Risk Management for Technology Projects Geography 463 : GIS Workshop May 5 2005

The Basics of Project Management for Technology Projects; Part 3 Presentation Outline The Software Engineering /Application Development Profession Risk Management Principles and Practices Case Study: Risk Management in a GIS application

Themes for tonight’s presentation: There are Software Engineering skills, beyond the latest programming languages, that are timeless and valuable. Each step in the Software Development Lifecycle has its own risks and a number of ways to address them.

Section One Software Development Careers Ten Basic Knowledge Areas Construx Inc Capability Levels Activities that promote professional career development

Ten basic Knowledge Areas for Software Developers (SWEBOK….www.swebok.org) Requirements Gathering Software Design Construction Testing Maintenance

Ten basic Knowledge Areas for Software Developers (continued) Configuration Management Project Management Software Engineering Management Software Engineering Tools and Methods Software Quality

A few words on Testing Definition: dynamic verification of the behavior of a program Structural Testing: to ensure test cases really test all lines of code Functional Testing: Ensure that for each requirement, there is at least one test case

Software Developer Capability Levels (at Construx Inc) Apprentice: Basic work in a knowledge area Practitioner: Effective, independent worker Leader: Can lead others in knowledge area Master: Guru, teacher and enabler

Job Skills Profiles Chart of Knowledge Areas and Capability Levels Defines Job Roles by looking at Profiles Career development plans are created by doing GAP analysis

Professional Career Development Strategies Direct Experience Readings Classes Certifications Industry Participation

Summary General Knowledge Areas will: remain fairly constant many are not “outsource-able” Effective Professional Development Requires: Book Knowledge…why you do things Mentoring..to guide one along the way Experience…How you do things successfully and more efficiently & effectively

Section Two Risk Management Principles and Practices “The Opposite of Risk Management is Reckless Management” Steve Tockey, Principal Consultant, Construx Software

Terminology Risk: potential for realization of unwanted, adverse consequences to human life, health, property, or the environment (Society for Risk Analysis). Risk: The possibility of suffering loss Risk Events: The actualization of a hazard, threat, or accident.

Terminology (continued) Impact: The negative consequences of an event / accident / occurrence Likelihood: The probability based on historical patterns / frequency that an event w/ a specific impact will occur Risk Signature: An activity, program, or asset’s level of risk arrived at by combining likelihood and impact

More Terminology Control Measures: Actions taken, contingency plans developed or measures taken to reduce the level of risk Risk Appetite: The level of risk the organization is willing to take

Managing Risk Goal: Establish a culture within an organization, or on a project team, that understand and continuously identifies, analyzes, manages and communicates risk at all levels of the organization, or all phases of a project.

Managing Risk Inventory Assess and Prioritize Analyze Implement Control Measures Monitor, Audit, and Review Report

Analysis Phase Define the universe and inventory its elements Assess risk by Category (Legal, Environmental, Safety, Public relations..) Review possible control measures Recommend Alternatives

Possible Control Measures Accepting, Sharing, or Divesting of a risk Policies Procedures Training New or improved equipment (or tools) Change in processes

Risk in Software Project Source: Carnegie Mellon Software Engineering Institute….www.sei.cmu.edu Loss in a development project describes the impact to the project which could result in: Diminished Product Quality Increased Costs Delayed Completion or Failure

Risk and Opportunity Many software projects have goals to do things in new and different ways Few opportunities can be realized without risk Risk must be identified and constantly balanced against potential benefits Project Managers live for Risk Management

Risk Management in Software Engineering Projects Assess continuously what can go wrong Determine what risks are important enough to deal with Implement strategies to deal with individual and systematic risks Communicate risks at all levels

Risk Principles: a framework for effective control of risks Global Perspective / Big Picture Forward-looking View Open Communications Integrated Management Continuous Process Shared Product Vision Teamwork

Summary: Continuous Risk Management Identify: search for & locate risks first Analyze: Transform risk into decision-making information. Evaluate impacts, liklihood. Classify and prioritize risks Plan: Translate risk information into decisions and actions Track: monitor risk indicators & mitigation actions Control: Correct based on metrics

Using GIS to Manage Risk

Section Three Risk Management Case Study Adapting Seattle’s GIS presence on the world wide web in the post “Sept 11” world