Risk Management in Software Project Riskit Method and SEI Method Introduction *The Definition of risk in software project? Webster defines “risk” as “ the possibility or injury”. Risk in software project is defined as exposure to harm and loss *Why do we need risk management? Risk management can help us to avoid software disaster, rework and overkill. *Why do we need a formally risk management? Risks in different projects are individual differences. Rely on project managers’ intuition and luck are a poor substitute and consistent approach. Provides a number of benefits to the project team. *When does the risk management apply? Start the risk management as soon as the project starts. *What are features of risk management? Risk is uncertain Risks in project can never be removed Risks can be control and reduced Riskit Method Definition Riskit method is a comprehensive risk management method. Goal Riskit method focuses on stakeholder goals by maintaining links between risks and stakeholders explicitly. Riskit Method Definition of Risk Risk Is characterized by Probability is characterized by Loss is defined by Expectations is valued by Stakeholder Riskit Method Processes Risk Management Mandate Output -> why, what, when and whom Goal Review Output -> explicit goal definitions Risk Identification Output ->A list of “raw” risks Risk Analysis Output ->Completed Riskit analysis graphs and ranked risk scenarios Riskit Method Processes Risk Control Planning Output->Selected risk controlling actions Risk Control Output ->Reduced risks Risk Monitoring Output->Risk status information Riskit Risk Management Cycle Risk Mag Mandate changes Monitoring results Risk Control selected action mandate Goal review changes goal changes Identification list of risks risk monitor matrices Analysis prioritized risk Control planning revisions to goals SEI Risk Management Method Definition Software risk management address the entire lift cycle of software acquisition, development, and maintenance. Goal To enable engineers, managers, and other decision makers to identify risks and to manage them on a time basis. SEI Risk Management Paradigm Identify The taxonomy method consists taxonomy-base questionnaire and a process for its application. Analyze Analysis is the conversion of risk data into risk decision-making information. Plan Turns risk information into decisions and actions. Track Monitor the status if risks and the actions taken. Control Corrects deviations from planned risk actions. Communicate Communication lies at the center of paradigm. SEI RISK PARADIGM SEI RISK MANAGEMENT PRINCIPLES Global Perspective Forward-looking View Open Communication Integrated Management Continuous Process Share Product Vision Team Work Differences of Two Methods Riskit Method define a specific step – risk management mandate. Riskit Method define goals and stakeholders for project. Riskit method uses brainstorming, checklist or benchmarking to identify risks. SEI uses taxonomy questionnaire method. Riskit Method provides more graphical analysis, SEI provide textual analysis is based on taxonomy method Risk factor Risk event Risk Outcome Utility loss Reaction Risk Effect set Differences of Two Methods SEI focus on team member’s participation SEI focus on the participation of suppliers and customers SEI method shares product vision SEI method has open communication SEI provides a continues risk management Simulations Both of them provide precise definition of risks. The basic concepts for risk management are the same Both of them suggest a common risk management framework Both of them are systematical processes Documentations are required Simulation They all address project manager is not the only person to participate risk management. Conclusion Risk management framework is necessary. Some basic steps are necessary— identification, analysis, prioritization, planning, control and monitoring. Everybody who is related to this project need to involve in risk management. Conclusion Establish open communication for employees to discuss risks. Risk management should start before the project starts.