Software Project Management.pptx

Risk Analysis & Management
Priyajit Sen
Assistant Professor
Department of Computer Application
MAKAUT, W.B., India
Priyajit Sen, Department of Computer Applications, MAKAUT,
W.B., India

What is risk?
A risk is a potential problem that might happen and might not. It can be
conceptually defined as concerns of future happenings that involve
change in mind, option, actions, places, etc.
Basic Characteristics of Risk:
Uncertainty:- It may or may not happen, that is there is no 100%
guarantee of risk becoming true.
Loss:- If the risk becomes true then unwanted consequences or
losses may occur.
W.B., India

What is risk management?
Risk Management is a process of thinking systematically about all
possible risks, problems or disasters before they happen and setting up
procedures that will avoid the risk, or minimize the impact, or cope
with its impact.
W.B., India

Types of Risk:
Reactive:- A response based risk management approach, which is
dependent on accident evaluation and audit based findings.
Proactive:- Adaptive, closed loop feedback control strategy based on
measurement, observation of the present safety level and planned
explicit target safety level with a creative intellectuality.
W.B., India

Purpose of Proactive and Reactive Risk Management:
Reactive risk management: Reactive risk management attempts to
reduce the tendency of the same or similar accidents which happened in
past being repeated in future.
Proactive risk management: Proactive risk management attempts to
reduce the tendency of any accident happening in future by identifying
the boundaries of activities, where a breach of the boundary can lead to
an accident.
W.B., India

Difference between Proactive and Reactive Risk Management
W.B., India

Categories of risk
Project risk:- Risk that affect the project schedule or recourse. An example
of a project risk is the loss of an experienced designer. Finding a replacement,
may take a long time and consequently, the software design will take longer to
complete.
Product Risk:- Risk that affect the quality or performance of the software
being developed. An example of a product risk is the failure of a purchased
component to perform as expected.
Business Risk:- Risk that affect the organization developing or procuring the
product. For example, a competitor introducing a new product. The
introduction of a competitive product may mean that the assumption made
about the sales of existing software products may be unduly optimistic.
W.B., India

Process of Risk management
Risk Identification: Identity possible project, product and business risks.
Risk Projection: Assessment of the likelihood and consequences of these
risks.
Risk Mitigation: Plan to address the risk, either by avoiding it or minimize
effects on the project.
Risk Monitoring: Regularly assess the risk and the plan
revise these when we learn more about the risk.
W.B., India

Process of Risk management
W.B., India

Risk Identification
Basically, there are six types of risks.
Organizational Risks: Drive from the organizational environment where the
software is being developed.
Tools Risks: Drive from the software tools and other supporting software
used to develop the system.
Requirement Risks: Drive from changes to the customer requirements and
the process of managing the requirements change.
Estimation Risks: Drive from the management estimates of the resources
required to build the system.
W.B., India

Risk Projection
The likelihood of a risk coming true(r).
The consequence of the problems associated with that risk(s).
Based on these two factors, the priority of each risk can be computed
as:
p = r * s
Where p is the priority with which the risk must be handled, r is the probability of
the risk becoming true
and s is the severity of damage caused due to the risk becoming true.
If all identified risks are prioritized then most likely and damaging risks can be
handled first and more comprehensive risk abatement procedures can be designed
for these risks.
W.B., India

Risk Refinement:
This general condition can be refined in the following manner:
Sub-condition 1: Certain reusable components were developed by a
third party with no knowledge of internal design standards.
Sub-condition 2: The design standard for component interfaces has not
been solidified and may not conform to certain existing reusable
components.
Sub-condition 3: Certain reusable components have been implemented
in a language that is not supported on the target environment.
W.B., India

Risk Mitigation
Avoid Risk: The probability that the risk will arise will be reduce. It may
take several forms such as discussions with the customer to reduce the
scope of the work, giving incentives to engineers to avoid risk of man
power turn over, etc.
Transfer Risk: This strategy involves getting the risky component
developed by third party or buying insurance career, etc.
Risk Reduction: This involves planning ways to contain the damage due
to a risk. For example, if there is risk that some key personnel might
leave, new recruitment may be planned.
W.B., India

Risk Monitoring & Management
Risk monitoring and management is the process of checking that our
assumptions about the project, product and business risks have not
changed.
We should regularly assess each of the identified risk to decide whether
or not that risk is becoming more or less probable.
W.B., India

RMMM Plan
W.B., India

Safety Critical Software
Primary safety-critical software: Malfunctioning of this kind
of software could cause direct human or environment damage.
Secondary safety-critical software: Malfunctioning of this
software could cause indirect human or environment damage.
For example if a drug dispensing machine gave out the wrong
drugs to someone, the system itself would not cause damage, but
it would be the reason that damage was caused.
W.B., India

Different Hazards:
W.B., India

Industry Analysis Techniques:
A number of hazard analysis techniques have been developed in order to fully
understand and
resolve these hazards.
An example of this is the STAMP technique which was developed at MIT, and
is not only for hazard analysis, but also considers organizational factors and
the dynamics of complex systems.
W.B., India

STAMP has five steps:
1. Identify the system hazards: identify all of the potential hazards in a system and
expand on them to find rough solutions
2. Identify safety related requirements and constraints: In order to remove the
hazard what are the constraints
3. Define the basic system control structure: Define who is in control at the time
of the potential hazard
4. Identify inadequate control actions that could lead to a hazard: Find out how the
system reaches the hazardous state using the control structure.
5. Determine what constraints could be violated and eliminate, prevent or control
them through the system design
W.B., India

Project Scheduling and Techniques:
Break down each activity into tasks.
Determine the dependency among different tasks.
Establish the estimates for the time durations necessary to complete the tasks.
Represent the information in the form of an activity network.
Determine task starting and ending dates from the information represented in
the activity network.
Determine the critical path. A critical path is a chain of tasks that determines
the duration of the project.
Allocate resources to tasks.
W.B., India

THANK YOU
W.B., India

Software Project Management.pptx

More Related Content

Similar to Software Project Management.pptx

Recently uploaded

Software Project Management.pptx