SlideShare a Scribd company logo

C04.02-RiskManagement.key.pdf

S
ssuser8babb7

risk

Engineering
1 of 44
Download to read offline
Risk Management
spm - ©2014 adolfo villafiorita - introduction to software project management Motivations • When we looked at project selection we just took into account financial data • In the scope management document we emphasized the importance of making our goals achievable, i.e. the A in SMART ... however between achievable and achieved there is a big difference. • In the planning phase we had to deal with various uncertainties (estimation) and tried to deal with them generically (e.g. time buffers) • We stuck to one plan (the nominal plan), but the world is non-nominal: changes, both negative and positive, will occur! !2
spm - ©2014 adolfo villafiorita - introduction to software project management Risk Management Risk management collects techniques, know-how and processes to help identify, assess, manage, and monitor risks ! The objectives of Project Risk Management are to increase the probability and the impact of positive events and decrease the probability and impact of events adverse to the project. !3
spm - ©2014 adolfo villafiorita - introduction to software project management Risk Management: Some Goals • Understanding whether a project is worth taking • Help refining the budget for the project • Increase chances of ending the project successfully • Increase chances of terminating the project as planned: – Within scope – Within quality – Within budget – On time !4
spm - ©2014 adolfo villafiorita - introduction to software project management Risk Management: Two Definitions • “Traditionally”: – Risk is the possibility of suffering loss • In project management: – (Project) Risk is an event or condition that, if it occurs has positive or negative influence on an objective * Negative outcome: menace * Positive outcome: opportunity !5
spm - ©2014 adolfo villafiorita - introduction to software project management Risk Management • Used in several fields, such as: – Finance – Insurance – Engineering (safety critical, security, …) • Various standards recognize the importance of risk in software development: – ISO/IEC 12207 (Information Technology - Software life cycle processes) – UNI EN 29000-3 (Guidelines for the application of ISO 9001 to software development and maintenance) – UNI ISO 10006 (Guidelines for managing projects) • Various techniques (FMEA, FTA, simulation, …) have been defined and adopted to assess it. !6
spm - ©2014 adolfo villafiorita - introduction to software project management Goals of the Unit • Learning the techniques to identify, assess, prioritize, manage and control project risks • Learning what are the most common risks in software development projects • Learning how to budget for project risks !7
Initiate Plan Execute & Monitor Close Develop Monitor Goals, Cost and Schedule Release Change Control & Configuration Management Quality Management Human Resource Management Kick Off Activities Formalize Goals Define Schedule Define Costs Assess Feasibility Close Collect Outputs [Obtain Approval] Risk Management !8
Risk Management and Project Management
spm - ©2014 adolfo villafiorita - introduction to software project management The Risk Management Process Define Risk Management Standards Identify Risks Classify Risks Define Management Strategies Risk Management Starndars Monitor Risks Risk Log (updated) Risk Register Risk Register (updated) and Risk Matrix Risk Plan [ new risk identified ] !10 • It runs in parallel to the other PM activities throughout the project
spm - ©2014 adolfo villafiorita - introduction to software project management Defining Risk Management Standards Goal: describing how risk management will be structured and performed on the project. ! – Output: a document (or set of documents and templates) – Part of the project management plan – Helps define project standards and best practices !11
spm - ©2014 adolfo villafiorita - introduction to software project management Define Risk Management Standards • The document includes, at a minimum: – The procedures to monitor and update risks – The procedures to apply contingency plans – Who is in charge of what • Added value: – Definition of risk probabilities and impacts – Risk Categories or other sources to identify risks – Reporting formats • A risk management plan could be standardized and adopted organization-wide • Different projects require different levels of formality in risk management !12
spm - ©2014 adolfo villafiorita - introduction to software project management Risk Identification Goal: understanding what are the risk that could potentially influence the project and document their characteristics ! – Risk identification is an iterative process (new risks may be identified as the project progresses; old risks may become “obsolete”) – Output: Risk Register, basis for qualitative/quantitative risk analysis !13
spm - ©2014 adolfo villafiorita - introduction to software project management Risk Identification and Classification • Process (iterative): – Collect: * identify specific project risks * describe the risk – Analyze: * Identify the root causes (do not misinterpret effects as causes) * Define the risk category (impact) and probability * Identify other useful characteristics: – When it can occur or frequency of occurrence – How it manifests • Output: – Risk Register !14
spm - ©2014 adolfo villafiorita - introduction to software project management Risk Identification Techniques • Meetings • Document Analysis • Risk Breakdown Structures, Checklists, Templates • Analogy !15
spm - ©2014 adolfo villafiorita - introduction to software project management Boehm’s Top Ten Causes for Project Failures • Boehm developed a list of the ten most common causes for projects to fail • Some of the causes mentioned in the list can be used as starting point to identify the risks applicable to a project at hand • Risks include: – Personnel or subcontractors Shortfall – Unrealistic schedule and budget – Developing the wrong software functions/user interface – Gold plating (getting priorities wrong) – Ineffective change control – Technical risks !16
spm - ©2014 adolfo villafiorita - introduction to software project management Root Cause Analysis Techniques • Cause-Effect Diagram (Ishikawa) • Fault Trees/Failure Modes and Effect Analysis !17 Risk Mother Nature Material Method Man Machine Measurement
spm - ©2014 adolfo villafiorita - introduction to software project management Fishbone Diagrams: Some starting points • The 6 M's: – Machine, Method, Materials, Measurement, Man and Mother Nature (Environment) (recommended for manufacturing industry). • The 8 P's: – Price, Promotion, People, Processes, Place / Plant, Policies, Procedures & Product (or Service) (recommended for administration and service industry). • The 4 S's: – Surroundings, Suppliers, Systems, Skills (recommended for service industry). !18
Risk Assessment and Risk Management Strategies
spm - ©2014 adolfo villafiorita - introduction to software project management Risk Assessment Goal: prioritize risks according to their impact and likeness on the project ! – Output: a prioritized list of risks (priority defined according to probability and impact) – Information on whether a project is worth taking – Information about what risks must be monitored !20
spm - ©2014 adolfo villafiorita - introduction to software project management Probability/Impact !21 Frequency Impact Why projects don’t have risks here? Why projects do not have risks here?
spm - ©2014 adolfo villafiorita - introduction to software project management Techniques • Qualitative risk analysis – Simpler – Can be used when no precise information about probabilities of risk is available • Quantitative risk analysis – More systematic – Suitable for mathematical analysis – Provide figures on the (economical) impact of risks !22
Qualitative Risk Analysis
spm - ©2014 adolfo villafiorita - introduction to software project management Qualitative Risk Analysis • Start from – Risks Management Standard which define the scales to be adopted for probability and impact – The outputs of the risk identification phase (during which we assigned a probability to each risk) • Highlight most significant risks: – By organizing risks into a risk matrix – By scoring risks • Output: – Assess whether the project is worthwhile. – Decide what risks must be monitored !24
spm - ©2014 adolfo villafiorita - introduction to software project management Risk Matrix !25 Negligible Low Moderate Severe Catastrophic Very High R1 R5 High R2 R6, R7, R8 Moderate R3 Low R4 Very Low R9, R10
spm - ©2014 adolfo villafiorita - introduction to software project management Risk Matrix • Decide where to set the “bar”... Negligible Low Moderate Severe Catastrophic Very High R1 R5 High R2 R6, R7, R8 Moderate R3 Low R4 Very Low R9, R10 !26
spm - ©2014 adolfo villafiorita - introduction to software project management Risk Matrix • RED: Require special treatment (or drop the project) • ORANGE: Need close monitoring • GREEN: LOW: Standard in a project... nuisances Negligible Low Moderate Severe Catastrophic Very High R1 R5 High R2 R6, R7, R8 Moderate R3 Low R4 Very Low R9, R10 !27
spm - ©2014 adolfo villafiorita - introduction to software project management Risk Scoring • Define classes of probabilities and classes of qualitative or numeric classes of impact • Example – Probability: very low, low, moderate, high, very high – Impact: negligible, low, moderate, severe, catastrophic – Risk Score: low, medium, high (see previous slide) or numeric: SCORE = P x I !28 Very Low 0.1 1 Low 0.3 2 Moderate 0.5 3 High 0.7 4 Very High 0.9 5 Negligible 0.1 1 Low 0.3 2 Moderate 0.5 3 Severe 0.7 4 Catastrophic 0.9 5
spm - ©2014 adolfo villafiorita - introduction to software project management Socially constructed risk • Two problems with qualitative risk – Modelers: we are “risk illiterate” (we believe some things are riskier than others, sometimes even when statistics tell us otherwise) – Models: who says what the probabilities are? How do we calculate the risk exposures objectively? (projects are one-offs) !29
spm - ©2014 adolfo villafiorita - introduction to software project management Examples of risks: Causes of Death • Heart disease: 597,689 • Cancer: 574,743 • Chronic lower respiratory diseases: 138,080 • Stroke (cerebrovascular diseases): 129,476 • Accidents (unintentional injuries): 120,859 • Alzheimer's disease: 83,494 • Diabetes: 69,071 • Nephritis, nephrotic syndrome, and nephrosis: 50,476 • Influenza and Pneumonia: 50,097 • Intentional self-harm (suicide): 38,364 !30 Source: http://www.cdc.gov/nchs/fastats/lcod.htm (2011 data)
Risk Management Strategies a.k.a. Risk Response Planning: how do we take care and exploit risks
spm - ©2014 adolfo villafiorita - introduction to software project management Risk Management Strategy Goal: find a treatment for the unacceptable risks and decide the strategies to apply for the remaining risks, should they occur during the project ! – Output: a plan with only acceptable risks – A contingency plan for each remaining significant risk !32
spm - ©2014 adolfo villafiorita - introduction to software project management The Scenario • RED: Require special treatment (or drop the project) • ORANGE: Need close monitoring • GREEN: LOW: Standard in a project... nuisances Negligible Low Moderate Severe Catastrophic Very High R1 R5 High R2 R6, R7, R8 Moderate R3 Low R4 Very Low R9, R10 !33
spm - ©2014 adolfo villafiorita - introduction to software project management Strategies: Menaces • Avoid – Change the plan to eliminate the threat (increase time, relax objectives, take corrective actions - increase time to do requirements) • Transfer – Shift the negative outcome to a third party. It transfers responsibility, it does not eliminate the risk (insurance, contracts to transfer liability… they require to pay you a price) • Mitigate – Reduce probability or impact (often better than trying and repair the damage; prototyping) !34
spm - ©2014 adolfo villafiorita - introduction to software project management Strategies: Opportunities • Exploit – Eliminate uncertainty relate to the occurrence of the opportunity (e.g. assign more talented people, provide better quality) • Share – Allocate responsibility of exploitation to a third party (joint-ventures, partnerships, …) • Enhance – Modify the size of an opportunity by increasing probability and/or positive impact !35
spm - ©2014 adolfo villafiorita - introduction to software project management Strategy: common • Accept – Passive: just let the team deal with the risks – Active: provide some buffer (time, money, …) !36 Why? ... Low impact or probability ... Simpler to deal with the risk, if it occurs than planning a response in advance
spm - ©2014 adolfo villafiorita - introduction to software project management Risk Response Planning: Outputs • Risk Response Plan: – Strategy (strategies) for dealing with the risks: must be concrete! – Triggers (elements used to monitor and understand whether a risk has occurred) – People responsible of monitoring the risk – People responsible of applying contingency plans !37
spm - ©2014 adolfo villafiorita - introduction to software project management The Risk Register • The most common tool to list and manage risks is a spreadsheet • One row per risk • Each risk characterized by: – ID, Title, Description – Risk Category (if you are inclined to classifications) – Probability, Impact and, possibly, Score (PxI) – Root cause – Time-frame – Monitoring modalities (periodicity, person, reporting) – Status (active, occurred, inactive) !38
Risk Monitoring and Control a.k.a. Risk Response Planning: how do we take care and exploit risks
spm - ©2014 adolfo villafiorita - introduction to software project management Risk Monitoring and Control • Input: – The risk register • Process – Analyze deviations from the nominal plan – Identify causes – Evaluate corrective actions – Modify current plan • Mind: – Planned risks must be dealt with as above (use contingency plans) – Unplanned risks require the full process! !40
Conclusions and The main risks of ... Risk Management!
spm - ©2014 adolfo villafiorita - introduction to software project management Some Common Errors • During the Planning Phase: – Not identifying a maximum risk value * Give up a project if too risky – Not writing a balanced risk management plan * Size and complexity have to be at the right level for the project – Misinterpreting effects as causes * You end up caring for the wrong event and not looking at the actual problem * Example 1: We might be late with the project * Example 2: We may be charged 100.000 euros as a penalty !42
spm - ©2014 adolfo villafiorita - introduction to software project management Some Common Errors • During Risk Monitoring: – Risk homeostasis: we tend to increase our risk-taking – Anchors and frames: we tend to stick to anchor and frames overlooking opportunities or the need to change course. An example is sticking to past decisions (as an anchoring mechanism) – Sunk costs: an incorrect economical assumption (“I have spent so much… it is more convenient to keep going!”) – Cognitive dissonance: we do not like inconsistencies; our brain creates consistent theories, sometimes altering (or not considering) all facts. (“I know smoking is bad … but (another) cig won’t hurt me”) !43
spm - ©2014 adolfo villafiorita - introduction to software project management Some Common Errors • During Risk Monitoring: – Do not apply contingency plans * Dealing with risk when they occur is more error-prone than think about the strategies before they occur – Do not involve actors * Make sure stakeholders understand consequences of the risk (share the risk) * involve stakeholders in dealing with them – Do not update the plan * Helps keeping the contingency plans really applicable !44

Recommended

Software Engineering (Risk Management)
Software Engineering (Risk Management)Software Engineering (Risk Management)
Software Engineering (Risk Management)
ShudipPal
 
Project risk analysis
Project risk analysisProject risk analysis
Project risk analysis
SUBHASISHMAHAKUD
 
pressman-ch-25-risk-management.ppt
pressman-ch-25-risk-management.pptpressman-ch-25-risk-management.ppt
pressman-ch-25-risk-management.ppt
MuhammadKashif703372
 
Risk Management
Risk ManagementRisk Management
Risk Management
Saqib Raza
 
Guide to-risk-management-in-projects
Guide to-risk-management-in-projectsGuide to-risk-management-in-projects
Guide to-risk-management-in-projects
engrsurif
 
project_risk_mgmt_final 1.ppt
project_risk_mgmt_final 1.pptproject_risk_mgmt_final 1.ppt
project_risk_mgmt_final 1.ppt
BetshaTizazu2
 
PMI project_risk_management_final_2022.ppt
PMI project_risk_management_final_2022.pptPMI project_risk_management_final_2022.ppt
PMI project_risk_management_final_2022.ppt
DorraLamouchi1
 
project_risk_mgmt_final.ppt
project_risk_mgmt_final.pptproject_risk_mgmt_final.ppt
project_risk_mgmt_final.ppt
avisha23
 

Recommended

Software Engineering (Risk Management)
Software Engineering (Risk Management)Software Engineering (Risk Management)
Software Engineering (Risk Management)
ShudipPal
 
Project risk analysis
Project risk analysisProject risk analysis
Project risk analysis
SUBHASISHMAHAKUD
 
pressman-ch-25-risk-management.ppt
pressman-ch-25-risk-management.pptpressman-ch-25-risk-management.ppt
pressman-ch-25-risk-management.ppt
MuhammadKashif703372
 
Risk Management
Risk ManagementRisk Management
Risk Management
Saqib Raza
 
Guide to-risk-management-in-projects
Guide to-risk-management-in-projectsGuide to-risk-management-in-projects
Guide to-risk-management-in-projects
engrsurif
 
project_risk_mgmt_final 1.ppt
project_risk_mgmt_final 1.pptproject_risk_mgmt_final 1.ppt
project_risk_mgmt_final 1.ppt
BetshaTizazu2
 
PMI project_risk_management_final_2022.ppt
PMI project_risk_management_final_2022.pptPMI project_risk_management_final_2022.ppt
PMI project_risk_management_final_2022.ppt
DorraLamouchi1
 
project_risk_mgmt_final.ppt
project_risk_mgmt_final.pptproject_risk_mgmt_final.ppt
project_risk_mgmt_final.ppt
avisha23
 
project_risk_mgmt_final.ppt
project_risk_mgmt_final.pptproject_risk_mgmt_final.ppt
project_risk_mgmt_final.ppt
AyidAlmgati
 
Risk-Management-05012023-025512pm.ppt
Risk-Management-05012023-025512pm.pptRisk-Management-05012023-025512pm.ppt
Risk-Management-05012023-025512pm.ppt
YasirShaikh34
 
SPM RISK PLANNING.pdfddddddddddddddddddddddddddddddddddddddddddddddd
SPM RISK PLANNING.pdfdddddddddddddddddddddddddddddddddddddddddddddddSPM RISK PLANNING.pdfddddddddddddddddddddddddddddddddddddddddddddddd
SPM RISK PLANNING.pdfddddddddddddddddddddddddddddddddddddddddddddddd
ShepherdChidambaeh
 
Risk Management
Risk ManagementRisk Management
Risk Management
Kinza Razzaq
 
Risk Management.ppt
Risk Management.pptRisk Management.ppt
Risk Management.ppt
AHMED Hegab
 
PMI-ACP Lesson 9 Agile Risk Management
PMI-ACP Lesson 9 Agile Risk ManagementPMI-ACP Lesson 9 Agile Risk Management
PMI-ACP Lesson 9 Agile Risk Management
Thanh Nguyen
 
Risk management
Risk managementRisk management
Risk management
Naveen Menon
 
Risk mgmt
Risk mgmtRisk mgmt
Risk mgmt
Oliver
 
Project risk management in automotive industry
Project risk management in automotive industryProject risk management in automotive industry
Project risk management in automotive industry
Sumit Bhattacharya
 
Managing Risk And Opportunity In IT Projects
Managing Risk And Opportunity In IT ProjectsManaging Risk And Opportunity In IT Projects
Managing Risk And Opportunity In IT Projects
slideshare_venr
 
Managing Risk in Agile Development: It Isn’t Magic
Managing Risk in Agile Development: It Isn’t MagicManaging Risk in Agile Development: It Isn’t Magic
Managing Risk in Agile Development: It Isn’t Magic
TechWell
 
Pressman ch-25-risk-management
Pressman ch-25-risk-managementPressman ch-25-risk-management
Pressman ch-25-risk-management
zeeshanwrch
 
risk management
risk managementrisk management
risk management
Arti Maggo
 
PPT SE SACHIN.ppt
PPT SE SACHIN.pptPPT SE SACHIN.ppt
PPT SE SACHIN.ppt
SACHINMAURYA57
 
Project Risk Management
Project Risk ManagementProject Risk Management
Project Risk Management
Andersson Lujan Ojeda
 
Project risk management
Project risk managementProject risk management
Project risk management
Dewang Agrawal
 
Project Risk mgt ch3 supplimentary.ppt n
Project Risk mgt ch3 supplimentary.ppt nProject Risk mgt ch3 supplimentary.ppt n
Project Risk mgt ch3 supplimentary.ppt n
Kevin117905
 
Project risk management
Project risk managementProject risk management
Project risk management
Mohsin Azam
 
Risk Management Best Practices
Risk Management Best PracticesRisk Management Best Practices
Risk Management Best Practices
PMILebanonChapter
 
Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) - Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) -
Shashi Kumar
 
C03.04c-InDepth-OP.key.pdf
C03.04c-InDepth-OP.key.pdfC03.04c-InDepth-OP.key.pdf
C03.04c-InDepth-OP.key.pdf
ssuser8babb7
 
C07.03-05-SW-DevelopmentProcess-Agile.key.pdf
C07.03-05-SW-DevelopmentProcess-Agile.key.pdfC07.03-05-SW-DevelopmentProcess-Agile.key.pdf
C07.03-05-SW-DevelopmentProcess-Agile.key.pdf
ssuser8babb7
 

More Related Content

Similar to C04.02-RiskManagement.key.pdf

Risk-Management-05012023-025512pm.ppt
Risk-Management-05012023-025512pm.pptRisk-Management-05012023-025512pm.ppt
Risk-Management-05012023-025512pm.ppt
YasirShaikh34
 
Managing Risk in Agile Development: It Isn’t Magic
Managing Risk in Agile Development: It Isn’t MagicManaging Risk in Agile Development: It Isn’t Magic
Managing Risk in Agile Development: It Isn’t Magic
TechWell
 
Project risk management
Project risk managementProject risk management
Project risk management
Mohsin Azam
 

Similar to C04.02-RiskManagement.key.pdf (20)

project_risk_mgmt_final.ppt
project_risk_mgmt_final.pptproject_risk_mgmt_final.ppt
project_risk_mgmt_final.ppt
 
Risk-Management-05012023-025512pm.ppt
Risk-Management-05012023-025512pm.pptRisk-Management-05012023-025512pm.ppt
Risk-Management-05012023-025512pm.ppt
 
SPM RISK PLANNING.pdfddddddddddddddddddddddddddddddddddddddddddddddd
SPM RISK PLANNING.pdfdddddddddddddddddddddddddddddddddddddddddddddddSPM RISK PLANNING.pdfddddddddddddddddddddddddddddddddddddddddddddddd
SPM RISK PLANNING.pdfddddddddddddddddddddddddddddddddddddddddddddddd
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
Risk Management.ppt
Risk Management.pptRisk Management.ppt
Risk Management.ppt
 
PMI-ACP Lesson 9 Agile Risk Management
PMI-ACP Lesson 9 Agile Risk ManagementPMI-ACP Lesson 9 Agile Risk Management
PMI-ACP Lesson 9 Agile Risk Management
 
Risk management
Risk managementRisk management
Risk management
 
Risk mgmt
Risk mgmtRisk mgmt
Risk mgmt
 
Project risk management in automotive industry
Project risk management in automotive industryProject risk management in automotive industry
Project risk management in automotive industry
 
Managing Risk And Opportunity In IT Projects
Managing Risk And Opportunity In IT ProjectsManaging Risk And Opportunity In IT Projects
Managing Risk And Opportunity In IT Projects
 
Managing Risk in Agile Development: It Isn’t Magic
Managing Risk in Agile Development: It Isn’t MagicManaging Risk in Agile Development: It Isn’t Magic
Managing Risk in Agile Development: It Isn’t Magic
 
Pressman ch-25-risk-management
Pressman ch-25-risk-managementPressman ch-25-risk-management
Pressman ch-25-risk-management
 
risk management
risk managementrisk management
risk management
 
PPT SE SACHIN.ppt
PPT SE SACHIN.pptPPT SE SACHIN.ppt
PPT SE SACHIN.ppt
 
Project Risk Management
Project Risk ManagementProject Risk Management
Project Risk Management
 
Project risk management
Project risk managementProject risk management
Project risk management
 
Project Risk mgt ch3 supplimentary.ppt n
Project Risk mgt ch3 supplimentary.ppt nProject Risk mgt ch3 supplimentary.ppt n
Project Risk mgt ch3 supplimentary.ppt n
 
Project risk management
Project risk managementProject risk management
Project risk management
 
Risk Management Best Practices
Risk Management Best PracticesRisk Management Best Practices
Risk Management Best Practices
 
Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) - Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) -
 

More from ssuser8babb7

C03.04c-InDepth-OP.key.pdf
C03.04c-InDepth-OP.key.pdfC03.04c-InDepth-OP.key.pdf
C03.04c-InDepth-OP.key.pdf
ssuser8babb7
 
C07.03-05-SW-DevelopmentProcess-Agile.key.pdf
C07.03-05-SW-DevelopmentProcess-Agile.key.pdfC07.03-05-SW-DevelopmentProcess-Agile.key.pdf
C07.03-05-SW-DevelopmentProcess-Agile.key.pdf
ssuser8babb7
 
C07.01-02-SW-DevelopmentProcess.key.pdf
C07.01-02-SW-DevelopmentProcess.key.pdfC07.01-02-SW-DevelopmentProcess.key.pdf
C07.01-02-SW-DevelopmentProcess.key.pdf
ssuser8babb7
 
C06.00-ProjectPricing.key.pdf
C06.00-ProjectPricing.key.pdfC06.00-ProjectPricing.key.pdf
C06.00-ProjectPricing.key.pdf
ssuser8babb7
 
C05.02-OrganizationalStructures.key.pdf
C05.02-OrganizationalStructures.key.pdfC05.02-OrganizationalStructures.key.pdf
C05.02-OrganizationalStructures.key.pdf
ssuser8babb7
 
C03.09-AgileMonitoringAndControl.key.pdf
C03.09-AgileMonitoringAndControl.key.pdfC03.09-AgileMonitoringAndControl.key.pdf
C03.09-AgileMonitoringAndControl.key.pdf
ssuser8babb7
 
C04.01-ManagingChanges.key.pdf
C04.01-ManagingChanges.key.pdfC04.01-ManagingChanges.key.pdf
C04.01-ManagingChanges.key.pdf
ssuser8babb7
 
C03.10-ProjectClosing.key.pdf
C03.10-ProjectClosing.key.pdfC03.10-ProjectClosing.key.pdf
C03.10-ProjectClosing.key.pdf
ssuser8babb7
 
C03.08-09-ExecutionMonitoringControl.key.pdf
C03.08-09-ExecutionMonitoringControl.key.pdfC03.08-09-ExecutionMonitoringControl.key.pdf
C03.08-09-ExecutionMonitoringControl.key.pdf
ssuser8babb7
 
C03.07-BudgetingAndAccounting.key.pdf
C03.07-BudgetingAndAccounting.key.pdfC03.07-BudgetingAndAccounting.key.pdf
C03.07-BudgetingAndAccounting.key.pdf
ssuser8babb7
 
C03.06-OptimizingThePlan.key.pdf
C03.06-OptimizingThePlan.key.pdfC03.06-OptimizingThePlan.key.pdf
C03.06-OptimizingThePlan.key.pdf
ssuser8babb7
 

More from ssuser8babb7 (14)

C03.04c-InDepth-OP.key.pdf
C03.04c-InDepth-OP.key.pdfC03.04c-InDepth-OP.key.pdf
C03.04c-InDepth-OP.key.pdf
 
C07.03-05-SW-DevelopmentProcess-Agile.key.pdf
C07.03-05-SW-DevelopmentProcess-Agile.key.pdfC07.03-05-SW-DevelopmentProcess-Agile.key.pdf
C07.03-05-SW-DevelopmentProcess-Agile.key.pdf
 
C07.01-02-SW-DevelopmentProcess.key.pdf
C07.01-02-SW-DevelopmentProcess.key.pdfC07.01-02-SW-DevelopmentProcess.key.pdf
C07.01-02-SW-DevelopmentProcess.key.pdf
 
C06.00-ProjectPricing.key.pdf
C06.00-ProjectPricing.key.pdfC06.00-ProjectPricing.key.pdf
C06.00-ProjectPricing.key.pdf
 
C05.03-Communication.key.pdf
C05.03-Communication.key.pdfC05.03-Communication.key.pdf
C05.03-Communication.key.pdf
 
C05.02-OrganizationalStructures.key.pdf
C05.02-OrganizationalStructures.key.pdfC05.02-OrganizationalStructures.key.pdf
C05.02-OrganizationalStructures.key.pdf
 
C03.09-AgileMonitoringAndControl.key.pdf
C03.09-AgileMonitoringAndControl.key.pdfC03.09-AgileMonitoringAndControl.key.pdf
C03.09-AgileMonitoringAndControl.key.pdf
 
C04.01-ManagingChanges.key.pdf
C04.01-ManagingChanges.key.pdfC04.01-ManagingChanges.key.pdf
C04.01-ManagingChanges.key.pdf
 
C03.10-ProjectClosing.key.pdf
C03.10-ProjectClosing.key.pdfC03.10-ProjectClosing.key.pdf
C03.10-ProjectClosing.key.pdf
 
C03.08-09-ExecutionMonitoringControl.key.pdf
C03.08-09-ExecutionMonitoringControl.key.pdfC03.08-09-ExecutionMonitoringControl.key.pdf
C03.08-09-ExecutionMonitoringControl.key.pdf
 
C03.07-BudgetingAndAccounting.key.pdf
C03.07-BudgetingAndAccounting.key.pdfC03.07-BudgetingAndAccounting.key.pdf
C03.07-BudgetingAndAccounting.key.pdf
 
C03.06-OptimizingThePlan.key.pdf
C03.06-OptimizingThePlan.key.pdfC03.06-OptimizingThePlan.key.pdf
C03.06-OptimizingThePlan.key.pdf
 
C03.05-Scheduling.key.pdf
C03.05-Scheduling.key.pdfC03.05-Scheduling.key.pdf
C03.05-Scheduling.key.pdf
 
C03.04-Estimating.key.pdf
C03.04-Estimating.key.pdfC03.04-Estimating.key.pdf
C03.04-Estimating.key.pdf
 

Recently uploaded

Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
roncy bisnoi
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
MsecMca
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdf
ankushspencer015
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
SUHANI PANDEY
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
ssuser89054b
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night StandCall Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
amitlee9823
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Call Girls in Nagpur High Profile
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Christo Ananth
 
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
dollysharma2066
 

Recently uploaded (20)

Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdf
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
Double rodded leveling 1 pdf activity 01
Double rodded leveling 1 pdf activity 01Double rodded leveling 1 pdf activity 01
Double rodded leveling 1 pdf activity 01
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.ppt
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
 
NFPA 5000 2024 standard .
NFPA 5000 2024 standard .NFPA 5000 2024 standard .
NFPA 5000 2024 standard .
 
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night StandCall Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torque
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 

C04.02-RiskManagement.key.pdf

  • 2. spm - ©2014 adolfo villafiorita - introduction to software project management Motivations • When we looked at project selection we just took into account financial data • In the scope management document we emphasized the importance of making our goals achievable, i.e. the A in SMART ... however between achievable and achieved there is a big difference. • In the planning phase we had to deal with various uncertainties (estimation) and tried to deal with them generically (e.g. time buffers) • We stuck to one plan (the nominal plan), but the world is non-nominal: changes, both negative and positive, will occur! !2
  • 3. spm - ©2014 adolfo villafiorita - introduction to software project management Risk Management Risk management collects techniques, know-how and processes to help identify, assess, manage, and monitor risks ! The objectives of Project Risk Management are to increase the probability and the impact of positive events and decrease the probability and impact of events adverse to the project. !3
  • 4. spm - ©2014 adolfo villafiorita - introduction to software project management Risk Management: Some Goals • Understanding whether a project is worth taking • Help refining the budget for the project • Increase chances of ending the project successfully • Increase chances of terminating the project as planned: – Within scope – Within quality – Within budget – On time !4
  • 5. spm - ©2014 adolfo villafiorita - introduction to software project management Risk Management: Two Definitions • “Traditionally”: – Risk is the possibility of suffering loss • In project management: – (Project) Risk is an event or condition that, if it occurs has positive or negative influence on an objective * Negative outcome: menace * Positive outcome: opportunity !5
  • 6. spm - ©2014 adolfo villafiorita - introduction to software project management Risk Management • Used in several fields, such as: – Finance – Insurance – Engineering (safety critical, security, …) • Various standards recognize the importance of risk in software development: – ISO/IEC 12207 (Information Technology - Software life cycle processes) – UNI EN 29000-3 (Guidelines for the application of ISO 9001 to software development and maintenance) – UNI ISO 10006 (Guidelines for managing projects) • Various techniques (FMEA, FTA, simulation, …) have been defined and adopted to assess it. !6
  • 7. spm - ©2014 adolfo villafiorita - introduction to software project management Goals of the Unit • Learning the techniques to identify, assess, prioritize, manage and control project risks • Learning what are the most common risks in software development projects • Learning how to budget for project risks !7
  • 8. Initiate Plan Execute & Monitor Close Develop Monitor Goals, Cost and Schedule Release Change Control & Configuration Management Quality Management Human Resource Management Kick Off Activities Formalize Goals Define Schedule Define Costs Assess Feasibility Close Collect Outputs [Obtain Approval] Risk Management !8
  • 10. spm - ©2014 adolfo villafiorita - introduction to software project management The Risk Management Process Define Risk Management Standards Identify Risks Classify Risks Define Management Strategies Risk Management Starndars Monitor Risks Risk Log (updated) Risk Register Risk Register (updated) and Risk Matrix Risk Plan [ new risk identified ] !10 • It runs in parallel to the other PM activities throughout the project
  • 11. spm - ©2014 adolfo villafiorita - introduction to software project management Defining Risk Management Standards Goal: describing how risk management will be structured and performed on the project. ! – Output: a document (or set of documents and templates) – Part of the project management plan – Helps define project standards and best practices !11
  • 12. spm - ©2014 adolfo villafiorita - introduction to software project management Define Risk Management Standards • The document includes, at a minimum: – The procedures to monitor and update risks – The procedures to apply contingency plans – Who is in charge of what • Added value: – Definition of risk probabilities and impacts – Risk Categories or other sources to identify risks – Reporting formats • A risk management plan could be standardized and adopted organization-wide • Different projects require different levels of formality in risk management !12
  • 13. spm - ©2014 adolfo villafiorita - introduction to software project management Risk Identification Goal: understanding what are the risk that could potentially influence the project and document their characteristics ! – Risk identification is an iterative process (new risks may be identified as the project progresses; old risks may become “obsolete”) – Output: Risk Register, basis for qualitative/quantitative risk analysis !13
  • 14. spm - ©2014 adolfo villafiorita - introduction to software project management Risk Identification and Classification • Process (iterative): – Collect: * identify specific project risks * describe the risk – Analyze: * Identify the root causes (do not misinterpret effects as causes) * Define the risk category (impact) and probability * Identify other useful characteristics: – When it can occur or frequency of occurrence – How it manifests • Output: – Risk Register !14
  • 15. spm - ©2014 adolfo villafiorita - introduction to software project management Risk Identification Techniques • Meetings • Document Analysis • Risk Breakdown Structures, Checklists, Templates • Analogy !15
  • 16. spm - ©2014 adolfo villafiorita - introduction to software project management Boehm’s Top Ten Causes for Project Failures • Boehm developed a list of the ten most common causes for projects to fail • Some of the causes mentioned in the list can be used as starting point to identify the risks applicable to a project at hand • Risks include: – Personnel or subcontractors Shortfall – Unrealistic schedule and budget – Developing the wrong software functions/user interface – Gold plating (getting priorities wrong) – Ineffective change control – Technical risks !16
  • 17. spm - ©2014 adolfo villafiorita - introduction to software project management Root Cause Analysis Techniques • Cause-Effect Diagram (Ishikawa) • Fault Trees/Failure Modes and Effect Analysis !17 Risk Mother Nature Material Method Man Machine Measurement
  • 18. spm - ©2014 adolfo villafiorita - introduction to software project management Fishbone Diagrams: Some starting points • The 6 M's: – Machine, Method, Materials, Measurement, Man and Mother Nature (Environment) (recommended for manufacturing industry). • The 8 P's: – Price, Promotion, People, Processes, Place / Plant, Policies, Procedures & Product (or Service) (recommended for administration and service industry). • The 4 S's: – Surroundings, Suppliers, Systems, Skills (recommended for service industry). !18
  • 19. Risk Assessment and Risk Management Strategies
  • 20. spm - ©2014 adolfo villafiorita - introduction to software project management Risk Assessment Goal: prioritize risks according to their impact and likeness on the project ! – Output: a prioritized list of risks (priority defined according to probability and impact) – Information on whether a project is worth taking – Information about what risks must be monitored !20
  • 21. spm - ©2014 adolfo villafiorita - introduction to software project management Probability/Impact !21 Frequency Impact Why projects don’t have risks here? Why projects do not have risks here?
  • 22. spm - ©2014 adolfo villafiorita - introduction to software project management Techniques • Qualitative risk analysis – Simpler – Can be used when no precise information about probabilities of risk is available • Quantitative risk analysis – More systematic – Suitable for mathematical analysis – Provide figures on the (economical) impact of risks !22
  • 24. spm - ©2014 adolfo villafiorita - introduction to software project management Qualitative Risk Analysis • Start from – Risks Management Standard which define the scales to be adopted for probability and impact – The outputs of the risk identification phase (during which we assigned a probability to each risk) • Highlight most significant risks: – By organizing risks into a risk matrix – By scoring risks • Output: – Assess whether the project is worthwhile. – Decide what risks must be monitored !24
  • 25. spm - ©2014 adolfo villafiorita - introduction to software project management Risk Matrix !25 Negligible Low Moderate Severe Catastrophic Very High R1 R5 High R2 R6, R7, R8 Moderate R3 Low R4 Very Low R9, R10
  • 26. spm - ©2014 adolfo villafiorita - introduction to software project management Risk Matrix • Decide where to set the “bar”... Negligible Low Moderate Severe Catastrophic Very High R1 R5 High R2 R6, R7, R8 Moderate R3 Low R4 Very Low R9, R10 !26
  • 27. spm - ©2014 adolfo villafiorita - introduction to software project management Risk Matrix • RED: Require special treatment (or drop the project) • ORANGE: Need close monitoring • GREEN: LOW: Standard in a project... nuisances Negligible Low Moderate Severe Catastrophic Very High R1 R5 High R2 R6, R7, R8 Moderate R3 Low R4 Very Low R9, R10 !27
  • 28. spm - ©2014 adolfo villafiorita - introduction to software project management Risk Scoring • Define classes of probabilities and classes of qualitative or numeric classes of impact • Example – Probability: very low, low, moderate, high, very high – Impact: negligible, low, moderate, severe, catastrophic – Risk Score: low, medium, high (see previous slide) or numeric: SCORE = P x I !28 Very Low 0.1 1 Low 0.3 2 Moderate 0.5 3 High 0.7 4 Very High 0.9 5 Negligible 0.1 1 Low 0.3 2 Moderate 0.5 3 Severe 0.7 4 Catastrophic 0.9 5
  • 29. spm - ©2014 adolfo villafiorita - introduction to software project management Socially constructed risk • Two problems with qualitative risk – Modelers: we are “risk illiterate” (we believe some things are riskier than others, sometimes even when statistics tell us otherwise) – Models: who says what the probabilities are? How do we calculate the risk exposures objectively? (projects are one-offs) !29
  • 30. spm - ©2014 adolfo villafiorita - introduction to software project management Examples of risks: Causes of Death • Heart disease: 597,689 • Cancer: 574,743 • Chronic lower respiratory diseases: 138,080 • Stroke (cerebrovascular diseases): 129,476 • Accidents (unintentional injuries): 120,859 • Alzheimer's disease: 83,494 • Diabetes: 69,071 • Nephritis, nephrotic syndrome, and nephrosis: 50,476 • Influenza and Pneumonia: 50,097 • Intentional self-harm (suicide): 38,364 !30 Source: http://www.cdc.gov/nchs/fastats/lcod.htm (2011 data)
  • 31. Risk Management Strategies a.k.a. Risk Response Planning: how do we take care and exploit risks
  • 32. spm - ©2014 adolfo villafiorita - introduction to software project management Risk Management Strategy Goal: find a treatment for the unacceptable risks and decide the strategies to apply for the remaining risks, should they occur during the project ! – Output: a plan with only acceptable risks – A contingency plan for each remaining significant risk !32
  • 33. spm - ©2014 adolfo villafiorita - introduction to software project management The Scenario • RED: Require special treatment (or drop the project) • ORANGE: Need close monitoring • GREEN: LOW: Standard in a project... nuisances Negligible Low Moderate Severe Catastrophic Very High R1 R5 High R2 R6, R7, R8 Moderate R3 Low R4 Very Low R9, R10 !33
  • 34. spm - ©2014 adolfo villafiorita - introduction to software project management Strategies: Menaces • Avoid – Change the plan to eliminate the threat (increase time, relax objectives, take corrective actions - increase time to do requirements) • Transfer – Shift the negative outcome to a third party. It transfers responsibility, it does not eliminate the risk (insurance, contracts to transfer liability… they require to pay you a price) • Mitigate – Reduce probability or impact (often better than trying and repair the damage; prototyping) !34
  • 35. spm - ©2014 adolfo villafiorita - introduction to software project management Strategies: Opportunities • Exploit – Eliminate uncertainty relate to the occurrence of the opportunity (e.g. assign more talented people, provide better quality) • Share – Allocate responsibility of exploitation to a third party (joint-ventures, partnerships, …) • Enhance – Modify the size of an opportunity by increasing probability and/or positive impact !35
  • 36. spm - ©2014 adolfo villafiorita - introduction to software project management Strategy: common • Accept – Passive: just let the team deal with the risks – Active: provide some buffer (time, money, …) !36 Why? ... Low impact or probability ... Simpler to deal with the risk, if it occurs than planning a response in advance
  • 37. spm - ©2014 adolfo villafiorita - introduction to software project management Risk Response Planning: Outputs • Risk Response Plan: – Strategy (strategies) for dealing with the risks: must be concrete! – Triggers (elements used to monitor and understand whether a risk has occurred) – People responsible of monitoring the risk – People responsible of applying contingency plans !37
  • 38. spm - ©2014 adolfo villafiorita - introduction to software project management The Risk Register • The most common tool to list and manage risks is a spreadsheet • One row per risk • Each risk characterized by: – ID, Title, Description – Risk Category (if you are inclined to classifications) – Probability, Impact and, possibly, Score (PxI) – Root cause – Time-frame – Monitoring modalities (periodicity, person, reporting) – Status (active, occurred, inactive) !38
  • 39. Risk Monitoring and Control a.k.a. Risk Response Planning: how do we take care and exploit risks
  • 40. spm - ©2014 adolfo villafiorita - introduction to software project management Risk Monitoring and Control • Input: – The risk register • Process – Analyze deviations from the nominal plan – Identify causes – Evaluate corrective actions – Modify current plan • Mind: – Planned risks must be dealt with as above (use contingency plans) – Unplanned risks require the full process! !40
  • 41. Conclusions and The main risks of ... Risk Management!
  • 42. spm - ©2014 adolfo villafiorita - introduction to software project management Some Common Errors • During the Planning Phase: – Not identifying a maximum risk value * Give up a project if too risky – Not writing a balanced risk management plan * Size and complexity have to be at the right level for the project – Misinterpreting effects as causes * You end up caring for the wrong event and not looking at the actual problem * Example 1: We might be late with the project * Example 2: We may be charged 100.000 euros as a penalty !42
  • 43. spm - ©2014 adolfo villafiorita - introduction to software project management Some Common Errors • During Risk Monitoring: – Risk homeostasis: we tend to increase our risk-taking – Anchors and frames: we tend to stick to anchor and frames overlooking opportunities or the need to change course. An example is sticking to past decisions (as an anchoring mechanism) – Sunk costs: an incorrect economical assumption (“I have spent so much… it is more convenient to keep going!”) – Cognitive dissonance: we do not like inconsistencies; our brain creates consistent theories, sometimes altering (or not considering) all facts. (“I know smoking is bad … but (another) cig won’t hurt me”) !43
  • 44. spm - ©2014 adolfo villafiorita - introduction to software project management Some Common Errors • During Risk Monitoring: – Do not apply contingency plans * Dealing with risk when they occur is more error-prone than think about the strategies before they occur – Do not involve actors * Make sure stakeholders understand consequences of the risk (share the risk) * involve stakeholders in dealing with them – Do not update the plan * Helps keeping the contingency plans really applicable !44