The Risks Will Actively Attack You.”
………without risks there is no reward
Definitions and Principles
Risk Assessment and Control
Recommended Implementation Approach
Any anticipated unfavorable event or circumstances
that occur while the project is underway.
If the risk become true
• It can hamper the successful and timely
completion of a project.
Therefore, it is necessary to anticipate and identify
Reducing the impact of all kinds of risks that might
affect a project.
Importance of Software Risk
Addresses Complex Software Systems
Focuses Projects on Critical Risk Items
Provides Techniques for Handling Risk Items
Reduces Software Costs by Reducing Rework
Usually 40-50% of software costs
Making informed decisions involves the evaluation of
Costs, benefits, and risks
The evaluation of the impact of current decisions on future
Risks within a system Context
This process of risk management embodies
Process of Risk Management
This process of risk management embodies the
identification, analysis, planning, tracking, controlling, and
communication of risk.
A continuous set of activities to identify,
confront, and resolve technical risk
The objectives of risk assessment is to rank the risks in terms of
their damage causing potential.
For risk assessment, each risk should first be rated in two ways:
• The likelihood of a risk coming true (r)
• The severity of damage caused due to the risk (s)
• Based on these factors
– The priority of each risk can be computed as
– p=r s
The project manager needs to anticipate the risks in the
project as early as possible so that the impact of the risk can
be minimized by making effective risk management plans.
In order to be able to systematically identify the important
risks, it is necessary to categorize risks into different classes.
Main categories of risks
• Project risks
• Technical risks
• Business risks
Main categories of risks
• Concern various forms of
– Budgetary, Schedule, Personnel, Resource and Customer-Related Problems.
– e.g. schedule slippage
» Software is intangible, it is very difficult to monitor and control software
– Potential design, implementation, interfacing, testing, and maintenance
– E.g. incomplete specification, changing specification, etc.
– An excellent product that no one wants, losing budgetary, etc.
After all the identified risks are assessed, plans must be made to control the
most damaging and the most likely risks.
Strategies used for risk
• Avoid the risk
– Discuss with customer to
reduce the scope of the
– Giving incentives to
engineers to avoid the risk of
manpower turnover, etc.
• Transfer the risk
– Getting the risky components
developed by a third party
– Buying insurance cover, etc.
• Risk reduction
– Planning ways to control the
damage due to a risk
– If there is risk that some key
personnel might leave, new
recruitment may be planned.
Techniques for Handling Risks
To choose between the different strategies of
handling a risk, the project manager must
consider the cost of handling the risk and the
corresponding reduction in risk.
Risk exposure before reduction – risk exposure after reduction
Risk leverage =
Risk reduction of cost
Design to Improve overall software development
process to integrate knowledge into the software
acquisition process that enable manageress to make
Samples of questions for methodological
I know that improving the process will improve my software. How
do I choose the improvement method that will have the most
effect for my current state? How do I secure against major
disasters? What cost will I face?
Software Risk management Methodology
Framework for Software Risk management
1. Software Risk Evaluation (SRE)
2. Continuous Risk Management (CRM)
3. Team Risk Management (TRM)
Developed software risk methodologies
1. Risk prevention
2. Risk mitigation and correction
3. Ensuring safe system failure
SRM methodological addresses the two functions of
software acquisition and development.
The functions are managed is composed
Software Acquisition-Capability Maturity Model
• Determine current process maturity identify few critical
issues critical to software quality & process improvement
• Framework used Quality principles have been design by
Quality management Team
– Developed the direction Watts Humphrey at IBM
Software - Capability Maturity Model
• The key process areas define requirements that must be
satisfied in order to accomplish that level of development
Seven risk management principles
Shared product vision
• Sharing product vision based upon common purpose, shared
ownership, and collective commitment
• Focusing on results
• Working Cooperatively To Achieve A Common Goal
• Pooling Talent, Skills, And Knowledge
• Thinking Toward Tomorrow, Identifying Uncertainties,
Anticipating Potential Outcomes
• Managing Project Resources And Activities While Anticipating
Viewing software development within the context of the larger
system (3D) Definition, Design, and Development
Encouraging the free flow of information between all levels
Bringing unique knowledge to identifying and managing risk
Making risk management an integral part of project
Adapting risk management methods and tools to a project’s
infrastructure and culture
Maintaining constant vigilance
Identifying and managing risks routinely throughout all phases
of the project’s life cycle
3. Risk Clinic
Workshop that takes the CRM and TRM and adapts in
integrates it with a client’s communication channels,
infrastructure, existing practices, project management, risk
management (if any), and technical problem management
Software Risk Evaluation (SRE)
Software Risk Evaluation (SRE) Practice model
Team Risk Management (TRM)
•Recognize the needs •Based on risks, priorities,
•Commit to create the team metrics & action plans
CRM is a principle-based practice for managing project risks and
opportunities throughout the lifetime of the project.
When followed, these principles provide an effective approach to
managing risk regardless of the specific methods and tools used.
2 are composed of three groups: core, sustaining, and defining.
Software Acquisition-Capability Maturity Model (SA-CMMSM)
Crosby, P.B. Quality Is Free. New York: