This document discusses software project risk management. It outlines tools and techniques for developing risk response plans, including risk avoidance, transfer, mitigation, and acceptance. It also covers processes for controlling risks through reassessment, audits, variance analysis, performance measurement, reserve analysis, and meetings. The objective is to enhance opportunities and minimize threats to project objectives.
3. RISK RESPONSE PLANNING
Objective:
• Develop options and determine actions to enhance opportunities and minimize threats to
project objectives.
• „Assign responsibility to individuals or parties for each risk response.
4. TOOLS & TECHNIQUES FOR RESPONSE
PLANNING
Risk Response may be one of several strategies.
• Risk Avoidance
• Risk Transference
• Risk Mitigation
• Risk Acceptance
5. RISK AVOIDANCE
1. „Risk avoidance is done by
a. changing the project plan to eliminate the risk or the condition that causes the risk in order
to protect the project objectives from its impact.
b. ‰Relaxing the relevant objective (extend the schedule, reduce specification requirements,
reduce scope)
2. Not all risks can be avoided, but some may.
6. RISK TRANSFER
• Transfer the risk to a third party who will carry the risk impact and ownership of the
response.
• „Risk Transfer is most effective in dealing with financial risk exposure.
• „Risk transfer nearly always involves payment of a risk premium to the party acquiring
the risk.
7. RISK MITIGATION
• Risk mitigation aims at reducing the probability and/or impact of a risk to within an
acceptable threshold.
• „The probability/Impact should be mitigated before the risk takes place.
• Thus avoiding to deal with the consequences after the risk had occurred.
• „Mitigation costs should be appropriate given the likely impact and probability of the risk.
8. RISK ACCEPTANCE
• Acceptance indicates a decision not to make any changes to the project plan to deal
with a risk or that a suitable response strategy cannot be identified. This strategy can be
used for both negative and positive risks.
• There are two types of acceptance:
a) ‰Active acceptance: may include developing a contingency planto execute should a risk
occurs.
b) ‰Passive acceptance: requires no action. The project team will deal with the risk as it occurs.
9. RISK CONTROLLING
Control risks is a process under the project risk management. Part of project risk
management. Its major advantage is that it improves the efficiency of the stakeholders
to manage the risk throughout the lifecycle of the project.
1) Risk Reassessment
2) Risk Audit
3) Variance and Trend Analysis
4) Technical Performance Measurement
5) Reserve Analysis
6) Meetings
10. RISK REASSESSMENT
Risk reassessments involve the following activities:
• Identifying new risks
• Evaluating current risks
• Evaluating the risk management processes
• Closing risks
11. RISK AUDIT
Project teams may have defined risk responses. The question is—“Are the responses
effective?” Project managers facilitate risk audits to examine the effectiveness of the risk
responses and to determine whether changes are required. The team also examines the
processes to identify, evaluate, respond to, and control risks.
12. VARIANCE AND TREND ANALYSIS
As with many control processes, we now look for variances between the schedule and
cost baselines and the actual results. When we the variances are increasing, there is
increased uncertainty and risk. Watch the trends and respond before the situation gets
out of hand.
13. TECHNICAL PERFORMANCE
MEASUREMENT
Imagine that you are working on a software development project and that the functional
requirements have been developed. You’ve planned to deliver functions at a point in
time—at the end of the fourth sprint, at the end of phase 1, or a milestone. The technical
performance measurement is a measurement of the technical accomplishments.
14. RESERVE ANALYSIS
During the cost planning, the emergency and management reserves are added to the
project budget as needed. As risks occur, the reserves may decrease. Depending on
how your organization handles reserves and your risk management plan, project
managers may request more reserves when inadequate.
15. MEETINGS
Project managers should be deliberate risk managers. Engage your team members and
appropriate stakeholders in meetings to facilitate the risk management processes. For
these meetings, be sure to:
• Distribute an agenda with a clearly stated purpose
• Invite the appropriate team members and stakeholders
• Use appropriate tools and techniques
• Distribute meeting minutes containing decisions, action items, issues, and risks