The document discusses project risk management. It defines risk as uncertainty that could negatively or positively impact a project's objectives. There are various types of risks like schedule, budget, operational, technical, and programmatic risks. Risk management involves identifying, analyzing, and responding to risks throughout the project life cycle to help meet objectives. The key aspects of risk management are planning risk management, identifying risks, performing qualitative and quantitative risk analysis, planning risk responses, and monitoring and controlling risks. The overall goal is to minimize threats and maximize opportunities related to project risks.
2. What is risk?
Categories of risk.
What is risk management?
Importance of risk management.
How can we control risks in a project?
3. Risk is an uncertainty.
We don’t know whether a particular event will occur or
not but if it does has a negative impact on a
project.
Risk is the probability of suffering loss.
Risk provides an opportunity to develop a better
project
There is a difference between a Problem and risk;
Problem is some event which has already occurred but
risk is something that is unpredictable.
4. Risk can also be positive.
“The threat or possibility that an action or event will
adversely or beneficially effect an organization’s ability to
achieve its objectives.”
“ An uncertain event or condition that, if it occurs, has a
positive or negative effect on a project’s objectives.”
5. 1. Schedule Risk:
Project schedule get slip due to some reasons.
Wrong time estimation.
Resources are not tracked properly. All resources like
staff, systems, skills of individuals etc.
Failure to identify complex functionalities and time
required to develop those functionalities.
Unexpected project scope expansions.
6. 2. Budget Risk:
Wrong budget estimation.
Cost overruns
Project scope expansion
3. Operational Risks:
Risks of loss due to improper process implementation,
failed system or some external events risks.
7. Causes of Operational risks:
Failure to address priority conflicts
Failure to resolve the responsibilities
Insufficient resources
No resource planning
No communication in team.
8. 4. Technical risks:
Technical risks generally leads to failure of functionality
and performance.
Causes of technical risks are:
Continuous changing requirements
No advanced technology available or the existing
technology is in initial stages.
Product is complex to implement.
Difficult project modules integration.
9. 5. Programmatic Risks:
These are the external risks beyond the operational limits.
These are all the uncertain risks that are outside the
control of the program.
These external events can be:
Running out of fund.
Market development
Changing customer product strategy and priority
Government rule changes.
10. Risk type Possible risks
Technology The database used in the system cannot process as many transactions per second
as expected.
Software components that should be reused contain defects that limit their
functionality.
People It is impossible to recruit staff with the skills required.
Key staff are ill and unavailable at critical times.
Required training for staff is not available.
Organisational The organisation is restructured so that different management are responsible for
the project.
Organisational financial problems force reductions in the project budget.
Tools The code generated by CASE tools is inefficient.
CASE tools cannot be integrated.
Requirements Changes to requirements that require major design rework are proposed.
Customers fail to understand the impact of requirements changes.
Estimation The time required to develop the software is underestimated.
The rate of defect repair is underestimated.
The size of the software is underestimated.
11. Some other examples of risks in the software process
Risk Affects Description
Staff turnover Project Experienced staff will leave the project before it is finished.
Management change Project There will be a change of organisational management with
different priorities.
Hardware unavailability Project Hardware that is essential for the project will not be
delivered on schedule.
Requirements change Project and
product
There will be a larger number of changes to the
requirements than anticipated.
Specification delays Project and
product
Specifications of essential interfaces are not available on
schedule
Size underestimate Project and
product
The size of the system has been underestimated.
CASE tool under-
performance
Product CASE tools which support the project do not perform as
anticipated
Technology change Business The underlying technology on which the system is built is
superseded by new technology.
Product competition Business A competitive product is marketed before the system is
completed. 11
12. Project risk management is the art and science of
identifying, analyzing, and responding to risk
throughout the life of a project and in the best interests
of meeting project objectives
Risk management is an attempt to identify, to measure,
to monitor and to manage uncertainty.
Not only negative (ensuring that bad things are less
likely to happen), But also positive (making it more
likely that good things will happen)
The art of managing the risks effectively so that the
WIN-WIN situation and friendly relationship is
established between the team and the customer is
called Risk Management.
13. Risk Management is a software engineering practice
which provides a disciplined environment for proactive
decision-making to:
Assess continuously what can go wrong (risks).
Determine what risks are important to deal with.
Implement strategies to deal with those risks.
It maximizes the probability and consequences of
positive events and minimizes the probability and
consequences of adverse events to project objectives.
14. The project should be managed in such a way that the
risks don’t affect the project in a big way.
The Risks we encounter in a project should be resolved
so that we are able to deliver the desired project to the
customer.
18. 1. Planning risk management: deciding how to
approach and plan the risk management activities for
the project
Methodology
Roles and responsibilities
Budget and schedule
Risk categories
Risk probability and impact
Revised stakeholders tolerances
Tracking
Risk documentation
Output = “Risk management plan”.
19. 2. Identifying risks: determining which risks are likely to
affect a project and documenting the characteristics of each
Brainstorming
The Delphi Technique
Interviewing
SWOT analysis
Out put = Risk Register
20. 3. Performing qualitative risk analysis: prioritizing risks
based on their probability and impact of occurrence
Probability/impact matrixes
The Top Ten Risk Item Tracking
21. 4. Performing quantitative risk analysis: Numerically
estimating the effects of risks on project objectives
Decision tree analysis
Simulation
Sensitivity analysis
22. 5. Planning risk responses: Taking steps to enhance
opportunities and reduce threats to meeting project objectives
Strategies for negative Risks
Risk avoidance (continue whatever comes will be handled)
Risk acceptance (accept risk due to unavailability of resources )
Risk transference (transfer risk to a 3rd
party.. insurance)
Risk mitigation (reducing the probability of risk to occur)
Strategies for positive Risks
Risk exploitation (making sure positive risk to occur, i-e holding public
events)
Risk sharing (partnership)
Risk enhancement (identifying and maximizing the key driver of
positive risk)
Risk acceptance (accept the bitterness, don’t try for best)
23. 6. Monitoring and controlling risks: Monitoring identified
and residual risks, identifying new risks, carrying out risk
response plans, and evaluating the effectiveness of risk
strategies throughout the life of the project