Risk Management In Software Engineering
ABSTRACT:
In Risk management in software engineering we define Risk. We look at the various
Reasons for a Risk to occur .We find how effectively we can manage Risks We look at the Risk
management paradigm, Risk management principles, and Risk management functions. We also see
how the risk management is done by a team and how it affects a small project. Finally we
understand how we can handle the risks.
Introduction:
In general the term Risk is used when we are not sure if a certain event will occur or not and we are
uncertain about the aftermaths of the event. This applies to all the fields like statistics, business,
Medical field and Software Engineering too. The Projects will be prone to Risks and the team should
effectively manage the Risks and produce the expected results
There is a difference between a Problem and risk.
Problem: An event has already occurred and is having a negative impact on the
project. [3]
Risk: An event may or may not happen but has a negative impact on the project.
There are many definitions for Risk:
SEI definition of risk: Risk is the probability of suffering loss.[ 2]
Risk exposure=probability of (loss) *Size(loss)[3]
Now we need to manage these risks so that we can put forth a productive output.
The definition of risk management according is the discipline for living with the possibility that
future events might cause adverse effects. [2]
By using the principles of software risk management we can handle the risks.
Risk management is basically a project within a project.{3]
We can encounter risks while managing Costs, Schedules, Effort, Resources and so on. We have
principle by which we can actually effectively manage the risks.
Some new principles get added to these principles when we get the team into context.
These principles are followed step by step and they will help a great deal in breaking the risks into
smaller risks and we will be able to manage them effectively.
An Example of Risk would be that the company “YY” needs to deliver a product on 25th of January
and the cost is estimated to be “xx”$ but the implementation process is still going on 24t January and
the cost has exceeded “xx” then there is a risk associated with the project in terms of cost and
schedule.
The Principles of Risk Management:
1. Global Perspective: In this we look at the larger system definitions, design and implementation.
We look at the opportunity and the impact the risk is going to have.
2. Forward Looking View: Looking at the possible uncertainties that might creep up. We also think
for the possible solutions for those risks that might occur in the future.
3. Open Communication: This is to enable the free flow of communication between in the customers
and the team members so that they have clarity about the risks.
4. Integrated management: In this phase risk management is made an integral part of project
management.
5. Continous process: In this phase the risks are tracked continuously throughout the risk
management paradigm.
Key concepts:
Risk management paradigm [2]:
By using this paradigm we can monitor and to subside the risks.
1. Identify: Search for the risks before they create a major problem.
2. Analyze: understand the nature, kind of risk and gather information about the risk.
3. Plan: convert them into actions and implement them.
4. Track: we need to monitor the necessary actions.
5. Control: Correct the deviation and make any necessary amendments.
6. Communicate: Discuss about the emerging risks and the current risks and the plans to be
undertaken.
1. In order to effectively manage the risks we need to identify the risks in the first place so that they
don’t create an adverse impact on the project.
2. Then we need to
analyze the kind of risk we have encountered. We have to convert the risk data
into risk information. This step will enable the manager to take decisions about what needs to be
done next.
3. In planning phase the risks are prioritized and the corresponding actions are performed. The actual
implementation of the design to solve the risks is done here.
4. In tracking we see to it that the actions that have been performed are leading to correct results.
5. In controlling phase the deviations if any are corrected and the new approach for solving any
unexpected risks is also dealt with.
6. In the final stage the intensity of the risks and the ways in which it has been tackled is made clear
to all the team members and the customers too.
Risk Management in Project management:
Basically project management deals with following [2]:
1. Planning: Looking for the desired results, the strategies to be applied.
2. Organising: Getting all the things together so that the desired results are obtained. By organizing
the efficiency is increased and lot of time is saved.
3. Directing: Communication takes place and exchange of ideas is formatted in this phase.
4. Controlling: In the last phase feedback and evaluation is done.
Nowadays for effectively managing the risks risk management is incorporated in project
management.
Risk management uses a structured approach for identifying and analyzing the risks.
Team Risk management principles [1]:
The Best way to snub the risks to some extent is to involve the customers right from the beginning
and build a team oriented approach .
The additional two principles will be added to the above five principles:
The two principles are:
1. Shared Product Vision: The common goal between the team and the supplier is established so that
the vision is very lucid.
2. Team work: Working collectively towards achieving a common goal.
In this way the team risk management principles will help to tackle the risks better.
Risk Management in Small Project:
It involves three phases [3]
1 .Prepare for risks.
2. Identify and analyze risks.
3. Mitigate Risks
1. Preparing for Risks: Looking for the external and internal Risks:
Uncertain requirements
Uncertain technology
Infeasible Design
Cost And Schedule uncertainty.
2. Identify and Analyze Risks: We need to identify the risks and understand the nature of risks
and prioritize the risks and try to solve the risks.
3. Mitigate the risks: In this phase we have risk acceptance, risk transfer, risk avoidance, risk
control. We implement them in this phase so that we can mitigate the risks.
How to Manage the Risks:
1. Determine risk sources and Categories.
2. Determine Risk Parameters
3. Establish a Risk Management Strategy
4. Identify Risks
5. Evaluate and prioritize the risks.
6. Develop and Implement Risk mitigation Plans.
Conclusion [1, 5]:
To manage the risks we need to establish a strong bond between the customers and the team
members.
A strong base about risk management would help a great deal in tackling the risks.
Software metrics and tools can be developed to manage the risks.
Risk necessarily need not be negative and it can be viewed as an opportunity to develop our projects
in a better way.
REFERENCES:
1. Roger L. Van Scoy,” Software Development Risk: opportunity not problem”,
Technical Report, September 1992.
2.Ronald P. Higuera, Audrey.J.Dorofee,Julie A.Walker,RoyC.Williams,
“Team Risk Management:A New Model For Customer Supplier Relationships”, Special report,1992.
3. Nashville Tennessee, Donna L.Johnson “Risk Management and the Small Software Project”
SEPG 2006.
4. Janne Ropponen and Kelly Lyytinen,”Components of Software Development Risk:
How to Address them A Project Management Survey”, Volume 26, No.2, FEB 2000.
5. Barry W.Boehm, Tom De Marco,” Software Risk Management”.