SlideShare uma empresa Scribd logo

Software Engineering (Risk Management)

Transferir como PPT, PDF
S
ShudipPal

Software Engineering Risk Management

Educação
1 de 45
Software Engineering (CSI 321) Risk Management 1
Risk Management  Risk management is one of the main jobs of Project Manager.  Risk management is a set of actions that helps the project manager plan an approach to deal with uncertain occurrences.  It involves anticipating risks that might affect the project schedule or the quality of the software being developed and taking actions to avoid these risks.  Risk management is an emerging area that aims to address the problem of identifying and managing the risks associated with a software project. 2
Risk Management  Risk in a project is the possibility that the defined goals are not met. It is the inability to achieve objectives within defined cost, schedule, and technical constraints.  Most projects have risks, especially the big projects.  Risk management is the area that tries to ensure that the impact of risks is minimal on – – Cost – Quality – Schedule 3
Why is Risk Management important? • History of software development is full of major & minor failures (Because risks were not identified & managed properly). – Projects run over budget – Behind schedule – Some abandoned midway • Any project can encounter uncertainties in the form of increased costs, schedule delays, and diminished qualities. Unless tackled, these uncertainties can lead to major project disasters. • Software is a difficult undertaking. Lots of things can go wrong. Understanding the risks and taking proactive measures to avoid or manage them –is a key element of good software project management. 4
Risk Management • What can go wrong? • What is the likelihood? • What will the damage be? • What can we do about it? 5
Risk Management Process  What are the steps in Risk Management Process?, or  What are the major activities/tasks of a project manager in risk management? 1) Risk Identification –possible risks are identified 2) Risk Analysis –risks are analyzed to determine the likelihood and the damage/consequences. Risks are ranked by probability & impact. 3) Risk Planning –A plan is developed to manage the risks with high probability & high impact. 4) Risk Monitoring –Risk is constantly assessed & plans for risk mitigation are revised. 6
Characterizing Risk  Risk concerns the future happenings – What risks might cause software project to go awry? What can we do today to avoid problems tomorrow?  Risk involves change – How will changes affect timeliness & overall success? – What aspects of the problem domain and solution are unstable?  Risk involves choice & uncertainty – What methods & tools should we use? How many people should be involved? How much emphasis on quality is “enough”? We often make decisions based on incomplete information.  RISK, like DEATH, is one of the few certainties of life. 7
Risk Strategies : Reactive vs. Proactive  Reactive Risk Management: – Laughingly called “Indiana Jones school of risk management” – Risk management ==> Crisis management (“fire-fighting mode”) – Project team reacts to risks when they occur – Software team does nothing about risks until something goes wrong, then the team flies into action in an attempt to correct the problem rapidly(this is called “fire-fighting mode”). When this fails, “crisis management” takes over and the project is in real jeopardy. 8
Risk Strategies : Reactive vs. Proactive  Proactive Risk Management: – A considerably more intelligent strategy for risk management – Identify potential risks in advance – Assess probability and impact – Prioritize the risks by importance – Establish explicit risk management plan – But “Risk is unavoidable”( not all risks can be avoided), so contingency plan is developed 9
Software Risks  Software risk always involves two characteristics – 1) Uncertainty –the risk may or may not happen; there are no 100% probable risks. 2) Loss –If the risk becomes a reality, unwanted consequences or losses will occur. 10
Software Risks • When risks are analyzed, it is important to – – Quantify the level of uncertainty – The degree of loss associated with each risk – Consider different categories of risks 11
Categories of Risks  What are the categories of risks encountered as software is built? – Project risks – Product risks – Technical risks – Business risks – Known risks – Predictable risks – Unpredictable risks • Note that these risk types may overlap. 12
Project Risks  Project risks threaten the project plan. If risks become real, then – Project schedule will slip – Costs will increase  Project risks affect the project schedule or resources.  Project risks identify potential budgetary, schedule, personnel, resource, stakeholder and requirements problems and their impact on a software project.  Examples: Experienced staff will leave the project before it is finished, Essential hardware for the project will not be delivered on time, There will be a change of organizational management with different priorities. 13
Product Risks • Product risks are risks that affect the quality or performance of the software being developed. • An example might be the failure of a purchased component to perform as expected. • Other examples – Size underestimate, Requirement change, CASE tool underperformance 14
Technical Risks • Threaten quality and timeliness of the software to be produced. If a technical risk becomes a reality, implementation may become difficult/impossible. • Technical risks identify potential design, implementation, interface, verification and maintenance problems. • Other risk factors: specification ambiguity, technical uncertainty, technical obsolescence, “leading-edge” technology. 15
Technical Risks • Technical risks occur because the problem is harder to solve than we thought it would be. – Is the technology new to you? – New algorithms ? – Interface with new/unproven HW/SW/DB? – Specialized user interface? – New analysis, design, testing methods? – Unconventional development methods? – Excessive performance constraints? – Customer uncertain about feasibility? 16
Business Risks  Business risks threaten the viability of the software to be built.  Business risks often jeopardize the project or the product.  Business risks affect the organization development or procuring the software.  Top five business risks – 1) No market for product (market risk) 2) Product no longer fits in the business plan (strategic risk) 3) Sales force doesn’t know how to sell the product (sales risk) 4) Loss of management support (management risk) 5) Losing budgetary or personnel commitment (budget risk) 17
Known Risks • Uncovered after careful evaluation of the project plan, the business & technical environment in which the project is being developed and other reliable information sources. • Examples – Unrealistic delivery date – Lack of documented requirements – Lack of software scope – Poor development environment 18
Predictable Risks • Predictable risks are extrapolated from past project experience. • Examples – Staff turnover – Poor customer communication 19
Unpredictable Risks • Extremely difficult to identify in advance • They can and do occur 20
Seven Principles Of Risk Management 1) Maintain a global perspective—View software risks within the context of system and the business problem 2) Take a forward-looking view—Think about the risks that may arise in the future; Establish contingency plans so that future events are manageable 3) Encourage open communication—If someone states a potential risk, don’t discount it. 4) Integrate—A consideration of risk must be integrated into the software process. 21
Seven Principles Of Risk Management 5) Emphasize a continuous process—The team must be vigilant throughout the software process, modifying identified risks as more information is known and adding new ones as better insight is achieved. 6) Develop a shared product vision—If all stakeholders share the same vision of the software, it likely that better risk identification and assessment will occur. 7) Encourage teamwork—The talents, skills and knowledge of all stakeholder should be pooled when risk management activities are conducted. 22
23 RISK Risk Management Paradigm ControlControl IdentifyIdentify AnalyzeAnalyze PlanPlan TrackTrack
Risk Identification • Risk identification is a systematic attempt to specify threats to the project plan ( estimates, schedule, resource loading etc.) • By identifying known & predictable risks, the project manager takes a first step toward – – avoiding them when possible – controlling them when necessary 24
Risk Identification • There are two distinct types of risks for each of the categories we discussed 1) Generic risks – are a potential threat to every software project. 2) Product-specific risks – Can be identified only by those with a clear understanding of the technology, the people, and the environment that is specific to the software to be built – To identify product-specific risks, the project plan & statement of scope are examined 25
Risk Identification Method  One method for identifying risks is to create a risk item checklist. • The checklist can be used for risk identification and focuses on some subset of known & predictable risks in the following generic subcategories: 1) Product size—Risks associated with the overall size of the software to be built or modified. 2) Business impact—Risks associated with constraints imposed by management or the marketplace. 3) Customer characteristics—Risks associated with the sophistication of the customer and the developer's ability to communicate with the customer in a timely manner. 26
Risk Identification 4) Process definition—Risks associated with the degree to which the software process has been defined and is followed by the development organization. 5) Development environment—Risks associated with the availability and quality of the tools to be used to build the product. 6) Technology to be built—Risks associated with the complexity of the system to be built and the "newness" of the technology that is packaged by the system. 7) Staff size and experience—Risks associated with the overall technical and project experience of the software engineers who will do the work. 27
Assessing Overall Project Risk-I  Is the current software project at serious risk? • Have top software and customer managers formally committed to support the project? • Are end-users enthusiastically committed to the project and the product to be built? • Are requirements fully understood by the software engineering team and their customers? • Have customers been involved fully in the definition of requirements? • Do end-users have realistic expectations? 28
Assessing Overall Project Risk-II • Is project scope stable? • Does the software engineering team have the right mix of skills? • Are project requirements stable? • Does the project team have experience with the technology to be implemented? • Is the number of people on the project team adequate to do the job? • Do all customer/user constituencies agree on the importance of the project and on the requirements for the product to be built? 29
Risk Components & Impacts • Performance risk—the degree of uncertainty that the product will meet its requirements and be fit for its intended use. • Cost risk—the degree of uncertainty that the project budget will be maintained. • Support risk—the degree of uncertainty that the resultant software will be easy to correct, adapt, and enhance. • Schedule risk—the degree of uncertainty that the project schedule will be maintained and that the product will be delivered on time.  Impact Category: Negligible, Marginal, Critical, Catastrophic 30
Impact Assessment 31
Risk Estimation/Projection • Risk projection, also called risk estimation, attempts to rate each risk in two ways – The likelihood or probability that the risk is real – The consequences of the problems associated with the risk, should it occur. 32
Risk Estimation/Projection • There are four risk projection steps: 1) Establish a scale that reflects the perceived likelihood of a risk 2) Delineate the consequences of the risk 3) Estimate the impact of the risk on the project and the product 4) Note the overall accuracy of the risk projection (to avoid misunderstandings). 33
Developing a Risk Table • A Risk Table provides a project manager with a simple technique for risk projection – Estimate the probability of occurrence – Estimate the impact on the project on a scale of 1 to 4, where 4 = Negligible/low impact on project success 3 = Marginal impact on project success 2 = Critical impact on project success 1 = Catastrophic impact on project success – Sort the table by probability and impact 34
Developing a Risk Table 35 A Risk Table provides a project manager with a simple technique for risk projection PS – project size risk BU – business risk
Assessing Risk Impact How do we assess the consequences of a risk? • Three factors affect the consequences that are likely if a risk does occur: 1) It’s nature-indicates the problems that are likely 2) Scope- Severity & its overall distribution 3) Timing- When & for how long the impact will be felt 36
Risk Exposure (Impact) • The overall risk exposure, RE, is determined using the following relationship : RE = P x C , where – P is the probability of occurrence for a risk – C is the cost to the project should the risk occur • Risk exposure can be computed for each risk in the Risk Table, once an estimate of the cost of the risk is made. • Total risk exposure for all risks can provide a means for adjusting the final cost estimate for a project. • Note: If RE > 50% of Project Cost, viability of the project must be reevaluated. 37
Risk Exposure: An Example • Risk identification. Only 70 percent of the software components scheduled for reuse will, in fact, be integrated into the application. The remaining functionality will have to be custom developed. • Risk probability. 80% (likely). • Risk impact. 60 reusable software components were planned. If only 70 percent can be used, 18 components would have to be developed from scratch (in addition to other custom software that has been scheduled for development). Since the average component is 100 LOC and local data indicate that the software engineering cost for each LOC is $14.00, The overall cost (impact) to develop the components would be, 18 x 100 x 14 = $25,200 • Risk exposure. RE = 0.80 x 25,200 ~ $20,200. 38
Risk Mitigation, Monitoring, and Management • Mitigation—How can we avoid the risk? • Monitoring—What factors can we track that will enable us to determine if the risk is becoming more or less likely? • Management—What contingency plans do we have if the risk becomes a reality? 39
The RMMM plan • Risk management strategy can be included in the software project plan or the risk management steps can be organized into a separate RMMM plan.  The RMMM plan (Risk Mitigation, Monitoring and Management plan): – Documents all work performed as part of risk analysis – Used by Project Manager as part of the overall project plan 40
The RMMM plan • Risk mitigation – Problem avoidance activity – Proactive planning for risk avoidance 41
The RMMM plan  Risk monitoring • Project tracking activity with three primary objectives – 1. Assessing whether predicted risks occur or not 2. Ensuring risk aversion steps are being properly applied 3. Collect information for future risk analysis • Determining what risk(s) caused which problems throughout the project 42
The RMMM plan • It is important to note that RMMM steps incur additional project cost. • Project planner performs a classic cost/benefit analysis. • Adapt Pareto rule(80–20 rule) to software risks: – 80% of the overall project risk can be accounted for by only 20% of the identified risks. – Work performed during earlier risk analysis steps will help the planner to determine which of the risks reside in that 20% • The RMMM Plan needs to be tracked & updated regularly. 43
Risk Information Sheets  RIS (Risk Information Sheet) • Instead of developing a formal RMMM plan, some software teams use RIS. • In RIS, each risk is documented individually. • In most cases, the RIS is maintained using a database system. • RIS components: – risk id, date, probability, impact, description – refinement, mitigation/monitoring – management/contingency plan/trigger – current status – originator, assigned staff member 44
Risk Management • “If you know the enemy and know yourself, You need NOT fear the result of a hundred Battles.” • For the software project manager, The enemy is RISK! 45 Sun Tzu ( Chinese General)

Recomendados

Risk Management
Risk ManagementRisk Management
Risk ManagementSaqib Raza
 
Pressman ch-25-risk-management
Pressman ch-25-risk-managementPressman ch-25-risk-management
Pressman ch-25-risk-managementzeeshanwrch
 
MG6088 SOFTWARE PROJECT MANAGEMENT
MG6088 SOFTWARE PROJECT MANAGEMENTMG6088 SOFTWARE PROJECT MANAGEMENT
MG6088 SOFTWARE PROJECT MANAGEMENTKathirvel Ayyaswamy
 
Agile development, software engineering
Agile development, software engineeringAgile development, software engineering
Agile development, software engineeringRupesh Vaishnav
 
Risk management(software engineering)
Risk management(software engineering)Risk management(software engineering)
Risk management(software engineering)Priya Tomar
 
Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) - Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) - Shashi Kumar
 
Unit1
Unit1Unit1
Unit1anuragmbst
 
Chapter 15 software product metrics
Chapter 15 software product metricsChapter 15 software product metrics
Chapter 15 software product metricsSHREEHARI WADAWADAGI
 

Recomendados

Risk Management
Risk ManagementRisk Management
Risk ManagementSaqib Raza
 
Pressman ch-25-risk-management
Pressman ch-25-risk-managementPressman ch-25-risk-management
Pressman ch-25-risk-managementzeeshanwrch
 
MG6088 SOFTWARE PROJECT MANAGEMENT
MG6088 SOFTWARE PROJECT MANAGEMENTMG6088 SOFTWARE PROJECT MANAGEMENT
MG6088 SOFTWARE PROJECT MANAGEMENTKathirvel Ayyaswamy
 
Agile development, software engineering
Agile development, software engineeringAgile development, software engineering
Agile development, software engineeringRupesh Vaishnav
 
Risk management(software engineering)
Risk management(software engineering)Risk management(software engineering)
Risk management(software engineering)Priya Tomar
 
Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) - Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) - Shashi Kumar
 
Unit1
Unit1Unit1
Unit1anuragmbst
 
Chapter 15 software product metrics
Chapter 15 software product metricsChapter 15 software product metrics
Chapter 15 software product metricsSHREEHARI WADAWADAGI
 
Software Engineering (Project Scheduling)
Software Engineering (Project Scheduling)Software Engineering (Project Scheduling)
Software Engineering (Project Scheduling)ShudipPal
 
REQUIREMENT ENGINEERING
REQUIREMENT ENGINEERINGREQUIREMENT ENGINEERING
REQUIREMENT ENGINEERINGSaqib Raza
 
Project control and process instrumentation
Project control and process instrumentationProject control and process instrumentation
Project control and process instrumentationKuppusamy P
 
RMMM-Risk Management,Mitigation and Monitoring.
RMMM-Risk Management,Mitigation and Monitoring.RMMM-Risk Management,Mitigation and Monitoring.
RMMM-Risk Management,Mitigation and Monitoring.Aparna Nayak
 
RMMM Plan
RMMM PlanRMMM Plan
RMMM PlanAnkit Bahuguna
 
Analysis concepts and principles
Analysis concepts and principlesAnalysis concepts and principles
Analysis concepts and principlessaurabhshertukde
 
Software Engineering (Project Planning & Estimation)
Software Engineering (Project Planning & Estimation)Software Engineering (Project Planning & Estimation)
Software Engineering (Project Planning & Estimation)ShudipPal
 
Software Configuration Management (SCM)
Software Configuration Management (SCM)Software Configuration Management (SCM)
Software Configuration Management (SCM)Er. Shiva K. Shrestha
 
Lect3 conventional vs modern spm
Lect3 conventional vs modern spmLect3 conventional vs modern spm
Lect3 conventional vs modern spmmeena466141
 
software project management Waterfall model
software project management Waterfall modelsoftware project management Waterfall model
software project management Waterfall modelREHMAT ULLAH
 
Software design
Software designSoftware design
Software designSyed Muhammad Hammad-ud-Din
 
Spm life cycle phase
Spm life cycle phaseSpm life cycle phase
Spm life cycle phasegollasaidulu1
 
Software Metrics
Software MetricsSoftware Metrics
Software Metricsswatisinghal
 
Project Planning in Software Engineering
Project Planning in Software EngineeringProject Planning in Software Engineering
Project Planning in Software EngineeringFáber D. Giraldo
 
MG6088 SOFTWARE PROJECT MANAGEMENT
MG6088 SOFTWARE PROJECT MANAGEMENTMG6088 SOFTWARE PROJECT MANAGEMENT
MG6088 SOFTWARE PROJECT MANAGEMENTKathirvel Ayyaswamy
 
Slides chapter 2
Slides chapter 2Slides chapter 2
Slides chapter 2Priyanka Shetty
 
Software Process Improvement
Software Process ImprovementSoftware Process Improvement
Software Process ImprovementBilal Shah
 
MG6088 SOFTWARE PROJECT MANAGEMENT
MG6088 SOFTWARE PROJECT MANAGEMENTMG6088 SOFTWARE PROJECT MANAGEMENT
MG6088 SOFTWARE PROJECT MANAGEMENTKathirvel Ayyaswamy
 
Cocomo model
Cocomo modelCocomo model
Cocomo modelMZ5512
 
Organization and team structures
Organization and team structuresOrganization and team structures
Organization and team structuresNur Islam
 
pressman-ch-25-risk-management.ppt
pressman-ch-25-risk-management.pptpressman-ch-25-risk-management.ppt
pressman-ch-25-risk-management.pptMuhammadKashif703372
 
OOSE-PRESENTATION.pptx
OOSE-PRESENTATION.pptxOOSE-PRESENTATION.pptx
OOSE-PRESENTATION.pptxRanjitKdk
 

Mais conteúdo relacionado

Mais procurados

Software Engineering (Project Scheduling)
Software Engineering (Project Scheduling)Software Engineering (Project Scheduling)
Software Engineering (Project Scheduling)ShudipPal
 
REQUIREMENT ENGINEERING
REQUIREMENT ENGINEERINGREQUIREMENT ENGINEERING
REQUIREMENT ENGINEERINGSaqib Raza
 
Project control and process instrumentation
Project control and process instrumentationProject control and process instrumentation
Project control and process instrumentationKuppusamy P
 
RMMM-Risk Management,Mitigation and Monitoring.
RMMM-Risk Management,Mitigation and Monitoring.RMMM-Risk Management,Mitigation and Monitoring.
RMMM-Risk Management,Mitigation and Monitoring.Aparna Nayak
 
Analysis concepts and principles
Analysis concepts and principlesAnalysis concepts and principles
Analysis concepts and principlessaurabhshertukde
 
Software Engineering (Project Planning & Estimation)
Software Engineering (Project Planning & Estimation)Software Engineering (Project Planning & Estimation)
Software Engineering (Project Planning & Estimation)ShudipPal
 
Software Configuration Management (SCM)
Software Configuration Management (SCM)Software Configuration Management (SCM)
Software Configuration Management (SCM)Er. Shiva K. Shrestha
 
Lect3 conventional vs modern spm
Lect3 conventional vs modern spmLect3 conventional vs modern spm
Lect3 conventional vs modern spmmeena466141
 
software project management Waterfall model
software project management Waterfall modelsoftware project management Waterfall model
software project management Waterfall modelREHMAT ULLAH
 
Spm life cycle phase
Spm life cycle phaseSpm life cycle phase
Spm life cycle phasegollasaidulu1
 
Project Planning in Software Engineering
Project Planning in Software EngineeringProject Planning in Software Engineering
Project Planning in Software EngineeringFáber D. Giraldo
 
MG6088 SOFTWARE PROJECT MANAGEMENT
MG6088 SOFTWARE PROJECT MANAGEMENTMG6088 SOFTWARE PROJECT MANAGEMENT
MG6088 SOFTWARE PROJECT MANAGEMENTKathirvel Ayyaswamy
 
Software Process Improvement
Software Process ImprovementSoftware Process Improvement
Software Process ImprovementBilal Shah
 
MG6088 SOFTWARE PROJECT MANAGEMENT
MG6088 SOFTWARE PROJECT MANAGEMENTMG6088 SOFTWARE PROJECT MANAGEMENT
MG6088 SOFTWARE PROJECT MANAGEMENTKathirvel Ayyaswamy
 
Cocomo model
Cocomo modelCocomo model
Cocomo modelMZ5512
 
Organization and team structures
Organization and team structuresOrganization and team structures
Organization and team structuresNur Islam
 

Mais procurados (20)

Software Engineering (Project Scheduling)
Software Engineering (Project Scheduling)Software Engineering (Project Scheduling)
Software Engineering (Project Scheduling)
 
REQUIREMENT ENGINEERING
REQUIREMENT ENGINEERINGREQUIREMENT ENGINEERING
REQUIREMENT ENGINEERING
 
Project control and process instrumentation
Project control and process instrumentationProject control and process instrumentation
Project control and process instrumentation
 
RMMM-Risk Management,Mitigation and Monitoring.
RMMM-Risk Management,Mitigation and Monitoring.RMMM-Risk Management,Mitigation and Monitoring.
RMMM-Risk Management,Mitigation and Monitoring.
 
RMMM Plan
RMMM PlanRMMM Plan
RMMM Plan
 
Analysis concepts and principles
Analysis concepts and principlesAnalysis concepts and principles
Analysis concepts and principles
 
Software Engineering (Project Planning & Estimation)
Software Engineering (Project Planning & Estimation)Software Engineering (Project Planning & Estimation)
Software Engineering (Project Planning & Estimation)
 
Software Configuration Management (SCM)
Software Configuration Management (SCM)Software Configuration Management (SCM)
Software Configuration Management (SCM)
 
Lect3 conventional vs modern spm
Lect3 conventional vs modern spmLect3 conventional vs modern spm
Lect3 conventional vs modern spm
 
software project management Waterfall model
software project management Waterfall modelsoftware project management Waterfall model
software project management Waterfall model
 
Software design
Software designSoftware design
Software design
 
Spm life cycle phase
Spm life cycle phaseSpm life cycle phase
Spm life cycle phase
 
Software Metrics
Software MetricsSoftware Metrics
Software Metrics
 
Project Planning in Software Engineering
Project Planning in Software EngineeringProject Planning in Software Engineering
Project Planning in Software Engineering
 
MG6088 SOFTWARE PROJECT MANAGEMENT
MG6088 SOFTWARE PROJECT MANAGEMENTMG6088 SOFTWARE PROJECT MANAGEMENT
MG6088 SOFTWARE PROJECT MANAGEMENT
 
Slides chapter 2
Slides chapter 2Slides chapter 2
Slides chapter 2
 
Software Process Improvement
Software Process ImprovementSoftware Process Improvement
Software Process Improvement
 
MG6088 SOFTWARE PROJECT MANAGEMENT
MG6088 SOFTWARE PROJECT MANAGEMENTMG6088 SOFTWARE PROJECT MANAGEMENT
MG6088 SOFTWARE PROJECT MANAGEMENT
 
Cocomo model
Cocomo modelCocomo model
Cocomo model
 
Organization and team structures
Organization and team structuresOrganization and team structures
Organization and team structures
 

Semelhante a Software Engineering (Risk Management)

pressman-ch-25-risk-management.ppt
pressman-ch-25-risk-management.pptpressman-ch-25-risk-management.ppt
pressman-ch-25-risk-management.pptMuhammadKashif703372
 
OOSE-PRESENTATION.pptx
OOSE-PRESENTATION.pptxOOSE-PRESENTATION.pptx
OOSE-PRESENTATION.pptxRanjitKdk
 
Risk analysis and management
Risk analysis and managementRisk analysis and management
Risk analysis and managementgnitu
 
Risk-Management-05012023-025512pm.ppt
Risk-Management-05012023-025512pm.pptRisk-Management-05012023-025512pm.ppt
Risk-Management-05012023-025512pm.pptYasirShaikh34
 
project_risk_mgmt_final 1.ppt
project_risk_mgmt_final 1.pptproject_risk_mgmt_final 1.ppt
project_risk_mgmt_final 1.pptBetshaTizazu2
 
Risk-management
Risk-management Risk-management
Risk-managementUmesh Gupta
 
risk management
risk managementrisk management
risk managementArti Maggo
 
project_risk_mgmt_final.ppt
project_risk_mgmt_final.pptproject_risk_mgmt_final.ppt
project_risk_mgmt_final.pptavisha23
 
project_risk_mgmt_final.ppt
project_risk_mgmt_final.pptproject_risk_mgmt_final.ppt
project_risk_mgmt_final.pptAyidAlmgati
 
PMI project_risk_management_final_2022.ppt
PMI project_risk_management_final_2022.pptPMI project_risk_management_final_2022.ppt
PMI project_risk_management_final_2022.pptDorraLamouchi1
 
Project Planning and Management.pptx
Project Planning and Management.pptxProject Planning and Management.pptx
Project Planning and Management.pptxvishnupriyapm4
 
Risk analysis and management
Risk analysis and managementRisk analysis and management
Risk analysis and managementyenohhoney
 
Project Risk Management
Project Risk ManagementProject Risk Management
Project Risk ManagementNimat Khattak
 

Semelhante a Software Engineering (Risk Management) (20)

pressman-ch-25-risk-management.ppt
pressman-ch-25-risk-management.pptpressman-ch-25-risk-management.ppt
pressman-ch-25-risk-management.ppt
 
OOSE-PRESENTATION.pptx
OOSE-PRESENTATION.pptxOOSE-PRESENTATION.pptx
OOSE-PRESENTATION.pptx
 
Risk analysis and management
Risk analysis and managementRisk analysis and management
Risk analysis and management
 
Risk-Management-05012023-025512pm.ppt
Risk-Management-05012023-025512pm.pptRisk-Management-05012023-025512pm.ppt
Risk-Management-05012023-025512pm.ppt
 
Risk management
Risk managementRisk management
Risk management
 
project_risk_mgmt_final 1.ppt
project_risk_mgmt_final 1.pptproject_risk_mgmt_final 1.ppt
project_risk_mgmt_final 1.ppt
 
Project risk analysis
Project risk analysisProject risk analysis
Project risk analysis
 
Risk-management
Risk-management Risk-management
Risk-management
 
risk management
risk managementrisk management
risk management
 
project_risk_mgmt_final.ppt
project_risk_mgmt_final.pptproject_risk_mgmt_final.ppt
project_risk_mgmt_final.ppt
 
project_risk_mgmt_final.ppt
project_risk_mgmt_final.pptproject_risk_mgmt_final.ppt
project_risk_mgmt_final.ppt
 
PMI project_risk_management_final_2022.ppt
PMI project_risk_management_final_2022.pptPMI project_risk_management_final_2022.ppt
PMI project_risk_management_final_2022.ppt
 
Risk analysis
Risk analysisRisk analysis
Risk analysis
 
Project Planning and Management.pptx
Project Planning and Management.pptxProject Planning and Management.pptx
Project Planning and Management.pptx
 
Risk analysis and management
Risk analysis and managementRisk analysis and management
Risk analysis and management
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
Risk management lec. 06
Risk management lec. 06Risk management lec. 06
Risk management lec. 06
 
RMMM
RMMMRMMM
RMMM
 
Project Risk Management
Project Risk ManagementProject Risk Management
Project Risk Management
 
lec6.ppt
lec6.pptlec6.ppt
lec6.ppt
 

Mais de ShudipPal

Software Engineering (Testing Overview)
Software Engineering (Testing Overview)Software Engineering (Testing Overview)
Software Engineering (Testing Overview)ShudipPal
 
Software Engineering (Requirements Engineering & Software Maintenance)
Software Engineering (Requirements Engineering & Software Maintenance)Software Engineering (Requirements Engineering & Software Maintenance)
Software Engineering (Requirements Engineering & Software Maintenance)ShudipPal
 
Software Engineering (Software Configuration Management)
Software Engineering (Software Configuration Management)Software Engineering (Software Configuration Management)
Software Engineering (Software Configuration Management)ShudipPal
 
Software Engineering (Testing techniques)
Software Engineering (Testing techniques)Software Engineering (Testing techniques)
Software Engineering (Testing techniques)ShudipPal
 
Software Engineering (Testing Activities, Management, and Automation)
Software Engineering (Testing Activities, Management, and Automation)Software Engineering (Testing Activities, Management, and Automation)
Software Engineering (Testing Activities, Management, and Automation)ShudipPal
 
Software Engineering (Software Quality Assurance & Testing: Supplementary Mat...
Software Engineering (Software Quality Assurance & Testing: Supplementary Mat...Software Engineering (Software Quality Assurance & Testing: Supplementary Mat...
Software Engineering (Software Quality Assurance & Testing: Supplementary Mat...ShudipPal
 
Software Engineering (Testing techniques)
Software Engineering (Testing techniques)Software Engineering (Testing techniques)
Software Engineering (Testing techniques)ShudipPal
 
Software Engineering (Software Quality Assurance)
Software Engineering (Software Quality Assurance)Software Engineering (Software Quality Assurance)
Software Engineering (Software Quality Assurance)ShudipPal
 
Software Engineering (Metrics for Process and Projects)
Software Engineering (Metrics for Process and Projects)Software Engineering (Metrics for Process and Projects)
Software Engineering (Metrics for Process and Projects)ShudipPal
 
Software Engineering (Project Management )
Software Engineering (Project Management )Software Engineering (Project Management )
Software Engineering (Project Management )ShudipPal
 
Software Engineering (An Agile View of Process)
Software Engineering (An Agile View of Process)Software Engineering (An Agile View of Process)
Software Engineering (An Agile View of Process)ShudipPal
 
Software Engineering (Process Models)
Software Engineering (Process Models)Software Engineering (Process Models)
Software Engineering (Process Models)ShudipPal
 
Software Engineering (Software Process: A Generic View)
Software Engineering (Software Process: A Generic View)Software Engineering (Software Process: A Generic View)
Software Engineering (Software Process: A Generic View)ShudipPal
 
Software Engineering (Introduction to Software Engineering)
Software Engineering (Introduction to Software Engineering)Software Engineering (Introduction to Software Engineering)
Software Engineering (Introduction to Software Engineering)ShudipPal
 
Software Engineering (Introduction)
Software Engineering (Introduction)Software Engineering (Introduction)
Software Engineering (Introduction)ShudipPal
 

Mais de ShudipPal (15)

Software Engineering (Testing Overview)
Software Engineering (Testing Overview)Software Engineering (Testing Overview)
Software Engineering (Testing Overview)
 
Software Engineering (Requirements Engineering & Software Maintenance)
Software Engineering (Requirements Engineering & Software Maintenance)Software Engineering (Requirements Engineering & Software Maintenance)
Software Engineering (Requirements Engineering & Software Maintenance)
 
Software Engineering (Software Configuration Management)
Software Engineering (Software Configuration Management)Software Engineering (Software Configuration Management)
Software Engineering (Software Configuration Management)
 
Software Engineering (Testing techniques)
Software Engineering (Testing techniques)Software Engineering (Testing techniques)
Software Engineering (Testing techniques)
 
Software Engineering (Testing Activities, Management, and Automation)
Software Engineering (Testing Activities, Management, and Automation)Software Engineering (Testing Activities, Management, and Automation)
Software Engineering (Testing Activities, Management, and Automation)
 
Software Engineering (Software Quality Assurance & Testing: Supplementary Mat...
Software Engineering (Software Quality Assurance & Testing: Supplementary Mat...Software Engineering (Software Quality Assurance & Testing: Supplementary Mat...
Software Engineering (Software Quality Assurance & Testing: Supplementary Mat...
 
Software Engineering (Testing techniques)
Software Engineering (Testing techniques)Software Engineering (Testing techniques)
Software Engineering (Testing techniques)
 
Software Engineering (Software Quality Assurance)
Software Engineering (Software Quality Assurance)Software Engineering (Software Quality Assurance)
Software Engineering (Software Quality Assurance)
 
Software Engineering (Metrics for Process and Projects)
Software Engineering (Metrics for Process and Projects)Software Engineering (Metrics for Process and Projects)
Software Engineering (Metrics for Process and Projects)
 
Software Engineering (Project Management )
Software Engineering (Project Management )Software Engineering (Project Management )
Software Engineering (Project Management )
 
Software Engineering (An Agile View of Process)
Software Engineering (An Agile View of Process)Software Engineering (An Agile View of Process)
Software Engineering (An Agile View of Process)
 
Software Engineering (Process Models)
Software Engineering (Process Models)Software Engineering (Process Models)
Software Engineering (Process Models)
 
Software Engineering (Software Process: A Generic View)
Software Engineering (Software Process: A Generic View)Software Engineering (Software Process: A Generic View)
Software Engineering (Software Process: A Generic View)
 
Software Engineering (Introduction to Software Engineering)
Software Engineering (Introduction to Software Engineering)Software Engineering (Introduction to Software Engineering)
Software Engineering (Introduction to Software Engineering)
 
Software Engineering (Introduction)
Software Engineering (Introduction)Software Engineering (Introduction)
Software Engineering (Introduction)
 

Último

9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024Janet Corral
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 

Último (20)

9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 

Software Engineering (Risk Management)

  • 2. Risk Management  Risk management is one of the main jobs of Project Manager.  Risk management is a set of actions that helps the project manager plan an approach to deal with uncertain occurrences.  It involves anticipating risks that might affect the project schedule or the quality of the software being developed and taking actions to avoid these risks.  Risk management is an emerging area that aims to address the problem of identifying and managing the risks associated with a software project. 2
  • 3. Risk Management  Risk in a project is the possibility that the defined goals are not met. It is the inability to achieve objectives within defined cost, schedule, and technical constraints.  Most projects have risks, especially the big projects.  Risk management is the area that tries to ensure that the impact of risks is minimal on – – Cost – Quality – Schedule 3
  • 4. Why is Risk Management important? • History of software development is full of major & minor failures (Because risks were not identified & managed properly). – Projects run over budget – Behind schedule – Some abandoned midway • Any project can encounter uncertainties in the form of increased costs, schedule delays, and diminished qualities. Unless tackled, these uncertainties can lead to major project disasters. • Software is a difficult undertaking. Lots of things can go wrong. Understanding the risks and taking proactive measures to avoid or manage them –is a key element of good software project management. 4
  • 5. Risk Management • What can go wrong? • What is the likelihood? • What will the damage be? • What can we do about it? 5
  • 6. Risk Management Process  What are the steps in Risk Management Process?, or  What are the major activities/tasks of a project manager in risk management? 1) Risk Identification –possible risks are identified 2) Risk Analysis –risks are analyzed to determine the likelihood and the damage/consequences. Risks are ranked by probability & impact. 3) Risk Planning –A plan is developed to manage the risks with high probability & high impact. 4) Risk Monitoring –Risk is constantly assessed & plans for risk mitigation are revised. 6
  • 7. Characterizing Risk  Risk concerns the future happenings – What risks might cause software project to go awry? What can we do today to avoid problems tomorrow?  Risk involves change – How will changes affect timeliness & overall success? – What aspects of the problem domain and solution are unstable?  Risk involves choice & uncertainty – What methods & tools should we use? How many people should be involved? How much emphasis on quality is “enough”? We often make decisions based on incomplete information.  RISK, like DEATH, is one of the few certainties of life. 7
  • 8. Risk Strategies : Reactive vs. Proactive  Reactive Risk Management: – Laughingly called “Indiana Jones school of risk management” – Risk management ==> Crisis management (“fire-fighting mode”) – Project team reacts to risks when they occur – Software team does nothing about risks until something goes wrong, then the team flies into action in an attempt to correct the problem rapidly(this is called “fire-fighting mode”). When this fails, “crisis management” takes over and the project is in real jeopardy. 8
  • 9. Risk Strategies : Reactive vs. Proactive  Proactive Risk Management: – A considerably more intelligent strategy for risk management – Identify potential risks in advance – Assess probability and impact – Prioritize the risks by importance – Establish explicit risk management plan – But “Risk is unavoidable”( not all risks can be avoided), so contingency plan is developed 9
  • 10. Software Risks  Software risk always involves two characteristics – 1) Uncertainty –the risk may or may not happen; there are no 100% probable risks. 2) Loss –If the risk becomes a reality, unwanted consequences or losses will occur. 10
  • 11. Software Risks • When risks are analyzed, it is important to – – Quantify the level of uncertainty – The degree of loss associated with each risk – Consider different categories of risks 11
  • 12. Categories of Risks  What are the categories of risks encountered as software is built? – Project risks – Product risks – Technical risks – Business risks – Known risks – Predictable risks – Unpredictable risks • Note that these risk types may overlap. 12
  • 13. Project Risks  Project risks threaten the project plan. If risks become real, then – Project schedule will slip – Costs will increase  Project risks affect the project schedule or resources.  Project risks identify potential budgetary, schedule, personnel, resource, stakeholder and requirements problems and their impact on a software project.  Examples: Experienced staff will leave the project before it is finished, Essential hardware for the project will not be delivered on time, There will be a change of organizational management with different priorities. 13
  • 14. Product Risks • Product risks are risks that affect the quality or performance of the software being developed. • An example might be the failure of a purchased component to perform as expected. • Other examples – Size underestimate, Requirement change, CASE tool underperformance 14
  • 15. Technical Risks • Threaten quality and timeliness of the software to be produced. If a technical risk becomes a reality, implementation may become difficult/impossible. • Technical risks identify potential design, implementation, interface, verification and maintenance problems. • Other risk factors: specification ambiguity, technical uncertainty, technical obsolescence, “leading-edge” technology. 15
  • 16. Technical Risks • Technical risks occur because the problem is harder to solve than we thought it would be. – Is the technology new to you? – New algorithms ? – Interface with new/unproven HW/SW/DB? – Specialized user interface? – New analysis, design, testing methods? – Unconventional development methods? – Excessive performance constraints? – Customer uncertain about feasibility? 16
  • 17. Business Risks  Business risks threaten the viability of the software to be built.  Business risks often jeopardize the project or the product.  Business risks affect the organization development or procuring the software.  Top five business risks – 1) No market for product (market risk) 2) Product no longer fits in the business plan (strategic risk) 3) Sales force doesn’t know how to sell the product (sales risk) 4) Loss of management support (management risk) 5) Losing budgetary or personnel commitment (budget risk) 17
  • 18. Known Risks • Uncovered after careful evaluation of the project plan, the business & technical environment in which the project is being developed and other reliable information sources. • Examples – Unrealistic delivery date – Lack of documented requirements – Lack of software scope – Poor development environment 18
  • 19. Predictable Risks • Predictable risks are extrapolated from past project experience. • Examples – Staff turnover – Poor customer communication 19
  • 20. Unpredictable Risks • Extremely difficult to identify in advance • They can and do occur 20
  • 21. Seven Principles Of Risk Management 1) Maintain a global perspective—View software risks within the context of system and the business problem 2) Take a forward-looking view—Think about the risks that may arise in the future; Establish contingency plans so that future events are manageable 3) Encourage open communication—If someone states a potential risk, don’t discount it. 4) Integrate—A consideration of risk must be integrated into the software process. 21
  • 22. Seven Principles Of Risk Management 5) Emphasize a continuous process—The team must be vigilant throughout the software process, modifying identified risks as more information is known and adding new ones as better insight is achieved. 6) Develop a shared product vision—If all stakeholders share the same vision of the software, it likely that better risk identification and assessment will occur. 7) Encourage teamwork—The talents, skills and knowledge of all stakeholder should be pooled when risk management activities are conducted. 22
  • 24. Risk Identification • Risk identification is a systematic attempt to specify threats to the project plan ( estimates, schedule, resource loading etc.) • By identifying known & predictable risks, the project manager takes a first step toward – – avoiding them when possible – controlling them when necessary 24
  • 25. Risk Identification • There are two distinct types of risks for each of the categories we discussed 1) Generic risks – are a potential threat to every software project. 2) Product-specific risks – Can be identified only by those with a clear understanding of the technology, the people, and the environment that is specific to the software to be built – To identify product-specific risks, the project plan & statement of scope are examined 25
  • 26. Risk Identification Method  One method for identifying risks is to create a risk item checklist. • The checklist can be used for risk identification and focuses on some subset of known & predictable risks in the following generic subcategories: 1) Product size—Risks associated with the overall size of the software to be built or modified. 2) Business impact—Risks associated with constraints imposed by management or the marketplace. 3) Customer characteristics—Risks associated with the sophistication of the customer and the developer's ability to communicate with the customer in a timely manner. 26
  • 27. Risk Identification 4) Process definition—Risks associated with the degree to which the software process has been defined and is followed by the development organization. 5) Development environment—Risks associated with the availability and quality of the tools to be used to build the product. 6) Technology to be built—Risks associated with the complexity of the system to be built and the "newness" of the technology that is packaged by the system. 7) Staff size and experience—Risks associated with the overall technical and project experience of the software engineers who will do the work. 27
  • 28. Assessing Overall Project Risk-I  Is the current software project at serious risk? • Have top software and customer managers formally committed to support the project? • Are end-users enthusiastically committed to the project and the product to be built? • Are requirements fully understood by the software engineering team and their customers? • Have customers been involved fully in the definition of requirements? • Do end-users have realistic expectations? 28
  • 29. Assessing Overall Project Risk-II • Is project scope stable? • Does the software engineering team have the right mix of skills? • Are project requirements stable? • Does the project team have experience with the technology to be implemented? • Is the number of people on the project team adequate to do the job? • Do all customer/user constituencies agree on the importance of the project and on the requirements for the product to be built? 29
  • 30. Risk Components & Impacts • Performance risk—the degree of uncertainty that the product will meet its requirements and be fit for its intended use. • Cost risk—the degree of uncertainty that the project budget will be maintained. • Support risk—the degree of uncertainty that the resultant software will be easy to correct, adapt, and enhance. • Schedule risk—the degree of uncertainty that the project schedule will be maintained and that the product will be delivered on time.  Impact Category: Negligible, Marginal, Critical, Catastrophic 30
  • 32. Risk Estimation/Projection • Risk projection, also called risk estimation, attempts to rate each risk in two ways – The likelihood or probability that the risk is real – The consequences of the problems associated with the risk, should it occur. 32
  • 33. Risk Estimation/Projection • There are four risk projection steps: 1) Establish a scale that reflects the perceived likelihood of a risk 2) Delineate the consequences of the risk 3) Estimate the impact of the risk on the project and the product 4) Note the overall accuracy of the risk projection (to avoid misunderstandings). 33
  • 34. Developing a Risk Table • A Risk Table provides a project manager with a simple technique for risk projection – Estimate the probability of occurrence – Estimate the impact on the project on a scale of 1 to 4, where 4 = Negligible/low impact on project success 3 = Marginal impact on project success 2 = Critical impact on project success 1 = Catastrophic impact on project success – Sort the table by probability and impact 34
  • 35. Developing a Risk Table 35 A Risk Table provides a project manager with a simple technique for risk projection PS – project size risk BU – business risk
  • 36. Assessing Risk Impact How do we assess the consequences of a risk? • Three factors affect the consequences that are likely if a risk does occur: 1) It’s nature-indicates the problems that are likely 2) Scope- Severity & its overall distribution 3) Timing- When & for how long the impact will be felt 36
  • 37. Risk Exposure (Impact) • The overall risk exposure, RE, is determined using the following relationship : RE = P x C , where – P is the probability of occurrence for a risk – C is the cost to the project should the risk occur • Risk exposure can be computed for each risk in the Risk Table, once an estimate of the cost of the risk is made. • Total risk exposure for all risks can provide a means for adjusting the final cost estimate for a project. • Note: If RE > 50% of Project Cost, viability of the project must be reevaluated. 37
  • 38. Risk Exposure: An Example • Risk identification. Only 70 percent of the software components scheduled for reuse will, in fact, be integrated into the application. The remaining functionality will have to be custom developed. • Risk probability. 80% (likely). • Risk impact. 60 reusable software components were planned. If only 70 percent can be used, 18 components would have to be developed from scratch (in addition to other custom software that has been scheduled for development). Since the average component is 100 LOC and local data indicate that the software engineering cost for each LOC is $14.00, The overall cost (impact) to develop the components would be, 18 x 100 x 14 = $25,200 • Risk exposure. RE = 0.80 x 25,200 ~ $20,200. 38
  • 39. Risk Mitigation, Monitoring, and Management • Mitigation—How can we avoid the risk? • Monitoring—What factors can we track that will enable us to determine if the risk is becoming more or less likely? • Management—What contingency plans do we have if the risk becomes a reality? 39
  • 40. The RMMM plan • Risk management strategy can be included in the software project plan or the risk management steps can be organized into a separate RMMM plan.  The RMMM plan (Risk Mitigation, Monitoring and Management plan): – Documents all work performed as part of risk analysis – Used by Project Manager as part of the overall project plan 40
  • 41. The RMMM plan • Risk mitigation – Problem avoidance activity – Proactive planning for risk avoidance 41
  • 42. The RMMM plan  Risk monitoring • Project tracking activity with three primary objectives – 1. Assessing whether predicted risks occur or not 2. Ensuring risk aversion steps are being properly applied 3. Collect information for future risk analysis • Determining what risk(s) caused which problems throughout the project 42
  • 43. The RMMM plan • It is important to note that RMMM steps incur additional project cost. • Project planner performs a classic cost/benefit analysis. • Adapt Pareto rule(80–20 rule) to software risks: – 80% of the overall project risk can be accounted for by only 20% of the identified risks. – Work performed during earlier risk analysis steps will help the planner to determine which of the risks reside in that 20% • The RMMM Plan needs to be tracked & updated regularly. 43
  • 44. Risk Information Sheets  RIS (Risk Information Sheet) • Instead of developing a formal RMMM plan, some software teams use RIS. • In RIS, each risk is documented individually. • In most cases, the RIS is maintained using a database system. • RIS components: – risk id, date, probability, impact, description – refinement, mitigation/monitoring – management/contingency plan/trigger – current status – originator, assigned staff member 44
  • 45. Risk Management • “If you know the enemy and know yourself, You need NOT fear the result of a hundred Battles.” • For the software project manager, The enemy is RISK! 45 Sun Tzu ( Chinese General)