Project Risk Management Introduction Risk management is one of the most important aspects that any project developer requires to understand fully. Development of projects without the establishment of effective risk management programs is a possible means to the failure of that project. In order to avoid such outcomes, project developers make the effort of establishing a solid and highly effective risk management program to help in making sure that the project does not in any instance fail to succeed. Risk management programs are mainly established with reference to the project and its nature. In order to ensure that most of the risks the project face are mitigated, project developers evaluate the stages of project development and then assess possible risks that may present in those situations. In this paper, a project will be explained, which will be used to create a risk management plan (Gregory, 2007).  Project Description Software development is currently one of the most significant activity that many companies are considering venturing into, mostly because people have attained a significant interest in having most of their activities and daily operations automated. Software products help people manage to carry out a wide variety of tasks and activities in an effectively appropriate way. Intridea is one of the largest software development companies, which venture in providing people and other clients with software products that they feel they need. The organization has a large network of develop engineers, who provide the service of developing the software products that clients of the organization order. The process of developing any software is considered a project by the organization, since it requires following all the strict policy stages that the organization has established in order to complete. The organization aims to complete every software development process successfully and thus the need to ensure that all important steps to address risks is essential. Intridea develops a large number of software products for many clients. One of the most recent projects that the organization is currently involving in is the development of a trading software to implement a trading strategy from a client. The trading strategy that the client requires implemented is the use of three indicators to determine trend, and then using hedging to avoid loss in any trade that might be against the traded trend. Such a project is considered to be significantly important, since the client has a high stake to loose in case it is developed with flaws. Trading software products are developed in a similar manner to all other software products. A major difference is the fact that these software products are directly used to trade real money in a trading platforms and thus the need to ensure that they are developed to operate in a flawless manner is extremely important. A large number of risks can also occur at any stage of development and thus there is a nee.

1. Project Risk Management
Introduction
Risk management is one of the most important aspects that
any project developer requires to understand fully. Development
of projects without the establishment of effective risk
management programs is a possible means to the failure of that
project. In order to avoid such outcomes, project developers
make the effort of establishing a solid and highly effective risk
management program to help in making sure that the project
does not in any instance fail to succeed. Risk management
programs are mainly established with reference to the project
and its nature. In order to ensure that most of the risks the
project face are mitigated, project developers evaluate the
stages of project development and then assess possible risks that
may present in those situations. In this paper, a project will be
explained, which will be used to create a risk management plan
(Gregory, 2007).
Project Description
Software development is currently one of the most
significant activity that many companies are considering
venturing into, mostly because people have attained a
significant interest in having most of their activities and daily
operations automated. Software products help people manage to
carry out a wide variety of tasks and activities in an effectively
appropriate way. Intridea is one of the largest software
development companies, which venture in providing people and
other clients with software products that they feel they need.
The organization has a large network of develop engineers, who
provide the service of developing the software products that
clients of the organization order. The process of developing any
software is considered a project by the organization, since it
requires following all the strict policy stages that the
organization has established in order to complete. The
organization aims to complete every software development

2. process successfully and thus the need to ensure that all
important steps to address risks is essential.
Intridea develops a large number of software products for
many clients. One of the most recent projects that the
organization is currently involving in is the development of a
trading software to implement a trading strategy from a client.
The trading strategy that the client requires implemented is the
use of three indicators to determine trend, and then using
hedging to avoid loss in any trade that might be against the
traded trend. Such a project is considered to be significantly
important, since the client has a high stake to loose in case it is
developed with flaws. Trading software products are developed
in a similar manner to all other software products. A major
difference is the fact that these software products are directly
used to trade real money in a trading platforms and thus the
need to ensure that they are developed to operate in a flawless
manner is extremely important. A large number of risks can also
occur at any stage of development and thus there is a need to
ensure that a risk mitigation program is implemented (Young,
2006).
Project Objectives
The main objective of this project is to ensure that the
trading software is developed completely and that it meets all
the expectations of the client who ordered it. Ensuring that the
process of development is successful and that all the intended
operations and capabilities of the software are implemented in
its development would help in ensuring that the product is
developed successfully. The other major development objective
for this project is ensuring that the process of development does
not exceed the intended budget. The budget constraint is a
significantly important aspect for any project. In the case of this
project, for example, there is the agreed upon amount that the
client was charged for the software product. From this amount,
the project development process should be covered and the
profit that the organization gains from this project. Since the
agreed upon amount between the organization and the client is

3. fixed, when the budget exceeds the earlier intended upon
amount, the profits that the organization gains from the project
decrease. To avoid this decrease, therefore, it is a major
objective for the project to complete within the initially
intended budget constraint (Lewis, 2007).
Another important objective of the project is to ensure that
it is developed within the provided time limit, by the client. A
trading software is a money managing and developing tool.
With this regard, the client that spends a large amount of money
for its development is likely to be eager to have the fully
completed product within the shortest time period possible.
Exceeding the provided and agreed upon time deadline could
thus be the reason for such a customer to consider the services
of another organization next time. In order to guarantee
customer satisfaction, therefore, it is essentially important to
ensure that this objective is met.
External Dependencies
External dependencies are the specific external factors or
input that the project requires in order to be successful. For this
project, significant trading knowledge is essential, in order to
ensure that the product works exactly in the same way that the
client requires. One of the main external dependency in this
case is thus the client, who would require to answer any form of
trading technicalities that may be required in the development
process. This is because in some occasions, a software
developer may require guidance on the aspects of operation
regarding hos the software is required to address certain issues.
The development team can also seek information and guidance
from another third party individual who is highly skilled in
treading activity. These two individuals would thus be the
external dependencies of the project (Jackson, 2006).
Stakeholder Analysis
For this project, stakeholders include the organization in
general, the project developers and the client who ordered the
development of the software product. The organization is a
major stakeholder in this project. The developers of the product

4. are employees to the organization. The successful completion of
the project is however considered an achievement to the
developer’s team of the organization and thus it is in their best
interest to ensure that the project completes as a success. This
group of stakeholders also play a major role in ensuring that the
project completely meets its objectives and that the client who
ordered for it is fully satisfied with their work in developing it.
The client is the main stakeholder of this project. He or she
plays a major role in determining whether the project was
successfully completed or it is considered a fail. A successful
project is the kind of a project that the client considers
successful and effective in carrying out all its intended
functions and purpose.
Project Tasks
All projects have a number of project tasks that requires to
be completed by the project developers in order to ensure that it
completes successfully. Project tasks make the project easy to
complete for a group of people and it also makes team work
possible for the developers. For this task, the main tasks which
requires to be completed by the project stakeholders include;
evaluating the scope of the project and capabilities of the
software intended for development, selecting a team that is
capable to effectively develop the intended project, drafting a
sufficient budget, delegation of the development task and the
development of the project. All the other tasks fall under these
major categories. Completion of all the project tasks in a
successful way is thus the completion of the project
successfully (Barkley, 2004).
Risk Management Plan Scope and Identification
The project’s potential risks
The project is in software development and most of the time
software development undertakings come with various
challenges. The challenges might overlap or might stand out as
single issues. It is proper that potential risks are identified early
so that mitigation can be initiated. The potential risk areas for

5. software development include integration challenges, software
failure, and security challenges. In the following paragraphs, I
have indicated several risk areas that might affect the trading
software development, the rollout process and the client
interaction with the software.
The organization risks developing trading software that will
become obsolete in a short time span. This is because of the fast
growth of technology. Advancement of technology is
accompanied by upgrades and advanced techniques of
developing advanced software. The organization also risks
developing inferior software compared to market levels. This
again is because of advancement of technology. Normally in
software development, there are several steps and phases that
are merged in order to develop proper working software and at
times a phase or step is missed. It might go unnoticed but has
the potential to have ripple effects in the future. The
organization is at risk of missing a step in development and as a
result is also at risk of the software failing.
Due to the direct involvement of money to the software the
organization is at risk from hacking. Since there is no
restriction on the trading market the organization is at risk of
similar software from its competitors. The project is under a
constraint budget and the budget constraint might require
developers to do away or skip processes that might risk the
quality of software. Other than budget constraints the trading
software is also under a time constraint. The time constraints
might also risk the project quality; the project is at risk of not
meeting the client’s expectations.
Failure to meet client’s time expectations exposes the
organization; the client might consider other organizations for
the development and future developments. There is external
overdependence and this brings to light the risk of leaked trade
skills and strategy; risk of trade secrets. Every organization is
at risk of employee turnover. Turnovers have the potential to
affect the project development.
Due to the high stakes involved, the organization's development

6. team is at risk of gold plating in order to win the affection and
business of the client. The gold plating is likely to cause a
budget exceed. All software developments have many
procedures and more often than not the risk of flaunting the
procedures or failing to follow the procedure is quite high.
There is also the probability of unavoidable risks such as
government restrictions on software more so those involved in
cash transactions. There is also the risk that the project might
not live up to its expectations as far as productivity is
concerned.
There are also positive risks that the organization is likely to
face. Due to the high stakes involved, precision and
effectiveness are encouraged and this exposes the organization
to the risks of high-profit gains, production of superior software
which might lead to the growth of customer base. Positive risks
that the organization is also likely to face include expertise
growth due to external overreliance, the risk learning from their
failures and they also risk growing the organization.
Techniques used in risk identification
In order to identify the risks I employed the use of several
techniques and they included; SWOT analysis, decision trees,
assumption analysis and reviewing of related project’s
documentation. The SWOT analysis helped in the identification
of both internal and external risks as far as the rollout of the
software and client uptake was concerned (Seth, 2015). The
decision tree helped in identifying future risks since it is
effective for analyzing many options or alternatives. The
assumption analysis was also useful in determining possible
future risks. The reviewing of already developed related
project’s documentation was particularly helpful as it provided
insight on possible risks factoring all areas i.e. internal risk
factors, external risk factors, future potential risks, development
risks, clients’ reaction and uptake risks.
Stakeholders of the risk identification process
For any risk identification, various people or groups must be
involved depending on the project type and these people or

7. groups can be referred to as risk stakeholders. Risk stakeholders
can include people who might be affected or perceive to be
affected should a risk come to be. The people involved in the
identification of the risks included; the employees of the
organization, the developers of the software and the client (In
Bérard & In Teyssier, 2017).
The developers were crucial in identifying potential risks
considering that they have developed prior software and hence
could come up with a list of general risks that affect software.
The client also played a role in the identification of risks since
they gave information on potential challenges that may affect
their activities such as fraud and hacks since they needed
software that handled money transactions. Employees of the
organization helped in brainstorming more so in the assumption
analysis (Virine & Trumper, 2017). This ensured that almost all
potential risks were identified.
Qualitative and quantitative risk analysis table
Risk id
Risk description
Risk type/ranking
probability
1
Developers exiting from the organization
threat
0.2
2
Risk of developing an obsolete software
weakness
0.1
3
Risk of developing an inferior software
weakness
0.3
4
Risk of missing a step in development
weakness

8. 0.4
6
Risk of similar software from competitors
threat
0.7
7
Risk of Failure to meet all expectations of client
weakness
0.2
8
Risk of surpassing the budget
weakness
0.7
9
Risk of surpassing the time limit
weakness
0.7
10
Risk of exposure of trade secrets
threat
0.1
11
Risk of gold plating
weakness
0.4
12
Risk of not adhering to procedures
weakness
0.15
13
Risk of producing superior software
opportunity
0.3
14
Risk of organization growing due to large customer growth
opportunity

9. 0.25
15
Risk of fraud and hacking from hackers
threat
0.6
16
Risk of surpassing client’s demands
opportunity
0.3
17
Risk of losing clients to competitors
threat
0.4
18
Risk of interference of the development process by client
threat
0.8
19
Risk of Compromise on quality of final product
weakness
0.1
20
Risk of growing the organization’s profit gain
Opportunity
0.25
Risk Response Planning
Risks can come as either a weakness, threat or an opportunity to
the organization. Therefore a company needs to perform a
thorough access to risks that are prone to affect it. According to
Kendrick, (2015), the management should ensure that all the
risks are addressed appropriately depending on their ranking
and probability. There are various responses to different risks
depending on their type. In various cases organizations need to
develop a mitigation plan in cases where risks are anticipated.
For the risk response plan and the risks mentioned, below are
the responses that the organization should consider adopting.

10. First, the risk of developer exiting from the organization can be
mitigated in order to minimize the chances of it occurring in the
company. The company should develop a mitigation plan to
handle given a scenario. For example, the developer should
train one of the staff members who are experts in the field such
that in case of a developer leaving they should fit into their
position with ease.
Secondly, the risks of developing obsolete or inferior software
can be handled by avoiding. The risk can be avoided by the
company hiring competent IT experts. Competent IT expert will
stay up to date as well as constantly updating the software
which will, in turn, avoid the risk of developing obsolete
software. The company should respond to the risk of missing a
step in the development by reducing the risk. During the
planning, the company develops a clear plan with the help of
competent IT experts that will take into consideration every step
of the development.
The risk of similar software from competitors can be mitigated
by innovation by the company software engineers. The
engineers should always improve and develop competent
innovations that will help in mitigating the risk of competition
from other developers. The risk to meet all the expectations of
the client can be reduced. The risk might be inevitable however
an explicit analysis of the customers’ needs and expectations
should be conducted. In this case, the developer will make
software that should meet the customers’ needs and
requirements.
The risk of surpassing the budget as well as the time limit can
be reduced. This can be reduced by coming up with a well-
planned budget as well as sticking to the plan in order to
minimize miscellaneous spending. The budget will ensure that
the funds are used only for the required purpose and therefore
minimize mismanagement. The risk of exposure of state secrets
can be addressed through avoidance. The risk can be avoided by
entrusting only a few personnel with the secrets. Additionally,
the secrets could be kept in a secure place and protected by

11. codes or encryption. In this case, only the authorized
individuals will be able to access the information.
The company can address the risk of gold plating by reducing
the chances of it occurring. This can by accessing the
customers’ needs and requirement. This will help in that when
enhancing the software or services it will be the enhancement
that will be accepted by the clients hence minimizing the risk of
gold plating. Risk of not adhering to procedures can be reduced
by hiring and training staff members on the importance of
company procedures. In this case, the members who do not
adhere to the procedure will be held accountable for the errors
that may occur.
The organization growing due to customers’ growth and the risk
of surpassing the clients’ demands should be exploited. This can
be done by the company ensuring that all the services provided
meet or exceed the customers’ expectations and needs. The
company should take advantage of the situation and increase
their production and service delivery. This can also be done by
regularly improving their service delivery and products in order
to maintain the clients as well as attracting some more. This
will boost the company’s profit margins and enable it to
efficiently achieve its set goals.
The risk of developing superior software should be enhanced.
The enhancement will increase the chances of the company
developing another software hence customer satisfaction which
will in turn help in the growth of the company. This will be
beneficial in the company’s strategy in that it will bolster its
development and thus the achievement of its visions, goals, and
objectives (Kim, 2010). The risk of fraud and hacking from
hackers can be mitigated by putting in place firmware that
would help in preventing hacking and fraud. Additionally, It
experts from the company should supervise and monitor cyber
security on regular basis.
Supervision and monitoring will help in a case where suspicion
is detected the IT experts will respond accordingly. The risk of
losing clients to competitors can be a huge threat to the

12. company. Therefore the company should mitigate the risk by
improving its services as well as improving their customer
service. Risk of interference of the development process by the
client can be avoided by providing only the products or services
that meet the needs of the clients and being open t clients only
after the development is completed.
Risk of Compromise on quality of the final product can be
reduced. The project should be developed sticking to the plan,
budget and ensuring that it is delivered on time. When a project
is completed with the right procedures and measures, there is a
minimal chance of the final product getting compromised. Risk
of growing the organization’s profit gain should be shared. In
this case, as noted by Kang, & Kim (2016), the company should
consider sharing the opportunity with partners and suppliers in
order to minimize the resources and increase the profit margins
which in turn help boost the company’s growth.
Risk breakdown structure
In order to adequately understand and curb as well as
minimize the risks from occurring, there is a need for a risk
breakdown structure. A risk breakdown structure will help in
providing an insight as well as the intensity of the risk.
Technical
· Scope Definition
· Requirements Definition
· Technical processes
· design
Management Risk
· Project Management
· Organization
· Communication
· Health and Safety
Commercial Risk
· Contractual
· Procurement

13. · Subcontractors
· Client
External Risk
· Legislation
· Competitors
· Political
References
Kang, H. W., & Kim, Y. S. (2016). Analysis of the probabilistic
cost variation ranges according to the effect of core quantitative
risk factors for an overseas plant project: Focused on a Middle
East gas plant project. KSCE Journal of Civil Engineering,
20(2), 509-518.
Kendrick, T. (2015). Identifying and managing project risk:
essential tools for failure-proofing your project. AMACOM Div
American Mgmt Assn.
Kim, Y. S. (2010). A study on the costs variation range through
the risk factors for overseas plant projects. Journal of The
Architectural Institute of Korea, 26(7), 139-147.
In Bérard, C., & In Teyssier, C. (2017). Risk management:
Lever for SME development and stakeholder value creation.
Población, G. F. J. (2017). Financial Risk Management:
Identification, Measurement and Management.
Seth, C. (2015). Swot analysis. Namur: 50minutes.
Virine, L., & Trumper, M. (2017). Project risk analysis made
ridiculously simple.
Barkley, B. (2004). Project risk management. New York:
McGraw-Hill.
Jackson, P. (2006). Nonprofit risk management and contingency
planning : done in a day strategies. Hoboken, N.J: Wiley.
Lewis, J. (2007). Fundamentals of project management. New
York: American Management Association.
Gregory, G. (2007). Project management. Oxford: Pergamon
Flexible Learning.
Young, T. (2006). Successful project management. London
Philadelphia: Kogan Page Ltd

14. Project Risk Management
Introduction
Risk management is one of the most important aspects that
any project developer requires to understand fully. Development
of projects without the establishment of effective risk
management programs is a possible means to the failure of that
project. In order to avoid such outcomes, project developers
make the effort of establishing a solid and highly effective risk
management program to help in making sure that the project
does not in any instance fail to succeed. Risk management
programs are mainly established with reference to the project
and its nature. In order to ensure that most of the risks the
project face are mitigated, project developers evaluate the
stages of project development and then assess possible risks that
may present in those situations. In this paper, a project will be
explained, which will be used to create a risk management plan
(Gregory, 2007).
Project Description
Software development is currently one of the most
significant activity that many companies are considering
venturing into, mostly because people have attained a
significant interest in having most of their activities and daily
operations automated. Software products help people manage to
carry out a wide variety of tasks and activities in an effectively
appropriate way. Intridea is one of the largest software
development companies, which venture in providing people and
other clients with software products that they feel they need.
The organization has a large network of develop engineers, who
provide the service of developing the software products that
clients of the organization order. The process of developing any
software is considered a project by the organization, since it
requires following all the strict policy stages that the
organization has established in order to complete. The
organization aims to complete every software development

15. process successfully and thus the need to ensure that all
important steps to address risks is essential.
Intridea develops a large number of software products for
many clients. One of the most recent projects that the
organization is currently involving in is the development of a
trading software to implement a trading strategy from a client.
The trading strategy that the client requires implemented is the
use of three indicators to determine trend, and then using
hedging to avoid loss in any trade that might be against the
traded trend. Such a project is considered to be significantly
important, since the client has a high stake to loose in case it is
developed with flaws. Trading software products are developed
in a similar manner to all other software products. A major
difference is the fact that these software products are directly
used to trade real money in a trading platforms and thus the
need to ensure that they are developed to operate in a flawless
manner is extremely important. A large number of risks can also
occur at any stage of development and thus there is a need to
ensure that a risk mitigation program is implemented (Young,
2006).
Project Objectives
The main objective of this project is to ensure that the
trading software is developed completely and that it meets all
the expectations of the client who ordered it. Ensuring that the
process of development is successful and that all the intended
operations and capabilities of the software are implemented in
its development would help in ensuring that the product is
developed successfully. The other major development objective
for this project is ensuring that the process of development does
not exceed the intended budget. The budget constraint is a
significantly important aspect for any project. In the case of this
project, for example, there is the agreed upon amount that the
client was charged for the software product. From this amount,
the project development process should be covered and the
profit that the organization gains from this project. Since the
agreed upon amount between the organization and the client is

16. fixed, when the budget exceeds the earlier intended upon
amount, the profits that the organization gains from the project
decrease. To avoid this decrease, therefore, it is a major
objective for the project to complete within the initially
intended budget constraint (Lewis, 2007).
Another important objective of the project is to ensure that
it is developed within the provided time limit, by the client. A
trading software is a money managing and developing tool.
With this regard, the client that spends a large amount of money
for its development is likely to be eager to have the fully
completed product within the shortest time period possible.
Exceeding the provided and agreed upon time deadline could
thus be the reason for such a customer to consider the services
of another organization next time. In order to guarantee
customer satisfaction, therefore, it is essentially important to
ensure that this objective is met.
External Dependencies
External dependencies are the specific external factors or
input that the project requires in order to be successful. For this
project, significant trading knowledge is essential, in order to
ensure that the product works exactly in the same way that the
client requires. One of the main external dependency in this
case is thus the client, who would require to answer any form of
trading technicalities that may be required in the development
process. This is because in some occasions, a software
developer may require guidance on the aspects of operation
regarding hos the software is required to address certain issues.
The development team can also seek information and guidance
from another third party individual who is highly skilled in
treading activity. These two individuals would thus be the
external dependencies of the project (Jackson, 2006).
Stakeholder Analysis
For this project, stakeholders include the organization in
general, the project developers and the client who ordered the
development of the software product. The organization is a
major stakeholder in this project. The developers of the product

17. are employees to the organization. The successful completion of
the project is however considered an achievement to the
developer’s team of the organization and thus it is in their best
interest to ensure that the project completes as a success. This
group of stakeholders also play a major role in ensuring that the
project completely meets its objectives and that the client who
ordered for it is fully satisfied with their work in developing it.
The client is the main stakeholder of this project. He or she
plays a major role in determining whether the project was
successfully completed or it is considered a fail. A successful
project is the kind of a project that the client considers
successful and effective in carrying out all its intended
functions and purpose.
Project Tasks
All projects have a number of project tasks that requires to
be completed by the project developers in order to ensure that it
completes successfully. Project tasks make the project easy to
complete for a group of people and it also makes team work
possible for the developers. For this task, the main tasks which
requires to be completed by the project stakeholders include;
evaluating the scope of the project and capabilities of the
software intended for development, selecting a team that is
capable to effectively develop the intended project, drafting a
sufficient budget, delegation of the development task and the
development of the project. All the other tasks fall under these
major categories. Completion of all the project tasks in a
successful way is thus the completion of the project
successfully (Barkley, 2004).
Risk Management Plan Scope and Identification
The project’s potential risks
The project is in software development and most of the time
software development undertakings come with various
challenges. The challenges might overlap or might stand out as
single issues. It is proper that potential risks are identified early
so that mitigation can be initiated. The potential risk areas for

18. software development include integration challenges, software
failure, and security challenges. In the following paragraphs, I
have indicated several risk areas that might affect the trading
software development, the rollout process and the client
interaction with the software.
The organization risks developing trading software that will
become obsolete in a short time span. This is because of the fast
growth of technology. Advancement of technology is
accompanied by upgrades and advanced techniques of
developing advanced software. The organization also risks
developing inferior software compared to market levels. This
again is because of advancement of technology. Normally in
software development, there are several steps and phases that
are merged in order to develop proper working software and at
times a phase or step is missed. It might go unnoticed but has
the potential to have ripple effects in the future. The
organization is at risk of missing a step in development and as a
result is also at risk of the software failing.
Due to the direct involvement of money to the software the
organization is at risk from hacking. Since there is no
restriction on the trading market the organization is at risk of
similar software from its competitors. The project is under a
constraint budget and the budget constraint might require
developers to do away or skip processes that might risk the
quality of software. Other than budget constraints the trading
software is also under a time constraint. The time constraints
might also risk the project quality; the project is at risk of not
meeting the client’s expectations.
Failure to meet client’s time expectations exposes the
organization; the client might consider other organizations for
the development and future developments. There is external
overdependence and this brings to light the risk of leaked trade
skills and strategy; risk of trade secrets. Every organization is
at risk of employee turnover. Turnovers have the potential to
affect the project development.
Due to the high stakes involved, the organization's development

19. team is at risk of gold plating in order to win the affection and
business of the client. The gold plating is likely to cause a
budget exceed. All software developments have many
procedures and more often than not the risk of flaunting the
procedures or failing to follow the procedure is quite high.
There is also the probability of unavoidable risks such as
government restrictions on software more so those involved in
cash transactions. There is also the risk that the project might
not live up to its expectations as far as productivity is
concerned.
There are also positive risks that the organization is likely to
face. Due to the high stakes involved, precision and
effectiveness are encouraged and this exposes the organization
to the risks of high-profit gains, production of superior software
which might lead to the growth of customer base. Positive risks
that the organization is also likely to face include expertise
growth due to external overreliance, the risk learning from their
failures and they also risk growing the organization.
Techniques used in risk identification
In order to identify the risks I employed the use of several
techniques and they included; SWOT analysis, decision trees,
assumption analysis and reviewing of related project’s
documentation. The SWOT analysis helped in the identification
of both internal and external risks as far as the rollout of the
software and client uptake was concerned (Seth, 2015). The
decision tree helped in identifying future risks since it is
effective for analyzing many options or alternatives. The
assumption analysis was also useful in determining possible
future risks. The reviewing of already developed related
project’s documentation was particularly helpful as it provided
insight on possible risks factoring all areas i.e. internal risk
factors, external risk factors, future potential risks, development
risks, clients’ reaction and uptake risks.
Stakeholders of the risk identification process
For any risk identification, various people or groups must be
involved depending on the project type and these people or

20. groups can be referred to as risk stakeholders. Risk stakeholders
can include people who might be affected or perceive to be
affected should a risk come to be. The people involved in the
identification of the risks included; the employees of the
organization, the developers of the software and the client (In
Bérard & In Teyssier, 2017).
The developers were crucial in identifying potential risks
considering that they have developed prior software and hence
could come up with a list of general risks that affect software.
The client also played a role in the identification of risks since
they gave information on potential challenges that may affect
their activities such as fraud and hacks since they needed
software that handled money transactions. Employees of the
organization helped in brainstorming more so in the assumption
analysis (Virine & Trumper, 2017). This ensured that almost all
potential risks were identified.
Qualitative and quantitative risk analysis table
Risk id
Risk description
Risk type/ranking
probability
1
Developers exiting from the organization
threat
0.2
2
Risk of developing an obsolete software
weakness
0.1
3
Risk of developing an inferior software
weakness
0.3
4
Risk of missing a step in development
weakness

21. 0.4
6
Risk of similar software from competitors
threat
0.7
7
Risk of Failure to meet all expectations of client
weakness
0.2
8
Risk of surpassing the budget
weakness
0.7
9
Risk of surpassing the time limit
weakness
0.7
10
Risk of exposure of trade secrets
threat
0.1
11
Risk of gold plating
weakness
0.4
12
Risk of not adhering to procedures
weakness
0.15
13
Risk of producing superior software
opportunity
0.3
14
Risk of organization growing due to large customer growth
opportunity

22. 0.25
15
Risk of fraud and hacking from hackers
threat
0.6
16
Risk of surpassing client’s demands
opportunity
0.3
17
Risk of losing clients to competitors
threat
0.4
18
Risk of interference of the development process by client
threat
0.8
19
Risk of Compromise on quality of final product
weakness
0.1
20
Risk of growing the organization’s profit gain
Opportunity
0.25
Risk Response Planning
Risks can come as either a weakness, threat or an opportunity to
the organization. Therefore a company needs to perform a
thorough access to risks that are prone to affect it. According to
Kendrick, (2015), the management should ensure that all the
risks are addressed appropriately depending on their ranking
and probability. There are various responses to different risks
depending on their type. In various cases organizations need to
develop a mitigation plan in cases where risks are anticipated.
For the risk response plan and the risks mentioned, below are
the responses that the organization should consider adopting.

23. First, the risk of developer exiting from the organization can be
mitigated in order to minimize the chances of it occurring in the
company. The company should develop a mitigation plan to
handle given a scenario. For example, the developer should
train one of the staff members who are experts in the field such
that in case of a developer leaving they should fit into their
position with ease.
Secondly, the risks of developing obsolete or inferior software
can be handled by avoiding. The risk can be avoided by the
company hiring competent IT experts. Competent IT expert will
stay up to date as well as constantly updating the software
which will, in turn, avoid the risk of developing obsolete
software. The company should respond to the risk of missing a
step in the development by reducing the risk. During the
planning, the company develops a clear plan with the help of
competent IT experts that will take into consideration every step
of the development.
The risk of similar software from competitors can be mitigated
by innovation by the company software engineers. The
engineers should always improve and develop competent
innovations that will help in mitigating the risk of competition
from other developers. The risk to meet all the expectations of
the client can be reduced. The risk might be inevitable however
an explicit analysis of the customers’ needs and expectations
should be conducted. In this case, the developer will make
software that should meet the customers’ needs and
requirements.
The risk of surpassing the budget as well as the time limit can
be reduced. This can be reduced by coming up with a well-
planned budget as well as sticking to the plan in order to
minimize miscellaneous spending. The budget will ensure that
the funds are used only for the required purpose and therefore
minimize mismanagement. The risk of exposure of state secrets
can be addressed through avoidance. The risk can be avoided by
entrusting only a few personnel with the secrets. Additionally,
the secrets could be kept in a secure place and protected by

24. codes or encryption. In this case, only the authorized
individuals will be able to access the information.
The company can address the risk of gold plating by reducing
the chances of it occurring. This can by accessing the
customers’ needs and requirement. This will help in that when
enhancing the software or services it will be the enhancement
that will be accepted by the clients hence minimizing the risk of
gold plating. Risk of not adhering to procedures can be reduced
by hiring and training staff members on the importance of
company procedures. In this case, the members who do not
adhere to the procedure will be held accountable for the errors
that may occur.
The organization growing due to customers’ growth and the risk
of surpassing the clients’ demands should be exploited. This can
be done by the company ensuring that all the services provided
meet or exceed the customers’ expectations and needs. The
company should take advantage of the situation and increase
their production and service delivery. This can also be done by
regularly improving their service delivery and products in order
to maintain the clients as well as attracting some more. This
will boost the company’s profit margins and enable it to
efficiently achieve its set goals.
The risk of developing superior software should be enhanced.
The enhancement will increase the chances of the company
developing another software hence customer satisfaction which
will in turn help in the growth of the company. This will be
beneficial in the company’s strategy in that it will bolster its
development and thus the achievement of its visions, goals, and
objectives (Kim, 2010). The risk of fraud and hacking from
hackers can be mitigated by putting in place firmware that
would help in preventing hacking and fraud. Additionally, It
experts from the company should supervise and monitor cyber
security on regular basis.
Supervision and monitoring will help in a case where suspicion
is detected the IT experts will respond accordingly. The risk of
losing clients to competitors can be a huge threat to the

25. company. Therefore the company should mitigate the risk by
improving its services as well as improving their customer
service. Risk of interference of the development process by the
client can be avoided by providing only the products or services
that meet the needs of the clients and being open t clients only
after the development is completed.
Risk of Compromise on quality of the final product can be
reduced. The project should be developed sticking to the plan,
budget and ensuring that it is delivered on time. When a project
is completed with the right procedures and measures, there is a
minimal chance of the final product getting compromised. Risk
of growing the organization’s profit gain should be shared. In
this case, as noted by Kang, & Kim (2016), the company should
consider sharing the opportunity with partners and suppliers in
order to minimize the resources and increase the profit margins
which in turn help boost the company’s growth.
Risk breakdown structure
In order to adequately understand and curb as well as
minimize the risks from occurring, there is a need for a risk
breakdown structure. A risk breakdown structure will help in
providing an insight as well as the intensity of the risk.
Technical
· Scope Definition
· Requirements Definition
· Technical processes
· design
Management Risk
· Project Management
· Organization
· Communication
· Health and Safety
Commercial Risk
· Contractual
· Procurement

26. · Subcontractors
· Client
External Risk
· Legislation
· Competitors
· Political
References
Kang, H. W., & Kim, Y. S. (2016). Analysis of the probabilistic
cost variation ranges according to the effect of core quantitative
risk factors for an overseas plant project: Focused on a Middle
East gas plant project. KSCE Journal of Civil Engineering,
20(2), 509-518.
Kendrick, T. (2015). Identifying and managing project risk:
essential tools for failure-proofing your project. AMACOM Div
American Mgmt Assn.
Kim, Y. S. (2010). A study on the costs variation range through
the risk factors for overseas plant projects. Journal of The
Architectural Institute of Korea, 26(7), 139-147.
In Bérard, C., & In Teyssier, C. (2017). Risk management:
Lever for SME development and stakeholder value creation.
Población, G. F. J. (2017). Financial Risk Management:
Identification, Measurement and Management.
Seth, C. (2015). Swot analysis. Namur: 50minutes.
Virine, L., & Trumper, M. (2017). Project risk analysis made
ridiculously simple.
Barkley, B. (2004). Project risk management. New York:
McGraw-Hill.
Jackson, P. (2006). Nonprofit risk management and contingency
planning : done in a day strategies. Hoboken, N.J: Wiley.
Lewis, J. (2007). Fundamentals of project management. New
York: American Management Association.
Gregory, G. (2007). Project management. Oxford: Pergamon
Flexible Learning.
Young, T. (2006). Successful project management. London
Philadelphia: Kogan Page Ltd