Uploaded bysaurabhshertukde
PPT, PDF18,067 views

Risk analysis

The document discusses risk analysis and management for software projects. It defines risks as potential problems that could affect project completion. The goal of risk analysis is to help teams understand and manage uncertainty. Key aspects covered include identifying risks, assessing probability and impact, prioritizing risks, developing risk mitigation plans, and monitoring risks during the project. The document provides examples of risk categories, analysis steps, and strategies for proactive versus reactive risk management.

Embed presentation

Downloaded 858 times
 Risks are potential problem/uncertainty that might affect the successful completion of a software project.  Risk analysis and management are intended to help a software team understand and manage uncertainty during the development process.  The work product is called a Risk Mitigation, Monitoring, and Management Plan (RMMM).
 Two risk Strategies : 1. Reactive strategy Software team does nothing till the risk becomes real. 2. Proactive strategy Risk management begins long before technical work starts. Risks are identified and prioritized by importance. Then team builds a plan to avoid risks if they can or minimize their probability of occurrence or establish plan if risks become real.
 Categories of risks 1. Project risks ◦ Threatens the project plan. ◦ If project risk becomes real, it is likely project schedule will slip and the costs will increase ◦ Identifies problems related to budgetary, schedule , personnel and resource 2. Technical risk o Threatens the quality of the software to be produced. o Identifies problems related to design, implementation, maintenance etc
3.Business risk • Threatens the viability of the software to be built. • Eg of business risk 4. Building an excellent product that no one wants. 5. Building a product that no longer fits into the overall business strategy. 6. Building a product that the sales force do not how to sell. 7. Change of management 8. Losing budgetary
 Steps for risk analysis 2. Risk Identification • Lists the risks associated with a specific project. • Use a risk item checklist to identify risks Risk item check list – A set of questions relevant to each risk. A project manager attains a feeling of staffing risk by answering the following set questions--- 8. Are enough people available ? 9. Are the best people available ? 10.Will the project team members be working full time / part time on the project ? 11.Have the staff members received necessary training? No. of negative responses to the questions ∝ degree to which the project is at a staffing risk
2. Risk projection • Also called risk estimation. • Rates each risk in 2 ways : 4. Find the probability of occurrence of each risk. 5. Find the impact of the problems associated with each risk. Steps 1 : Prepare a risk table. a) Lists all risks identified in the first column. b) Category of the risk is identified in the second column. PS – project size risk. TE – Technical risk. BU – Business risk.
c) Probability of occurrence is entered in the third column. Individual team members are polled for their estimates in a round robin fashion until a single consensus is obtained. d) Impact of each risk on the 4 risk components is assessed . 4 risk components are 1. Performance If the risk becomes real will the requirements be met and will the product be fit for its intended use? 2. Cost If the risk becomes real will the project budget be maintained? 3. Support If the risk becomes real will the resultant software be easy to correct , adapt and enhance?
4. Schedule Will the project schedule be maintained and the product will be delivered on time if the risk becomes real? The impact of each risk on the 4 components can be categorized as 1- Catastrophic 2- Critical 3- Marginal 4- Negligible The values are averaged to determine an overall impact value.
Table prior to sorting
• Next the table is sorted by high probability and high impact. • Project manager defines a cut off line implying only risks above the line will be managed. • The column labeled RMMM contains a pointer into a Risk Mitigation Monitoring and Management Plan(A collection of risk information sheets developed for all risks that lie above the cutoff line)
Steps 2 : Assessing the risk impact . a) Estimate the cost of each risk in the table. • How to estimate the cost of each risk ? Eg : Assume that the software team defines a project risk in the following manner: Risk identification. Only 70 percent of the software components scheduled for reuse will, in fact, be integrated into the application. The remaining functionality will have to be custom developed. Risk probability. 80% (likely). Risk impact. 60 reusable software components were planned. If only 70 percent can be used, 18 components would have to be developed from scratch (in addition to other custom software that has been scheduled for development). Since the average component is 100 LOC and local data indicate that the software engineering cost for each LOC is $14.00, the overall cost (impact) to develop the components would be 18 x 100 x 14 = $25,200.
b) Calculate the risk exposure foe each risk in the table ---- Risk exposure. RE = Prob. Of occurrence x cost of risk =0.80 x 25,200 ~ $20,200. c) Calculate the total exposure for all risks(above the cutoff line) The total risk exposure provides a means for adjusting the final cost estimates for a project. If RE is greater than 50 % of the project cost , the viability of the project must be evaluated
3. Risk Refinement • During early stages of project planning, a risk may be stated quite generally. • As time passes and more is learned about the project and the risk, it may be possible to refine the risk. • One way to do this is to represent the risk in condition- transition-consequence (CTC) • Given that <condition> then there is concern that (possibly) <consequence>.
• Using the CTC format for the reuse risk ---- • Given that all reusable software components must conform to specific design standards and that some do not conform, then there is concern that (possibly) only 70 % of the planned reusable modules may actually be integrated into the as-built system, resulting in the need to custom engineer the remaining 30 % of components. • This general condition can be refined in the following manner: Sub condition 1 Certain reusable components were developed by a third party with no knowledge of internal design standards. Sub condition 2 Certain reusable components have been implemented in a language that is not supported on the target environment.
4. Risk Mitigation Monitoring and Management All the risk analysis activities presented so far have single goal i.e to assist the project team in developing a strategy to deal with risk. An effective strategy is-- 6. Risk Mitigation (avoidance) For example, Assume Risk -High staff turnover is noted as a project risk, Prob. Of occurrence -70% ( high) and Impact-2 (critical)
To mitigate this risk, project management must develop a strategy for reducing turnover. Among the possible steps to be taken --  Meet with current staff to determine causes for turnover (e.g., poor working conditions, low pay, and competitive job market).  Mitigate those causes that are under our control before the project starts.  Organize project teams so that information about each development activity is widely dispersed.  Define documentation standards and establish mechanisms to be sure that documents are developed in a timely manner.  Assign a backup staff member for every critical technologist.
2. Risk monitoring  As the project proceeds, risk monitoring activities commence.  The project manager monitors factors that may provide an indication of whether the risk is becoming more or less likely. In the case of high staff turnover, the following factors can be monitored:  General attitude of team members based on project pressures.  The degree to which the team has jelled.  Interpersonal relationships among team members.  Potential problems with compensation and benefits.  The availability of jobs within the company and outside it.
 Also the project manager should monitor the effectiveness of risk mitigation steps.  The project manager should monitor documents carefully to ensure that each can stand on its own and that each imparts information that would be necessary if a newcomer were forced to join the software team somewhere in the middle of the project.
3. Risk management • Assumes that mitigation efforts have failed and that the risk has become a reality (a number of people announce that they are leaving) • If the mitigation strategy has been followed, backup is available, information is documented, and knowledge has been dispersed across the team. • Those individuals who are leaving are asked to stop all work and spend their last weeks in “knowledge transfer mode. This might include video-based knowledge capture, the development of “commentary documents,” and/or meeting with other team members who will remain on the project.
 The RMMM plan documents all work performed as part of risk analysis and are used by the project manager as part of the overall project plan.  Some software teams do not develop a formal RMMM document. Rather, each risk is documented individually using a risk information sheet (RIS)  Once RMMM has been documented and the project has begun, risk mitigation and monitoring steps commence. And if the risk becomes real then the project manager applies the management steps.
Risk ID: P02-4-32 Date : 5/9/02 Prob: 80% Impact : High Description : Only 70 % of the software components scheduled for reuse will be integrated into the application. The remaining functionality will have to be custom developed. Refinement/Context Sub condition 1 Certain reusable components were developed by a third party with no knowledge of internal design standards. Sub condition 2 Certain reusable components have been implemented in a language that is not supported on the target environment. Mitigation/Monitoring : 1. Contact third party to determine conformance with design standards. 2. Check to determine if language support can be acquired.
Management Plan : • RE computed to be $20,200. Allocate this amount within project cost. • Develop revised schedule assuming 18 additional components will have to be custom built. • Allocate staff accordingly. Current Status : 6/12/2010 : Mitigation steps initiated.

More Related Content

PPT
Pressman ch-25-risk-management
byzeeshanwrch
 
PPT
Risk analysis and management
bygnitu
 
PPT
Software Engineering (Risk Management)
byShudipPal
 
PPT
Unit 8-risk manaegement (1) -
byShashi Kumar
 
PPT
Risk management in software engineering
bydeep sharma
 
PPTX
Lecture 03 Software Risk Management
byAchmad Solichin
 
PPTX
Software Risk Management
byGunjan Patel
 
PPTX
Risk Mitigation, Monitoring and Management Plan (RMMM)
byNavjyotsinh Jadeja
 
Pressman ch-25-risk-management
byzeeshanwrch
 
Risk analysis and management
bygnitu
 
Software Engineering (Risk Management)
byShudipPal
 
Unit 8-risk manaegement (1) -
byShashi Kumar
 
Risk management in software engineering
bydeep sharma
 
Lecture 03 Software Risk Management
byAchmad Solichin
 
Software Risk Management
byGunjan Patel
 
Risk Mitigation, Monitoring and Management Plan (RMMM)
byNavjyotsinh Jadeja
 

What's hot

PPT
Risk management(software engineering)
byPriya Tomar
 
PPTX
Risk Management
bySaqib Raza
 
PPT
Software Engineering (Project Scheduling)
byShudipPal
 
PDF
Software Project Management: Risk Management
byMinhas Kamal
 
PDF
Software project management
byR A Akerkar
 
PPT
Software estimation
byMd Shakir
 
PPTX
RMMM Plan
byAnkit Bahuguna
 
PPTX
Security risk management
byPrachi Gulihar
 
PPTX
Software project planning
byrajvir_kaur
 
PPTX
Software quality assurance
byAman Adhikari
 
PPT
Risk Management by Roger Pressman
byRogerio P C do Nascimento
 
PPT
Software Quality Management
byKrishna Sujeer
 
PPTX
COCOMO Model in software project management
bySyed Hassan Ali
 
PPTX
The Art of Debugging.pptx
byKarthigaiSelviS3
 
PPTX
System testing
bySifat Hossain
 
PPT
Software Quality Metrics
byMufaddal Nullwala
 
PPTX
Software Configuration Management (SCM)
byEr. Shiva K. Shrestha
 
PPT
Risk identification
bymurukkada
 
PPT
Software process and project metrics
byIndu Sharma Bhardwaj
 
PPTX
Software Project Management (monitoring and control)
byIsrarDewan
 
Risk management(software engineering)
byPriya Tomar
 
Risk Management
bySaqib Raza
 
Software Engineering (Project Scheduling)
byShudipPal
 
Software Project Management: Risk Management
byMinhas Kamal
 
Software project management
byR A Akerkar
 
Software estimation
byMd Shakir
 
RMMM Plan
byAnkit Bahuguna
 
Security risk management
byPrachi Gulihar
 
Software project planning
byrajvir_kaur
 
Software quality assurance
byAman Adhikari
 
Risk Management by Roger Pressman
byRogerio P C do Nascimento
 
Software Quality Management
byKrishna Sujeer
 
COCOMO Model in software project management
bySyed Hassan Ali
 
The Art of Debugging.pptx
byKarthigaiSelviS3
 
System testing
bySifat Hossain
 
Software Quality Metrics
byMufaddal Nullwala
 
Software Configuration Management (SCM)
byEr. Shiva K. Shrestha
 
Risk identification
bymurukkada
 
Software process and project metrics
byIndu Sharma Bhardwaj
 
Software Project Management (monitoring and control)
byIsrarDewan
 

Viewers also liked

PPT
Risk-management
byUmesh Gupta
 
PDF
Project Risk Management
byMarkos Mulat G
 
PDF
Risk Analysis
byNishodh Saxena Ph. D.
 
PPTX
Powerpoint Risk Assessment
bySteve Bishop
 
PPTX
Risk assessment presentation
bymmagario
 
PDF
OHSAS Hazard identification & Risk assessment
byTechnoSysCon
 
PPTX
Project risk analysis
byAkanksha Sinha
 
PDF
Risk assessment principles and guidelines
byHaris Tahir
 
PPTX
Applying Robotic Process Automation in Banking: Innovations in Finance and Risk
byaccenture
 
PDF
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
byNorrazman Zaiha Zainol
 
ODP
Software Risk Analysis
byBrett Leonard
 
PPT
Bond
byGirish Soni
 
Risk-management
byUmesh Gupta
 
Project Risk Management
byMarkos Mulat G
 
Risk Analysis
byNishodh Saxena Ph. D.
 
Powerpoint Risk Assessment
bySteve Bishop
 
Risk assessment presentation
bymmagario
 
OHSAS Hazard identification & Risk assessment
byTechnoSysCon
 
Project risk analysis
byAkanksha Sinha
 
Risk assessment principles and guidelines
byHaris Tahir
 
Applying Robotic Process Automation in Banking: Innovations in Finance and Risk
byaccenture
 
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
byNorrazman Zaiha Zainol
 
Software Risk Analysis
byBrett Leonard
 
Bond
byGirish Soni
 

Similar to Risk analysis

PPT
Risk
byRahul Hada
 
PPTX
Risk management
byUsman Mukhtar
 
PPT
risk management
byArti Maggo
 
PPTX
Risk Management
byHinal Lunagariya
 
PPTX
OOSE-PRESENTATION.pptx
byRanjitKdk
 
PPTX
Software risk, Configuration Management and QA (1).pptx
byavinashpowar5
 
PDF
Risk Management.pdf for college studentds
byUdayMann1
 
PPT
notes_Lecture9 RISK COMPONENTS AND DRIVERS
bypsaravanakumar8
 
PPT
risk management (contd.) Risk Identification Risk Components and Drivers Risk...
byAmjad284458
 
PDF
Project Management C7 -risk_management
byIzah Asmadi
 
PPT
Riskmanagement software Engineering1.ppt
bysirishaYerraboina1
 
PPT
Introduction to risk management presentation
byEphremChernet1
 
PDF
risk-management-121021125051-phpapp02 (1).pdf
byPriyanshTan
 
PDF
SPM RISK PLANNING.pdfddddddddddddddddddddddddddddddddddddddddddddddd
byShepherdChidambaeh
 
PPT
Software Risk Management updated.ppt
byumairshams6
 
PDF
riskanalysis-120305101118-phpapp02.pdf
byWilliamTom9
 
PPTX
Project risk analysis
bySUBHASISHMAHAKUD
 
PPT
lec6.ppt
byNanoSana
 
PPT
project_risk_mgmt_final 1.ppt
byBetshaTizazu2
 
PPTX
11-Risk Management.pptx
bySushant895574
 
Risk
byRahul Hada
 
Risk management
byUsman Mukhtar
 
risk management
byArti Maggo
 
Risk Management
byHinal Lunagariya
 
OOSE-PRESENTATION.pptx
byRanjitKdk
 
Software risk, Configuration Management and QA (1).pptx
byavinashpowar5
 
Risk Management.pdf for college studentds
byUdayMann1
 
notes_Lecture9 RISK COMPONENTS AND DRIVERS
bypsaravanakumar8
 
risk management (contd.) Risk Identification Risk Components and Drivers Risk...
byAmjad284458
 
Project Management C7 -risk_management
byIzah Asmadi
 
Riskmanagement software Engineering1.ppt
bysirishaYerraboina1
 
Introduction to risk management presentation
byEphremChernet1
 
risk-management-121021125051-phpapp02 (1).pdf
byPriyanshTan
 
SPM RISK PLANNING.pdfddddddddddddddddddddddddddddddddddddddddddddddd
byShepherdChidambaeh
 
Software Risk Management updated.ppt
byumairshams6
 
riskanalysis-120305101118-phpapp02.pdf
byWilliamTom9
 
Project risk analysis
bySUBHASISHMAHAKUD
 
lec6.ppt
byNanoSana
 
project_risk_mgmt_final 1.ppt
byBetshaTizazu2
 
11-Risk Management.pptx
bySushant895574
 

More from saurabhshertukde

PPT
Pressman ch-3-prescriptive-process-models
bysaurabhshertukde
 
PPT
Analysis concepts and principles
bysaurabhshertukde
 
PPT
Design concepts and principles
bysaurabhshertukde
 
PPT
Analysis modelling
bysaurabhshertukde
 
PPT
Software project-scheduling
bysaurabhshertukde
 
PPT
Er & eer to relational mapping
bysaurabhshertukde
 
PPT
Softwareproject planning
bysaurabhshertukde
 
PPT
Oodbms ch 20
bysaurabhshertukde
 
PPT
Er model
bysaurabhshertukde
 
PPT
Introduction er & eer
bysaurabhshertukde
 
PPT
Chapter 1
bysaurabhshertukde
 
PPT
Chapter 9
bysaurabhshertukde
 
PPT
Eer case study
bysaurabhshertukde
 
PPT
Chapter 2
bysaurabhshertukde
 
PPT
J2 ee architecture
bysaurabhshertukde
 
PPT
Integrity & security
bysaurabhshertukde
 
PPT
Introduction er & eer
bysaurabhshertukde
 
PPT
J2 ee archi
bysaurabhshertukde
 
PPT
Revision sql te it new syllabus
bysaurabhshertukde
 
Pressman ch-3-prescriptive-process-models
bysaurabhshertukde
 
Analysis concepts and principles
bysaurabhshertukde
 
Design concepts and principles
bysaurabhshertukde
 
Analysis modelling
bysaurabhshertukde
 
Software project-scheduling
bysaurabhshertukde
 
Er & eer to relational mapping
bysaurabhshertukde
 
Softwareproject planning
bysaurabhshertukde
 
Oodbms ch 20
bysaurabhshertukde
 
Er model
bysaurabhshertukde
 
Introduction er & eer
bysaurabhshertukde
 
Chapter 1
bysaurabhshertukde
 
Chapter 9
bysaurabhshertukde
 
Eer case study
bysaurabhshertukde
 
Chapter 2
bysaurabhshertukde
 
J2 ee architecture
bysaurabhshertukde
 
Integrity & security
bysaurabhshertukde
 
Introduction er & eer
bysaurabhshertukde
 
J2 ee archi
bysaurabhshertukde
 
Revision sql te it new syllabus
bysaurabhshertukde
 

Recently uploaded

PDF
DataLiva-LivaGRC- Business Software for Governance, Risk, and Compliance
byMustafa Kuğu
 
PDF
Saga: The new era of transactions in a microservices architecture
byGiovanni Marigi
 
PPTX
TechSprint Kickoff - Everything You Need to Know
bygdgcodecellcmpn
 
PPTX
DVCON24-IBM ai/ml driven hardware verification
byArun Joseph
 
PPTX
Visual Foxpro-VFP9-Access-Report-Variable-Outside-the-report.pptx
bymanojbkalla
 
PDF
Governing Agentic Enterprise - From Shadow AI to Autonomous Security.pdf
bysajjasridhar1990
 
PDF
Generating Structured Outputs from Unstructured Content Using LLMs
byEnterprise Knowledge
 
PDF
Best-Travel-Portal-Development-Solutions-for-Online-Growth
bykashishnagarrajput
 
PPTX
Lecture 04. about Black heads and Hackerss.pptx
byvinocol222
 
PDF
Using Change Data Capture (CDC) to Ingest Data into Apache Kafka
byGiovanni Marigi
 
PDF
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
PPTX
How Blockchain Application Development Enables Trustless Digital Ecosystems.pptx
byLisa ward
 
PPTX
JAVA Programming Lecture 1 C 4 Yourself.pptx
byyvsbglfaeahuyldzhq
 
PPTX
Building Real-Time Voice AI — Udaiappa Ramachandran
byUdaiappa Ramachandran
 
PDF
Effective Ai powered mock interview .pdf
byamazingnishusingh766
 
PDF
65 AI-related Posts Catalog https://tinyurl.com/mpavkr8z
byBob Marcus
 
PDF
Purple Team - Active Directory and AzureAD v1
byVICTOR MAESTRE RAMIREZ
 
PPTX
Unit 1 Introduction of Computer Networks
bySuvarnaSharma5
 
PPTX
IBM_NEXA_DAC2021 NEXA, a cloud-native platform for collaborative hardware log...
byArun Joseph
 
PDF
Josh Chu Boston - An Innovative Technology Executive
byJosh Chu Boston
 
DataLiva-LivaGRC- Business Software for Governance, Risk, and Compliance
byMustafa Kuğu
 
Saga: The new era of transactions in a microservices architecture
byGiovanni Marigi
 
TechSprint Kickoff - Everything You Need to Know
bygdgcodecellcmpn
 
DVCON24-IBM ai/ml driven hardware verification
byArun Joseph
 
Visual Foxpro-VFP9-Access-Report-Variable-Outside-the-report.pptx
bymanojbkalla
 
Governing Agentic Enterprise - From Shadow AI to Autonomous Security.pdf
bysajjasridhar1990
 
Generating Structured Outputs from Unstructured Content Using LLMs
byEnterprise Knowledge
 
Best-Travel-Portal-Development-Solutions-for-Online-Growth
bykashishnagarrajput
 
Lecture 04. about Black heads and Hackerss.pptx
byvinocol222
 
Using Change Data Capture (CDC) to Ingest Data into Apache Kafka
byGiovanni Marigi
 
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
How Blockchain Application Development Enables Trustless Digital Ecosystems.pptx
byLisa ward
 
JAVA Programming Lecture 1 C 4 Yourself.pptx
byyvsbglfaeahuyldzhq
 
Building Real-Time Voice AI — Udaiappa Ramachandran
byUdaiappa Ramachandran
 
Effective Ai powered mock interview .pdf
byamazingnishusingh766
 
65 AI-related Posts Catalog https://tinyurl.com/mpavkr8z
byBob Marcus
 
Purple Team - Active Directory and AzureAD v1
byVICTOR MAESTRE RAMIREZ
 
Unit 1 Introduction of Computer Networks
bySuvarnaSharma5
 
IBM_NEXA_DAC2021 NEXA, a cloud-native platform for collaborative hardware log...
byArun Joseph
 
Josh Chu Boston - An Innovative Technology Executive
byJosh Chu Boston
 

Risk analysis

  • 2.
    Risks are potential problem/uncertainty that might affect the successful completion of a software project.  Risk analysis and management are intended to help a software team understand and manage uncertainty during the development process.  The work product is called a Risk Mitigation, Monitoring, and Management Plan (RMMM).
  • 3.
     Two riskStrategies : 1. Reactive strategy Software team does nothing till the risk becomes real. 2. Proactive strategy Risk management begins long before technical work starts. Risks are identified and prioritized by importance. Then team builds a plan to avoid risks if they can or minimize their probability of occurrence or establish plan if risks become real.
  • 4.
     Categories ofrisks 1. Project risks ◦ Threatens the project plan. ◦ If project risk becomes real, it is likely project schedule will slip and the costs will increase ◦ Identifies problems related to budgetary, schedule , personnel and resource 2. Technical risk o Threatens the quality of the software to be produced. o Identifies problems related to design, implementation, maintenance etc
  • 5.
    3.Business risk • Threatens the viability of the software to be built. • Eg of business risk 4. Building an excellent product that no one wants. 5. Building a product that no longer fits into the overall business strategy. 6. Building a product that the sales force do not how to sell. 7. Change of management 8. Losing budgetary
  • 6.
     Stepsfor risk analysis 2. Risk Identification • Lists the risks associated with a specific project. • Use a risk item checklist to identify risks Risk item check list – A set of questions relevant to each risk. A project manager attains a feeling of staffing risk by answering the following set questions--- 8. Are enough people available ? 9. Are the best people available ? 10.Will the project team members be working full time / part time on the project ? 11.Have the staff members received necessary training? No. of negative responses to the questions ∝ degree to which the project is at a staffing risk
  • 7.
    2. Risk projection • Also called risk estimation. • Rates each risk in 2 ways : 4. Find the probability of occurrence of each risk. 5. Find the impact of the problems associated with each risk. Steps 1 : Prepare a risk table. a) Lists all risks identified in the first column. b) Category of the risk is identified in the second column. PS – project size risk. TE – Technical risk. BU – Business risk.
  • 8.
    c) Probability ofoccurrence is entered in the third column. Individual team members are polled for their estimates in a round robin fashion until a single consensus is obtained. d) Impact of each risk on the 4 risk components is assessed . 4 risk components are 1. Performance If the risk becomes real will the requirements be met and will the product be fit for its intended use? 2. Cost If the risk becomes real will the project budget be maintained? 3. Support If the risk becomes real will the resultant software be easy to correct , adapt and enhance?
  • 9.
    4. Schedule Will theproject schedule be maintained and the product will be delivered on time if the risk becomes real? The impact of each risk on the 4 components can be categorized as 1- Catastrophic 2- Critical 3- Marginal 4- Negligible The values are averaged to determine an overall impact value.
  • 10.
  • 11.
    Next the table is sorted by high probability and high impact. • Project manager defines a cut off line implying only risks above the line will be managed. • The column labeled RMMM contains a pointer into a Risk Mitigation Monitoring and Management Plan(A collection of risk information sheets developed for all risks that lie above the cutoff line)
  • 12.
    Steps 2 :Assessing the risk impact . a) Estimate the cost of each risk in the table. • How to estimate the cost of each risk ? Eg : Assume that the software team defines a project risk in the following manner: Risk identification. Only 70 percent of the software components scheduled for reuse will, in fact, be integrated into the application. The remaining functionality will have to be custom developed. Risk probability. 80% (likely). Risk impact. 60 reusable software components were planned. If only 70 percent can be used, 18 components would have to be developed from scratch (in addition to other custom software that has been scheduled for development). Since the average component is 100 LOC and local data indicate that the software engineering cost for each LOC is $14.00, the overall cost (impact) to develop the components would be 18 x 100 x 14 = $25,200.
  • 13.
    b) Calculate therisk exposure foe each risk in the table ---- Risk exposure. RE = Prob. Of occurrence x cost of risk =0.80 x 25,200 ~ $20,200. c) Calculate the total exposure for all risks(above the cutoff line) The total risk exposure provides a means for adjusting the final cost estimates for a project. If RE is greater than 50 % of the project cost , the viability of the project must be evaluated
  • 14.
    3. Risk Refinement • During early stages of project planning, a risk may be stated quite generally. • As time passes and more is learned about the project and the risk, it may be possible to refine the risk. • One way to do this is to represent the risk in condition- transition-consequence (CTC) • Given that <condition> then there is concern that (possibly) <consequence>.
  • 15.
    Using the CTC format for the reuse risk ---- • Given that all reusable software components must conform to specific design standards and that some do not conform, then there is concern that (possibly) only 70 % of the planned reusable modules may actually be integrated into the as-built system, resulting in the need to custom engineer the remaining 30 % of components. • This general condition can be refined in the following manner: Sub condition 1 Certain reusable components were developed by a third party with no knowledge of internal design standards. Sub condition 2 Certain reusable components have been implemented in a language that is not supported on the target environment.
  • 16.
    4. Risk MitigationMonitoring and Management All the risk analysis activities presented so far have single goal i.e to assist the project team in developing a strategy to deal with risk. An effective strategy is-- 6. Risk Mitigation (avoidance) For example, Assume Risk -High staff turnover is noted as a project risk, Prob. Of occurrence -70% ( high) and Impact-2 (critical)
  • 17.
    To mitigate thisrisk, project management must develop a strategy for reducing turnover. Among the possible steps to be taken --  Meet with current staff to determine causes for turnover (e.g., poor working conditions, low pay, and competitive job market).  Mitigate those causes that are under our control before the project starts.  Organize project teams so that information about each development activity is widely dispersed.  Define documentation standards and establish mechanisms to be sure that documents are developed in a timely manner.  Assign a backup staff member for every critical technologist.
  • 18.
    2. Risk monitoring  As the project proceeds, risk monitoring activities commence.  The project manager monitors factors that may provide an indication of whether the risk is becoming more or less likely. In the case of high staff turnover, the following factors can be monitored:  General attitude of team members based on project pressures.  The degree to which the team has jelled.  Interpersonal relationships among team members.  Potential problems with compensation and benefits.  The availability of jobs within the company and outside it.
  • 19.
    Also the project manager should monitor the effectiveness of risk mitigation steps.  The project manager should monitor documents carefully to ensure that each can stand on its own and that each imparts information that would be necessary if a newcomer were forced to join the software team somewhere in the middle of the project.
  • 20.
    3. Risk management •Assumes that mitigation efforts have failed and that the risk has become a reality (a number of people announce that they are leaving) • If the mitigation strategy has been followed, backup is available, information is documented, and knowledge has been dispersed across the team. • Those individuals who are leaving are asked to stop all work and spend their last weeks in “knowledge transfer mode. This might include video-based knowledge capture, the development of “commentary documents,” and/or meeting with other team members who will remain on the project.
  • 21.
    The RMMM plan documents all work performed as part of risk analysis and are used by the project manager as part of the overall project plan.  Some software teams do not develop a formal RMMM document. Rather, each risk is documented individually using a risk information sheet (RIS)  Once RMMM has been documented and the project has begun, risk mitigation and monitoring steps commence. And if the risk becomes real then the project manager applies the management steps.
  • 22.
    Risk ID: P02-4-32 Date : 5/9/02 Prob: 80% Impact : High Description : Only 70 % of the software components scheduled for reuse will be integrated into the application. The remaining functionality will have to be custom developed. Refinement/Context Sub condition 1 Certain reusable components were developed by a third party with no knowledge of internal design standards. Sub condition 2 Certain reusable components have been implemented in a language that is not supported on the target environment. Mitigation/Monitoring : 1. Contact third party to determine conformance with design standards. 2. Check to determine if language support can be acquired.
  • 23.
    Management Plan : •RE computed to be $20,200. Allocate this amount within project cost. • Develop revised schedule assuming 18 additional components will have to be custom built. • Allocate staff accordingly. Current Status : 6/12/2010 : Mitigation steps initiated.