. Risk Refinement
• During early stages of project planning a risk may be stated quite
generally
• As time passes and more is learned about the project and the risk it
may be possible to refine the risk
• One way to do this is to represent the risk in condition transition
consequence (CTC)
• Given that <condition> then there is concern that (possibly )
<consequence>
• Refinement helps to isolate the underlying risk and lead to easier
analysis and response
28. Risk Mitigation Monitoring And Management
• All the risk analysis activates presented so far have single goal i.e to
assist the project team in developing team in developing a strategy to
deal with risk
An effective strategy is
Risk mitigation (avoidance)
For example.
Assume risk- High staff turnover is noted as a project risk Prob Of
occurrence- 70%(high) and/ impact-2(critical)
29. Risk Mitigation Monitoring And Management
• To mitigate this risk project manager must develop a strategy for
reducing turnover
• Among the possible steps to be taken
i. Meet with current staff to determine causes for turnover(e.g poor working
condition, low pay and competitive job market)
ii. Mitigation those causes that are under our control before the project start
iii. Organize project team so that information about each development
activity is widely dispersed
iv. Define documentation standard an =d establish mechanism to the sure
that document are develop in a timely manner
v. Assign a backup staff members for every critical technologist
30. Risk Mitigation Monitoring And Management
Risk monitoring
• As the project proceed risk monitoring activities commence
• The project manger monitors factors that may provide an indication
of whether the risk becoming more or less likely
In the case of high staff turnover, the following factor can be
monitored:
i. General attitude of team members based on project pressure
ii. The degree to which the team has jelled
iii. Interpersonal relationship among team members
iv. Potential problems with compensation and benefits
v. The availability of jobs within the company and outside it
31. Risk Mitigation Monitoring And Management
• Also the project manager should monitored the effective of risk
mitigation steps
• The project manager should monitore documents carefully to ensure
that each can stand on its own and that each imparts information
that would be necessary if a newcomer were forced to join the
software team somewhere in a middle of the project
32. Risk Mitigation Monitoring And Management
Risk management
• Assume that mitigation efforts have failed and that the risk has
become a realty ( a number of people announce that they are leaving)
• if the mitigation strategy has been followed backup is available
information is document and knowledge has been dispersed across
the team
• Those individual who are leaving are asked to stop all work and spend
their last weeks in knowledge transfer mode, this might include video
based knowledge capture the development of commentary
documents and /or meeting with other team members who will
remain on the project
33. Risk Mitigation Monitoring And Management
Plan / Risk Information Sheet(ris)
• The RMMM plan document all work performed as part of risk analysis
and are used by the project manager as part of the the overall project
plan
• Some software team do not development a formal RMMM
documents using a risk information sheet(RIS)
• Once RMMM has been documented and the projects has began risk
mitigation and monitoring steps commence And if the risk becomes
real them the project manger applies the management steps
34. Example of An RIS
Risk ID:P02-4-32 Date:20/09/2019 Prob:80% Impacts : High
Description:
Only 70% of the software components schedule for resue will be integrated
into the application. The remaining functionality will have to be custom
develop
Refinement / Context:
Sub Condition 1
Certain reusable components were development by a third-party with no
knowledge of internal design standard
Sub condition 2
Certain reusable components have been implemented in a language that is
not supported on the target environment
35. Example of An RIS
Mitigation/Monitoring:
i. Contact third party to determine conformance with design standard
ii. Check to determine if language support can be acquired
Management plan :
RE computed to be $20200.Alloacted this amount within project cost.
Develop revised schedule assuming 1 8 additional components will
have to be custom built
Allocated staff according
Current status:
20/12/2019 : Mitigation steps initiated
36. Thank You
By
• Subhasish Mahakud 18MBARB
• Rajesh Mondal 18MBARB
• Soumya Ranjan Pradhan 18MBARB
• Naresh Kumar M 18MBARB029