0
Chapter 6 Risk Management
Project Risks What can go wrong? What is the likelihood? What will the damage be? What can we do about it?
Risk Management  Reactive & Proactive <ul><li>Reactive Risk Management </li></ul><ul><ul><li>mitigation and fix on failure...
Risk Characteristics <ul><li>Loss  </li></ul><ul><li>Uncertainty </li></ul><ul><li>Degree of change </li></ul>
Risk Categories <ul><li>Project risks </li></ul><ul><li>Technical risks </li></ul><ul><li>Business risks </li></ul><ul><li...
Risk Management Paradigm RISK control identify analyze plan track
Risk Identification <ul><li>A risk item checklist </li></ul><ul><ul><li>Product size </li></ul></ul><ul><ul><li>Business i...
Risk Identification
Risk Due to Product Size •   estimated size of the product in LOC or FP? •   estimated size of product in number of progra...
Risk Due to Business Impact •  affect of this product on company revenue? •  visibility of this product by senior manageme...
Risks Due to the Customer •  Have you worked with the customer in the past? •  Does the customer have a solid idea of requ...
Risks Due to Process Maturity •  Have you established a common process framework?  •  Is it followed by project teams? •  ...
Technology Risks •  Is the technology new to your organization? •  Are new algorithms, I/O technology required? •  Is new ...
Staff/People Risks •  Are the best people available? •  Does staff have the right skills? •  Are enough people available? ...
Risk Estimation <ul><li>Establish a risk table </li></ul><ul><ul><li>Estimate the  probability  of occurrence </li></ul></...
Building a Risk Table (1)
Building a Risk Table (2)
 
 
Risk Referent Level
<ul><li>Risk strategies: </li></ul><ul><ul><li>Risk mitigation </li></ul></ul><ul><ul><li>Monitoring </li></ul></ul><ul><u...
 
Risk Tracking
<ul><li>Risk strategies: </li></ul><ul><ul><li>mitigation—how can we avoid the risk? </li></ul></ul><ul><ul><li>monitoring...
RMMM Plan Document <ul><li>Introduction </li></ul><ul><ul><li>Scope and Purpose of Document </li></ul></ul><ul><ul><li>Ove...
Risk Information Sheet (RIS)
Upcoming SlideShare
Loading in...5
×

投影片CH6

500

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
500
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "投影片CH6"

  1. 1. Chapter 6 Risk Management
  2. 2. Project Risks What can go wrong? What is the likelihood? What will the damage be? What can we do about it?
  3. 3. Risk Management Reactive & Proactive <ul><li>Reactive Risk Management </li></ul><ul><ul><li>mitigation and fix on failure </li></ul></ul><ul><ul><li>crisis management </li></ul></ul><ul><li>Proactive Risk Management </li></ul><ul><ul><li>formal risk analysis </li></ul></ul><ul><ul><li>corrects the root causes of risk </li></ul></ul><ul><ul><li>contingency plan </li></ul></ul>
  4. 4. Risk Characteristics <ul><li>Loss </li></ul><ul><li>Uncertainty </li></ul><ul><li>Degree of change </li></ul>
  5. 5. Risk Categories <ul><li>Project risks </li></ul><ul><li>Technical risks </li></ul><ul><li>Business risks </li></ul><ul><li>Known risks </li></ul><ul><li>Predicatable risks </li></ul><ul><li>Unpredicatable risks </li></ul><ul><li>Generic risks </li></ul><ul><li>Product-specific risks </li></ul>
  6. 6. Risk Management Paradigm RISK control identify analyze plan track
  7. 7. Risk Identification <ul><li>A risk item checklist </li></ul><ul><ul><li>Product size </li></ul></ul><ul><ul><li>Business impact </li></ul></ul><ul><ul><li>Customer characteristics </li></ul></ul><ul><ul><li>Process definition </li></ul></ul><ul><ul><li>Development environment </li></ul></ul><ul><ul><li>Technology to be built </li></ul></ul><ul><ul><li>Staff size and experience </li></ul></ul>
  8. 8. Risk Identification
  9. 9. Risk Due to Product Size • estimated size of the product in LOC or FP? • estimated size of product in number of programs, files, transactions? • percentage deviation in size of product from average for previous products? • size of database created or used by the product? • number of users of the product? • number of projected changes to the requirements for the product? before delivery? after delivery? • amount of reused software? Attributes that affect risk:
  10. 10. Risk Due to Business Impact • affect of this product on company revenue? • visibility of this product by senior management? • reasonableness of delivery deadline? • number of customers who will use this product • interoperability constraints • sophistication of end users? • amount and quality of product documentation that must be produced and delivered to the customer? • governmental constraints • costs associated with late delivery? • costs associated with a defective product? Attributes that affect risk:
  11. 11. Risks Due to the Customer • Have you worked with the customer in the past? • Does the customer have a solid idea of requirements? • Has the customer agreed to spend time with you? • Is the customer willing to participate in reviews? • Is the customer technically sophisticated? • Is the customer willing to let your people do their job—that is, will the customer resist looking over your shoulder during technically detailed work? • Does the customer understand the software engineering process? Questions that must be answered:
  12. 12. Risks Due to Process Maturity • Have you established a common process framework? • Is it followed by project teams? • Do you have management support for software engineering • Do you have a proactive approach to SQA? • Do you conduct formal technical reviews? • Are CASE tools used for analysis, design and testing? • Are the tools integrated with one another? • Have document formats been established? Questions that must be answered:
  13. 13. Technology Risks • Is the technology new to your organization? • Are new algorithms, I/O technology required? • Is new or unproven hardware involved? • Does the application interface with new software? • Is a specialized user interface required? • Is the application radically different? • Are you using new software engineering methods? • Are you using unconventional software development methods, such as formal methods, AI-based approaches, artificial neural networks? • Are there significant performance constraints? • Is there doubt the functionality requested is &quot;do-able?&quot; Questions that must be answered:
  14. 14. Staff/People Risks • Are the best people available? • Does staff have the right skills? • Are enough people available? • Are staff committed for entire duration? • Will some people work part time? • Do staff have the right expectations? • Have staff received necessary training? • Will turnover among staff be low? Questions that must be answered:
  15. 15. Risk Estimation <ul><li>Establish a risk table </li></ul><ul><ul><li>Estimate the probability of occurrence </li></ul></ul><ul><ul><li>Estimate the impact on the project . </li></ul></ul><ul><ul><li>Sort the table by probability and impact . </li></ul></ul><ul><ul><li>Define a cutoff line . </li></ul></ul><ul><li>Assessing Risk Impact </li></ul><ul><ul><li>Nature </li></ul></ul><ul><ul><li>Scope </li></ul></ul><ul><ul><li>Timing </li></ul></ul><ul><ul><li>Risk-exposure = risk-probability x risk-impact </li></ul></ul><ul><li>Risk assessment </li></ul><ul><ul><li>Risk referent level [r i , l i , x i ] </li></ul></ul><ul><li>Risk strategy </li></ul><ul><ul><li>Risk mitigation, monitoring, and management (RMMM) </li></ul></ul>
  16. 16. Building a Risk Table (1)
  17. 17. Building a Risk Table (2)
  18. 20. Risk Referent Level
  19. 21. <ul><li>Risk strategies: </li></ul><ul><ul><li>Risk mitigation </li></ul></ul><ul><ul><li>Monitoring </li></ul></ul><ul><ul><li>management </li></ul></ul>Risk Planning
  20. 23. Risk Tracking
  21. 24. <ul><li>Risk strategies: </li></ul><ul><ul><li>mitigation—how can we avoid the risk? </li></ul></ul><ul><ul><li>monitoring—what factors can we track that will enable us to determine if the risk is becoming more or less likely? </li></ul></ul><ul><ul><li>management—what contingency plans do we have if the risk becomes a reality? </li></ul></ul>RMMM RMMM plan
  22. 25. RMMM Plan Document <ul><li>Introduction </li></ul><ul><ul><li>Scope and Purpose of Document </li></ul></ul><ul><ul><li>Overview of major risks </li></ul></ul><ul><ul><li>Responsibilities </li></ul></ul><ul><ul><ul><li>Management </li></ul></ul></ul><ul><ul><ul><li>Technical staff </li></ul></ul></ul><ul><li>Project Risk Table </li></ul><ul><ul><li>Description of all risks above cut-off </li></ul></ul><ul><ul><li>Factors influencing probability and impact </li></ul></ul><ul><li>Risk Mitigation, Monitoring, Management </li></ul><ul><ul><li>Risk #n </li></ul></ul><ul><ul><ul><li>Mitigation </li></ul></ul></ul><ul><ul><ul><ul><li>General strategy </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Specific steps to mitigate the risk </li></ul></ul></ul></ul><ul><ul><ul><li>Monitoring </li></ul></ul></ul><ul><ul><ul><ul><li>Factors to be monitored </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Monitoring approach </li></ul></ul></ul></ul><ul><ul><ul><li>Management </li></ul></ul></ul><ul><ul><ul><ul><li>Contingency plan </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Special considerations </li></ul></ul></ul></ul><ul><li>RMMM Plan Iteration Schedule </li></ul><ul><li>Summary </li></ul>
  23. 26. Risk Information Sheet (RIS)
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×