Software Risk Management
-
Upload
gunjan-patel -
Category
Business
-
view
3.707 -
download
1
description
Transcript of Software Risk Management
Software Risk Management
By:Gunjan PatelMedical Software081001038
“If You Don’t Actively Attack the Risks,
………without risks there is no reward
The Risks Will Actively Attack You.”-Tom Gilb
Outline
Definitions and PrinciplesRisk Assessment and ControlMethodological Dimension Recommended Implementation
ApproachReferences
Define
Risk Any anticipated unfavorable event or
circumstances that occur while the project is underway.
If the risk become true• It can hamper the successful and timely
completion of a project.
Therefore, it is necessary to anticipate and identify different risks.
Risk management Reducing the impact of all kinds of risks that
might affect a project.
Importance of Software Risk
Addresses Complex Software Systems
Focuses Projects on Critical Risk Items
Provides Techniques for Handling Risk Items
Reduces Software Costs by Reducing Rework
Usually 40-50% of software costs Making informed decisions involves the
evaluation of risk improvement Costs, benefits, and risks The evaluation of the impact of current decisions
on future options
Risks within a system Context
This process of risk management embodies
Process of Risk Management
This process of risk management embodies the identification, analysis, planning, tracking, controlling, and communication of risk.
A continuous set of activities to identify, confront, and resolve technical risk
Risk assessment
The objectives of risk assessment is to rank the risks in terms of their damage causing potential.
For risk assessment, each risk should first be rated in two ways:
• The likelihood of a risk coming true (r)
• The severity of damage caused due to the risk (s)
• Based on these factors
– The priority of each risk can be computed as
– p = r ٭ s
Risk identification
The project manager needs to anticipate the risks in the project as early as possible so that the impact of the risk can be minimized by making effective risk management plans.
In order to be able to systematically identify the important risks, it is necessary to categorize risks into different classes.
Main categories of risks• Project risks• Technical risks• Business risks
Main categories of risks
Project risks• Concern various forms of
– Budgetary, Schedule, Personnel, Resource and Customer-Related Problems.
– e.g. schedule slippage» Software is intangible, it is very difficult to monitor and control
software projects.
Technical risks• Concern
– Potential design, implementation, interfacing, testing, and maintenance problems.
– E.g. incomplete specification, changing specification, etc.
Business risks• Includes
– An excellent product that no one wants, losing budgetary, etc.
Risk Containment
After all the identified risks are assessed, plans must be made to control the most damaging and the most likely risks.
Techniques for Handling Risks
Strategies used for risk containment:
• Avoid the risk– Discuss with customer
to reduce the scope of the work
– Giving incentives to engineers to avoid the risk of manpower turnover, etc.
• Transfer the risk– Getting the risky
components developed by a third party
– Buying insurance cover, etc.
• Risk reduction– Planning ways to
control the damage due to a risk
– If there is risk that some key personnel might leave, new recruitment may be planned.
To choose between the different strategies of handling a risk, the project manager must consider the cost of handling the risk and the corresponding reduction in risk.
Risk leverage =
Risk exposure before reduction – risk exposure after reduction
Risk reduction of cost
Methodological Dimension
Design to Improve overall software development process to integrate knowledge into the software acquisition process that enable manageress to make timely decision.
Samples of questions for methodological
I know that improving the process will improve my software. How do I choose the improvement method that will have the most effect for my current state? How do I secure against major disasters? What cost
will I face?
Software Risk management Methodology
Framework for Software Risk management 1. Software Risk Evaluation (SRE)2. Continuous Risk Management (CRM)3. Team Risk Management (TRM)
Developed software risk methodologies1. Risk prevention 2. Risk mitigation and correction3. Ensuring safe system failure
SRM methodological addresses the two functions of software acquisition and development. The functions are managed is composed Software Acquisition-Capability Maturity Model
• Determine current process maturity identify few critical issues critical to software quality & process improvement
• Framework used Quality principles have been design by Quality management Team
– Developed the direction Watts Humphrey at IBM
Software - Capability Maturity Model• The key process areas define requirements that must
be satisfied in order to accomplish that level of development
Seven risk management principles
Shared product vision• Sharing product vision based upon common purpose, shared ownership, and collective commitment
• Focusing on results
Teamwork• Working Cooperatively To Achieve A Common Goal• Pooling Talent, Skills, And Knowledge
Forward-looking view• Thinking Toward Tomorrow, Identifying Uncertainties,
Anticipating Potential Outcomes• Managing Project Resources And Activities While Anticipating Uncertainties
Global perspective Viewing software development within the context of the
larger system (3D) Definition, Design, and Development
Open communication Encouraging the free flow of information between all
levels Bringing unique knowledge to identifying and managing
risk Integrated management
Making risk management an integral part of project management
Adapting risk management methods and tools to a project’s infrastructure and culture
Continuous process Maintaining constant vigilance Identifying and managing risks routinely throughout all
phases of the project’s life cycle
Software Risk Management Methodologies
Basic Constructs to Risk Management 1. Risk Management Paradigm-Boehmís
2.Risk Taxonomy Follow life cycle of software develop and provides framework
for organizing data and info
30% 33% 37%
3. Risk Clinic Workshop that takes the CRM and TRM and
adapts in integrates it with a client’s communication channels, infrastructure, existing practices, project management, risk management (if any), and technical problem management
Software Risk Evaluation (SRE)
Software Risk Evaluation (SRE) Practice model
Team Risk Management (TRM)
Initiate:• Recognize the needs• Commit to create the
team culture
Team:• Based on risks,
priorities, metrics & action plans
Team Activity
Continuous Risk Management
CORE
Sust
aini
ngDefining
CRM is a principle-based practice for managing project risks and opportunities throughout the lifetime of the project.
When followed, these principles provide an effective approach to managing risk regardless of the specific methods and tools used.
2 are composed of three groups: core, sustaining, and defining.
Software Acquisition-Capability Maturity Model (SA-CMMSM)
References:
Crosby, P.B. Quality Is Free. New York: McGraw-Hill, 1979.
www.sei.cmu.eduwww.baz.comwww.google.com
Queries… ???
Thank You……..
Kind Attention !!!