Add to collection(s) Add to saved
  1. Business
  2. Management
  3. Project Management

Risk Management

advertisement 
Software Project Risk
Management
1
Risk Management
• The future can never be predicted with 100%
accuracy.
• Failure to plan for risks leads to crisis
management or firefighting
– Cultivates as dangerous “hero” culture
– A very poor management practice (why?)
• The lure of crisis management
– Attention and visibility
– Access to resources
– Rewards
2
Objective of Risk Management
• The objective is to plan and manage the
project in such a way that whatever happens,
whatever outcomes are achieved, the
stakeholders still “win”
– That is, value is still obtained
• Example: Failed system development can provide value
in learning early on that a system as designed is not
worth pursuing which helps avoid costly commitment
to a system that eventually will not be
adopted/accepted/used
3
What is a Risk?
• Risk is the potential of loss
– Always has two components
• Likelihood of loss
• Size of loss
– Must account for both!
• Risk Exposure = Prob(Loss)* Size(Loss)
– A probability of occurrence of that event.
– Impact of the event occurring
– a quantitative measure of risk
4
What is a Risk? - 2
• Project risk
– Risk of not achieving a defined project goal
(schedule, quality, cost, …)
• The challenge is to manage project risk, not
eliminate it (impossible!)
• Note: Risks change throughout the life of a
project
5
Opportunity
• The flip-side of risk is opportunity
– The potential for gain
• Often where there is risk there is opportunity
– Without risk there is usually no value
– Need to accept risk as a inherent part of the development
process because we seek value
• Need to consider opportunity when considering risk
6
Risk Management
• Risk management is the act or practice of
dealing with risk.
• Risk management is proactive rather than
reactive.
• Risk management is not a separate activity
– an aspect of sound project management.
– this implies that, when you make any decision,
you account for its risk considerations
7
Successful Risk Management
• Depends upon:
– Commitment by stakeholders
– Stakeholder responsibility
– Planning for risk management
– Creation of a risk management plan
– Committing resources to risk management
– Top 10 risk list
• Determine a manageable number of risks
8
Resources for Risk Management
• When looking at the resources to commit to
risk management, one needs to consider the
project size and the impacts of the risks.
• Recommendation: about 5% of total project
resources on risk management activities.
9
Risk Management Planning
• Risk management planning is a continuous
and ongoing process.
• Develop a plan for risk identification.
• Determine the resources available for risks.
– What is available beyond the ordinary?
– This is a good time for out of the box thinking
• Establish a methodology for accounting for
risk in every decision with significant impact
10
A Simplified Risk Management Process
•
•
•
•
•
Risk identification
Risk analysis/evaluation
Risk planning strategies
Risk monitoring and control
Risk response
11
Risk Identification
• Proactively identify risks!
• Tools for identifying risks
– Brainstorming
– Nominal Group Technique
•
•
•
•
•
•
•
Each member identifies their ideas
Each member writes their idea on the board
The group discusses each idea
Each individual ranks each of the ideas
The group then ranks all the ideas
Each individual ranks all the ideas again
Rankings are summarized
12
Risk Identification
– Strength, Weakness, Opportunities, Threats
(SWOT analysis)
– Cause and effect diagrams
– Past Projects experiences (lessons learned)
13
Possible Risks
•
•
•
•
•
•
•
•
•
Creeping user requirements
Excessive schedule pressure
Low quality
Cost overruns
Poor estimates
Low customer satisfaction
Long schedules
Inadequate planning or managing to plan
Project member shortfalls
14
Qualitative Risk Analysis
• Probability and Impact
– Impacts a software Project Manager is most likely
to face:
• Costs
• Schedule
• Quality
– Probability is most often determined by expert
opinion and historical data
• Simple “red-yellow-green” or 1-5 scale assessment
15
Quantitative Risk Analysis
• Discrete probability distributions
– Coin toss
• Continuous probability distributions
– Normal distribution or bell shaped curve
• Running simulations
– Using PERT/GANTT charts to study the impact.
• does not identify risks; helps understand the impact
• Betting analogies
– “How much would you be willing to bet on a
successful outcome?”
16
Risk Response Planning
• Who is going to detect when the risk occurs?
• Who has the responsibility to respond and
communicate?
• What is the response?
17
Risk Strategies
• Factors impacting the strategy
– Impact of the risk
– Project constraints
– Tolerances
• Strategy
– Accept or Ignore
• Provide reserves
– Contingency plans
• Natural disaster/backup plans/plan-B’s
18
Risk Strategies
– Avoidance, eliminate the risk
– Mitigate, lessen the impact of the risk
• Performance impact, provide extra hardware, de-scope
– Transfer the risk
• Offsite backup planning
• Server farms
• Outside management
19
Risk Monitoring and Control
• Risk monitoring
– Determine who is responsible for monitoring
– How are risks monitored?
• Project tracking, resources, quality, etc
– Communicating the status of identified risks
• Reviews and Audits
• Once a risk is identified as occurring
– Communicate
– Take action
20
Risk Response and Evaluation
• Trigger the defined risk response plan
– Identify the risk owner
– Assign resources
– Understand the impacts
• PERTs, Dependencies
• Communicate
• Evaluate once action is taken
– Is more action needed?
– What additional risks are triggered?
21
Common Software Project Risks
– Requirements:
• Feature creep
• Developer gold plating
– Quality
• Low quality
• Squeeze on testing time
– Over optimism
•
•
•
•
•
Schedules
Tools
Capability
Re-use or acquisition
Quality
Common Software Project Risks
– Resources
• Not enough
• Weak personnel
• Contractor issues
– Customer
• Customer developer friction
• Customer acceptance
23
Group Exercise
• Create a formal, documented risk management plan for your
project.
• Do the following:
– Risk identification
• Discuss at least three serious risks
– Risk analysis/evaluation
• Assess the risks identified (qualitatively or quantitatively)
– Risk planning strategies
• What can you do to manage these risks?
– Risk monitoring and control
• How will you manage these risks during the remainder of the project?
– Risk response
• What will you do if a risk becomes actual (i.e. exposed)?
both for the development and the eventual operation of your
system.
24
Related documents
  MU School of Law  January 12, 2009  Tentative Class Ranks, Class of 2011 
  MU School of Law  January 12, 2009  Tentative Class Ranks, Class of 2011 
  MU School of Law  January 12, 2009  Tentative Class Ranks, Class of 2009 
  MU School of Law  January 12, 2009  Tentative Class Ranks, Class of 2009 
Statistics for the Behavioral Sciences, Seventh Edition by Gravetter
Statistics for the Behavioral Sciences, Seventh Edition by Gravetter
Understanding Projects - February 3
Understanding Projects - February 3
The Rank-Sum Test A survey in a statistics class at Penn State
The Rank-Sum Test A survey in a statistics class at Penn State
Entry level Software Developer - Second Avenue | Reimagine
Entry level Software Developer - Second Avenue | Reimagine
Entry level Software Developer
Entry level Software Developer
Database Developer
Database Developer
ppt
ppt
Types of Culture
Types of Culture
Calculation of p-value for Wilcoxon Rank
Calculation of p-value for Wilcoxon Rank
U.S. Foreign Policy
U.S. Foreign Policy
DATA ANALYSIS Module Code: CA660 Lecture Block 7:Non-parametrics
DATA ANALYSIS Module Code: CA660 Lecture Block 7:Non-parametrics
Forbes, NY 12-15-06 America's Smartest Cities
Forbes, NY 12-15-06 America's Smartest Cities
Document15630517 15630517
Document15630517 15630517
G4_Ernst - Indico
G4_Ernst - Indico
Summer Plan-B Fellowship Instructions and Cover-Page Form
Summer Plan-B Fellowship Instructions and Cover-Page Form
New Professional Positions for Non-Tenure-Track Faculty
New Professional Positions for Non-Tenure-Track Faculty
Document11088268 11088268
Document11088268 11088268
Document11088267 11088267
Document11088267 11088267
Non-parametric Tests
Non-parametric Tests
Document11088275 11088275
Document11088275 11088275
Download
advertisement