TERM PAPER: Risk management in software engineering CSC 532 Advanced Software Engineering Vijaya Sankar Karri Louisiana Tech University Table of contents Abstract 1. Introduction 2. Risk Management Concepts 3. Framework Overview 4. The principles of risk management 5. Risk management in project management 6. Conclusion 7. References Page No 1 2 3 4 5 5 6 Term Paper Vijaya Sankar Karri RISK MANAGEMENT vsk007@latech.edu Abstract Basically in software engineering risk management is an important part of project management. This term paper gives a detail introduction to the risk management concepts, overview of a framework. The main goal of the risk management framework is to reduce the chances of uncertain events, and to maintain all possible outputs under tight management. Risk management has to making judgments about various types of risk, software development risk, operational risk, and information security risk etc. The risk management framework is mainly intended for risk management principles for improving the quality of software development. 1. Introduction Even if most of the organizations uses risk management framework while developing software development system. The framework is used as a foundation for comprehensive risk management methodology and it also provide help for evaluating and improving software’s risk management practice. The risk management framework can be applied in all phases of the system development life cycle. And it also can be used to demonstrate the management of different types of risk. The technical report provides the detailed introduction for risk management framework, risk management concepts, framework overview, the principles of risk management, Risk management in project management. The main purpose of this report is to provide the risk management framework to manage risk effectively. This document provides specific methods, tools, and techniques for managing different types of risk. 2. Risk Management Concepts 2.1 Definition of Risk: Risk is the possibility of suffering loss. [Doro fee 1996]. Risk is a future harm that might occur or might not be occur we don’t know. 2.2 Conditions of Risk: The following three conditions must be satisfied [Charette 1990]: 1. The potential for loss must exist. 2. Not clear with respect to the consequent outcome must be present. 3. Decision or choice is required to deal with the uncertainty loss. 2.3 Types of Risks: Generic risks: generic threats across all projects. Example: changing of requirements, loss of team members. Product Specific Risks: high level risks associated with the type of product being developed. For example: availability of testing resources. Project Risks: Project risks affects resources or project schedule. Product Risks: This type of risk affects performance of software or product quality. 2.4 Risk measures: There are three kinds of measures Probability-It is a measure of the likelihood that a threat will occur. Impact- It is a measure of the loss that occur when threat is realized. Risk exposure- It helps to measure the magnitude of a risk 2.5 Risk Management Paradigm: Figure 1: Risk Management Paradigm Control: It can control the risks in management system. Identify: In this phase we have to search for the risks before it create a problem. Analyze: Analyze the nature, type of risk and collect information about the risk. Plan: In this phase it converts into actions and implement. Communicate: Discuss about the emerging risks and the current risks and the plans to be undertaken. Track: We have to guide the important actions. 3. Framework Overview: There are three phases of the framework. Figure 2: Framework Structure Prepare for risk management (Phase 1): This is phase is get ready for next two phases. And it can be completed before activities in the other phases are executed. Perform risk management (Phase 2): This phase is used to manage risk. In this phase activities are performed to manage over time. Sustain and improve risk management (Phase 3): In this phase the activities are used to indicate the improvements of risk management. Dataflow diagrams: Figure 3: Dataflow diagram. Inputs—this is an item that is used by a phase to produce an output. Outputs—the results that can be produced by a phase. Constraints—items that restrict the execution of a phase and its activities Resources—items that are used while execution of a phase and its activities 4. The principles of risk management Global perspective: In this principle it can consider large system design and implement. Forward looking view: In this principle we have to find possible risks and we also try for getting solution for those risks. Open Communication: This principle provides the communication between the customers and team and for can get some clarity about the risks. Integrated management: It can integrate some risks and finding the solution for those two risks at a time. 5. Risk management in project management: The project management can be deals with following steps Planning: In this step the main intension is to get good results, and which strategies to be applied to manage the risk. Directing: In this step it provides the Communication between customer and team member and exchange the ideas can be performed. Controlling: Evaluation for the risk management can be done in this phase. Organizing: In this phase organizing the things can be done, and due to this it gives good efficiency. 6. Conclusion For managing the risks we have to establish a good bondage between the team members and customer. A good base about risk management could give a best deal in handling the risks. Risk not always is negative and it is an opportunity to develop our projects in a better way with good results. References: Christopher J. Alberts, Audrey J. Doro fee. Risk Management Framework, TECHNICAL REPORT CMU/SEI-2010-TR-017 ESC-TR-2010-017 Charette, Robert N. Application Strategies for Risk Analysis. New York, NY: McGrawHill Book Company, 1990. Kontio, Jyrki: Software Engineering Risk Management: A Method, Improvement Framework, and Empirical Evaluation. http://en.wikipedia.org/wiki/Risk_management